From c7f5db9eca4e2b27c3cfff9791c4aa7f7b26b10d Mon Sep 17 00:00:00 2001 From: Mark Nelson Date: Fri, 6 Sep 2024 12:43:58 -0400 Subject: [PATCH] publish doc updates (#939) * publish doc updates --------- Signed-off-by: Mark Nelson --- cloudbank/404.html | 26 +-- cloudbank/account/cr-accounts/index.html | 44 ++--- cloudbank/account/create-project/index.html | 92 +++++----- cloudbank/account/deploy/index.html | 68 +++---- cloudbank/account/expose/index.html | 64 +++---- cloudbank/account/extra-endpoints/index.html | 44 ++--- cloudbank/account/first-service/index.html | 44 ++--- cloudbank/account/index.html | 44 ++--- cloudbank/account/intro/index.html | 44 ++--- cloudbank/account/jpa/index.html | 52 +++--- cloudbank/account/prepare-database/index.html | 44 ++--- cloudbank/backend/admin/index.html | 56 +++--- cloudbank/backend/apisix/index.html | 60 +++---- cloudbank/backend/config/index.html | 48 ++--- cloudbank/backend/database/index.html | 68 +++---- cloudbank/backend/eureka/index.html | 48 ++--- cloudbank/backend/grafana/index.html | 60 +++---- cloudbank/backend/index.html | 44 ++--- cloudbank/backend/intro/index.html | 44 ++--- cloudbank/backend/jaeger/index.html | 56 +++--- cloudbank/backend/k8s/index.html | 44 ++--- cloudbank/categories/index.html | 44 ++--- cloudbank/check/check-processing/index.html | 92 +++++----- cloudbank/check/create-queues/index.html | 44 ++--- cloudbank/check/create-testrunner/index.html | 92 +++++----- cloudbank/check/index.html | 44 ++--- cloudbank/check/intro/index.html | 44 ++--- cloudbank/check/learn/index.html | 56 +++--- cloudbank/check/test/index.html | 44 ++--- cloudbank/check/update-account/index.html | 44 ++--- cloudbank/cleanup/index.html | 44 ++--- cloudbank/cleanup/intro/index.html | 44 ++--- .../cleanup/uninstall-free-trial/index.html | 76 ++++---- cloudbank/cleanup/uninstall-local/index.html | 44 ++--- cloudbank/cleanup/uninstall-mp/index.html | 64 +++---- cloudbank/css/format-print.css | 4 +- cloudbank/css/print.css | 2 +- cloudbank/css/swagger.css | 4 +- cloudbank/css/variant.css | 2 +- cloudbank/deploy-cli/build/index.html | 44 ++--- cloudbank/deploy-cli/create-routes/index.html | 56 +++--- cloudbank/deploy-cli/deploy/index.html | 44 ++--- cloudbank/deploy-cli/get-code/index.html | 44 ++--- cloudbank/deploy-cli/index.html | 44 ++--- cloudbank/deploy-cli/intro/index.html | 44 ++--- cloudbank/deploy-cli/verify/index.html | 44 ++--- cloudbank/deploy-ide/build/index.html | 44 ++--- cloudbank/deploy-ide/get-code/index.html | 44 ++--- cloudbank/deploy-ide/index.html | 44 ++--- cloudbank/deploy-ide/intro/index.html | 44 ++--- cloudbank/deploy-ide/using-vscode/index.html | 168 +++++++++--------- cloudbank/devenv/db-access/index.html | 68 +++---- cloudbank/devenv/ide-plugin/index.html | 60 +++---- cloudbank/devenv/ide/index.html | 52 +++--- cloudbank/devenv/index.html | 44 ++--- cloudbank/devenv/intro/index.html | 44 ++--- cloudbank/devenv/jdk/index.html | 44 ++--- cloudbank/devenv/kubectl-config/index.html | 44 ++--- cloudbank/devenv/kubectl/index.html | 44 ++--- cloudbank/devenv/maven/index.html | 44 ++--- cloudbank/devenv/oractl/index.html | 44 ++--- cloudbank/devenv/sqlcl/index.html | 44 ++--- cloudbank/index.html | 55 +++--- cloudbank/index.search.js | 4 +- cloudbank/index.xml | 2 +- cloudbank/more/credits/index.html | 44 ++--- cloudbank/provision/index.html | 44 ++--- .../provision/install-free-trial/index.html | 76 ++++---- cloudbank/provision/install-local/index.html | 52 +++--- cloudbank/provision/install-mp/index.html | 96 +++++----- cloudbank/provision/intro/index.html | 44 ++--- cloudbank/saga/business-logic/index.html | 44 ++--- cloudbank/saga/dao/index.html | 44 ++--- cloudbank/saga/deploy/index.html | 44 ++--- cloudbank/saga/deposit/index.html | 92 +++++----- cloudbank/saga/index.html | 44 ++--- cloudbank/saga/intro/index.html | 44 ++--- cloudbank/saga/learn-lra/index.html | 48 ++--- cloudbank/saga/learn/index.html | 44 ++--- cloudbank/saga/prepare/index.html | 44 ++--- cloudbank/saga/test/index.html | 44 ++--- cloudbank/saga/transfer-service/index.html | 92 +++++----- cloudbank/saga/withdraw-service/index.html | 44 ++--- cloudbank/springai/index.html | 44 ++--- cloudbank/springai/simple-chat/index.html | 44 ++--- cloudbank/tags/index.html | 44 ++--- spring/cloudbank-hol.png | Bin 162328 -> 67032 bytes spring/index.html | 82 +++++---- spring/search/en.data.min.json | 2 +- 89 files changed, 2175 insertions(+), 2164 deletions(-) diff --git a/cloudbank/404.html b/cloudbank/404.html index ccccd2d3c..c40f01e6d 100644 --- a/cloudbank/404.html +++ b/cloudbank/404.html @@ -17,24 +17,24 @@ 404 Page not found :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/account/create-project/index.html b/cloudbank/account/create-project/index.html index 22ddcbab5..94c440ffc 100644 --- a/cloudbank/account/create-project/index.html +++ b/cloudbank/account/create-project/index.html @@ -29,24 +29,24 @@ In Visual Studio Code, press Ctrl+Shift+P (Cmd+Shift+P on a Mac) to access the command window. Start typing “Spring Init” and you will see a number of options to create a Spring project, as shown in the image below."> Create Project :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/account/deploy/index.html b/cloudbank/account/deploy/index.html index 05c310f20..a8250cdec 100644 --- a/cloudbank/account/deploy/index.html +++ b/cloudbank/account/deploy/index.html @@ -33,24 +33,24 @@ When you deploy the application to the backend, you want it to register with the Eureka Service Registry so that it can be discovered by other services including the APISIX API Gateway, so that we can easily expose it outside the cluster."> Deploy Account Service :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/account/expose/index.html b/cloudbank/account/expose/index.html index 47f4c0478..c997594cc 100644 --- a/cloudbank/account/expose/index.html +++ b/cloudbank/account/expose/index.html @@ -33,24 +33,24 @@ $ kubectl get secret -n apisix apisix-dashboard -o jsonpath='{.data.conf\.yaml}' | base64 -d | grep 'password:' Access the APISIX Dashboard"> Expose using APISIX :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/account/extra-endpoints/index.html b/cloudbank/account/extra-endpoints/index.html index 9bd58d686..ea4ed55bb 100644 --- a/cloudbank/account/extra-endpoints/index.html +++ b/cloudbank/account/extra-endpoints/index.html @@ -29,24 +29,24 @@ Add a new method to your AccountController.java class that responds to the HTTP GET method. This method should accept a customer ID as a path variable and return a list of accounts for that customer ID. If no accounts are found, return an empty body and set the HTTP Status Code to 204 (No Content)."> Extra Account Endpoints :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/account/first-service/index.html b/cloudbank/account/first-service/index.html index d67079007..6f65b7e22 100644 --- a/cloudbank/account/first-service/index.html +++ b/cloudbank/account/first-service/index.html @@ -33,24 +33,24 @@ package com.example.accounts.controller; public class AccountController { } Add the RestController annotation Add the RestController annotation to this class to tell Spring Boot that we want this class to expose REST services."> Implement First Service :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/account/index.html b/cloudbank/account/index.html index 8aadfd4b0..3f7027e3b 100644 --- a/cloudbank/account/index.html +++ b/cloudbank/account/index.html @@ -21,24 +21,24 @@ Account Microservice :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/account/intro/index.html b/cloudbank/account/intro/index.html index cd9e1e2d5..c38e147db 100644 --- a/cloudbank/account/intro/index.html +++ b/cloudbank/account/intro/index.html @@ -33,24 +33,24 @@ Objectives In this lab, you will:"> Introduction :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/account/jpa/index.html b/cloudbank/account/jpa/index.html index d6501ed83..062343a1c 100644 --- a/cloudbank/account/jpa/index.html +++ b/cloudbank/account/jpa/index.html @@ -25,24 +25,24 @@ To add Spring Data JPA and the Oracle Database drivers to your project, open the Maven POM (pom."> Use Spring Data JPA :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/account/prepare-database/index.html b/cloudbank/account/prepare-database/index.html index 0a1c83b46..b4aa1e8b5 100644 --- a/cloudbank/account/prepare-database/index.html +++ b/cloudbank/account/prepare-database/index.html @@ -29,24 +29,24 @@ $ kubectl -n application get secret DBNAME-db-secrets -o jsonpath='{.data.db\.password}' | base64 -dIf you don’t know the name of the database, execute the following command and look for the line DBNAME-db-secrets."> Prepare Database Objects :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/admin/index.html b/cloudbank/backend/admin/index.html index 442b825c5..6b88220da 100644 --- a/cloudbank/backend/admin/index.html +++ b/cloudbank/backend/admin/index.html @@ -29,24 +29,24 @@ Oracle Backend for Spring Boot and Microservices does not expose management interfaces outside the Kubernetes cluster for improved security. Oracle recommends you access these interfaces using kubectl port forwarding, which creates an encrypted tunnel from your client machine to the cluster to access a specific service in the cluster."> Explore Spring Admin :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/apisix/index.html b/cloudbank/backend/apisix/index.html index 21ae06ff2..15ebcc7a7 100644 --- a/cloudbank/backend/apisix/index.html +++ b/cloudbank/backend/apisix/index.html @@ -21,24 +21,24 @@ Explore APISIX API Gateway :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/config/index.html b/cloudbank/backend/config/index.html index 42873260f..8861e7940 100644 --- a/cloudbank/backend/config/index.html +++ b/cloudbank/backend/config/index.html @@ -21,24 +21,24 @@ Explore Spring Config Server :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/database/index.html b/cloudbank/backend/database/index.html index 2d3181f97..2d069d156 100644 --- a/cloudbank/backend/database/index.html +++ b/cloudbank/backend/database/index.html @@ -29,24 +29,24 @@ In the OCI Console, in the main (“hamburger”) menu navigate to the Oracle Database category and then Oracle Autonomous Database. Make sure you have the correct region selected (in the top right corner) and the compartment where you installed Oracle Backend for Spring Boot and Microservices (on the left hand side pull down list)."> Explore Oracle Autonomous Database :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/eureka/index.html b/cloudbank/backend/eureka/index.html index ace47f97a..af2d615ba 100644 --- a/cloudbank/backend/eureka/index.html +++ b/cloudbank/backend/eureka/index.html @@ -21,24 +21,24 @@ Explore Eureka Service Registry :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/grafana/index.html b/cloudbank/backend/grafana/index.html index dcd860543..ec34ac126 100644 --- a/cloudbank/backend/grafana/index.html +++ b/cloudbank/backend/grafana/index.html @@ -33,24 +33,24 @@ $ kubectl -n grafana get secret grafana -o jsonpath='{.data.admin-password}' | base64 -d fusHDM7xdwJXyUM2bLmydmN1V6b3IyPVRUxDtqu7Start the tunnel using this command."> Explore Grafana :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/index.html b/cloudbank/backend/index.html index f2f221f32..7982c06d8 100644 --- a/cloudbank/backend/index.html +++ b/cloudbank/backend/index.html @@ -21,24 +21,24 @@ Explore the Backend :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/intro/index.html b/cloudbank/backend/intro/index.html index 1c5d60b20..76a9947fb 100644 --- a/cloudbank/backend/intro/index.html +++ b/cloudbank/backend/intro/index.html @@ -37,24 +37,24 @@ Review the components of the Oracle Backend for Spring Boot and Microservices Explore how microservice data is stored in the Oracle Autonomous Database Learn about the Spring Admin user interface Learn about Spring Eureka Service Registry Learn about APISIX API Gateway Learn about Spring Config Server Learn about the observability tools included in Oracle Backend for Spring Boot and Microservices Learn about the tracing tools included in Oracle Backend for Spring Boot and Microservices Prerequisites This module assumes you have:"> Introduction :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/jaeger/index.html b/cloudbank/backend/jaeger/index.html index a191ca914..8eed88df6 100644 --- a/cloudbank/backend/jaeger/index.html +++ b/cloudbank/backend/jaeger/index.html @@ -33,24 +33,24 @@ $ kubectl -n observability port-forward svc/jaegertracing-query 16686Open a web browser to http://localhost:16686 to view the Jaeger web user interface."> Explore Jaeger :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/backend/k8s/index.html b/cloudbank/backend/k8s/index.html index 72ad28096..f4a9dbacd 100644 --- a/cloudbank/backend/k8s/index.html +++ b/cloudbank/backend/k8s/index.html @@ -29,24 +29,24 @@ Kubernetes resources are grouped into namespaces. To see a list of the namespaces in your cluster, use this command, your output will be slightly different:"> Explore Kubernetes :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/categories/index.html b/cloudbank/categories/index.html index 11b323397..f8fb638ae 100644 --- a/cloudbank/categories/index.html +++ b/cloudbank/categories/index.html @@ -17,24 +17,24 @@ Categories :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/check/check-processing/index.html b/cloudbank/check/check-processing/index.html index 78f9a33b9..a13e684e4 100644 --- a/cloudbank/check/check-processing/index.html +++ b/cloudbank/check/check-processing/index.html @@ -25,24 +25,24 @@ Create a new Java Project for the checks service. In the Explorer of VS Code open Java Project and click the plus sign to add a Java Project to your workspace."> Create the Check Processing Microservice :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/check/create-queues/index.html b/cloudbank/check/create-queues/index.html index a53f2a4c8..328c6d9a6 100644 --- a/cloudbank/check/create-queues/index.html +++ b/cloudbank/check/create-queues/index.html @@ -25,24 +25,24 @@ ```sql grant execute on dbms_aq to account; grant execute on dbms_aqadm to account; grant execute on dbms_aqin to account; commit; ``` Now connect as the account user and create the queues by executing these statements (replace [TNS-ENTRY] with your environment information)."> Create Queues in the Database :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/check/create-testrunner/index.html b/cloudbank/check/create-testrunner/index.html index af7078653..04b50c49d 100644 --- a/cloudbank/check/create-testrunner/index.html +++ b/cloudbank/check/create-testrunner/index.html @@ -37,24 +37,24 @@ Specify 3."> Create the Test Runner Microservice :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/check/index.html b/cloudbank/check/index.html index 61161d687..8c1dbfc79 100644 --- a/cloudbank/check/index.html +++ b/cloudbank/check/index.html @@ -21,24 +21,24 @@ Check Processing :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/check/intro/index.html b/cloudbank/check/intro/index.html index b09c3df0b..9be3101cb 100644 --- a/cloudbank/check/intro/index.html +++ b/cloudbank/check/intro/index.html @@ -21,24 +21,24 @@ Introduction :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/check/learn/index.html b/cloudbank/check/learn/index.html index 9a7936976..2db6c6496 100644 --- a/cloudbank/check/learn/index.html +++ b/cloudbank/check/learn/index.html @@ -25,24 +25,24 @@ In this lab, we will assume that customers can deposit a check at an Automated Teller Machine (ATM) by typing in the check amount, placing the check into a deposit envelope and then inserting that envelope into the ATM."> Learn about the scenario :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/check/test/index.html b/cloudbank/check/test/index.html index 8056e05bc..9bbad83cf 100644 --- a/cloudbank/check/test/index.html +++ b/cloudbank/check/test/index.html @@ -33,24 +33,24 @@ ```shell $ curl -i -X POST -H 'Content-Type: application/json' -d '{"accountId": 2, "amount": 256}' http://localhost:8084/api/v1/testrunner/deposit HTTP/1."> Test the end-to-end flow :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/check/update-account/index.html b/cloudbank/check/update-account/index.html index f0f1dfe1e..87e345e8d 100644 --- a/cloudbank/check/update-account/index.html +++ b/cloudbank/check/update-account/index.html @@ -25,24 +25,24 @@ Create the Journal model Create a new Java file in src/main/java/com/example/accounts/model called Journal.java. In this class you can define the fields that make up the journal. Note that you created the Journal table in the previous lab. You will not use the lraId and lraState fields until a later lab."> Add Journal to the Account service :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/cleanup/index.html b/cloudbank/cleanup/index.html index 2a8bd0d91..4a3d6d205 100644 --- a/cloudbank/cleanup/index.html +++ b/cloudbank/cleanup/index.html @@ -21,24 +21,24 @@ Cleanup :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/cleanup/intro/index.html b/cloudbank/cleanup/intro/index.html index 08ef6ac0c..173e7cbc1 100644 --- a/cloudbank/cleanup/intro/index.html +++ b/cloudbank/cleanup/intro/index.html @@ -37,24 +37,24 @@ Clean up your instance of the Oracle Backend for Spring Boot and Microservices and other resources you created during this Live module Prerequisites This module assumes you have:"> Introduction :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/cleanup/uninstall-free-trial/index.html b/cloudbank/cleanup/uninstall-free-trial/index.html index 981476e4d..3476ed33f 100644 --- a/cloudbank/cleanup/uninstall-free-trial/index.html +++ b/cloudbank/cleanup/uninstall-free-trial/index.html @@ -37,24 +37,24 @@ Navigate to the Compute Instances page by clicking on the link on the home page of the OCI Console or opening the main menu using the “hamburger” icon ( ) in the top left corner of the console and searching for “instance”:"> OCI Free Tier Cleanup :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/cleanup/uninstall-local/index.html b/cloudbank/cleanup/uninstall-local/index.html index f4189a8f4..7ee30e695 100644 --- a/cloudbank/cleanup/uninstall-local/index.html +++ b/cloudbank/cleanup/uninstall-local/index.html @@ -37,24 +37,24 @@ docker rm obaas "> Local cleanup :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/cleanup/uninstall-mp/index.html b/cloudbank/cleanup/uninstall-mp/index.html index f0226e42b..38ce2fdfc 100644 --- a/cloudbank/cleanup/uninstall-mp/index.html +++ b/cloudbank/cleanup/uninstall-mp/index.html @@ -33,24 +33,24 @@ Make sure you choose the Compartment where you installed Oracle Backend for Spring Boot and Microservices. Click on the Stack Name (which will be different from the screenshot)"> OCI Marketplace Uninstall :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/css/format-print.css b/cloudbank/css/format-print.css index fff7ba64c..1954f12e3 100644 --- a/cloudbank/css/format-print.css +++ b/cloudbank/css/format-print.css @@ -1,5 +1,5 @@ -@import "theme-relearn-light.css?1725631905"; -@import "chroma-relearn-light.css?1725631905"; +@import "theme-relearn-light.css?1725640716"; +@import "chroma-relearn-light.css?1725640716"; #R-sidebar { display: none; diff --git a/cloudbank/css/print.css b/cloudbank/css/print.css index b9b689736..c61bba811 100644 --- a/cloudbank/css/print.css +++ b/cloudbank/css/print.css @@ -1 +1 @@ -@import "format-print.css?1725631905"; +@import "format-print.css?1725640716"; diff --git a/cloudbank/css/swagger.css b/cloudbank/css/swagger.css index 256dc3e65..b80aa5c8f 100644 --- a/cloudbank/css/swagger.css +++ b/cloudbank/css/swagger.css @@ -1,7 +1,7 @@ /* Styles to make Swagger-UI fit into our theme */ -@import "fonts.css?1725631905"; -@import "variables.css?1725631905"; +@import "fonts.css?1725640716"; +@import "variables.css?1725640716"; body{ line-height: 1.574; diff --git a/cloudbank/css/variant.css b/cloudbank/css/variant.css index 392cd1c1a..732073223 100644 --- a/cloudbank/css/variant.css +++ b/cloudbank/css/variant.css @@ -1,4 +1,4 @@ -@import "variables.css?1725631905"; +@import "variables.css?1725640716"; html { color-scheme: only var(--INTERNAL-BROWSER-theme); diff --git a/cloudbank/deploy-cli/build/index.html b/cloudbank/deploy-cli/build/index.html index 896c60552..afc1382c4 100644 --- a/cloudbank/deploy-cli/build/index.html +++ b/cloudbank/deploy-cli/build/index.html @@ -33,24 +33,24 @@ [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary for CloudBank 0.0.1-SNAPSHOT: [INFO] [INFO] CloudBank .......................................... SUCCESS [ 0.916 s] [INFO] account ............................................ SUCCESS [ 2.900 s] [INFO] checks ............................................. SUCCESS [ 1.127 s] [INFO] customer ........................................... SUCCESS [ 1.106 s] [INFO] creditscore ."> Build CloudBank :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-cli/create-routes/index.html b/cloudbank/deploy-cli/create-routes/index.html index 7b2865346..ad3c429d9 100644 --- a/cloudbank/deploy-cli/create-routes/index.html +++ b/cloudbank/deploy-cli/create-routes/index.html @@ -33,24 +33,24 @@ kubectl -n apisix get configmap apisix -o yamlLook for the key: information in the admin_key section and save it."> Create APISIX routes :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-cli/deploy/index.html b/cloudbank/deploy-cli/deploy/index.html index 0dfffa834..383312984 100644 --- a/cloudbank/deploy-cli/deploy/index.html +++ b/cloudbank/deploy-cli/deploy/index.html @@ -37,24 +37,24 @@ Start a tunnel using this command:"> Deploy CloudBank :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-cli/get-code/index.html b/cloudbank/deploy-cli/get-code/index.html index 87b4e3adc..1b3c6c546 100644 --- a/cloudbank/deploy-cli/get-code/index.html +++ b/cloudbank/deploy-cli/get-code/index.html @@ -37,24 +37,24 @@ The source code for the CloudBank application will be in the microservices-datadriven directory you just created, in the cloudbank-v32 subdirectory."> Get the sample code :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-cli/index.html b/cloudbank/deploy-cli/index.html index 70933fea2..2b5dac732 100644 --- a/cloudbank/deploy-cli/index.html +++ b/cloudbank/deploy-cli/index.html @@ -21,24 +21,24 @@ Deploy with the CLI :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-cli/intro/index.html b/cloudbank/deploy-cli/intro/index.html index 18dffeb87..06f80e6e1 100644 --- a/cloudbank/deploy-cli/intro/index.html +++ b/cloudbank/deploy-cli/intro/index.html @@ -21,24 +21,24 @@ Introduction :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-cli/verify/index.html b/cloudbank/deploy-cli/verify/index.html index 9391b87ff..2c2bb9c2c 100644 --- a/cloudbank/deploy-cli/verify/index.html +++ b/cloudbank/deploy-cli/verify/index.html @@ -33,24 +33,24 @@ NAME READY STATUS RESTARTS AGE account-65cdc68dd7-k5ntz 1/1 Running 0 8m2s checks-78c988bdcf-n59qz 1/1 Running 0 42m creditscore-7b89d567cd-nm4p6 1/1 Running 0 38m customer-6f4dc67985-nf5kz 1/1 Running 0 41s testrunner-78d679575f-ch4k7 1/1 Running 0 33m transfer-869d796755-gn9lf 1/1 Running 0 27m Verify the all the Cloud Bank services deployed"> Verify the deployment :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-ide/build/index.html b/cloudbank/deploy-ide/build/index.html index 9d87bb5e7..9d574f737 100644 --- a/cloudbank/deploy-ide/build/index.html +++ b/cloudbank/deploy-ide/build/index.html @@ -33,24 +33,24 @@ [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary for cloudbank 0.0.1-SNAPSHOT: [INFO] [INFO] cloudbank .......................................... SUCCESS [ 0.972 s] [INFO] account ............................................ SUCCESS [ 2.877 s] [INFO] customer ........................................... SUCCESS [ 1.064 s] [INFO] creditscore ........................................ SUCCESS [ 0.922 s] [INFO] transfer ."> Build CloudBank :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-ide/get-code/index.html b/cloudbank/deploy-ide/get-code/index.html index d880bad8d..25abdfc7a 100644 --- a/cloudbank/deploy-ide/get-code/index.html +++ b/cloudbank/deploy-ide/get-code/index.html @@ -37,24 +37,24 @@ The source code for the CloudBank application will be in the microservices-datadriven directory you just created, in the cloudbank-v32 subdirectory."> Get the sample code :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-ide/index.html b/cloudbank/deploy-ide/index.html index 17f167242..f84331c6d 100644 --- a/cloudbank/deploy-ide/index.html +++ b/cloudbank/deploy-ide/index.html @@ -21,24 +21,24 @@ Deploy with an IDE :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-ide/intro/index.html b/cloudbank/deploy-ide/intro/index.html index ff25b1e2f..3c209d615 100644 --- a/cloudbank/deploy-ide/intro/index.html +++ b/cloudbank/deploy-ide/intro/index.html @@ -25,24 +25,24 @@ If you already have completed the module Deploy the full CloudBank Application using the CLI You can skip Task 1 and Task 2."> Introduction :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/deploy-ide/using-vscode/index.html b/cloudbank/deploy-ide/using-vscode/index.html index 44f9016d9..e2de3aad9 100644 --- a/cloudbank/deploy-ide/using-vscode/index.html +++ b/cloudbank/deploy-ide/using-vscode/index.html @@ -29,24 +29,24 @@ The Oracle Backend fo Spring Boot and Microservices VS Code plugin will ask to specify the Kubernetes config file full path as shown here:"> Using the VS Code plugin :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/db-access/index.html b/cloudbank/devenv/db-access/index.html index 11946407c..a28748350 100644 --- a/cloudbank/devenv/db-access/index.html +++ b/cloudbank/devenv/db-access/index.html @@ -37,24 +37,24 @@ Make sure that you have the right compartment selected and click on the database name."> Database Access :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/ide-plugin/index.html b/cloudbank/devenv/ide-plugin/index.html index 63110425c..c60d8d121 100644 --- a/cloudbank/devenv/ide-plugin/index.html +++ b/cloudbank/devenv/ide-plugin/index.html @@ -21,24 +21,24 @@ Install IDE Plugin :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/ide/index.html b/cloudbank/devenv/ide/index.html index fc3a7f9e9..c4052d877 100644 --- a/cloudbank/devenv/ide/index.html +++ b/cloudbank/devenv/ide/index.html @@ -25,24 +25,24 @@ Spring Boot Extension Pack Extension Pack for Java Oracle Developer Tools Note: It is possible to use other Integrated Development Environments however all the instructions in this Livemoduleare written for and tested with Visual Studio Code, so we recommend that you use it for this Live Lab."> Install IDE :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/index.html b/cloudbank/devenv/index.html index 5e426a435..f2f60dcd1 100644 --- a/cloudbank/devenv/index.html +++ b/cloudbank/devenv/index.html @@ -21,24 +21,24 @@ Developer Environment :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/intro/index.html b/cloudbank/devenv/intro/index.html index 24506e992..b7981d1e1 100644 --- a/cloudbank/devenv/intro/index.html +++ b/cloudbank/devenv/intro/index.html @@ -33,24 +33,24 @@ Windows 10 or 11, preferably with Windows Subsystem for Linux 2 macOS (11 or later recommended) on Intel or Apple silicon Linux, e.g., Oracle Linux, Ubuntu, etc. The following tools are recommended for a development environment:"> Introduction :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/jdk/index.html b/cloudbank/devenv/jdk/index.html index 0333f7da0..8ff1ab9ea 100644 --- a/cloudbank/devenv/jdk/index.html +++ b/cloudbank/devenv/jdk/index.html @@ -37,24 +37,24 @@ export JAVA_HOME=$HOME/jdk-21.0.3 export PATH=$JAVA_HOME/bin:$PATH Verify the installation"> Install JDK :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/kubectl-config/index.html b/cloudbank/devenv/kubectl-config/index.html index 4ecf3601a..c6d88fb10 100644 --- a/cloudbank/devenv/kubectl-config/index.html +++ b/cloudbank/devenv/kubectl-config/index.html @@ -21,24 +21,24 @@ Configure Kubectl :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/kubectl/index.html b/cloudbank/devenv/kubectl/index.html index 391989863..9fcc58aaf 100644 --- a/cloudbank/devenv/kubectl/index.html +++ b/cloudbank/devenv/kubectl/index.html @@ -29,24 +29,24 @@ Install kubectl from the Kubernetes website."> Install Kubectl and OCI CLI :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/maven/index.html b/cloudbank/devenv/maven/index.html index 6644301d9..d66b7f155 100644 --- a/cloudbank/devenv/maven/index.html +++ b/cloudbank/devenv/maven/index.html @@ -37,24 +37,24 @@ Decompress the archive in your chosen location, e.g., your home directory and then add it to your path (the exact version of maven might differ in your environment):"> Install Maven :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/oractl/index.html b/cloudbank/devenv/oractl/index.html index 38e2bee70..03f8549e0 100644 --- a/cloudbank/devenv/oractl/index.html +++ b/cloudbank/devenv/oractl/index.html @@ -37,24 +37,24 @@ To install the CLI, you just need to make sure it is executable and add it to your PATH environment variable."> Install CLI :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/devenv/sqlcl/index.html b/cloudbank/devenv/sqlcl/index.html index 5b5c01ac6..ab7ee56fe 100644 --- a/cloudbank/devenv/sqlcl/index.html +++ b/cloudbank/devenv/sqlcl/index.html @@ -33,24 +33,24 @@ export PATH=/path/to/sqlcl:$PATH "> Install SQLcl :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/index.html b/cloudbank/index.html index 96f725f42..8c0ef968d 100644 --- a/cloudbank/index.html +++ b/cloudbank/index.html @@ -5,48 +5,48 @@ - - - - - + CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/index.search.js b/cloudbank/index.search.js index 917899b7b..80e772176 100644 --- a/cloudbank/index.search.js +++ b/cloudbank/index.search.js @@ -609,8 +609,8 @@ var relearn_search_index = [ }, { "breadcrumb": "", - "content": "Welcome to CloudBank AI - an on-demand, self-paced learning resource you can use to learn about developing microservices with Spring Boot and deploying, running and managing them with Oracle Backend for Spring Boot and Microservices.\nYou can follow through from beginning to end, or you can start at any module that you are interested in.\nWhat you will need To complete the modules you will somewhere to run Oracle Backend for Spring Boot and Microservices. The instructions in the Module 1 provide three alternatives:\nLocally in a container - you will need a container platform like Docker Desktop, Rancher Desktop, Podman Desktop or similar. This option is recommended only if you have at least 64GB of RAM. With less memory this option will probably be too slow. In a compute instance in an Oracle Cloud Free Tier account. You can sign up for an Oracle Cloud Free Tier account here. This account will include enough free credits to run CloudBank. In a commercial Oracle Cloud tenancy. If you have a commercial tenancy with sufficient capacity and privileges, you can run the full production-sized installation. This can be installed from the OCI Marketplace using the instructions in Module 1. Check the instructions for a more detailed list of requirements. Regardless of which option you choose, the remainder of the modules will be virtually identical.\nYou will need a Java SDK and either Maven or Gradle to build your applicaitons. An IDE is not strictly required, but you will have a better overall experience if you use one. We recommend Visual Studio Code or IntelliJ.\nModules CloudBank contains the following modules:\nModule 1: Provision the Backend This module guides you through provisioning an instance of the backend using Oracle Cloud Infrastructure (OCI) or on your local machine using Docker Compose. Module 2: Preparing your Development Environment\nThis module guides you through setting up your development environment including and IDE and a toolchain to build and test your applications. Module 3: Build the Account Microservice\nThis module walks you through building your very first microservice using Spring Boot. It assumes no prior knowledge of Spring Boot, so its a great place to start if you have not used Spring Boot before. This module demonstrates how to build a service with a synchronous API implemented as REST endpoints using Spring Web MVC, and how to store data in Oracle Database using Spring Data JPA. Module 4: Build the Check Processing Microservices\nIn this module, you will build microservices that use asynchronous messaging to communicate using Spring JMS and Oracle Transactional Event Queues. It introduces service discovery using Eureka Service Registry (part of Spring Cloud Netflix) and Spring Cloud OpenFeign. Module 5: Manage Saga Transactions across Microservices\nThis module introduces the Saga pattern, a very important pattern that helps us manage data consistency across microservices. We will explore the Long Running Action specification, one implementation of the Saga pattern, and then build a Transfer microservice that will manage funds transfers using a saga. Module 6: Building the CloudBank AI Assistant using Spring AI This modules introduces Spring AI and explores how it can be used to build a CloudBank AI Assistant (chatbot) that will allow users to interact with CloudBank using a chat-based interface. Module 7: Deploying the full CloudBank Application using the CLI\nIn this module, you will learn how to deploy the full CloudBank application to Oracle Backend for Spring Boot and Microservices using the CLI. If you prefer to use an IDE, skip this module and go to module 6 instead. Module 8: Deploying the full CloudBank Application using the IDE plugins\nIn this module, you will learn how to deploy the full CloudBank application to Oracle Backend for Spring Boot and Microservices using one of the IDE plugins - for Visual Studio Code or IntelliJ. Module 9: Explore the Backend Platform\nThis module will take you on a guided tour through the Oracle Backend for Spring Boot and Microservices platform. You will learn about the platform services and observability tools that are provided out-of-the-box. Module 10: Cleanup This module demonstrates how to clean up any resources created when you provisioned an instance of Oracle Backend for Spring Boot and Microservices on Oracle Cloud Infrastructure (OCI) or on your local machine using Docker Compose. ", - "description": "Welcome to CloudBank AI - an on-demand, self-paced learning resource you can use to learn about developing microservices with Spring Boot and deploying, running and managing them with Oracle Backend for Spring Boot and Microservices.\nYou can follow through from beginning to end, or you can start at any module that you are interested in.\nWhat you will need To complete the modules you will somewhere to run Oracle Backend for Spring Boot and Microservices.", + "content": "Welcome to CloudBank AI - an on-demand, self-paced learning resource you can use to learn about developing microservices with Spring Boot and Spring Cloud Oracle and deploying, running and managing them with Oracle Backend for Spring Boot and Microservices.\nYou can follow through from beginning to end, or you can start at any module that you are interested in.\nWhat you will need To complete the modules you will somewhere to run Oracle Backend for Spring Boot and Microservices. The instructions in the Module 1 provide three alternatives:\nLocally in a container - you will need a container platform like Docker Desktop, Rancher Desktop, Podman Desktop or similar. This option is recommended only if you have at least 64GB of RAM. With less memory this option will probably be too slow. In a compute instance in an Oracle Cloud Free Tier account. You can sign up for an Oracle Cloud Free Tier account here. This account will include enough free credits to run CloudBank. In a commercial Oracle Cloud tenancy. If you have a commercial tenancy with sufficient capacity and privileges, you can run the full production-sized installation. This can be installed from the OCI Marketplace using the instructions in Module 1. Check the instructions for a more detailed list of requirements. Regardless of which option you choose, the remainder of the modules will be virtually identical.\nYou will need a Java SDK and either Maven or Gradle to build your applicaitons. An IDE is not strictly required, but you will have a better overall experience if you use one. We recommend Visual Studio Code or IntelliJ.\nModules CloudBank contains the following modules:\nModule 1: Provision the Backend This module guides you through provisioning an instance of the backend using Oracle Cloud Infrastructure (OCI) or on your local machine using Docker Compose. Module 2: Preparing your Development Environment\nThis module guides you through setting up your development environment including and IDE and a toolchain to build and test your applications. Module 3: Build the Account Microservice\nThis module walks you through building your very first microservice using Spring Boot. It assumes no prior knowledge of Spring Boot, so its a great place to start if you have not used Spring Boot before. This module demonstrates how to build a service with a synchronous API implemented as REST endpoints using Spring Web MVC, and how to store data in Oracle Database using Spring Data JPA. Module 4: Build the Check Processing Microservices\nIn this module, you will build microservices that use asynchronous messaging to communicate using Spring JMS and Oracle Transactional Event Queues. It introduces service discovery using Eureka Service Registry (part of Spring Cloud Netflix) and Spring Cloud OpenFeign. Module 5: Manage Saga Transactions across Microservices\nThis module introduces the Saga pattern, a very important pattern that helps us manage data consistency across microservices. We will explore the Long Running Action specification, one implementation of the Saga pattern, and then build a Transfer microservice that will manage funds transfers using a saga. Module 6: Building the CloudBank AI Assistant using Spring AI This modules introduces Spring AI and explores how it can be used to build a CloudBank AI Assistant (chatbot) that will allow users to interact with CloudBank using a chat-based interface. Module 7: Deploying the full CloudBank Application using the CLI\nIn this module, you will learn how to deploy the full CloudBank application to Oracle Backend for Spring Boot and Microservices using the CLI. If you prefer to use an IDE, skip this module and go to module 6 instead. Module 8: Deploying the full CloudBank Application using the IDE plugins\nIn this module, you will learn how to deploy the full CloudBank application to Oracle Backend for Spring Boot and Microservices using one of the IDE plugins - for Visual Studio Code or IntelliJ. Module 9: Explore the Backend Platform\nThis module will take you on a guided tour through the Oracle Backend for Spring Boot and Microservices platform. You will learn about the platform services and observability tools that are provided out-of-the-box. Module 10: Cleanup This module demonstrates how to clean up any resources created when you provisioned an instance of Oracle Backend for Spring Boot and Microservices on Oracle Cloud Infrastructure (OCI) or on your local machine using Docker Compose. ", + "description": "Welcome to CloudBank AI - an on-demand, self-paced learning resource you can use to learn about developing microservices with Spring Boot and Spring Cloud Oracle and deploying, running and managing them with Oracle Backend for Spring Boot and Microservices.\nYou can follow through from beginning to end, or you can start at any module that you are interested in.\nWhat you will need To complete the modules you will somewhere to run Oracle Backend for Spring Boot and Microservices.", "tags": [], "title": "CloudBank AI", "uri": "/microservices-datadriven/cloudbank/index.html" diff --git a/cloudbank/index.xml b/cloudbank/index.xml index 0819ba99f..6adbbc677 100644 --- a/cloudbank/index.xml +++ b/cloudbank/index.xml @@ -3,7 +3,7 @@ CloudBank AI https://oracle.github.io/microservices-datadriven/cloudbank/index.html - Welcome to CloudBank AI - an on-demand, self-paced learning resource you can use to learn about developing microservices with Spring Boot and deploying, running and managing them with Oracle Backend for Spring Boot and Microservices. You can follow through from beginning to end, or you can start at any module that you are interested in. What you will need To complete the modules you will somewhere to run Oracle Backend for Spring Boot and Microservices. + Welcome to CloudBank AI - an on-demand, self-paced learning resource you can use to learn about developing microservices with Spring Boot and Spring Cloud Oracle and deploying, running and managing them with Oracle Backend for Spring Boot and Microservices. You can follow through from beginning to end, or you can start at any module that you are interested in. What you will need To complete the modules you will somewhere to run Oracle Backend for Spring Boot and Microservices. Hugo en-us diff --git a/cloudbank/more/credits/index.html b/cloudbank/more/credits/index.html index 98821aa87..56696ca26 100644 --- a/cloudbank/more/credits/index.html +++ b/cloudbank/more/credits/index.html @@ -25,24 +25,24 @@ Credits :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/provision/index.html b/cloudbank/provision/index.html index 9a2de6b4d..1d6f78505 100644 --- a/cloudbank/provision/index.html +++ b/cloudbank/provision/index.html @@ -21,24 +21,24 @@ Provision an Instance :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/provision/install-free-trial/index.html b/cloudbank/provision/install-free-trial/index.html index 6d9e8806d..ddbcc618b 100644 --- a/cloudbank/provision/install-free-trial/index.html +++ b/cloudbank/provision/install-free-trial/index.html @@ -21,24 +21,24 @@ Install in OCI Free Tier :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/provision/install-local/index.html b/cloudbank/provision/install-local/index.html index fa616df88..023bb28f8 100644 --- a/cloudbank/provision/install-local/index.html +++ b/cloudbank/provision/install-local/index.html @@ -21,24 +21,24 @@ Install locally :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/provision/install-mp/index.html b/cloudbank/provision/install-mp/index.html index c2be21bd8..67a8a0d1f 100644 --- a/cloudbank/provision/install-mp/index.html +++ b/cloudbank/provision/install-mp/index.html @@ -29,24 +29,24 @@ This option installs a “production-sized” environment which includes an Oracle Compute Engine for Kubernetes (“OKE”) cluster and an Oracle Autonomous Database instance. If you want to use a smaller, development/test-sized environment that only requires a single OCI Compute Instance, please use the “Free Tier” option instead."> Install from OCI Marketplace :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/provision/intro/index.html b/cloudbank/provision/intro/index.html index 7141670fd..840a462aa 100644 --- a/cloudbank/provision/intro/index.html +++ b/cloudbank/provision/intro/index.html @@ -29,24 +29,24 @@ About Oracle Backend for Spring Boot and Microservices Oracle Backend for Spring Boot and Microservices allows developers to build microservices in Spring Boot and provision a backend as a service with the Oracle Database and other infrastructure components that operate on multiple clouds. This service vastly simplifies the task of building, testing, and operating microservices platforms for reliable, secure, and scalable enterprise applications."> Introduction :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/business-logic/index.html b/cloudbank/saga/business-logic/index.html index a2654f46b..1dbbf9894 100644 --- a/cloudbank/saga/business-logic/index.html +++ b/cloudbank/saga/business-logic/index.html @@ -25,24 +25,24 @@ The deposit service will be responsible for depositing funds into accounts. It will be an LRA participant, and so it will need to implement the LRA lifecycle actions like complete, compensate, and so on. A significant amount of the logic will be shared with the withdrawal service, so you will also create a separate class for that shared logic, following the Data Access Object pattern, to keep the business layer separate from the persistence layer."> Implement business logic :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/dao/index.html b/cloudbank/saga/dao/index.html index dc01efa52..682356e99 100644 --- a/cloudbank/saga/dao/index.html +++ b/cloudbank/saga/dao/index.html @@ -21,24 +21,24 @@ Create a Data Access Object :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/deploy/index.html b/cloudbank/saga/deploy/index.html index 5d617a0ac..67d22c10a 100644 --- a/cloudbank/saga/deploy/index.html +++ b/cloudbank/saga/deploy/index.html @@ -25,24 +25,24 @@ Note: You already created the Kubernetes secrets necessary for the account service to access the Oracle Autonomous Database in a previous module, and the transfer service does not need access to the database. You also created the journal table that is needed by the update account application in the previous module."> Deploy services :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/deposit/index.html b/cloudbank/saga/deposit/index.html index d90510861..97fa227f8 100644 --- a/cloudbank/saga/deposit/index.html +++ b/cloudbank/saga/deposit/index.html @@ -25,24 +25,24 @@ Create the Deposit service and scaffold methods Create a new directory in src/main/java/com/example/accounts called services and in that directory create a new Java file called DepositService."> Create the Deposit service :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/index.html b/cloudbank/saga/index.html index 5b312f55c..7f117c7fc 100644 --- a/cloudbank/saga/index.html +++ b/cloudbank/saga/index.html @@ -21,24 +21,24 @@ Manage Sagas :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/intro/index.html b/cloudbank/saga/intro/index.html index 447bac94c..137e9e720 100644 --- a/cloudbank/saga/intro/index.html +++ b/cloudbank/saga/intro/index.html @@ -37,24 +37,24 @@ Learn about the Saga pattern Learn about the Long Running Action specification Add new endpoints to the Account service for deposits and withdrawals that act as LRA participants Create a Transfer service that will initiate the LRA Prerequisites This module assumes you have:"> Introduction :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/learn-lra/index.html b/cloudbank/saga/learn-lra/index.html index 4ec3ac33a..ad26266ac 100644 --- a/cloudbank/saga/learn-lra/index.html +++ b/cloudbank/saga/learn-lra/index.html @@ -25,24 +25,24 @@ In this module, you will explore the Long Running Action model."> Learn about Long Running Actions :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/learn/index.html b/cloudbank/saga/learn/index.html index c1661597b..79a6d9c34 100644 --- a/cloudbank/saga/learn/index.html +++ b/cloudbank/saga/learn/index.html @@ -25,24 +25,24 @@ Database per service The Database per service pattern is a generally accepted best practice which dictates that each service must have its own “database” and that the only way other services can access its data is through its public API. This helps to create loose coupling between services, which in turn makes it easier to evolve them independently and prevents the creation of a web of dependencies that make application changes increasingly difficult over time."> Learn about the Saga pattern :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/prepare/index.html b/cloudbank/saga/prepare/index.html index abb2aed77..ba1f80253 100644 --- a/cloudbank/saga/prepare/index.html +++ b/cloudbank/saga/prepare/index.html @@ -29,24 +29,24 @@ ```xml <dependency> <groupId>com.oracle.microtx.lra</groupId> <artifactId>microtx-lra-spring-boot-starter</artifactId> <version>23.4.2</version> </dependency> ``` Update the Spring Boot application configuration file Update your Account service’s Spring Boot configuration file, application."> Prepare the Account service :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/test/index.html b/cloudbank/saga/test/index.html index 77d3871da..83d76d7d9 100644 --- a/cloudbank/saga/test/index.html +++ b/cloudbank/saga/test/index.html @@ -29,24 +29,24 @@ > **Note**: If you prefer, you can create a route in the APISIX API Gateway to expose the service. The service will normally only be invoked from within the cluster, so you did not create a route for it."> Run LRA test cases :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/transfer-service/index.html b/cloudbank/saga/transfer-service/index.html index d313f721b..f5b75936d 100644 --- a/cloudbank/saga/transfer-service/index.html +++ b/cloudbank/saga/transfer-service/index.html @@ -25,24 +25,24 @@ Create a new Java Project for the transfer service. In the Explorer of VS Code open Java Project and click the plus sign to add a Java Project to your workspace."> Create the Transfer service :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/saga/withdraw-service/index.html b/cloudbank/saga/withdraw-service/index.html index b5ed6d3e2..a2dc70130 100644 --- a/cloudbank/saga/withdraw-service/index.html +++ b/cloudbank/saga/withdraw-service/index.html @@ -29,24 +29,24 @@ ```java package com.example.accounts.services; import com.example.accounts.model.Account; import com.example.accounts.model.Journal; import com.oracle.microtx.springboot.lra.annotation.AfterLRA; import com.oracle.microtx.springboot.lra.annotation.Compensate; import com.oracle.microtx.springboot.lra.annotation.Complete; import com.oracle.microtx.springboot.lra.annotation.LRA; import com."> Create the Withdrawal service :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/springai/index.html b/cloudbank/springai/index.html index d9fa2f117..0900482f0 100644 --- a/cloudbank/springai/index.html +++ b/cloudbank/springai/index.html @@ -25,24 +25,24 @@ CloudBank AI Assistant :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/springai/simple-chat/index.html b/cloudbank/springai/simple-chat/index.html index 05aea6919..6342d6631 100644 --- a/cloudbank/springai/simple-chat/index.html +++ b/cloudbank/springai/simple-chat/index.html @@ -29,24 +29,24 @@ Oracle Backend for Spring Boot and Microservices provides an option during installation to provision a set of Kubernetes nodes with NVIDIA A10 GPUs that are suitable for running AI workloads."> A simple ChatBot :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/cloudbank/tags/index.html b/cloudbank/tags/index.html index 4baadedb8..9a16dbcb0 100644 --- a/cloudbank/tags/index.html +++ b/cloudbank/tags/index.html @@ -17,24 +17,24 @@ Tags :: CloudBank AI - - - - - - - - - - - - + + + + + + + + + + + + - - - - - - + + + + + + - - - + + + diff --git a/spring/cloudbank-hol.png b/spring/cloudbank-hol.png index 1a1d9180846026fa32421cfafbfb6163be278438..f4deaf73cb6691bea424499bc174c5866d18ff2f 100755 GIT binary patch literal 67032 zcmd42cT|&I^DfL|M@1At6a+*-nt+840i_B^?=6UcbP(w!B#;p{WIh1 zXO_MU3|D$i{{9;9E^}mHpcQMWJv9je?#!RhyKOp4!>z*(78JCeU3kmD*ePOK`y$ws zRjnM#^zGbxc$~z`^PI3QZ8lLTQ?0?-GfzV<MN>aeTD1&`w-i=xk_5 zGk@9H-P!rMGw-ab-hUb;{g10ibt1yg! zrPZo)O7CdD0Ki`4Qx|aq)zP~zM38paBG zLExt~z4J}9u0J?+73B;vcM zV;E~$DIyfSZ{3dDbS@CicJRdvZvgwd)+B0Ivt%@r9szCYUYhS|r*`~x@`$`IpT2gB zkKDK1@eJL z7CNcRHjt}v$v3|7*o6#ohj`|o@8Pd1yg4Ydg)D5oQ4r&^A(!=zeCvt9ga851tF51SG2ZP1NI+} zkSSzNw_9Wsbpzu}c4ZM?zC5CHXx&J_USC6?K`vMzd;pTe4B_AMPm-`%p@p*?2VgTE zIU$@U=g`1zv`%jG2K7rL_RyBG^bqZ~x+WG5KP2#@!7X8raz})!_FoWNh4dOc8(cun zEr{q5^;ks~oyjZVP~^B$c9{gYA=sey6@}IUXA*(1b!ddiBEbM}Cy~OOFEt_!{-9tq1S0 zi7E3#)rj~GAVi0_#R2AoDUYs(hVUSV|9tUkO624Q-z6MB0-vuIJPtIty8&Cz*(X}R zncOfuHpA*{vw^N4!v&Hx2$<#4zNUW^K^c=|L{<22`tt@0{Prd;3mz}?xVP7fSu^s- z(mGH5szkVuSZLN!Bvzh@=%hcyWvpGQN%A$&BdoHAcb>l>qI_hX`LQ#Z@*5Q8d4qm= zBwi@E7}2XNBhY)I28K5n15)WbaK2e7=p8 z^Egu<5U4iz&SvPR#^57E2~PZ#cJfL}Sb^>&pC%wpDR`$YoJ(YDjBh*8gV>x|!Yy3@ z1ccnin%*EnAa*#c>dOZ zyV&dOVBl^>n$}F@W(ae>W(JEAIX>M3xxyowpYAz}^rCi3inYf70WNi;w~kaxNegM$KUL%aTg7jMxh!-5l=!M;s*ET1wY#0G*PB2gx)%C}@!bTW^!7IYf4pX# zj(uU!g3+wiR7MKfTEJZ8t`NWZQgqAuaJKXm+Pr`_L-OK1Cho@VdZ=&dt2M~Sn}eFq zq;D&^6=AtbJSkgQdZ;EF0fpnEy`f{Hr)fbWS<@G{#{*)9&Nk(IbkT+@>oO141{vKy zFmM}eEGtFrOl9EuyVtL>yeGMAVy}m7uA~G2BnA;$N8?XG8e6fYBWC-+0HPg+_!!u@ z+`rqfZPd<|^%(5#*_?wwD<2$O9AaJqSJpDM*%+$mcR|c+_L}WOqz6Zyp=vN!P~1vj z&ls2{itV`O_x>etpe?dYM_LMCZgl;`&ZDGfFYJ?m>b#8C^v?*ljwfg1LxF2)zcQ<> z3qvuQkdb-P57AJYbC7eh;`kvAMpc2u)Ko@@Sw*wKvp;^)0x`$yMb|<40{C>JyU!eg zqJ~aqrRXP>TrcFgd;vi1UX2)t=U(oi>Wnihr>a;Ip6&G&1Rv`O(DN(5LJq#SG!+4kJs)Rk)gvP7>=pW|3;M_HS zJ3-~JB}T9)Ill37LQFBYeb*s0kQAA8|AVcS5KiZUDrwkyVJFu;k;VV_ejC1Zow{D= zBrWqf1UB-_!79p=8O18j8xI-P(NTU>8?Y^n78SEGYLx*HPc+HE_2GlUjx`%wD(3s}{z8)YQ!#Qp^B@l~G!r?AyrW>Rnu^qk08vb#-5r_a|>-m%W-M&(W0 zbhnuJva)>u>{$heh=*yAQPExM7G5;3d1|$|a_XT#WPWdo{V&GBpC7-v@9sSvB;1O! zb5H$4e$8m#5m}UT?h`Yv(&^dzYbWwQA%FZT;%jfUc3W zqa~30K`=trEK}y7=pyt|<8xc965{np{H9Uc9sc1rg9Ii1=Sff*rD%&VRKqV6vP-`P zbG1`10x}Rq2d>ZzUY{>Zp(dKWL);)plJMK9NbG|0dI zuAL77q7HL}jgOW+u%Z{hNe;wY4Fmhg8Y(^tTD$+bA>F%{R4of?el7Y+)s zrYV7{LYuwD8a6e*q{Ck(8ZKQI6DELaudci33HP>q{CbMvPL#Cw>`NW#4(NsBQVouS%p#6d4mOmbE*6v&C>Bsc(SC)*mx%uF2DZlsl-6_#bQPBH|J;V5i z+F^I?`r4RpEZrsvt=&u#jXPte>QLzE1K#lT_cyaP_r~w~I2hwr=0!wAs!Hm|v1%cH z<#j-Dg9_vN$GpaNWNiV|!j0a*P0^{toG!=mr1@_V=TTS94RXw?fu5DNhBirDQjan- zxqF4jZx{9o63mdqZz^9LyjfM_1&ih1PEAfaW=%58!+YGew+qYrpdZ{l@S6+2$o|;f z6zlA_&p{-iG>=gCtLW9j$))y%PKexx8`i}iCO{fVupipd754)Z5)xo8xR*TJ*9YQZ zZp}Q~9=*a#<2UG&A&ogsCM)bLlIr)>@;v3PX`Ahdg!f3dopUMQny;?Zf9YRY9$UhC zE+d510S2(^m5Gys+XZ{(NJ&b~hF`y@X8d=&rSIC|0xD%7=|hPh_Y&)Dk$^_5zF(vy zCL&5!Gc*ej3Ntk|FTF>f!0A+FP5#&os2x^<>%M;)8=Lg2MFw!Jy(XV=Qp?LBSaal| zhRwr%;!&|qH4Of(AJd>Od3I*vUDT!Ol8W*E1P(S`VZ|lZUzF zKkM>}r)SHDN`kVrt_zZV^4BCRS#*V!dS%`Srym0A-I|zgJ&Ifr%`84N_#*Uw zeWr;zJVd{0zD+E|1UTJFoHy(o{yteK(D%`EBcsJ) zaxUQ#(u)A_G@ETyd*HzZ7fZAf$fNK>mdahdF^;GczloZ>MR~zHY$%k?woH0v`oTNY z*47WI=vnDWBkGrMle9x&0L~>&lD2Oc6x}#TZizefQNr{-n+#o+0;!8!C$f}3{zn!A zdC`AlF|!4!(jVbk`xvsj~cgpn3LouP%D4ut?_gDC2C5!rhAbbDu)S|F#XIu3^9eU*7f(N zuO?%uc+~&i|M`9sfm)8N%!1I>a=ryXMo6PZW&>vSD%vHXu|F`P^3Dc?kx~XD?35sV6_8&X{(5R6J#%_n$A~ zKucW`_1j&?Qti}4<(aPBPfwpG^F$JeRf+LpW*}nej){@)L3&Jj~3@ z=bvt0@HIQQz@W|f-^)U=q;_3}o!1HkChzwpjn4tFZl`DjklN?6l_S|%Janx`);zz1 z;_023GbnyP1!&J8f9gN?<_G((&%`+m?JTO6Xc$`s^p%P?8S5#}6NinU)uG2B&DcJ+ z(ld~f7@ccUc6)Es1fY#o`{Erzh_KRJTslHbbkt95e^26wxwD(W@4~-f=c9^fx)`xJ zB8CayOnNW)anfC68w*gR{E1h(OFDye&@8|neGUussFc$8iyIk|e=7Z^GvW`4TC{cpm9kxt?fU>kb% z9N9^g=?o7|JYO;@@*^R;HH^OF+z2H8UzJYDjw<5(bV}%nmVvsQWc|&U;+D<*OSw)D z!%MaVuA>Rll8b-aq}pgFnzQKx>4}d3*wz4Q+%2L7C|Mec6NJ92{b{f?G!`N$24}Lj zf;r_kDh6RYmC7q3okDkVn=Xs#3{BRftlzH&b->gp*hIbl=w`daWU8 zuGNzfkX=1hEZ&U9ows|cE4^r-$g0nwsR@ufu#7Hnje7nv%JJz{j$2~*%cEgi0)A6=oWFo zPalPhP9~$OKt#rt1)s;4K^J<#+A6x=R>5&gl4h~}y`=TJi+pr%Zc^^+3nP7{QP;2MM*vx<)cUek(*v>86~-H$S$Yij5ZCOw*2Wl_$Dl#c!5`^P%W5;j+k462ib@B2{rSHb zSX0n*;aT3SO@6U4BGfiVNnq)PWTwv^5Udp9JL3}5&3Wd8_y^n{r_o3MxhSEbX6qK2QGV*L2$i0*%V$`GCU=BjXitz+?4Qy zn{*bMfD~vqE|*ZS>Z;JV;1O%+S^82sT&oCJh%qbFeps$%c?1eu^ED@-93|*P4*Yhf zz5ucNs9@CvG#etx@WegxdL1sO9@*9CKPS?u0X5~4y8wA1s86nNPEV!{Qu89Ic_E6c z4O~bGw=Sr>)+57ds~(LNC9gi>a)JLAyYiScf33j-H%XWE^dlC*@?>`J#`heYgAIwl zJ%T%4mSv}Ly9<`F+07Wb+1gvxU*rFc&*vAd{!Kazn+@m| z;`;ryD#Azh&N}(0>hrRdxNL(rAbk}rxKgj*n|bn;-mdel@YA>;L_Iz`{g0y0Wz!$Y z%SUB~+}<`ZkF#;q`i;Y@`a&DHgY}#Q?#>*MVH_!ib%4CEI`Mu4Hvg>4gHcc*zR^1l z+n&s5j7J*rl@$srrLmgc)kd+Q1u1ItAM?iw0a3s+^tiI${IpED8d&GttVRMB2I(VG{^OTajq9l0`=e9Y%>Cvqf6{KJG(MEgvwBPt${<=mxo$08ik+fQx zd$|{f9&kf8pVZKVsn?qR)TG3Ejt&57E@dkfRZZyu;6UF!B9zp6ZqjMm<}Zy)Nq`Mkr$xiGuBKlc4Z zvDj=tVx|N?Tm^c|^oc4TV6Go(KfFF3^<*e+BxbyLfg9&F)&{kRCq7|3j}DT!+UNJ) zoynu>w2z`z(diZrN2|mui-Vtk__u1om(XuLa90}nzvRaYzDl7iPG3mtHSp0hvuen{ zW@qyzAv9Sc`;N=z_+{IIvJ`VID{o)q@@Fpb$F5!qJ&L@HoRJP1I{xLOzLmxN4;dQG zT8bosZA{1Nlq|bEW7nqK>$8I{Xyw~D3{)h}&A}xnBT^{iHY!|-3qz(u`WO9wA4>e% zWkN<&tDd@~Uf$%qB(T$wj1XF{5Q0UCbcxxvUFDZxdg5xt_uS_i_6FCLAYAVG>2ETq zr;iLAL=i0ysypY3s`p%Pp7P<9R{oQ}f8-fzU=tJf#&?-C`d&g$9xiGLb#Q(ZTfFd7 zOaRs`8-eTXq8@lC;*}w0SlB`P%%D9zNOejcF&t0lYh0&cpeL>cZJr zohf*5`+fV8F@!{YeWa!#Enk;UO2#vL8Y^kpF??62h;e}%7*A&mY&VNB?!VGG7X`|n z7Dn3Li|H7JE86@{nHz|5T6go^l)ct<=HYFbB|*kXRfSnmSw)^Mn>XGPypu`_2WqPO z&tBx;QE8^8i-4-HJ=(99yKZ;EwcYQpY|$@Lae*JMoR>Q{pYWdD6Zkm0Yq zCY5)B{1wUFKFv~i>tCGuyMozo$eYJz+tYhfIx;&GjkL*d$sL4WCBH!skP?I^5Btwu z5Io&|B=6njtW*Aaqq+}|6Di_XXlDg$%07=>j!*lnZ&V!Uc~F;x>akqOfnT z)WrP`6PFna!#P6JKONOHnjN*jA1@6uIxEVrb{ezXV5-t{lpi^O19`!I*p%HqH>mAc z|E?6_TzMcM+AxS;L3%OFSXa=ZR)U2l8UM<|(8bJ~40@KsWR3{eWu9~yQ_QScpJI~? z?uQpY#^t|d0Rtyn3=2e`n`;GZqdAcQp6&rS(N@3+pW?f12-h}u^nnxbG@Sl%#pEyuqYY6ZCjm$eRFUly0j zKd)8R%5gq znsF>=$!b`$%BRN~H=6M}NLJ&@7tG`{Sd|ScQULO}!W1LaaYoYoa&rLpHfJ6-9D3sxB;Fg$s3>K{V#;+>;|@Vyv=?jY!IBUQ#&9@{ORl5NDW zq&FRgNJ|h=H#jzYJ8P^Vqc=5L_`NdJo^ffAU*Jo+gdNO1$9JUbMH1e{BL0wh!sT<4 zWAc41$n!0Kj(bm`j9m*icmkfF@?4Skeq9eA)7^(59`G<|pZ=#5%8U1d)_570d(XV| zMJTxvf3=Qzfe4of^8@0I63Tx9D06^P@?IA+db zi;c1FcLgZoM|%o1GwQ^9KAZ6xO06!=clIY%C z^?|RznZccah68Vy7fNN@$h2fpwdpjD_;aTD8c|2G}aKA8F| z(=W$-_#SO1dO&$|iExV2m4R;V<8;>aO=A~G>|TAn6s6do&7GZ*KzWMxtNHp;6CVlIE8yi)+Q!r7@^N&S0VUNYR=9o#68u`>R~ ztOf~Ubh36tC9N4-r9^^)7N8zu(d<>-0dOxllJxFd70WuOd^9$E-;RAY@R<6r3r!ta z0?%~dC6Livl~i~~Hx)5z;lAAreT|M_-x-Sn*V*aQqCu1~S^zpKX*L2%ogT@0byC7I z$ZNHl$Qpim1q~h!KkO~VL<=fyF707q!RsNFH9IeDE7~k|P1!3es$g+(aV}oIL{VyE zW<^an_q<&@sP)4bdKRA)-s=^z=4RdI>Lp3capR=()R$V9GqWKg)izCc+Ys_NHLH$Z;n-r=wmE~&hUADc(b(ek9;f)(bB^BC z8INBbTH_6jUp{AiBruL#Hs{dlE-;yrnMQW{dNprzQ@ts~?sgkc%XFVdAWuWZcKSygR!w=EeK_x;W!xF?g#kRi|a8w)ii^a`#P3j!8h)Xv+O#_c+gD;!U30 zK!NzQDKmb1!ynV0*7nN5d)kx<9p!p1JPH&hLPB!;?Nzz^2j<3i;#=J@kP$H5l{^U} zn}o5mU|j6){t^x4>QTCn3cPR76>_3m!c@*&*6=pahSY-U3hz(%&cQBgX_XR6J|pVW zOj>^9^hy3y_iwo#erT$PS}w@*n4B^8MRq-6odh(%>EI`qwIGMK$5FJ{lF!*EjD)mO zK$>{ZrOwjH6k*>@w9~Oq-fF*H;ex)8m41t);da6ZX9!RLtXn6hr@Sl%mw`<4NO*Rt zed52bJzK!kuybDDX6+a zFTGK;F3+W}<%AyXf|aFH^`p>m+>6L!2Tf3d_(84HwBQtrgkYb|daMEX1x=E!`*n z?_o86#5QX_tq#{wBA>h^5hhgJZi&69Ny|978ueq~0U( zNFDb497lWUt5DNg9q6$U;w z*q1HN5GCmXVo>|a1{Rs}f#&7jTwNQ;{pTSqEOh$T`~AJ-c%Ou9QjegL(>4q$>7dhDTPn^ACpv?sFBJ|q@UESR3 zy`%t`&hsFoa*pERvn%DCqDHl(dp|86($^T{ic$ z-Qg)bVB&l@hgLfL3Obg)0D$Vr;dPH;0`hvaJ(ByS%#P&e2}Rutphc$=p2g3y8wS?( zu8GPI&ox4_@u(x_uBv%h$D%(Ys5F|$?aZUFXRQ=0z(;vrD=%ZK%E!t<$HMPpt31W= zhZ+wHyJKJG@ibf1yLvr!@GJe$lix|GOX2}_y8qGtP_pHy5~b|=2ieA6C@kbZD-Jdp zTaC!f*-1-d(y~aE#|LCK5Q3F+-19g1XNJib>EJ)t2(b?EZQ|_P{Uw+@lRt0j|t!lVguWeK*U=lB#N2%S&nD1wn{oWV6#%_3t zPGcGr$)X~SG{OpJ41cR3H`#@;8B`s27q>r@mc;RuW8)=}gNq%9weFa1RcIZ2{+x#I zj;miT)dK@d3%{+BCqRd_Ey-{vPwExrId#qPSgR?%Ml9g<_c22Ga=4>+?$I^yBbh7^ zSr=w%eS`f7k)ZYBFZH8!x1xU0@t20z|=vnq&u5jv-T|2WJ0 zusQnW18#7>kY({E+0|D-KP@s-a^rRAP&oTcX%eLlL^z~54`BDNY@5yVHRQb#3Z8G6MX12j!S&I9Lx65@DkIz7+{kv(;D8#l<$uludSLWa{ZFwG|Z= zE*Il6mJaEmWs2MG0AVI*Z~EKhdH;a5aj|JX=~it zm~_kfcbDCxxxG0W@){r7G37k>HC@+RK2}z4+cGl<9yv5@+UrMU{`lz3;!?wKn<=r8 zw^M_nG4ge{r^>te>2zmF=?5M2igxSfOz!E15-5Iad_>>7lCpOEgJWJ^pA)PnSsdK! zOd5j|N}QpvQpg-OrG&I6c*@3u1gfS;j1u#@=ispVA9m#VLLHvmKM1Y2!m3G452=J^ zw`S&HNc2st&z0Fl+ z2gDaq50!I0*L~j7L7gT|KHZjlL7O{%OJOV#wT=lm{61l&=w8uasvN%85HS5Tx9+X& z? zKR23ZCVzYXVXUf%BcL?hbF0);Om`@cK%^dNhdu|w+Xy9gT~}_LWw^E&V;1vLN5@ag z{YYw8snU8PLM(T*+H+=e``koyu1idk{4ZwqkNQc7=?jpp{x0v4`>kl8<$h}R<5ju` z3@o#Bvy@&2sj6~(SCY(suLgtt#lTFeh;kMXf8FfG7+2DUnq%`099_~QcK zedrlVB*8(yd+o@;a4cZMH~<;RJX7Z|+}NX$<8l590D1577dJl2&i2x4gUV#{44`dj zVxUyxx{Gy_zu|$9a<8jvM)R(E?iV+`P88Uz9ki}+4?L+vjLzEmMaf?0q+&8UlKoNX zsKmDFvBLQ9`RGHQ{qOAb)vmRIF!#U(c_ezgwef%V4WQX#as2tiDkrFQaa4kWJB60r zoex+kd%W}Ux8Tfi1T(ScLYcX{d$Kul;NG^lYDl6Rkq68>JoF*_wLtKZ-d^20VM;S8 zyuo&JiG11^`o@302MGuksD$0$gWT!IV;@dV1y5@vU5wzi5S~~7)PA3Yq`y%_P2OH= zZ%lO$ldx|6A+@mOF(0d`ik~*H`_O~0m4k?7Oc7ba7&kvuEkD{*3%rDVLcrh zKeNojX&NW>{b=9{%}lb`iLQxO+~yE9D57T?+6L=09FutjxFJDF8QTY zK*)>gg|NoSfZWo9**X|E)mu-DdCS4&EvwGcDqjE2&x8j(?7XRZTRg;zgO1?5~0 zp;WU_*VX0Yil~+}>l?EYxn0vrzCZN~gt?NqE$Gc`kgM=OgYGZhe^QgcE;z`er$m>& zOWKP$*U1kn-wc|_y3_L-^I1|1a6W%f)KnJYmD#RIKkEB)9@s1wlFCC*Pv~)W4&&ZH zWSN{jI-ZZ28Av<|h`9%KBxE{MW8VhtX-|gc!IWsr3UrgFdxlicl2z_8D*O}&klP7s z)M0GxO4`h0=40llJQzP%^MIp!QD+2pWOh4!KWgPL_Y!h$57nlmfJ%}}*~kjY0&4M(X~ zEYdu^!NIemKVP50>*52}j(Mc17kxC1lV%|1)PZ}K75Ovkt#wTkl*?_N@z-kK&LEE) zB|2wis)o@wS0dI>HD*TJoY&LCL+NeIf#~W9O2|)Me~{G{ZKV)$V0{F&4v@43N|mj@ zR))WjPMB`PU5y>tGjh|K38Pz=4-szV(4of>RF*A!3>ZsIER@Ibyb4E`Tn2~_2&}Wo zH8&KV=)iGHM@KHl)9nh**6N2GJe0WQM5Pew)IVGbWE7Xz5H^>MoiN%X^S;KrR|4EZ z*!VSafp2nk?T+7PD=JYW?6)G-{hfB}66$%ChIEAQ+3!F70!i6XO*6MB&hEfcP}Hpm z5Bed{Bp@&X2&`$hRm{2i`N*_iSHuwiA*{c3rJ8ueOmt7w1~9 z=B^eUB-fJe4iBkLQ~ew|nJ`lQNjT&f_h$-csN-?&4&Xd+ZEJmYLL&p@PyBZqoTjTl zv-MvU$iMe)h;`6tzvx{oX3_Go$m5ep%!%TU$o@QzOuC`r0b8vyK8uYTh6A6Q)+{NT z#^y7;J?IVMcI$@G9E`s<^6)-$ac1N%b{`;_e$P=GwK4pKiw*5`78U=C@aO9s8p-vz z%NhIm=o;sQH_c^hyBb~hgEsEW`{}F5b-E<#q<P6!j7$yGZY4C2!Ri>WZ22P;F<&Q*j}>;G zkeVQ>Fjnu8Gh4=Ttg5_HgdBL#h&JRIah@5*Tay4MzEBvW@0=CBx3U`Wy;cSp6+`uw#N$s$9XhPOYCkB$svBQSIur-?1_q!4cWUwC zB{Ck!e@+svixin?Pq^!jINLf<(*YsYQ_?$)zNO&{iRg9ASSq3L;<~q8$1w4ZqT>wb z4xeWD1a0w&Z#ZGn6o&mf0#j6nO(@v`EH$_ z=MkJ-&;xCH*m()kdzYRaMLl~lxF%-pQBDcCo4|Y94l!H2P+jc8m|0Yw@&hV>F zMLoYp!iHbfgmk;Hu<2nO<+q$?{b8Hw>os-sAU^AyNbzZK*5%2dX@aK@I#l5|bvJMK z2KwBE8(sw3QZCbLg9So=H36?V+^nlGy-UVj?%SkXA;)J+9^a=0dAnF9iM34ZW{0*{ z&$so+tDz=l<^hy%znBWe>G>6;S zj?IMWR}<7ui8@_O`+D*FBs=@CG~MfLZQgsQo;oQeOsAv*CT-AZCEy-j@I$ zd9=^t5{!HfJ~vw-Dt2ptpXD?yOf8*sq<`U;tDDkAzQ|`meJbJjjXuI+2bwg*K=J2v z$2>w&CW5TiU=lNs&+W;txv$>b$3eUQZ)(oAPY-$IRT0#4tE@5EnHBIWAb_sec9gin; z6p~ib6zev;VUEkU6$0q_oA47<0!C(*xvXZzLn8_*Nb{W5g*Aj*ONzDA2@a4A&36HN z(gJWr2OTQ5Z)Q|tNUO}0>kZ^xda5efesq{S>k}S7e3WeNJFVpX4|6X>q#Ey4jBe2V z{NSsK?|%paR-wez5@)!hzCuWBq$BA9SH2F)+R85Vv z{a7D@`3xWd94_$lQ^!1Yyq$Yc*@|uw6>PU9TE2e!O>wTqeF*ew>Hc)*MyUO!<5P9@ z5?p}=Xd==V^OH(L5pR09R5asJ=Ck#>`yR(+h)u>O*j~4jp$UA@**phsGaad3CIrVQ zr=Sbjx>Acj)4=-S!`05kpj{>z3{vKL;dg=F+VIHLJ~kSRPR1YCZ82#kDD`kHckS>v zm-6q(=N4r)t;yvcSiyteDvuS*UeTI)Or+I9BUb1J*yf>@>D~(XV(T{}70&T69(M6z zO$&L~fu}iJTnVp}RUn%yy~I!X%A30{$k@odutXR{Ld1~|hOnh+&urHT<-9e;gM9&r z3T_x}u?MpPLVKs2w=q+vT4e2zleF6bwqo}o-54~RXg8@`Xt@Be)ELG!nT$U={}0B(dNnG4W24R zJ;_~E{wa09eEUtjf92*TBn5g)l)C}lb;w0$De_S=c5dDoeoqfBKa87Gxtv1hPUr}T z%>ZRlSJQHL<%LUH=7C*P8u*OGturz0ht@ADoA1MZHF1U=iKaI}%>Y())d(gmU>Z}H z)I_iOcD5Tb1?{YIL)ecuS9vJhEo7%vnZ(e*gZqqC_4GqrzZexB(TOZpI>&pK-aWaz zc)7cZ4PGVa)0&e%-aD^qwo{m21xSI$#(OKVa z)j=0fcb;(5>-stFm-}zqRwHIkL8F0o_&R5V&+3nmQ z=sxg!5>85+(x>psu2q4C!Oe-c{o5+9gZscq?^OEb7^_lw-$t!Pa^0e%XWW0m9w*Bt zaMVRS6qu%SL6o09$}q1f02O|yNh8H8#~PFunG)?`=sZ=>X|MaQv8y2 zdv4rED~_zyfW9Gk8__qWpiNj>?-&|159MZmG_3Wa_%h>tNkKT@GM$j6ACfkD5_P@r z&aKkDy$V6lPKU$Zz>$O0_pakV!LX2R7IpJrD06RIM0=$R4H^jr8k-ufa$_4mf%@A)cz-x|iph6b!GF1& zFNcZobkFe6MzoXw6m`n2vPVgRl3 z*{`E*ns1%8J#TAT{-KG3U6)yle%IjGB;XnyU#w5ONO-U*cVT1eoBVKKAZ5!bYn^0w zbFR@hJIS`MM7eJJ_yejlH+?=SV1$h@m2sHV1$?M%zxXZSx4j(>Fxc=vzOVO2vw!wp zD$7#4qU1Efx@XwReXg}884P>&wq{3RB&e;ws?G6NU*482MsHrpVW!79?$A;Ey?C2q(mR z$n-&MPH^Y{xPv3=lMjrs_}!s+xNePMmv4^-3LetrXnMZo8QR zLM$LkplTiT!Zc{~&bFLinLm&8WJue%!_0$irJ!1W3<4n{FBJSF>M`~G#M-h+qjyK( zFoy8`NEvyhxywXi(y_3s>41G~FlKkEbB7MX&ZYWCi#0s5-=nBvZ(PMs_9AOzW9~HD zg(QhK)Ugu9%(~e#3awu`+}`Y`qDyhZ&xNCkK2V{7GJzc_|6O-eph=xa)l`O&`B+u; zzO%0Brbk6(LrL^GsIb=aR_G5a6WmDT`I6Z!NQ8GLsw0$ zWqeDjL-D4l#uxb*i|R99?^TW#XOG$09NgL=o6KeZxfSL5bk9dRG#uH^w7ZU?jlDmoNX)HP~Up=Y9|E4ziZ&LuL4ktgl4YF&!HSJ)*gBTU}tY$ z-+QJGnR`3*4Guu>`f-3&%wkc~z3nfp@z<$&@ik$xbPfYkgmbn;dz~(n%QXM5U%oNk zb6qDh)r_|yVb%1L4QAE#m@&*Sew#WwiPX)iUdVko&z=47*X=M)&bhy4OkZYkyph>0 zF8E=3aq2s?B5^pq?R34eHFCa!Iy=5_9PffSrdAJpTm_?g<^v{X$B(ID^_7K^ z&2*GA_L-O^lRZ(M17v?#Pal4oO&n%kQ_JPm)#CZfjfc|2DQ$^K7lWHW$*!~!p?BSP zc5ep8{bH&`yA;bbS_$#rL<|i0Bt4C&&O-6vZ_57+x#EkfzKK=- z3Sw?+o)PjAU22#0_#%V8aYV(!4t{HT_EgPIH`0F^C0G3;GA^VwisE`b`7DQy$Q(kZ zq`+B!TgFwHGkA$nnjq#~2VWj&E%#K7ddx-N+N+$U-wK$Z$m{g}n?!Y3_q3PY@9RcL zd0Y5aXzLbqTiS$TBw*}c+4Xu2A)`5ynm=$@w6y`JsO$V>#>c`$@j20?{s&qXtd-Nd zrT*Q-jAG`Q{UILM$$5>FF4)1(vK8`H$Y`Vn}*#`~0=+E1me z@_l!d0d`UGzVs?W^^|B~I3)m8@A9b{v}tNh+Y^P^@7kd1gX%o(+K0DnPs7K#OiZsa zEu|TN(V&MBuya92ud_GHugxcE=RrY*3NGgD{b1tT(^ZI#v1#w_Guz;=j+{Y@$J6dV zZ&vQ+kOZ1Kr^ZjbrO#o#KLNJcgs_S4T5W&WE_q?TT1<o*WrtSpEc|M_vfv-4}|Te`?1eyHYmO8SxYZZNi9=o3x^K;?ld|{U$z3P#;Lq`hjTtK`NI@< z#@R*|eC$!GgMQESKW4~+?Uts!wrvf5`^#E+Vt~5kspGj!kb-mDA`I3Y+RPD3)1})_ zlvxKphf`38$HpEm(1*M2qp<6}|60I!n6Zjnjq;f7;%QbVqP;6~!>3{QEnk@?khP9} z{$(IRi_lPK|`xZ<@DXIp`_;(zqR1WlHq07SP+9r$e}K zw%-juTmvP#{~v?W^zh6Q)IU()Hh)uhTI7k(_2uzUw&A~| zXhW|^2rWd`RF>?K6xm{oT}aj;J7cSmY!QaCFImSJ>sV(3*JjyYBDzx~}_s!5VTy+{qHT8*!RSRul{+{dj-OapQYRrPk^|nMXnI z;cEZJC^pzOW=(pp)-aZ)?Q!`q8KiJ3poC1cqXhpkOWi7GHU*8B0{`zi@R{EM_xCcP zv0JKkVsyE*zj0)bm@iCcet2#FT_vQo+LAP^C;w4Dkq*jvN)XIf_9FkucN@0c$Z*bBqG7Zlg}wrA7`%^B%QY9L+GID$C3H;tlHx%O|QU zhDawp0vo?H?=^8waJKr?BTjbMP`iCiQ)&56Oc#$Uu($`oD0#!kn7Lc5ZLT`t4`73- z#4e$=Ad>MItW|mNhPEElio@9~v(L>MU)`U-L|`_+q&-Q?>gv)8<6=8aHOmL-H@N16 z(gn=OjB8|q&;F`lpofx2o&q^p4x$-BKC64HTt_X8dlTqgrqju|j{2$*c~!V%wXewp z5jCGq*t|_HLi*Hj;Sf(CL#~aEyzD}3ov$9*wFWl6&!ucah9?7$7CsDp3Bd*V#YN$c z2^_oJ>q~_3%)lfs0SR5t{~4>PW!iKNSj7)qwohiEO8%2FCZqZoFg`K{rEqNVKxF5! z&m~1nMHe*b6^O3xq9Wdn(H)aD4|K+i5PEbhH~nAmq^HtEd( zBZCEyH2-~KToNDa&eoq`_9G}o?h^cc$_I%0@0D%Ba-_AXL{L@(_wPs{yQy;>HUd2J z4wq2;bum*e{FxoKdx|}6)pHbk_GQO_Rlh`(@ADN5X%ua)x8-gLW}OeO7u0JE&uJga zcB#iOK!bw8w`+6gzmWECnGddwD)UZ1AKXsS*0ecmHDnER?w`&QUQY=@R$`VGwS0?NU^8aH*^ zS*q=3W}80~@Ua0|AHPIP15h18qXOybXV4idq^!sOFyH zfh41JutgiA_>DM-TTn8sH3q0myRZFWkdo1zWrj?Dl-P!rd;)FIs ziiF%{8y*bcE=1e_z{RieN7^;@BAPJ{ASQvjdoyg@m%gyB z^8hj;E7c|+lJaaFCr!e~^1K{zn~*_N*yB_omZMw^JDHFA`=O!d3+Bw^UbdwRIm&v- zw!w7wFS61Gu8mDBt8YPfFkrj z=e>#`E3{ePirQnlr7<9t=rynG z=~9IEMFcPaswRS9DQh(u1CMf`)Rlpc~)KGW{}>+|NY1X5@)kT7avk4By@<46LjsaZZvBX zF2eHLHMdCj9GL>(U8r9&=hpLtz`(l_9eRY@9_mIv#pGPQR3OOy``gvs*EEpthSiIy)cPand@_-O3|=wIVYAe&KiDqUF#4J z0A~FnVD83v}L7Q zD}?^_?X1E}1Q!PyXN?iCi40s$sAKnFu>M-n*=Or5L*7?4eQ^cdx0?__s|X0?3;HO;#2_l#UEi zB?1b2-3Ke$VJ6b%gE^J>VqH(~imW`#(9!!sQ`(TqNFJi6t*w3ndSb+0hl$IYYsNDY zR7;MUQ%%dcHUM;}uDJdHFMj0e*))v6){EAIG4x4RYTq1p1hJTx?<9LtU14{KF?k_x zOj-Vch9Tb?8k*$7-{7Mi)Bxb{FcH%g_yn7@oS%v?*|52R&?~(P=@zF8+cPYZ`$Ge- zo6|RZnAMb_a_(y|d3NJ-l%jJg7_s&29h=M4d7p+cm=*yOf0|KmCzS6|=VRXESLpVb%HxFF z2jkhk!1`d248QiuD@JSV&y+lTy8Kp3iee;rEQ57;`aoTwce=r&U~ws?!(SS?u$ z%BlR7n#HpCrTN9pg0&(6Y*+Of1Q&HbaNL(I_}9?IJD-Vll?-@yUoQqii1~r13JCMOkd+O6H%I`RigXHg720F53ML`X2!%h|BcV# z*eu?_+4^XXjr^<;k^Oyf=iP3kk-7eGX+H+AnRVk06RH#&QTU+iu zl+zooTlJb9rRNcP^B}0is~p{ohM$=ym1B4@KcO-C7PQxM0gW}Opyvbw4@1N!0t^|U zN)Oza=;&kQS}*Sp>bs(_QwCp@{CdE@>z0RGbsM2cpRd27E&F|7^I+oFj?WjRLiphUI5AT$!pD>)) zlqhY_&LAo|D9LSpAeuBCkvw8`HO7Jt&YSu!p@=y49Dt}`__vd0@ ze-4~ufyDCDxDPC2Z1Jb9Ow5d$Tz(u~7t!&A{?6)hE_C0?*cpVtek>Nj^ z{bnvPjEoKO)x}EWt-O|TQG?*I2k8$qZ&%N`B}ac>m>)aa4MrP>pzNY-^scS>XYqW- z;y7#SVJ@CELaEafy>#R4l?69j5R7{pw+1=<>guLXlPCv$nfLr5so4Zdo^|evkv0vH zd%1eOfG(x)IX-$t1MHb^VE4=`=$W0)500TX9LkNSt}-QVb}i1ZimEc`aEDeiAvDhk zN&fO`9$h@^gu6V22_sC7Pj6fUJB&>ZhY>J+#rTpU3-%;%&704RX%9LN2uhs_Di3}4 z<&?@mCs0ptG`u5z&ghQ6`Ap7zB0jsO9XI%gtVIBxQc>yce= z`6EJt;r!DO{D&`th{!#eHx+HBzS*0ry--K-n)9&8G{7+xW0pixp1*H{AN zD95h~Q4i8vC%>`%g6-ESF02RX{V@{>69NUPdM|gPB1Zgg2N=<|*c?cA4)FUu;k2W=}%WAyK!kh3>wmCqFKH zJ62cMvfZ#0ac=D+Qa}WZEo*{%@@#D&P02n@nmXARMF74+noIY=zF?n^7gaRio5uUK zX`-$&Z*s>%a397Oa;ly7Z@74^jc-^OEfYfb#t@N9=aA=GQ1H`Gi*1J~MHozKH?0yv zqi{;2PnNwS#^-p{yT1ML-eI++L5M?C)G0~%5hJ}Vea7TVc8cw0pM9sFZn?!d)wj+| zeAMYCH6|4hKSFPMdc{I(&*Ag3EaCzIrJRBWq(xkc4z?uWN{n5mEiPjI{|pN?Dh*h> zDJT}{yew&1xk$L)*rPCJ%*h??^(T^dBA%i4I!|*Qp(dPqvrHlTBh#TQ4RdK>l|*U9 zLydXbfHkMFMI3RbKX(V=!`2HO&oY^_HnV#?+O5GT(DrezuF}wR+Fm4Lw?9e;}T?USJH4X<%WYsSkLvSwz82dnyp-2;rJT{8*@0r%c4V zIY2GtnqZ%>S(@t`x6%wv{CC8olhJLRa)gZDdg$J{nz~m}%g)2@oz;g+V_b6&F+6RJ zABMhmN=sw2%%OfEXEJm`XLd7z8k)ryCYb**e)wvqBg^xeH?e*4m zS*1bO%voN+=>++yv>DiN?z(dg&*GTgsM%?QZj2ssp2fUBZD_2gR(S{i&-LP$F5ZJ# zkCR+R?<-622&D^6&Y8;IYoFh|M(8LgqRsEh<21pa8|ZJVm@};@e&dK`on?D^^q?zIiUal(|kd+o6ArS?}nW6u4TvZxTP#k~-vYD1%^xU?k_v<&EkQ+mxGZ+q5dZwrqXC$Bq>M8Dh%`hHgmWTNV>5xt0pu8CHf(ncgd|{!-TWBJ|oa zpe3*AZ}wTx*M7P1OdtJ30&Z*X$1;{IVufoJJT=GKCdShgseiOLD9CP0X}H%5(+yW_ zVN)>Vw#gB;G3Ove;%^?|obH8Sh#c_ZZO5;UB1=NR)?1Z42ojvR-&uHGi3#_H%snv5 zaM?WYk=KVG<`2h4`3-ao0WnPQ&fX>Iz!G8EO}JM$kztmO=GhK)fe_wRqrX<>75@p- z$aImkJIvxn9u{>6AC?2@z=!p-*MO~*ugg&+2?TP4&T8$HHVw^;@5!*a7&c43LyXp&2RK7n%&x+)qJsF}rW#MvQsW z9}ayL*o_|I$g?Vq_O#^%x7X$Hn9Ht>m_5wO86u~o{OXbcKWPZbhkm)}t!5YIY52^p zVC3g`{SOjf!dX%7=y%_ifUSLt%|~_~X%Wups)5e+BpKM5c-;nVA~H-T=S*zh3nxsA zoxJVR2)=Egz%bh2_)S>VY%{sOKBwEVT9Nx&)$yx<@QqXFpGklVztIdB0zzC*-HPH% zY+7TNvlS8ZN&pD|#&J$0F?8YkLyHP-nMxQy97;X;u^v{&RtneN=sn%6jq30goV1oQ z{+3^HbM0``_Mh3OTy3|W(SG9wnENF>%|7dBDrn9tT$d&bNZ(VL9DZkLo(bAKt?~J0 zgK1vS$$3G=`bO9{nxRiJYIVBkudhVk_Nkn@V5`$9%$CJ^rvlb!Z5M0(t#-rk(H7h4 zle8SOI6(Mj(tbFrq-gCvKrkx)xU!2Fk}iUsDDGzqnH`tF7b7vEVY)~#22%qP1to2US< z(siYey8<-j?fGXB;7jeXELpb?(!Jy0C$ip4*#eku&%B(#YGGa>Vi^0ziELPO%x{4 zuXw_2$mLKU>>&EdJ%-;cAlb@6{}KP{8>)vkiQ$oefM(?`xAD0W@4U(cFf#}KRheE# zUCD@p1!??0U5}F;!i`jkGlp_bpFl1+PA!O1B!ZCspfq)igVR*%RT;?KJHiY7OV#Cl z=6jZ{As>uuH=%BvlauRcp1aifjV(-AgQ>8@+ZOHL*aq7u9jPDsmGc<=q zgn4cLy1$&3P;T7_Z(xl1ifXU5fG@z3hCi#Ab=Wk1XOlc0YuGakc|&PE=RJ^o((#1H zKRTEv&vq5?O0xrAX~WunxzW)40o4$2`Ef)*9UI5T5d9c5HkmJj}B?N{<`oxPLEA}y}xnHoMso3S~H>T z)6Bx{32VkLGP%hL!aY66qrYN#<9^WI9jAR5bg55zV4h+0`txp58dKx%UkyJHYDZ_K z8_4B@xY-56;?qePm(AxulMTt~q&2Mbuf#ip28s0#gZB~?{1%r3FOI3j2zf;je@9w3 z)--@-HQQ=ApWbL!+rDihEkEXAWmXd~ZyN7*EjTSeyBib$|6V<;@FKu9V$MI;-#w}U zM5OI4Af{Rb@68`fTRv`E;PZ3$uu+Cbcj&Q$uU`+4+t}8@+WLWp)!&NNL)*_0spQ$8wkQWFLg$ zf12W+YgiQdSUo*#uhA4(y`6D#BbAgV{um%l_o=yipU#ym)|^ZoA1yjTD&fxU%sIcC z*_mF+PT;fPAr%^6X-SW}eTmP1DBbUiOB!xN7pk`rGVYi>5u6P5dRBP$6;r)d19PKG zj!=u^PYPXG1MYYJY8Kq#YxgB@arL#xCIN-<4#+T9DdhvBpETp4`{s}xvWg=ZGYp{Xoa@IrIbbzvzOB#37C`=`0$|iSm42Vr}}N=@#7Hdr)Z*7oqxT&rd`*MJfj;Z zzSbwy#rWwGMxODblP6Q#-8!5NPs`Yaq^X=15!m%%U=5v6|1!M#sIuvqm>~;>)jE3;S`!BL2wY z+J%#?PM0JJrR01A6)HP&cV5*QiodTp8^{%EYhMr5;4w3X*!21FG8VIZlW}R>Mk@Xz zd_&BDRmZVJaI+4l78-wA2wJibluujP@S9~$TP2Mcb1C`2A~c7nvh*z+%DPU7$Z8K} zCL1a6z^)B6vY<2*uetC^=qCP8_~n0h+=T)gHQ$yDHjWQ+05&6P23PFlCUZ54$v(S^ zk7oqJ_-6r{V(MxX?lO;sYZQt7!?nQF{KJf6g+Mk8+cveV1mxPfK5!bamFCoSw$-+K z>qf7!$V;Y;=)UL)-5Y{N z(&#s8bozMCpfd=jAgEU1(+}tE1Uo})Of|A>ZA~qW3NrND^lcbdvgF#i?F$SHrX<)v z-tM+A^dL-idj1CCp(q%sx<9yFD#Njq^DcSI-cbS_s|Apy%GKC%Y1Yhr_cVC(P z?H{@YFnohhz-55XDz<#?y?B?sQ@tSv+CE}GWdz;{2$s%lpEj7jL}#%=+!3+(ac! zOKfw!!mety*Fet*V!ZBX%46<_G!b}SS|HgF;)!p0X!GEC8KR<_Ht^aP7eCJb<$Hg< zwp1?9SC+yK=oOiwHEM7|_vujKA(i>z6vvhDj^0UJS-+?0%#klS5LR0@TF*#MRXqhi ztjd4HHYXee2ZQQr2WeJs^mzmD`s-C!7seYw^MK=G<4r1S5_YMj`OO$~_K}AK{~6s3Dhh9d<_T}sKk-j4 zTh~Qq^U!7~0O)^E-{<5F{hg1zBJ=#$o_kQEZnUydH%-wO5_*fB-HNHrc1ks!ANYsW zw0_-$Vt*Y0w8h1bj9k2DOx2ML%V`JD_4Cg-^gWL{Uft*Sp1nK2X7Xs~CYt)(-$=`~ za=k>Ayo8Xu8phzv#+&VW0S|n|6-?s10sMQ0ihs|u7zxTY^nY=`^kjAD?Z&|iK6a*c>B z^ab-DQEs?6LpBDjO^RikJxUPtBCGf(d0>+~F5}ji`C(2a?G#5OGrpHbgYle*XMO%{ zNnC0Nm06e{);+l5Fh*(gKwxW{UTe*F7{e}%62vSG z%k!`Libn_0Tas=+f2~;T7g|GWTobQlEtag2Fgk zjhDWb>351BQG}UEF)XcUA73)2W;EReScQn0Gs-a{Q56p;@OXsYSad}sT$!k1JSy`zW-P!S6KEVNR1p7QOqd2o!8A?b)?ZVsc2Ku zjh%fhxr~_=Vqh9!P5fLxZc&Mlo^izT`u-FeFYSGhXm*YcRq$FpjR8_#{232udSq*O zq(`la6{Ni~7nAKTHdDQ@h;YD4IZc&yIv>e88KK*sQ})_4otK(UAd-Z-QaL9?{urzt zP>Vs<6n~(HdotdGohRECI!71ykw=V-ZMDSCa+%va$;&S8!kgz}O50&#=FWEGVurK1 z1>C-eZeun(f|WqJl;fZ4mB(}?IhMTemBCvkEM0(~zVzO&BTypRw7vb1Ndo9$8ac#^L0e2o#+~lofw|HP$ zJ0K+Gyz|VoZJ>0|TTOx1Q#dTzt*v@b!&U_IgH#khIf6uj>NQ^P-e9ns!-DP!Gwk^E z(@a7psybcjkHA#z^$XYeX;T8kSu-!bA^Y&tn^l491B1k3Tu$&7b;1$@24Cxt77{T8 z49LJ_+y%GZ!kpm*T>t!Jab_W0My)&tFjDTiN#{x^C*Cz16ZO6MJbvF|c;v)VQkWJq znxW~UrX^OL_ngei1~@JJdpX&~wqhZ>j!sjxot(IBHXsRyW%8F}RIw07G0oJ2=2H~! zTROydgL8=DihMEik_xamdPP@u7MHU!u)xDc1pfa8AH~zt7(?F z&75-jvMiJyb;WqTf^Dqob&O=)heYUEgAwUh*3)6H{M&r{_PkGoF^G1M)F@rEWQhi13f*gGSJ-z&;y^Gk5=n3KKlM*OL7 z{@?;>O5GWLrQjH>zn>gWNkFuDEm)9q1-Exoi#eGcDu}adlz7S7}HQVm# zkL>4aCRap)YGaZ$YKVq|v9~?lC~H3GZSJw~RvMECAVrOOdRc=|$(O_|?#|{b?Isdq zs$VZ^tPKL&5V~IO-NoUGdZy15xkObHf@}x-%-C+TiGvtsl+BYE9mg; z04HMKZCf6@{4)n_t>@<3u?_tJrVq}n_!isG_+rHos8X>MmgPB9SnriNQ|Mt zPdpxv=QLo?B;Q!mRJ*+4oDeln;q@IjGev~iOLQ_72MwsR z_}4AP3a>zuRFj!9{KhEjdkNa*67%hoax=jwQ7EL;++*Kvy<)p>7hRROpyH-WOen60 zg7GYQGeT=zB`pd>@o{%G8#`NJsP?wK1^PC2Yh=F7vg-_Md{nn1@4SDzP5xsEjy6}+ z1QUNx?tW#krCD^iEiL!=wrtLmPL@KwOxJT2VmfE+;g97vBH>R_zCED#CEfb8vhS=b zPu|i>HM8+2Q7;Ihp`@w|AgMdn1y|xfUOI-zj}kYB!#$Gj#x9Mo?LbA$o6!Nub`aM*b(*Pk;-vctoqub|9LVj^NiT{LQ^gg-aO8{fCA5;)%ds6bu_4q!%9_BCCH=Ffj_c1#WD z-A{&0mwm_ME6lA&gB%?lOI(|Ryyv)PFKN-rS^&-^(qpyD+;=jr>fW*xIDK0?%^nTi zo!Z`FQ}3MeL!w`=jU&l!MLZRF(YqE+>n7-Bq<&Fdm2LNx)cbaylp_9NIn75ua0OTo zkM8MV^;qXyAHF5E_N%J_RezEhEq2S9DcxsbjYBlVjx=BE2MjMnWobI1gfb>I+%dWp zz3}+7{-etXR>7>t*NPV|BRAvw4+)v}VagqP>oMGNW4AY&ni#pIdOq-XDN@#L7%JI9wIG}iz^RB+3m%FF9@5Hp8O$~cvnG8QNg$cc8O--pDx*VdEZ8J z_P5tz9O4tpiU(E=+dfUz5)|z+;nMwL+#4)%{V+DTB^DMomrG|4#EgOJ4@BeX2MX*; zWq3^fYTd%2$%hQOp~n*N_-HU2ywKOY=b*y{irW8C@m6J6TwijW=0yO$2VGbb8B~s_ z+lTK<8hO$Hd0yIHG`kPv_kM+Je6jgdo_l%mkKnG`9ZC z+fTYl$(IyQ77|DlQ`apUv(AMO=JMRxy(e;qUu+O3Z{G!(*!^Z{LHX_dRzDOk4%Iv> zpq29KhkEoMGWnO#*R}D|>SPP3!+2x8h_0P3h1nCxl?>U~vh8*rD=|LCENv8Mp4AD+ z4Zg^#vK4=YF;2D(bjg2bWwZW#4(C&k*ZqLfn9Jywp~G9#K2~!S_&Io{fBu?t2bcJOS+vL$zL`=l{)$c}V)##{Th zM{`K6je?KzOj{+UB7t@Kw0-{-`?9`S+FDTjoHs0LyJOBR=x|f&)z7$+*$Zu?D6u|E zfbn>~EruhHhfbc5<#6=~Y>q$o+8_g=W_+m!C7r&{)bQ(a^3+#iVCF`{EZ^D;TK$3g zGRF#MzCHTPg)38^xaAJtff;_PGRyS@X5fxEvR(}u=Th9(pAI05;1k|femJ_2+LCHUr>1r(8(I>kDoK)we}}!r%Uy=$MR-Y zs=vith&1j+`UcNO2$&FO(1B|ApY_9O^DT_h?x?8);btH@bnh%<=JnZq)f=A%|8DOJ zi${QOr0xBqX}uSoaRxdf<~)TV`Aj*TIUx`k)8Yy*tdx={w$bDR)4EB<(wU*_W`tzX z*PtD4-8=&cc-IOFVOrT&kh8cxfl)BIrz;cL?<~Qg;hu?|+J8qpT*$7x|R zn4^Yz^Sec%%gJN;Ai*qW4|FuAMm8Ew*v9Xg^tGJ1aOh5(g@)NOm&gH9@5fsWvyWp_ zd`MyJ*speIap=hA3SgTzCCWTsa^HQE#mI4Z(3Hp2nBv+N$u^jH@kk{O3TUK1gBv1A z$>&z8qu+(~#jXF7rSZE^FV`IqJk+%Cs?#jAcf@?YrGC(^pO!HmfR8EUE9HT|$!Fz$ z?`t$lt0zd6Ojx-7e&b@ae3dhF(ZY12lqjq3yt3%`fZS5j+>$( z!X(PB?f!hhvZgtUQA~+<+khowztJ)Ay#t+&KUeYz2-Bs%i@dE7Hs^ySZJ@k+O|WG_ zXvkFKB&wl9&Ihk9!+F?wx;J;JiSyu@2Hy%-mQ3%?%c6=>^M-xijR6@~x&v|zZ3w*y z;2hkhfdDTbp=R)v-+Z?S2z>;_Dv(?=o6p;vc%BB`+r1E~@sd0E&~4BlYkn16#sgik zvg|alt;{WqFX~!)CSXe+$Z-A<#W_8|-rl~d9_j<9;5X+qd=(#TjdJB{0m+l8*Q-OeL2o-nO=}M5zA;wrReIk)uR&*f8)0#0B%v&?Md-<)FG0 zCgPeS&48m0n*xJ7pM)?~@VFFEfFcW&)p49}!Y=RKfm!j>z@!(@Z7gY}IwP1`xTN&!^JX8Am!i-0}aihx)(h# zWKRK4{^#Abu_;$qOs7C83W9Y^U{-AHI~ee5fWBfof3Ad-M~8qW6|T@s|8hBcG@%tM zy^d4*N>?tH?Oua#V}rWWI^?&)BIB!e8F$B6`78L02TOF_Q5xlFiU5vU2`1|*km~{5 zCZ?8np`r1&j{95l4ycT2Vhm(mHNM2~5`}m}J}{LJ+H|PJ%JL{sB~F1qk^w-7{;!=( z?jvW~*rf+Q+9?DO%-=GBG!vH<%1o4*|CW!TdE3`^od8@0`nQbOOC4Lej})BG;Y>#G zRwtm1iBHd4t$YoLI?%qIt9Bc{P1)?N*)yfSNzl;tYx4_tJe6^XGe-mUJea2>Gxw{^ z$&2DslF7mCLGDL2xpp*Jdp$uLl9c_8Ce*TJ+N!HvZ#tL4-@>hJc_NpM#O1f6898M= zW6Kd^NK>bpC=;{=cYuOO&3t)Pa61Aj?K$G=F(9dfeO`a^NL#pZD zduk1ga8_E+SLs>I$+qPLAcX>G{k;adgP+L_M_AO|geGQ7l;7qJ_^4xXM!}yPL7-K3 z`*JiT->{ZJSs#5knP9+I4pc=kb$H&p7Idg@iVJka^^lL#u(@UQQ zU#$#fllp)#2o5#+1gL(4hVFdK&-r37GCnG$20)ZFP+0E=DqR~ZF|$>GlFF$3EZ@8I zZw@ETbtR9bqGgyESK4K*&e?D0F0XGCWG=bVR>kg@W)~0_dW?vnfgLekv(?g*?-FjS z>C_`qO~2-Lc}xjY`*qg>C$dST`+a3MLg=69>xy($ zFc@ZK82wO>sd%LN;fcO1FR-Di+GqHXp&3TXl$0j>&qPKJ9gEHbMlR>wlxnH6;9#!j zVI0bz?Zy1~r)m%eIwi+PD-mJZ1q-7%@(k8_OCw3d(gllht^9oJ!|-MJ&qUye9oYVV zH|>IxEAXK^t*1yC@nFpIs4()ezJ+T`tsADMW#Nbvl~1EATbkq<-px zvSMQ6i@Yt^qg2M~3aBcf}}6Tr03M6!0Th*&ru zoEc!Z?89vfIn3>C{_O$qvZu*FE2r99Rk8ua&!}-*VZ+DzCd7$bOk{=ftJ=4Yx}cZH z4*)gUtcQwzi=17^svou?b#bkywrXAuT4(CIXl)7UvS>1*k5(hjT<0g<_G4Rl;V^pZ zsdaX)0;T1mrT9$h0_e^2#8%GdEW)E*?w82RnE^vm5Tn_-UmI)Vh-$E1;|c>*oR!{< zAudXctC2E8k$d3Be{r2@!R~u$H@#^lpjo#zj^!i=4wIvaoNxQacshlR3wRMm4Sn<^ zqFo4w=~?cD$<_Poeg4F9TVa#n$(K@^Nure-awx3*IEgrj_J6?Upbu7<9AQEm3 zk&U75Ya3ic({VBb0W(h~{Xhoy9yFvA-su;p>C5o|dgYTn=}NQGiI!if!ae1{Q1zPD z`j($)_x-f#fiIQpJ}cP;?2KnINyFj{U-`i2jKJS&vy?h?Jox)uUbiy^wITI-;c2|l z9Z=Fa5q?Ddi039)wFDAn1`7X+Ytm>|6qK+5K7nq}>gm^eXr) zpoz_Q$1l%PO4wja=z7GNR|OJCg8OVIS_@Exu`c>!PB*|YCFjSs$Cm`xyy!`hiZ`+s z-|z!E9+fOw$t~yoSfRXLP5<*1>M0N_yjv{0wRhRMPZ&9o-gJWK&Ai|7x@oHdcld+r zP=49cy(kd4ASi0Tr2$AFe-!rYhx5f7HD_EAGaeG77F_nxYI^@54jB4VtAz`ovc8RR zL!_}29VMZ)Wd<;dn^St7@Rx%_d8j~&HyBlh>HR9psP~?jO>)6hPBtN2pGL>YV(lzKgYkE zEX#wHc68)c27au^!xdc%nL{qoAodFoCu3hnJefbJKKMQT$s^YgDs3m|2d3yY4Q zo1Fhx_-BVCfFC`z-tRs~8NPf$nIh!*cQes7B($nH$t&69E77ydQYU$=j~mqwT;oNX zj@t{#Y68||WDRdO+c4u;?_I4~df14jOfw&JpR0_C8O_rKr+WTMT!C@N0?M;9RMT<~ z(g}adccm*P9xS_N3QS=ZUy@h@#~i009k8tJ1=3-S=kF<$k5McI_#(oRfa7>sfjkkf z4J_=aB$3_Z%R`sp+c4WxPJ{3FrMwR@-usf{uQ#mNc)8&9nlS)L{kHOzYRCjFw-3L7 z$&;Gt@=G91zyz4Rf?D9fe}Faf8bK+&6CwGL@5)>B_+%$sxv4&-F6|A??%9QJ-SkB7 z%_-`S3guM)lE1ZAu7F{|o$k{~EHCz>-SYO&e{Ey|q{aQZqW$tRz^lMg;49a~8|Z;l zT@QMasddnMr>apdKb{0Xyzxwg1_A@dIg4-1k-z+ax$Ke434N==Ne*CJ`jbRVuV_7E zIQr6E%4Z0UH%iZ5XK>Tu0@~hx){SIDU3n&wD8!HS>}}6%P;!ME%%a#T!*idG81Ut-U>M*ab-6c4_9n@M}WvIMxfn z_HRany~xe%B?0jbK0h|Wi0Ysp?LCX3N5IJc)GLa=)0G9%#J zO1S;JtR^!krRhv0EFO&a8=XvMlv-{+BG>q&ZQkZ;>Q@|OrTMv0w46}`U=+1j(#~Fj z4mM?XEmxh}RTn@e>w4;sV@V?gKCW_`6E?Z(&1*$9GobMxNvOfqVWt%8WHaAKJ7*n~ z0i`ZrD=%hemk$O}I+Uf93TQcUBz@xEHto zxt+q?jZavY2n#A<0BTeAy#S7Z7{6)&1v!^`(k(& zQP9QnO5*=LtONWLN$E`_FWp*kY~VyG8o2)&e-1%CgJa+2`Tg6#fFEG6C86swCl^Ag zfI9!n#(k^zF<0;32Dtq)EO|rAH8?zz{of|j3xJzEs5|wut4k#&+&E#&%i$M45wZse z_2iiqo;V9;`K>|-76XWOx?0N6Iq?rfxR+BcnkyWa( zvQrtpJO3!XY{=IM#uwRZ|J$r53W)7^5eIM8CriAZ_BCyAgf$^8Z%<<&sZGp(A9>sN ze^Cr5&KFDtJz*Zp7_smF)gSGnLKCoM*WuKM_6FJI=;6bwMpWh@_Hg+q=m1z=c-Q~t zX`ebz_5+vvhq1F(#DJ5BNMXxk0=We6n+~S^`#~$tz>%NgJ)-A5w$J`bl=CO|zrU~Q z0WVpac3TrAO(^k3^ZeUlRwWE_N|O$y1bAeT!u<;Sp}oEY|1~H=#Sqr` z$S9!FDdwyN*m~N>lI@ zc9yXGmsHXyFWZ|QQ? z{bg69rLi}{d3hB6<;VX{57dx~pN}!^KY$Dg&JptwVW*+Qki)=#TkynGphMqKeI!6k zrn*0H=SNU8Nwd$d$=rW&F-Z2`hlX;guYq{sMlH9#V(EDAzO2Uygu zYdCI)+$~_J8HTxUdDH?L%nd=Ju6-5YsexcoQ>Di9@xXF>Y z*e7L-IoO#!_@I*XD>oLyIi71h8~=wAr};UQ=J zc?(8e^l=Sfq#ooQvD)Ye^CL%|G6%E6*n|zMoy0SFaRHTJz60eGb!%2!8f8TPhRg7dPH+8bOkeo zMVnLmd@B(sFHLnXdu`{h3}zT2&3fIpc9eW*tx($ONNH+=soL0c!gdE$hSGCq4kTz&HiU&-}kT|pBACl`) zQzmw$e14s31(q`cTId-$@Gd8nPEflqGNGYQ?DYEMKCwVe+Wc(_$z3BMOw%^#`UQ;$ zgzuIb+WG?%&$_?IM=^eV*K4~#C81Pjx=?W3{vvY6 z(yY5GDRQpwGQq)e{8l?(9sK8m8~*U@$Y2^5{9${`my*{!eqLd>3hX3bMG1>xXNC5^ zhLZU^`)~c+mDXuj*>b(AsHCNTQ*+KOQ@DK|%O0GWVo8pb^-Lj-=Cw{r2mMh!G4mh_ zf9%gCKHB3s(`ow(i^_08<3|hn)plw+Ns95az0R|g1-m4(Cwqq>dlbgG*->W+cD|qYj9PHtcd9%O^`oAcDO7I7EUV%fQP|KBdNZwH<|&OLnIz#)PpNhl6r`n3+kpB#>7bs>5eikgRjk zyR=%p!$CoXL96+L^hmn>6EAfYc4j&nQ{vIkQFgt|T$o@+Ji(3p$#l?VEpAuF8un=Q z?pt6=e1kFeQEFO9;*|~LKGBd;7U$0d^I4+3^Y~nJI5R`3Ih{yIKG@^(i*}OOI5k5z z1IXs;czHN!iag`HNryEB+P8Ge$U?DdDY?&RrwOI7uxQ`KW>&>MV47<&@Pd@}&Bun6 z>h7x{2^Gg^?)J1ZAkG2Zi*Oo!Qc@T49z>Y=je*YT zSJ3tTi-lHC5uJW0jhtumk(Yj>h#S^14=HrfLHc`_2{O?5`rU$$lh3klRg5RzrMJSz zqZ?^W(<8VUs)dFh-e~gcPGNc}_if8fxG-S`#p>pIA@V4pGzU1K4t;yzx)T#56{W;T z>9duxK{<5EV>@H*a_R!0DwDY$ZZCx$je#hs^rj|()Ove^lOpy=!6nS*ziH=EQPEFm zDhcinmO4B(O9btl@#Qf{a5eWcaX+?s_rb(?X&#aq?yF-N?Um8wKNIW;)}wLTSbc+% z@b~Rjb!E}!AloqV^{p4N^4B*!bk};zGG*2gRz19J(bve;tCw{8nb*y$Gm#C}$Nr}Q zpA?)zGB0>&>IHwFU3n6|?Kvk>WDhtEuo)ydzwETsh3$W`nok0=_2ijqO7ir$_n)Od zzv*AX0+ln}f@AkZkses>3vZGRcq8oGV1uFz$g}m(4qc9DUCGwIKd1b_Mo#pIm0B*d zy2YPe#>ns=(d3HFr|16o;GwIH=}g3JIIg4s{;sw&rm6Op2fT!%#~sNnkA+VAa?Ct3 zOrMgNjfH#c(T!dLjZzdZEtfzlfg?z_sK^(JP_$xD&PK>eU+2qsHapAwpezhAl=5-v z@)LPPtG%QhI=M#wm6-MI=W5A?b={B#PlkawWG;dKI`J|HcT+f@dH{I4Z;|RStg`6Z zrY$3?vqw#LXKOESPVV93NdCi5K2-Ev+}}LT2j(9!=!Ye;9@mTO`U%^9LEH|*X8}JW z`J5G8t@OPxeRue)MLV4wFoR_{QyU>9e&a|uLS_uCy>*(+5$D_kjCw=5lxXv)40?kX z(;})j!X4|$+wZZWI*vys^q*aK%=sMGZzbfq1a)8jCN5>M=m(}L{G?vPk%cBr`z3UG z7In~ZE6n7}1z2*KLzW6o3;PqdEb&F-9a`N?o8;zwu=1EIs;Zcmr)Hqp zqR5#Sy~M;hnot=e@y?_If(kaB;UW%DJqn!P6~<mIJY9=cc} zPr)^(k3-q$u5U6Sdza=Q6t)juIWJgSHZy86?37#7a+5mKJh5Fcv%IK>tijWvQm8gd6R=a#}^ z?I&G$2iJhFUo5=2O|e9^yS=-t$LiB+Hh?4MbQV#hcc~k8*%o-ThWDpe`dZ-lYvYEK zOeqYR$(Ew9Aw0{p#!yHHaB$}|dn{FYkVuhRBq*zId#osuPQbZX$*R~*)sw$Tj-xe0 zx7{S7sa6ph#+!GXEejpP#M@R=j*5#`8s;hDm2zjj#t|ENdo9c*+#0^d+B_;S9*uVl zbOdi7Phwmm#Txdu!aIkVxLDemM0Y%9+6-;bko1%SF)dN-zRWo{i>Er{A}QYT$@#Er zXHua}a1;h@{mmY3=FsTzrM14Ubo;Nks>>1AP9w?v^*xXMu#A3|%=7&7JcOP*cxkYn z2zoi>q0Vf<&qBLjtLtTYXrrRS)S`eaIDdX8cRGiY*}OJ-z1aAiG<5mwd8^Oie%yR& zs}IGc@cqI1NEznWaDS$T881FeJspwrIPD^}85*K)<(;4oqA(bZ6kz;OdO+3*Kc;zk zOHZ*SkrU`nEowwd8jq>8ESfQeIU2$Xl=B*1z!B`R6~9ZS2~yc~{HVv{zMOe$NUG~t zyr1CGr|50&HVcvEB1Nl}Co|eSC=R+net48#T8|4ni}u>b;Ve{JxuJhqqlXAgd8@Mre|@cD^qi7;#A8q3+eM{C{Zn!ty_ zfIL>?zDzVUcQ`OgD4do;&LYn4K@;tpaQcn@e)UVlIYla;w0 z>kw3(nMn(`n}hc@#U*M>A|EA1AJasRD@G&o>ALAPn8{n(8*HU4L; z`$Gnrtfj;2aW>smJMlN5lbKDn)>Au<*z*+oI|tQ^)dioAn~>bJoX z8!q`7MnGw3L(07(zIEJG#ejjGcC+h(FRf_7V*_iAtO1g7pG zE!PekMD?4dd4ByY985Yr&HbunWk-lpvt~W65Z>BWSl<1qR*>A(X ziDTf+yI^I;YG0xMyf`K&-A3u(fKKR}>t0Tv`p`SJol9jgYhLhJOFOeI17PGiG~)c> z=ZN`W$9hHbe2~Iyg8u84Z%etddcd-!bk%G6tjsh0Y~uZkKmS=mUP}P*=Y7p+ zugCxY|8<{NEj0&~Zu`GPNdTOY`wPfL_@5ur-2cs&_&@SjUFcQQOu>eCVQP(~i!;QFC;V|6siF z0zjB)+}h&_jQtByq_RGhaBnh~d9?gX{`>TazPE>>07o%3^XtTd9rW=;-JR!e(=ttb zVb11*gAO2x*Dk5Bm^3+Kquc6Bg-X9boUn|4gCL8`9*g=YQ4ZWw#%;CZ#`dRDwDm-V zE8iyG|LeY;_ja7IOwF9Y%1H>}Zs7X`Q&oT?81?VL4_{yV2B@pz(Vtc{U9H5G>DSwO z&nyF>8~{3{+dR5pDjOSM@fOHlvK!+WN`NbpzNCRmeVma zu`+AGTjTk#`_wph|1Ngy2&)$CfE)uT_4b7h&`^D{Y$)R?x+viZ#ZeQtnaHXe6p(e6 z6d4FGAUOw;Yco%aimMQCfj)KH>7_!r!z`bm+sx;?ChHSQQ)d0DZq9a-1Rxc7($((z zgvTL%(EiK-+q@fMzyB<^6Gx z=fTa%focKD~BE%&%~M-=_3(j#{syARpbf z!V})1>N_(>)@D@B@1DBwe6@d<&F|r|#t9l;O*GJIO5}p_5JjMgcvLJj$G#)@|&iY(2=De%g8D;&8YI>bB+YwR;ovYNs2j zf=4}<6z#7Jr97p13gnkw9BFv1+eCl&vKmjq_ykC(&T zv@5=>72c8oGW98YH{Gfm%+ryWu}+R%IqE4~{=UAvCMpz0T_#FXA!f&Xb7jQZgNRBz z9_LM8OM)|BA$fERUIYKy;0!p7&FhBZ zq~Uq-*A@)L4js#i7k%SmD*0m@H~N=>gq}w-Ct$=4RLTkLNLE+{)8=Hk8keB0XkYaM zC3kgCS+Z$Y&~KiK(xq>7FRHLH)2_#_sO+=+-yI~NE3LcfC`8-JrS#Ql>`_tvilTIF zQGMJRDNa0P5r%TMIUH{=({5cMeJc(Ex+tQHgZLJoYdt6MIgD*d<49F~x3g_`>UMqH zmr_;7h3V-O>qC`bb$1y}^{CXRe($#Ng4RFV90gF}J;`O|lGtyT5c8`ZGcp_Se_QPb zATyU(5OxpIjYcCk0s z7r@W}A7!5t{K|alH?ckPbB*Rsgt3VY6ukL<*fmfVQ+yZ-da~t0oPh_$>0$d%TY=oG zMG_bcZWvH-5m-;5$HMV+)^&|JJW{3fnv3w7_ zztMZKvhjQhE`VC~CV#{v^0N^p{%Cw#xM!8_)jmeDMpR+LMN<=R4LBsqEq}Gs!`8%u z?F!X7S*#L{x?l9+VWpcbl|`Lr~mqYLiLwF_>AoV7al+Wvqn~R@L12R^qQ8Im)A7~KC!Y# z&(AF>>9y3|9LWzm-5y0=oo@mJ9ha~SbhIph9r=%Msnja{Fdk|sk83?&-IdsMg>)rt z_L}86cgioY(kLyiINQg{7f0nZT|r9c8b^7WZpPO7Q_D-kCV||4n)_gQP9s_#)@kU7 zhAkbbG$4{kPN=za0irTf^Bs^NKC~0d6`%u!iFxt(LC`~2SHyJg3#+983d>G*^Gvf~ z@yfSPOrSwKiutwjlL^{i6Ik#LY1i&={`3ov)xax&zgW|=+%2IhKD{rlx^L#~F%q`2pcYK?siHy6*!!w;iIlg1Rl{LcL-+tYMz1K8}m+?nPh-SssTWgr){#{ZGQuQsHN5GYD$vyeZVI@l1uvhz!oLwhgN~o z+oAcX4nGR2qr?IVDl_fjSgs5cTC8tpLoa%KPg8j=sk+gQvdPr`5IuF#s+BC}S_y!l zYv;b-!rKLQHK0nhk?Q4TIVSDcUo~aGJ5xSQe-%B`B(ObFX9WP=8Qu>XU@#saD4?h> zrw)`&%{Im~M4qnfV{TV_{WB7;JT~yY));7Q`oCJ0HdelkjZf;xhuoeB&14$pS7cNF z?;fV9{GW%1$t?u>Km=&J*+V@KEbO;O8yr7~5HW?Oh-I^eO)v)hYpIp9B+yF$pIK0( z7DVm}jAjX|yv_SwstppO!}wO4`@h^9FLvYmUyZB$*SOrz1Jw`Fs{iXAA*D#byrCDk zFC)HJOC4Afv(kW~m7MuTLnr<+-+P~xuKzz+KsE=*R5wGBf+x>YdEFHLgWRCq@3;Vq z`4xjNQE&6Y+1h`>M@p8`U$Qsozn-?$%p0xixdZ3VMp94y^K0y#nNkE<|L~#6b%^W@ zq+2l=pkV)7#3=%R>~90uqnYRRg&7Wkhy*wIIx}iS17HUK$9ILGOTaEPUk-TSF|~xbVfvR3M1z+ z^w+yPg|5Crfv^ggL|lsJyt}Df^-TFZFM`XCyVpmn6@m2ZFvDri%&Ab1+iA0%_)*0u zN_Yl=idoCP>(EVq{zWNPc42Q6hG#eIkaQI9`vJ1^(|5*p))*z0rA#yuybZK%cyDY-BSC#RE@ z@ODDkh#2IXU{GBQeZA#je)+F(V}K(j!SpPz;&D8I>LE=c<$~*RL^JESsNA8Vxw94Na((dh{0b7;9BGH+BU;$Oj;CAy>G&6bOqxny1R3RAbP`r+Q$a>;XaE{TnI1XRvFagBE{}3d;O#t>$POkpLXGRL>(F!~pH?>?9UoIr3R&KRN+u8a|Q!(=89dZYS_!Zuvp-JNbO%f2j>XH|!$_q86 zZxT`*eH0Ou-}f|O>gloh9|oM;3^u))La-XhKj5(%D=2L<>DltKuEooa*L&KD-oEVo ztV!TUXuAxpQCPGzrr%UZmf($@M$*nD&J$5Z8=rKi0<9$md6PbkAD8n}W1w|0@6>l- z1y=g31XcDD0>g`zHfL#By36N=O=*N)Bnp(qiZxcd#)|U{8g>WD_BZJ+-1bh^r%hqT z-VRGz0b-NN#qeTRE_@(mkG-og%p0Ggwye7&UL%FF+y5+Z%sKZU6yB|ZW=b?%U{rco z-KUv0gqo->m3@|7P(IKTEqM?;S-OHM4gSmh{5D~-)TZSWy(S8Z;2Qd*vh9AqC~+rT8@ z{)4i#I-XnM=I$aoMl{prGT<{JL;d4`iy_XAX$^Tr5G!4$GJTIrXV-eaD^Gp?q^u|9 zTnTAvCmT8`izsq|#`@7yHX7?VqB{_#$xD*gorav*&qb^f+?l)9@dmq>`EJvdEw;V& zh0D3pe8JEhROaQZ+Hj3@uDg*g9dYbvZRS8?TKvBEcB(hTQ9r|arPNuH&ATgWiT~v; zhRYk;`BWv7%OewheZQl;n*xP*^cCYMZUtebQ;H$C2fqU!lc05W#<4N>{F37cMNlQc zc=C?2pQN$c4PV%nG>ph*u>*6l40^Dd6BwD1dDwmez{#N@2VVoKu9i4*_WcKf1AqN) z3zD15&93+w7eS&XS3?`jl?jG^bxx^U5=Wl?g`Z108T;?gF%-7;ELdt?)lF7&l{#j-{ zI5nLA^fl%}=Fs!e?WKhm!cZ48ltS&Ng_!7QRpo0J$)$(8Y#C`pyXUoR_e=EkvLQj_ z%?vMH6v{w40@f)Ciep_(G(KYd?V@X=z^6>Y=CJtHYjBBvh z6_U6w5rs^ow;h)i08fq|Eid?fIEBzgaYvmkgj#et@->nuM0Y8E+wiD#9PicZn~(`v z5u$$uKzz@Y-wJ$n1!I&L=4a6N{AwvOka&yvvAQiAltv&zeaUq?)ZvNFrZe)M#@IiHlhfbs2wzmyK>YNidMWBBnFi+D1yC>FtgzXto zMkz;7q+9Q1A<7F9tjt}h6I#s2t$y+X5H^EE0~ruLCdzHCz13BJmv+j=LjAGimzxeN zo?5Js&UbJXpcHGqK)%mVlyhSS>r8^Z{Xs9IiQN;ZsUj?VAyn`Df^gYY=z_2vefD z?|`^+DXHgx)HcujIN#SmsRRjmJTtBiui=}O7xKdDxio)L%T-<^rZ7*(J|!sV9-Lh# znAd2bVd?-fiwv%~b~5Ec%HFG#$ZdPOQ_YYFM`Dl0(q?piK#i<(I$s=YDBpgzz=l6Q zdC|4(wOT@as~(Yiu|D-9BP{z38Dm%|gN;@7xyrR*VeC%bc*>a47*Ei?Un@pG_u9~* zSjVTHPrHMjeyx}uoferzHX2dBLt#vfK9UaDGSs_fb)tVH>GGCP2>Wonh+TV`ME_;; z3taQRKILy)cbr7r!4sVtEmF4bULG`e;txrGOBLzV1{(6;QYfcOaLj|3PMwKabm*9s z+yV3Tb;-MUVykYJ6=cwvIklY+)Euo{imHnA9+Mfqi{nHS1ojwjGk@o z6m2l8RAhW!%=%Hv`O176A`00zxY4eF38%=7pgyw&vS&ilbq|aCa?IYF8LK_eFws8m zXdso*u9$b?>nlA6HWOmg+Q?YiD^EwPkOX@YA*#bEWdhmE1jDyFEkRRqiJl&>i_H?r z*9e}>L?YCChE`VL{d(Tf@=`omVzZXWj#j@u3_*SAiy{Z8dk-(A#6kj$%i9sonpSLQ zk(ovW8L>pxAtv44@*nVqCY|*QP;NQdu<{ps*?HcPik?~B6+1kCl>RLEoaeJpAmQ`u z6_41D$Z^UDXGqCw1((D%h(UmRk6UIrB;QcrRv0T}@hpqb{L1?m!tcs9%L(uYd<$mu zr{>RlWKi)b5jXnqldL%nZ9u1-?C0Td4armY!Cv#V4=-?6EYXTNNcQK`@($6D_#1B5 z&XCvDOWTtkqqQqPXSBhdx=F^+I8Te_y6d6nQPfDa;1&VY@p&w5PoB}xER^V-kuLnX zQtijEhxQvdCumYB`BKkWy=!RrJrhOSrqi)$uK?E{TSwF5Z3UTs;Zj z@$w7AzhUH-UsoXkdNAW&tquo^4JPSU!xbFLAB$PN{A}>zFr&7|7oj}czM3ttn2Utb z&=EU@hE%ehA7)5rbt|fL$$IP-E_DZ3x98WD%m2;c+Elr7|MSkm=Y?WB>=PDSmxfgO zW3}pXVM4F>PdvNum^Gxfx(o!$})s?uLT1D@z(dL3Wv&-$wJL`@oxV80Zu0Qln zvhk)bhI4mQC&5?pYfNAZsnbeXhdlvu-wCIB<-@E+-Z{SA?68r^ zeo=KHO#%T=_F`Giyl3M;ZK*-7B;6?V#v9rfyGpv8-GGe-4inb{cToXUCKpx0fB zw&s`R{5{d}asnG3h08M6{?b`Sei>Hs4@vVCQKsV*Vsku1df=%Uugo*()t&?sOrtGymG2l3>6Ih#G% zbUhgx*k)1vojmRf!q8M}`OKgy!Tc4=AUMhXry8v?@u>A7p?(H^g-c~5-Q(Ck?4+35 zHS2iBB!O?;lL_)<(Sn!4AcaXDdVB)Ap8+oP2G1G)POr(fQnBb@!Nk-}1qDt045t@z zY)-r;Qf4CgSZRp`3PR=vvNPlYCIGEt-UZJZJ(qDcm}x(`;99cLPC=?|bx$0floOG< zxR;(YTYc>>v!e^r4b9>_mFkS=TQ3$reRNNgzn)^sHb^hu!{4HHIJD_?6-u&pA)@F= z_?@(Jz3A1o2{+f4J&gebQk&Z5zbxpsT3T7{R!LFS<;y0`_yaD_WTU8v3=6Q;((Pe4 zRXso8$t{X`yX#M=P|2#-^l8wU67nUxXybL!qY4n;TPpIIT^S6`^0x~s3AhK;J>Qn{ zdecR^8xB(5d8ifYO&OkxT-C zcP8bpbIBuA#_*jlQ(#P&-mzxRzJ@s$<1&d8k#&!2CA_@+%BL%b6Xb2^U)tQPu}n-Q z-@I~_kO2p!9zy4bvjEqY1~Nw?x;fHQlk86a;Gol(&#%qU zQ#Ee95j^cA+!d#~_-3Pt5cy%WU*^`w-_5cgL6>1ns^?sl?)@uux4fdf#(pu!JaPbt z2$zt>FsH?7*LwZMuE?>__UzCY<{bAL zmhY||{eot%;>Sj=1PPO#7d%UPzLr@2(rKfl%+D~5e9@t2Z*00rMRsHURYnwob>2ik zw~4Gtmo8v;n1_iW=TP%R8?IosUbkahzpXp>XS67dl{&o71yymFYRbSjwnZn%~ZtvwoBx>SJW&r`BlV zv(Zn7B&HJTYjWGY?h|ulSd+z!vDFm|HawZzhSsxriySZGP0zabvA7O2u1iLNq4^DW zz?iXF*N?vB$h2-fjDRAElk_Qt8HIqsZO-sDZ$<5TgoXRNcrG~PH8J<~I6JPe;7L>T zhmm8DN(eYk?)hU-{3hviJ14hyRIKh|cr2v5lg%z%RRwfx)f5ZP9?p10rt4?tx?*BZ z4-SQ{uw@3kPY#kxU$YC7kj5MYY?Fm2h+C6_bCA^O)x&QpmF8WR9$Twg6U`cU9;la* zRoH``ap^v57Uhhj@Ed2rWB=T8k0f%`aYqy~JxZvmTgw$-LfOm!dT>{lgSk?sad><` zZ=KiEd6>__mPD`H@T}Jd(uZ>=hPPYy!Bo%O`rz9Gh^Ys*!fkBcx7Y}Z^m`->77AIeD+8(l&R`6Bno2Kb{_N^XZ<>WCAq^TU$ky zs)Cm)7y6XEkx~(cey~@R5<)47580{P@#-)q}vUCdmG*gMFYk(gtb2H_MNtJXjhlCVOxDD&uZl)Q0w_0Y~9n zbD=4<>sjzI?sR|1-Q}Rqm$ZgkE(fZBnx$K!S$OuB2VoYUr*!yZFePN`ka0iKJbON6 z#tJLXc}Q1DhfsV<)N)q%e7@(15ZY_J^TqBf1lyv4o@(v}zxmAITSFmH$K*SUV;LJ> z@UYW(ud`${>|lIe<6xf!&uHR@OmgcHBn7PR@m^%=2$N(#Geju!ZEz3&<3}e$!5^LF zRgC;Q-&lI!ELIoRdZ2)eF}GB^aW^FaK%3;crkbB^>DF>K2JavC$@Jgc9Q?6~8!DD3 zGhB+RJg7%J&+N?>A`3J~O92!&rX8czHH^9=;x3W42nz4pTTVNk)G7f1?KQTfjSaOU z&vt#?{Yd0~^rgeHdBSQn|8A3u$zlE0%Shi(k3* z`b8~dn*KM9XXh+zBBaX7{2#mHS0@rQwTK(p!MHS%YNRz?{-Y@vmBO~@3Z^?BZDj)K z--oqTky{eeM(9QaR|Y!@NUm#kMoH#NWJ%FC1w8xpv(f?cc$a=#EorN>wg~g=+>Dhp z(zlC?oA1fQxbL#t)mcaP;n2?c;_9L=n`z6pJ&HHc`kMaS&F39oxWE?!tay%u&khdT zDl?Sr$F=lnZdzR5&tD&TXm^%2c%kEtSK=U^%5o!F%nb~y$ax*p_47`!>^3@h<>g<4QEZ- zda7B-dA7K(s=xSoO(gk`r1?0jN@de4Ig&WONi>ZJ!KR>R9m$dBx%rA7$YIWt0s^AV zdImNp;gL2!uxu6I57lwT7;?$h`SgjQeWdk>?n})v}(GQm`LttZT%IUQ|BpFSn zXJ+pFHV=0=+tF$iz0tpGFPpA0$#6GXll$X=+)5v7aL~{t8~0qeSiBc;Rs|;y9Dn_mMy`S9NPHrqdgq z?%RER$fV%S`lN>x16L>!_Gp-6Vd{)*&CvY2dR(V16qtJt!=75!X=}5q{V0m89b$|t z3c=+65H z%hA!vM&mU{=?>&mYA_Eh?eyw$=_~m|*iT2!sfVS8jMb)Z4nqu$7*=VxhD-d;rr7!w z#m1MQtu4QSH^lk8#jpK^zlkFDukn6?xsPI~Nxp6~CpPnUe;$I-ojH6c(T^#OPu2q* zo;5zK1dc{oqfI@$<#kw%FSg|KH)dO?_I59yeistUcbWW7!S))#g*_U`7W$7a%2ld;yWID*6oVrbCqd z>=tDULe!H|Hh&fRg}a9lK~%G42YH>TDKz*)&*N}@Nq^&G)yeLQVCy*$r5QGJAbZG} zFb;s(tLYBx=f&pE1ap4 zYpndCYoi=PX3yvHvUQ&Kr9_~R`M3*;R-V=iOHz*JVQq}d}tN_##&x4M0$x+ zhnd}q%l`B%Q0JSdkeK-5WVZ14CKvH9gL?-S6s%orWYLIhcuI#jaOr5u9*~IP)ez*Czh+fFivQ;*(N#J zwMwtY2XyJ$8x9GL=fyoSVz3QRuDdJVUhS;@f7CFvq$vd4f5OZH{AqHe2EmRx`qAzZ z6Gkrm+41EUhJ$iMFQ0Ddw!Hb>%a}`#e>Z8}u#BmPD4l_Junw2gf{Xb$`$ z(110c)2g(D&z|!Mwzqa<*{tUa((O&;JMJQPiR9iCXATW2nQh)LyA*D3Av=$EzB(`t z_?+T!0{I&j8;{vzQSrm{==8Z=54~^*(`6@>05B`I^n37{3d{$|032v4KFJI2pGM`W;o))2r90#&%5bRM6q|YNVS?5dZsK|kblc`S zDHoRWUOa-zWqP-vdye7oe!2aQZa!MT>`JVh zfqp)mD|NVG6lFA7q34)+b^Y~tzO6Ha5TES%YxIhIS)X>{^LeHyROn!5wjaiDwMo$| zR8bRH$uxf&RuG}uY`rabL}t&P#U2lihpi@jA1(_@8o-M>OAo{Ss9wsmC3n|+Ogl?{ z`szDeyXIS$Zq^&>9EL_Xqdl@*So3Fz9#E75BVpyqlSgu#PyVhN@#s7!Cki&R&GZ)p za=|Brx_;q#%gRk*wj39o5f@f=?MZg>#Jtm~7W3H$>1a{0N00D_IXhh?cY$5bNJd^_ zX9G+6cb|j+Gd;e^yX|c3-B|}6)p)GRsp_i)NLQkR#OqBE1++UlYkyvOK0>zx@|teFO8RFyHm*Vb}{XR_m? z&iCsRH1*KEJUv%R0=be@A6HaXs`I_xiiuWR_|MAIrOR;UH`j$R|7&f^gmYfeOWBg~ zW0Biq%8eWHnG2Vy1ntY+DIfeD;>fl|LZCBQl`@`xw1w*LrPBuFUsb>2`hjyWb{Twz zBvHh>=5_sb7w{*CXm)H>=4%={^ZIx6vY7zjZ=UW0t230nn^TuwuH+kRHta;&Da#=M}ir;=btP8sl8(uR{ zfB#fVUiDa|O0nGcRmyMlXzkWmqF16gXJVwQ37;a>Pd0P71N9_Af~I0SK4*b&L=#*V zi2mY1H$<}yAA~s&R8a8~AYrz3y9tWNf4^80xkx)RM)ew+$GS@}5s(lOO@VsN0FKI3 zg8|$I>b*#&`E2wPe?}{|VCQ392cHrv^CLUryuFMPau^#w7aUt;o!_!ynBLWxLCeHE~dO=sMVy%6X|oZ z^VPFTh@8!<7SoPdJ3Oumi!U|#JG!h-x7+Y`wCWc<>M#S#hhEFE!JiAa;qR-Q zx^Wu`4Ag`U$5e?!HPnUy-M?9{Nj(@ml;7v}m22?21tu_zlHUbu$u($XTuD|ms3ST2 zcB+D@2r8t_%@-+r8NAm1F3#KioMahNUp8#_6nIlZul9?~F!|_py+-vbn)H@tUW!8Xd|0#$`yS=b}(#c;}*k=Oq|2Fl=K9G2J)?j>Nb8j+eDbx6P<&qb_~hP47U?m8jfMe z=(KoarUyd8!W@UcULM|JQ2i~`_vzx5P5kQyJs5tO@8j=|1O3c_ejK782Z7FdGPyqY`czF1XnFr>Ev;dqtkZ(Rmi(`Rz~94SNL&#D_BF2Ahqbq(^vDe_@ndLy2*=TLG&p$hXEr7vf6R31BT4!80xMi1tq zL?@(Ma$qW>q{@#la62=7n7aWC4j4=-T~5PW0RaK0>jDE0NjfO>3E$S!JOZr0kEQQA zHcB{B)68CkTiU{ZIL94cu|rKrzBv+FKG^LCUO6erX`gR#JrhqT}qhuj%d*ZA*T zymjUFn$=JuPy6BR(eZ8*ux@ts3X*yak_XAZo;C))0Lj{TgxA!p{>1;Ib4_@bF64I* zZR+lL^tk1C=k3Lg{@`+rMn<<#jF01y`$?#E(EAXXiv!d`rS&ooe>M~sLovOhuuuJO z=cVRwVTgl&8$IEvT@tZsYvSK3W>rFSa>YcA2rchb2Z_%UOaBnk}tN!>3^KZs3A65~T zj<>IUY_&HXYV?#N2{8J24LR|o>&IsNX2C2Ys|n0l#qiNTC3X6Av&dupWC3gHtJ)R? z?I-GwwO)-J{#hc@=}BmN^Wo7)Ld(r4vAdx=#8EmOZn8u(J8=)}<2dUdxXmq7uSgv& zXmxd$0U9ax6%}dn^lX)QT)Ak=-RAH5Zp3Vh5R!8F4^4rY;bJwyL4*NaSP<56e<%~( zYr%Td8Cr^828(ORF3r!jNy7Gsm}a@5o88Rgac?~*;XmM-~AYDUjt?z+Ry*$HTO=ZD=e z;Vh%>$Yj(R5(fW~O==S`^C#i&n}NFnKRkQ_0z;+;t(R*$WZT7frVqjvBcUMdT=o1x0-~J4CyuBJrfHh^pI5A$wW}4Ir?hZF8WxobC{%gR&_(}NvCp}_xjgPpNps01cPF6vHodPqCXoo zsKh2_x^nPX@ZZunz{0n4#T*0k($aKgKI7M#$`3dIs(<=7aPx zO*4_Ye*(RN4!YMU*h9}|>t&^M7odgKNR&c`BuIUnEycX6t@7{dM#t>fALtihsCC2j z7{V#<4L-xT(N4`Q+nL)q4_bc_-P(~^_vHO`d>>PUaZbJ8k%(L!g%@$0ri z)!X`G7-uSgbXWrtu3(XYcklX0h5d2_+K?ShIab~u@keT$OuUy{JCctt2>`Gz>cVIg zm*e&`b&1#G?+>r-MHq-fEM8QDU3z}^bZGcg{1O$tpendqcWSvlB;{nkK0(+2n-GQQ z)JM9tDRrxl-hY>52|@k_J5g97kx~7Ik7BU5pcai~BiB}LMi4}GYm=Vgdt7Y1W4Ez> zxA;kdfCDjOp_Ou9ULAi;7m!UE0g(=W#1neB{bNaNXQmmCgl>QTe&OM-^g*y-oNOXV zANa0zTa~kpNt)+txec3I`nlR5bDY)(V8UMzbH@|3C(|zEc`0jZ;jl=I4B|El{n0mt zG`YGDWaZYgl&u^Tqc$;5Ev%TzUxFgKrpQqkZ&FX|65d5_N2HjvMP zcMb5fTpKjYnz)ALq-c3YZvU^g-ZCn#ZRr{g!6o6~ZVl;RjRtpjcXtV{!6CRb8axDt zAdLri_u#ID~3XUIYee(9FpM#)^K z?I~g7nNFj6J80Ri{gjUzj>U?`>N|c_7>8;h+x2}U( zSmB5m zL6GJ&H|EnffRmp_)3=DhZQo^Ib`ecy(-r4^KYX(D!M2QVgE^}I-3Ib#7CZ7u+l!$8 z^Buvr8dnv@xP=Aov+B{>BLj>WF%UK1()H)tTLird2NSrF$O+D0C*y#X1iscx4eu%# z0ICLiQ@%On1;^UX=dK7|_3_og!##}a9aORt{f^`dI?*UU20iIEQ&nzsB2xt5Og&zU#b{K4hnai*(l!JfN^h1{uWL7Y@no<|8S ztc~HbeaasRh@Ji2A$NPtmA;RNoJT^8W7Ebnp9Ryr$IVCmHmOFv9{u^fMm&kc1sS+7 z*Pq(nI{IEizOWBxqs$@!KH+r)=Yq=P-F=i{bDMRqNS<^x9u)%}@m)eyGA*w=cD|`N zNF=JatOrDf9oY-{Pr5`}NYhTB7>UbpEb*E^$B^y|hrSZij;(>UB=n@zyM=e$gDy`{=&7nRPV7Q%M{j&Qhq-y zuXU$j`)>l}9s-;N!S`HWtLSl@-lePK?@6#FFyy8U!eqDzaHt8AvEJcxh=#`mR(Nr% zBT>&3g0=MpCSA@Al)WCJB0C7lbw1?r(!tFca!^sh@$m38Ud`!Qj3Q%KcwhgaJCVTG zUTyJ^0)R0Ub#Y@8cnVPTz< zHVYbrm$eP%K{uTe_9QxBHNKpy8NIb{$#|t1Al`z7D}u9}WZgXlv$uB(+W6?-Fql2K zZoPdX+oz+`LTH-W>Wwh@KTUJfDege87gyFX*^5?!Z6B^{GZA|W3#j-iU;PyKIln2n ze4Im_74Ac(gbjl#Lqd=Q+1Dwx5c)4K`?EMa zqf;o;fIq3Tj=IO89J6Iom2-|mN#KR`x=Rq#w%{+m=oQ4&MS1 znLzCl8*{KItG`nSW99d@OKfcMY^k~RY`=RtPRAvhxXEX=IHA~#_X^!#HDKF>AQqN? zfN?_I6S-nLDc9)e=!J+ky)s;zX9L;syI2{$?$7Tlq#n$5t~TYEQ*0w8b{Qt1_4l16 z2#m~`ieLGSVkSeS$HSx^u0O*lYH{yYz1ewwk?^<_;HGTX_1(N% zU7wxRaFDTB-|F*(Ip7)oSZNt$0hCg_Hiheh|xONOOJwBqYtk4 zCdCZ-I5;%2#6W_pEx;r+wuE<@UbHV1*O6mClv3fJVl$WPl2a}Ql)ecQcgQ;tzxMT; zX!Fw}d?Q)5>Lc9Wn@1q1w8jP(C*KU08wlsQRsFzHqvWwnlvf_f*>G`+T3~6FFLsz> zjUzfGyu)bFhUF8RDH`9ne&Mkag4`b$)G^-2pqJo@kF_LNzxtVkHs>K z1Som;y>I!RCk4ft(x?Wx$WGZxbZ!EHW;m?tsE%J7p^L zm_6Eb&Cxce;Le+ASP~HNbc`m~Xu+{$(qr;hA+SoBc-jK z7F{SYPgNZ$&P+i;;dU@1(~O~N80jkF5aKpgWzti?BH6Vn(+FZvb}c; zZy;2nh~x=3nzK(1K#!4(q2r3}+vH*1BIX-m*qnc(cLq$KM>)Oj?_|pS#ZaL_R6F%+ zN#H@nhQ(OBk~W%zSGXC{-}`=ZWM@)Ze!Tat0C)8MQje71PchapyJZUuz{{!C)zZDC zBeSSpjLWsk2oTvB813elsUT^>cYJu~TU6Chaa!4=qR&Typh?!!e0kraN{uxR5(WU2 z(G_=RxZq!CbKRAgQ$%R{C%-zVyHg~X#dlkJG*dvY`R&y0_Tp|!afx3seBnML`uyn%4qvt7jkQ z{+ZU~sn9=kX;igJ-~57Y4s{k&G;EK~6oHLRva@UT$F~#cg*piNl4Ab!r!XWZzcuYg z-&@<*L`4)4nOWDa6|Z0++}jPNOLXYW%&!QHo9|=QNCD>09H z{~-^F8W*#$<8vbgkap$ApK`2Q8!fDNOS#hHLw&H9C+v)Cimp94zxelHU6LD$6w{@a zaen%&9+DF#!>I98iF~=`x!dQTsf8A40t_C15?Je^!R-FtK1d+FhA%tdd=Up`0`d_~ z!O@Q&2T29sN>}vhXlHQ`ep-J$2H#IZr3hxj+r56)Hi}$kD@WR!1rOlGWM}s_h5#5f ze!z=>L(|o!6ALcTT47u;(f+x5fI>>vh8`S4#$bSy?e+Vk?`;?IT-0kcXJO{A-96p^ zkPw8|V_{7!dVN;N;3Rv&zba?$zwTD^9rwN6@a3uSG#{o`?X9tTmZI3`BQW~nMO;*- z*CN^O2DAO9*a^be6ry8dhbgX)aieeZ5`uXpGI2i903e)Vo|0c!a#07qed*}%kU8r{ zQy>MXMu$RA=14e&eX^*d?|dt}djNtmj+tdtxNzFHrenQ7O+GJ`L_vM%LS-8r9OG)&Gz;E&{#<$Y+wcrf;^43SqP{r zeks|#b4P~0nk_N{GG}y-%?Axd(^0TB#F9`$H_66Y)-0^W+OhOe-kh8-WHbqZPW8^` zHrH!ju&UNB)O0eSnWR=Z@;_<@y^3Q@{fA9VH)cRS^LCi$r1MK$9 z&7%h=abT-Lg}U#e*=#Y)-t*(L6$?;v6fFq1+&+WcNCj{8NXz8OrYr&C5n9}ZpSq~&$CbhJ1M5n0}K*D z3{+Ij)KiDmW|@ZG`-tG3q}TW=jDp5qn4dfKe zv@fiK@Azon+S;-&SbzuC$K^M0r0@D^kk$W&?D$9Wj38hO>zT~CQiCXe5pKQx!f(S1 z;T?+pfmX;#ZGEQ1LO_$T66iR!EQ!hmoWkX^J$;+6%MCH=YbDdfFA~@7 zEp5Vy&%`#94M(pa%8{;z!BHXfqCA>vfu;0+Ys5D6##p$v2dj<&-N$C{3p)#3Cx?v> z5F+Kh^JS3yC``Cz~Z)A9o9jm{Al4#`;W_9woTxz??Rd zIeDNZ<7cQ+jz-lLpVw-|ljr5p9g01EgvH5N83CMJ;6P0bd`y}!vd|57Eg~WZepN98 z_1S@}krgK%z%pDJ^*e;n@zX_92$2gtpZbN0PA1XCZNe%$`t2K5qfR;=#x!l-@$wR5 z3b9FqQAb!$Bdz;2AUxe){UEDznP2tTD$4fn560yGECCh#k!*;e1{8&Z7~f)tl8jJEd_ro3Jiy zMu)>-gAU}~+)Ya>hUrUPl;Cv@lkXZRg^0|wp2@B+R9F(Enmbiz} zF5TN7-QY6w=D(U~l2{nND`L~M&e7BZVH*_j=4trlm>`bOHDSX+2eHt*Bwg+#AT;*;#7#gU6VeA?-7^4!}9KRarG zI*$u@Y#jncjN}xNvvSMv^k5~SCkk>bcQUVEUC7nuLmrJM?LKFP5R_KxA~S&6p?8B0 z9aAnF&*banUb_w|sBpFc3}$nA8;bhTq{Q%d4DNc@r!rRIOghBG0?L%E3SLhrY8^X* zoz++HhlQu>PQ3-P=TA*@j+}jtbAJ zn^Bwcf25AXPVD{V(F__S1&oT|Re?v=D1Ecwr_t2LRu{ac+y{lQDpPWSv0>4m5(vGu z0&ycD$CTfCK}}~dtIUmv3oE0Bo-x+?tOJtLq-U5aK8^USvd2D~awHj}|srGy}Bb}x`AR*N}g%Kx)+7hEp7DFv&N^L*?xmsb_I_6$>E$IbWIaCQa7}o{x^8)$H(V{ zJu_T1_;1Mh#hY)iYE6xSBIAakNXEB|-x;1;F^j6dmRdaGqOB}2$$TC%JxgrVwtldq3To@N=YaKFb5gRNV7vu8eyIp5L9C`sC5@3~*g{k| zzLzgdVYrUZx$eomIjh7n0?ibWVM?c?la4HSX*9R7X-UeIJO`zT=}C!5z57&WiMHYp zC}Rd$hSr^)+j*3y-$ui&|16T%3m17C1yHsE zP-(cg{of?A70I^ixQ_TjZ0|4Q89+cwE>uVVGqPw&97CUN@)fTh={vd~;fRc3gG=>f zMOn|tzOF7JBX1Wf$*t{S7J8yXEs@uUpf69==T(j#Ne$~ou5=))z(I?UdeU99B)jWxTRh}vW5Vx~ zxtg~B{K5*l;E_uB5H|Y8m1!^{e7ojrIE$Jb})rx}>Qg2L6%Pn^irGfrtn_^K=Oe2coc3my3bp z-r1U%QuR3#`p6=C_-3l^4%kWu_TW+S%Bv0m76L1FOqquHf%`TMNW*+E9f<`-8EWSD z2)GY=#oRbZtk$aHu=BD6>2Q#9lsN--VL_UbrWU=e@h2A&^>oNYWI^86Cbp&t^jboa zMn#ONQjr;Mn?piJLPi8D?av6QGyee5L=|F+n&|reHBEuVubY@5(`4F(GXw3XfvxnKx#?5`dQe=!$L&amsfr~yYJqlytzc~R`SD62e) zZ-XujgX6@-X#?n5nBRk5mw8{x&=eF<%3Q9}fh;1<^%J7R^EeJ->iu;-;>~P*@htpt z)i#r;q9_wmQ|L;YK%)z)FrcmH$zxE&yW>tU?VU`_>kxu08OzF`s$!CghwC{8HlwMe znj8dSPa+j5W=36N+~W$PX|Y?j>h43!;^Y4z+OoOH5&$M8FicHNP1M=qKH9M&8yFZ^ zkokCY0I;+3D$%Xevv1SOty$bgZa8_;U6l1|GY6;rQuM{{_{h_rGDhbyF;#Pz?Z0FM z!r|qmA3EWMcqux*SPW!jk+1WY*P)S_Y|E%8LsCQ!hwZ8NzXd2ebdE&$fC(#c84(_B;^l9dRS zqOXkotdWs)!x(EZ>y=Vk=8zVa%fwiv%Jzfxa*}|l*QAb<0PnSLE9*n#gR@_UVNENW zwE4YdAMrk?wz6vU@e#Gt)@hduo>-KJM0P{;3J{v8=$Bm#eY9R?L%7KD7oUl&HP|r) z)`7L?`_|sx8Fy+blynk)+Q@LftvFp3T1c~{wpgDuxT?hSn{X@+<0IZiR0wloBk1aW zu9ahwbw|+c&HW5w6sF|BXJI$(x*#)S);F(p)ZUPOAVdnT!+hLMeA%3&Q!{U88yt=@ z)qxm2hp%9wp>@Yo1yAPtV0wCc4YR_<;Gm(SIiF65*sV6dA>vH1n<|K8`;^k)G3(kk zjt}WhR1$o5K@)Mb&|VJoSXv4Ke9}kL1N0P| z%5+Y(jKymF3y#h#c!{y4jV)EqM5P*{g;je`iK=eO3j$s#Ix*U~r03+yg0<4x+bmFLG)O(~+ZbKOlDeXosj7h*;G_9TB_Lc{yM|bIHiZ=kWrtZ={vw@u zr~&4l++jDd-M3Wm6W|ZpDO!k-f-3VJUEjN1n{Nv8Vc8AuMPEPlX^XsHHWqPa-Be>! zrUx6jr<&33L6kX|^Us0p)Qk8rAea$}FGIh85#?W{y`|CJJ4z zx^?2O=2`$wyOQ7?#nkk)eIcG0tWoH08z+s^-6oWQl-K347nR7ky*5cOGhSq!?$*bk z2jIDUVEu#KVjg%tdA;k*bQs|#hH|k_3sH(Ka1c|J3Ddt)fRw*wWJ!;iqGy<(MmU1^ zmhCF_Q&zfd)I65`g`(3m@idoh5EV?9QShLd`Wyc2^7G9`9-W?Z1ad)i(3It0rYNc6 zqIYg)Jl@>rDpnu_Vr()J)NGhOxyWY6F)S+Eu_NY6V!=CR$rsIZUIFO}HhHQAL76`Zd1# z2MAktPIZ5~3;Thws-7{fjKXhif(>rChHOclCUx;V*Cg*bbN6(O1D(+2r5xVZDM6~K ze<_z0h>W@kRWmtK=AI0#PnSJ=bM4;qe5pzF{cphHAz{YLxn{Q(Pnvdop13kZ=`~)7 z^780}fH29q3T(uVkzijIq%KkQxi9{6GOssCy$QEIudJw$Uq?YjE~kLt2x_P#t>wJT zDkVpcc(Ad@YhEH@iubN&Aul0Jk+dL7>HT$yeiMa3@EAMtZ4YpAe-BLKICTG;l%zXO zH*>rtUBF~!W^OVv*xcMan_mww8A*Y#RcgCpnRDQglZWMsg`2J{II{)t;Ns%uSdAP0 z6>{7d`R(Afo=L7s6#=wNldpua!3JMP1FDWb0%WWnbTPrOj5)Pt0;YwtAY7Cg8r`Pw z95ZD{I^DXnlh=;(2YxDYP$o0h^Q%Q^NJQ$qKteTgWK+=&>;1jsZ=xtGf8q#QfnTnCWngnIwqTtc_JkHbCG$n;#^X#5KM2)rihoP_{`2M$;t_lNr8y z3_V$GUS^3p(#K>Ath#+8pHk|73=Zn0)Trqha}|sWTY_alz|86T7GGC?;e*li|)z3i{S9YR#dGaCe(y5Bq1ISDLk@6!1`z zSXIV2RirB35bTVV*%_{R(!x}?75eyJeL(6F&;NAEe(Sa&ntn20Nm1{x$oShnYE+l~ z&j4~NU%gWZJ{%F78{wyuHOLL!C;V~;?Rmf`SQIb@x|p09?cXa}9rwg!W+y$EXP(c6 zA;%l0y<*N3`sx!Z0{bLVQcZ~DTJmRQa7PyAoS=vOc2IR>X;MeHni&Hu5Jkt*N@dhc zIn_i%S-j7$k{yCvv*um%!e4uR0y?q9#FQpNeBc~$sFZgf`Z-c*dTNnUp+XNGvynig zo^jC-wV?y^(jOG(;3Qi7kfoM@sZL_bvX0~hsp!!&g3+{NRagkQLiW& zv8CQVCeazy^DHI}IS90kaxHYy1FtIy*StMU!yjfsjA-x`v-6a*Awnh~@Y~)rO=g+);C<;}8Z*QQs0c{djX8f@ z6vcuhs@}+r=7$g{(}gGHSr2HI+rE>&_{q0=(8#L2%0YWs+#bp$^hlknbSNJhQ6wZ0@l>dJo-Qt z3zx?4Uy4`04qhpF#YSZf=t`AHjaSm_e3PpbDf#m#7pGFwA*JEYAnW$l_3GErMr`VF z6W;i`b0TgfZ%9MZCZ3A2HU_3g=51M;GaD0DOI&vEnXB`8Uvga0dmuhxX|?ijK90Hl zl^wS+nbF@lO=T#nAfXXfg7&qsc{bRyk7ew0%PKT5FAr4oQ1N{?cUQG4V68a>QbqVZ z5)dM!yl&Eg2%XW@e|uTA)Q~tywZZ)QIl&Weu?+M0@DA;(mnP{+(BEh));?v`F#RAt zQw$wu#H#}q>5tNRA%(=q;NGDWyyIw@wW*;70fMXj#%2&);?)~YanN^-)s@dzk} z|2o9YV3{1=m_n=nMbRBscU<~{EiL- z+m)Dswy}m}$=c_nGR6XnT@alB&i*2g^?VJYl>w z*r#q8C{Z56Sa~pV9|WmN3$wib#*-%C6Fb^qGmDLkN&30c@d_VQis{m~TPro5B`qzT z^uTV_9+qC&2EK4dMF*(vy~XmKpusEp`^$y}&trllLUfBxJK`im)DKuRCS3-Hp|;Db zfh4>u@5`&{gMl+t)a&1sDILVdu@%L#V!{g;Mqo_5B}x2TSe+znixpsNor`nSuQsYI ztL~sYIUEuh?!1@CwL!Fkzk2LT2qw@G$x$ZXR2SN2KGwUO*XY9Ve;lyZ}o!(d!h%oudps$@a z(N<3911B7Gt^y4->iQAOEzFeWMEi|dH&0TdSI+_?>2cU=Pj`wi&IZ9i z>`AVvS%@Y32V#Q8#=Y&DNu)ONtSrOLG*qPg#`-2xs;J@eacO&Hh}O#_pl(T*H$5$C zK-JyJ)+6HJDdKXO^%1xI z(JZ-jeyYLH0`8DLgt4l|F%3mck$kajNfwT4QnK;xDj>)CfbtjC zYVn}JB_J5_t8oA^ytfK0>lu`dro8C_aI-wIhl8K+l?eF%?ok6cIVz@Ig!+M((EO6+ z1f6dnM7l#7Bl|jIDl>alOUfHzw6Bn@+6amof7DA93H4J-3=EQRmi5?r22D)zcs8`; zI-O5G7WAOZl*5L6HYzEL$?iP1h_z8l|CLt+Z}i6~Is-BL*7+F#V!JNpHl2(L}lq+-e|$KNI}-Ji;?HXC@mcZF2zu!`id;>E!0en5Hh zPJ-SWH$&S(g2+baK~t8M)vC(lgghiX-0WAUe@*k12QADN@}ooXXyf)}=VX`P0ac!8 z2UQ!h^;yu3Nw=|O-)1$YaznYxoGq_d9WzrCN&y%$eeN^65x+jR7r>YTB0+4V!Yp z-j6%K)L^sHP>4;#rRwMNfw=5fZ#pgu3;*WvOAU_i4{ZyzbL*Qaqpl^H;ANXagC?Md zlP97B`@C-7zUval=#o=!pBTPLdU^lOYewx<jF+b?!5Z_Yn0hg6XMqgICM|#zD+CRKYxm4Ndv6zw(WQ7exmqWYDJ1Y%~yv&TZ6+N zmbqG$S@mtrp}-j!W|D?f*sK{0UVl2lpjf za%JTIIZrqpL6#P3ggYY7L>!-Jk63(!KaZsdsi;L+`fTh5bQmF(9TtJTUB#MU#K;b~ zYa^|C+RewrBHVjlQ53qECn;hA$Iq{ykdhL{ZZ#fNZ;ERXO8CL)A2v3&D#sVW+lL40 zS_$;V=4O-icE8*GqU_T_>bM-+`HItvo1QT;zJ!GIz~TxOS|%n@adEwGLIH}SlkzUh z9Q0^pd~W}!vFlzH5&C>ONrqF;Zpt25(!L3Z_UH8!kphis3HpS{x*n1J)8D z@Mi5~8G|c7=eiGLojSO`;|PrUtFU^U2FMyH!M|x@NqNxf zmNW#z#XtnG(4=K$yGNKi7!fPeD}Rcsx?q3hunoJ| zHQU(PiAAJf{#;oZ=hjn-`ZEJ@(IuMQx#`JFE#$$lKOwq|k@5bwURsP~Mlv2`iK^Lm zm@ncMe^O{f+-tHy&2Vcoi0)=RTsR=szK>hT{OGbPoC4r|cD(2Ys^m*9ULRz0*v=V` zE;!c<{K|g0MPBncF<3TS?O_V}+YTeR8^}5o2FIBjdzS{uzd(M{!}K!y#ml>2fB8h) z9|?Y79IJeO)%-1Hg3}hMW6)W8EF#=W_@7q3%b>Lp0ue!n2%%Q;4SPP(qjfA?5!*f^ zhDp{M>Snj&5VayD)1Lk-X*s2yg#3ZiU5bF=*+6TJtiM1q`1#`Z&z=Y@Y8JD841L$1 z91HD!e7bcu?}9T`mFEC@C)BNO^HG)Sp6S8?G~y;QrgakVG(gk zoe9)Z@c?objEuRNANL%r=a7z(pSF@1|7lu*OQdMJixGZk#OUF5@{3k^Z%*_Zj`bGWB438;M?1;aO4snt1qd5Clw(Y4Fm{Df)QY)eL?JAq3 zsVwECa3zKVwwjy8y=;{v^Fa0a{=QKD-+| zm`x0!rJzXnl{m+Fs_e+7cn$x0f{|7lJgoMY4K3@(+fdTH!KMHedVUl`l7DZ_D9nI0 zmkKkKn0VUf+4Dm27W5vw{|h|=tsqQ@Ij&6=bn=AvDnJPwDTaU4`a@Kq#p`8cx-ni@ zS@79`eLW=mQthF#6wuSLr<@DBw=sf5`@7GtSD*>;+2J5Rs_5U?D{Oa?1qC!)KY3i8 z|16;P_I?`(LVW3|>|pAFzgcGvrN=IgmdyV~DIqDjnNiu%HH7oNa7dsD?MojOsyyy{ z=)v{zDv4AqX@7RWbL0=J@y)}^4(#AAjCj2=8U9L*G`237ypGeA1=*uUAp4{ zVk7^%(C7q_4))n1-lQTQ^%SP(4$}mvNm_sC)Hos{B2}KfUTtJVyxx-5eN$AdbN0Xo z{6SH@K*N+6qAgN%^au&6d@Uf#emm&gh{Y(mpvKh{8q{Xk~cN6gEEY$-brLy5`#61%oILIB(t45gKnh zX~y3D9Vv2eGJY&@>$iAf+F4JYuCwTQ+*CB#5nyC)Ua+-rW=6>AOUTc^GFd2RMau2= zN-p&|qDSg2H6uU9(NaTbLmU^-VuQu$*Q;7pL28nL}%G=A2SE>l->PL+V{qSq};9jrLO=4bWr8^ip6aK{>5iY$;#z&&1?i4dX z8SG#Uv?zdSj`+LmRhg&`7Wv2CbGfXqHJSvEVp6bfelg47vi~wynJ*Pr+K?uI0Voc! zQi1t>!)I`3K*{zLDB=vYvY+mEhkD-cTbXBR>I%A@e#VVDBnA?XzkBhcoBBIr8FjGs z-oPfBcI`wCE)zc5pNhaN(dNTT7J_eq6)bOgvr*DMco(}S#((p}cA%Q?9%(~1){Jz) z8)Zp2rZK>t-SjP&LkmdU?^}3}0z^&?Jdth;j8ZmBFe>xVCh#1q%b2L~;5Z zUUka=0s0~hq@Ab?o0#(0)>3|@Le&F9QmUW|HN0}&uqBtj0`fPg+AyukgeS7TEh;&B z+koOP%&(-2LDH=*{E|%bNfaCh-oSrQ^m}H1dT+TQ+wMniWyfQXOd@!=mHq$gT2eH= zktNVFSuKX#WR&WJ@n7dd_JOKeDOMS^oY%U(IJYKEf=&8r2nB7cB21?+bh03LxQ#tp zWJ|gDC>C3TIq5bo*zw{0ugzJR{v_;a^0c3BLfDDhg?$`9CrIS_=4dKWRl>6Z5$FbP z>65sK%i-o^%vBHQyhM58G;wLTq_9h9Q<8_wV|*kmWO)=?%LdBa0s8t_ov0`t<`J;` zOUgphDJ9$e;-(ssl3{K?@*qdk&ayjX`L28Vykjh57=7&p)j>hCHp^aB0p#9_-fQ=t zrFei90^G8Mzfjb8H~IFbgazeH|QBph1tST6=PQ%!IQu1j+bf#xq+8+~|@Op;f;|txD9+_xQv_ z+Yuh*>v6GhnQ=XeDs-yc9*#NXGRN2ra94yyqA$^6Hw4$M*-Yasi;9m+D60P6j}#=aZaK0Odi5(mUlgHN`V zZTPS}Ex=q@fVfq=!69?hDB$Vp_MsB*YV+#|0F3%${NJbl_g?<~Y`Ik-{^wr*_rc6xwEO>D!_5IOL;lZu7DbHH Ymst5gV)i)LzY_~&BoxIfM2&;~A6h)V9smFU literal 162328 zcmd42bx@RV*fy+!f;0%ypdc+NAdRH7bT1*jbnMb4(k0y>AOg$MQcLI3Al=2h zjgXfW8S?hfS@pg6gOWjtZR7`33o%8p2M@}lF>j0?BR@ZNkkN5|@BpX%_uoUfeSztN z2lsihl49y^2D|fUM&uf>$4iT`ug?i)9d}O_JpEq1dYOH`khqYv(5L!5@jYPY5hmvA zM%Tmz!G{EL9x?~xO3wBbyKgsvC2ure=~bIq*<|6;$4ZY_a!+Wayt!}W9M6R4zNGoj zl@sEeoG-{(ml&cn&D-e}_uK#ackEAsqzf?3>dj zXC&%KyIZ5eoQ^31+r35av=8i~Cm(I_Y-9vty1LK5Q2#pu%?|ossjE!&>(?}u2q>o2 z*=4v7E_AJdHRc~Yg0%{{ExiMY5J1O${M!b8*42&B@#|!~f15mdb)vGlXTCsh7?>C| z*;d+Rom0--Ih6Q%ejQY4iqJexACjq@{csa`wmYu&f2}!6=Z_YRoqN!zCqR>ypvz3p z-nE6se)*rEQ-&;v9h-5fNaOlQ=(F)l%ZgP29<;WucX&_c8-^A(@~)IM&adX&k^d|R zT)sM{_-ipL*PXq8Yy|_;#lJ8>K;1uEK=Im)65hIFsr;~j^|UCq^6CxyqR?iM<*PrU zquH_4{$i)&LaS%3+LIqd4TUx?J$K9d&RSNR&NpdJlRajas~aQW6r;rmw%JzSS!w~dFAa@G zV)NCLLj$m;$a2kzy`Q=Dx{3P>N8K+a*2Xw<$K7q!9Lx33mfvsCE!r*^{^)K{Z?3=r z1n!h@qOh_IAH%I5076#k*1vz-JxWJ&-G6<5ef$ALedEnG>-@2CbLam2$?Hn3d>4Mu ziDi|7Z>s^V=lNcJ-y+t~{W`z1>2_i<2oZ5gl9EOX$EI%TJ1Q={3};YM27F&R4S@3@ z-65sX*kqm;Lvz5=`xe1V9A#U?bIQMb<~GmDX;(VSW+z(atT}9}@W;o;7RoCA#D}&= zf}2%`!muJ)i55SO0YgWPJa;A2_fmB`(#OFXMF{W_iuh*+-&>8xteOI-%x{(OJ+fJ( ztclb4qTSIyh#Lcl5v$hd{CKZ)0?45#ZLwOL{TfO5LUY&c(ahg|EZ~$W%sro^y%|0h z&&y(0Dn?+qMb)IVW`R;_S*xk5QL1ASK%_;kyI=I0ZXgRt>0%?oH^342|!1}*Q9*>m#a-I04Ti#}kiP*lsIV5XYTv_duA2UNZcR9Bq>$BV6I7#{N zZwLi)?tYsT+*EN4*m0LIzaU2ok_C|u7 zg)*mq`bXiu7e_6XhMXTpPSC5`j|0xF-Y^%dM&J*lvPk7nBJ@YX*0mo4Po?tIow4>} zZ8MLBgYFlNyI`OV{us`>x{bQ;tz3(G7Zw4tjSVvegB z=bgpLEw@0Hf!8k>Z7eem&)s|`Y>rjE-B_RKHirs(q;7gajTyhLs7WO67}{=^GR;== z4?Pt#G?`8LlRFA%jsE5YR&&ZY8~`eCi~fVP3w(M`505U-0teY1sU%kB?|aHx&b;j^H5)Vgf-@J z98QP1{Y-(?Yj1?@xVZUrq_EHazdOHV}OROO||_Hu1o1Jc@FIpITiRI01nh zrB>Lc9j6a#K!f%m_R-COAi-yU!eN!`-@I7R$-$dqUc7&JfKge_#>DwNjfx#J!JP!R zk6BqO%#Y)NNxiWbivoHb^kodsH%my?$qNQ?-TL?u2A5VM{n6joiA6+F~;XFBO*S1gfeOCg{L$Mw= z;ZU5e9&lHh*b7;DF2=NE@4pAlqW&Wa6;JqIl%b1iqPrbNw(B*SjrKwkozMo=q>=pv zcLl~+#!DA@d7h!m7q#8hpHU__>rydH{H@&B1Zu6&#e1545A)K`_wUy(v<%hassz~e zq07Vyh*7vu%_yV%)|0!{d8@nG88UEn$Ab4Y(p>!`a4?HaD1rzm9-9;oB1Q}2+}XG% zjMOSM@o6lv2x)X#UY=TGCir`#Web0`9ziB;`Tc9hO_IP=o*PNOFgwj+wY>FHvR$5L zy>q*bx+|zL|AYjZ(F7-LdFBKMfAV*m*$p8Egma6D@bxt{WZ-MPChE_B-v0QXx8ozU zU8ZD9+nI!Qin<>~>P;km)BOa0_iK*ra!G<{jGG%r-}))xs~`flYWn*U(w}C`pJ*Fx z#j&HrV^ZQRGclu2KDYQDygSC<$>tin(#KCUe%&?ObjfR}!6eRxS~pQhS4w`rSIqLb zc#k`tjpLTbY&PgB9S<)Tp<&GtF>9ROgA8iWR$bRYo@A16R7`O+irTvGZ#ad?5N)4(a)I&wU;H+a|p#xeQ$iCe%9n z3@_E;LVk_lyV+UY9`tOsN@SR$8+xh{N-~LKvh;FmtZWcQ{^2i#Jd5}Xw0Y8a+{jbn zo;kpU=ux%EV8K|=-Gna@rJ(u8G_}_@vbU6{cdMmVTfDfdA76fJce#%q9kBLF6-Z1O zck6?-$2H$+*4*)Ru70%P@^$Z|0|9(!UZ)VhkikT)86C9W;y8&(DT znA}hFtR*^Ac=~^q?cc2u@+MTtzyItpnS&guo{5l0=9aj8)D&psd5gmRwo7&#Y(trN^&MGqwz!9=B{MXZZLU_%bYwEGPu zPcy?stwGQ2^0R_VI)L35RKmz~z84H1S$+IbPnU)I9I-egMC|U*d<8`;=+}b|%rlS0 z_zJT`tEI|zYK_i#s$)(MLca7~omV$)9Ku>^t(6V-RH6fIOYZk;8~2|R{f5%{@3H4~ zgufdeUx_4V-rnM#)?zoBlbP&cj9!tE%+*!8mpJ~7Ve4Ic979*BQuUL{)A=>*|AJW8 z-yoLS>ATDSnWEJwxV}ohkw1+$Wpf8p-TN{6hhaqnj@JEPxRANqXg&Uk>p*;u7&p}yIv07s{^MLyuL~_k@vrWRft#j#0_Azi?rvREpL4j`Id;V?vEs2-r8>i6M-agND+P&>EZc zgRB%Q1Bfp*0@gNgy<0r-FxsRs!=PC&0&!b}N$$}!JkCXBQ1<0#7U=dCPTWyl4sH!O zPPQ-uFx1MGJBtuH+1Jb#JR-!wk#>#)XNEz&WJbHiRa zn_yNDdNT3USMMegS~hr5zjW|yi?eLOja5fya{8WU33s*alAU<|=M&)j<*Dl7u}zni zZv6T=&1Q4Xg{*t)#J^CbF|6=ReLQvZPf(=6Sk=z<6vAGe4a5L!SfM}5(czK)D^JNW zedzzov$M+Bx7yWyXPWK9!;QM(j(UAi{=_=o-!l?^72Thc{jt!$&wp=Hcr5>aJjuWM zKBJ~#orzoD8|K8s#F_{>!eDwkIO);2Qp`!e8XwZlHdk)vSU11oB0$F`BBrV~I>w}; zw_IEp6Wc4tRD2}EBVuiB9WhFFJQD?9cL{mZWt=WR*F(t?y3ZHNv+=(om{yr;7eICF z>n2B!JBml)B3D$Akt zH@hK~yZZ`i4A8MEx6y4@f(U7BP|)O5V~>NU>*h&jVv4_d*jZZ@5^AZZIy0*GINJ5d z$;N1-vF!cLMghT}ev%0!%U)dDOC~M*gD_Kk+{s$^DPen9@8%}YwgOhU`-W~;rJ z*qFJIaStS9mPe5kzr38lUV$x1o?vw~PfZu{?G;_hWHqZI4x)O^KC!q9xmFsTY5tMv*qe+;^aHnc_bDXSDNzc}2tjq+3ACSPG4gyu4IZ)_%2L%O|U-l=!(r(h=Sz2PO6E zAZbnt-7ToD)`S!lb*>)DByc7qCCI8cmJ4KMrqTc^E9qL@05wF&SvA=VX%dLmk?YQh ziW~=xrDF8xCtWk?!uXHMaF@8*4Hi z9*(IH4mA8$ku9mjLtyxf31bU{64*DRHy%}O``#a_U87XN^@a}ahU0ed z5*Yo9(xLK@^ap5`cY8KB*c2r9wzNE-J`glpy)J+EJ#vFC=a-CxK{1{-ANN)I=k&7ULnh~jSq@mBy2R#}~tg2D=(-0iX ztQv<9m*7@>%2&RwSyieFK0TC$}>X8(q~yZy`g_?rK(-yv&a0`psMtB zJs7rUa%chzN22|?eWU|+Dm>}N-UfpoksJ>4tQN&)=z`I0$Jnv zFgjnkgy4B;<%^RYL1lv6;XDZ`sX(Z1bvM#1xhQI)bo(l9SU32?;vY_D3^@OU@7EWw z0!vLiP}_LrY*jpMavC(gpPU@n55C+)&fE)WJ0xkZ!p63;>I48qJ});S`IbSu{OvM625c35{fSo_cT*2wX-%Oh3wCa7i^ zB_8gC>{4Kq0fPm&1hw{T=2c!Gcx_|-QJxeWKqV=4G&B-k1F97~Kzqz7yn?^-keeEj zIv%ezlw2NRqLp`oN!_7D%p0lJVv~x@2)!p1!9vim>l#zmALN`tS);eJkrR1NX#Sa~ zdza+*MBQ*Z4Z#a4!RsNZky3j@swr{PHh*>&&60RdiQuUnPy4twm=xwl@@7aI13#Sx zS49P#h=^Ev@f05(x0Ysn-~Sp325t~&jErPL%7D8~0K6!L)C&2igb8_GR1RyEO3))o z5%AOB+WHYU4*_cy8?sk%;%qMzr|}1e7~KY8uf*$ao8?xwA|Vwc7RiK)wUIWldkhX@ z%9|J@X=|*28)+LaKvQ4ydnCc>mxM;+I6q5vRjUHn<~G@NnA?M~mLFP3`Z#=@`6Lx? z+VR!DdK+WGIP-T?g=uK--G&9&Yj9IgJkEssD&vT<@SQVfKR=`bREL zK$1ByzrFFIBw&#x_0KY&V{;Af!6CVvjA5!_w&6$*Ze!?rIvapw4F9no*#E4&$C3g3 zd%eiG+BWP>+%+wR-r|U~j5Z~3!yQYJ5X57^Zc4f^x6+#2jPc!%BFmsh1vAqX-oZQc zsUbTO^(}62ONO7S+Un3QUHY6B0npAXL5#gO`p^HI7jw|X&jId8S2{3gL?%2+tsyGm zSM~@^9=3EqStP-pX+CeSvL9ouW#A*|%u5Wm84bbCygVS~itR`vbqr-^-Tcl{e@-lc zvyuzvAKVg#ht!IC7A5SU;v+d7WJt+2KKp@+!%vLgS{W;|)ZANg9932AmzN||fc#X# zh!}b!_?N~Ze7V~cZm9((9YvXv4h5Sf{hqnNI0om>leNev<2BS}#6RY^hlYF-6J+9< z38(y9X9#}Z|mE2(^ND&0dHFy3M z=p&@wk!#y&>I<`tM{e?u-m^nZe+RmpVaXz3J_MFJ4|^8)V6Q_>&BWk;ICuP({rV8H z=L4L=ezx%i#y@}iY>4=?p5GBlGCNdr9A~DWZ=H)BUxmYxLE|r=+adWq*=i2|ceGhX zYmsNLY*XV8QU`7sxpKucA;KG4F~WNUv++fwTbR-8TL=+9+rY{|jNst1Me7j`dfa>d)gp zU!Wcn;H%7*Ib9MQ>yKjn3kZEjHOZTds!vQ^d4~cgBlw-o`U_NqW>O09tE#HFJooie zI6UI{8Mu&oM(&(f0L zM;lD3dAg!8SAAE5YeRBFMZ3zgfk5Cm*Dr|$D+NUz)csAK{b)Ga+~jtM)sY9@bk-pa z921~8PBU(RZ=c{;t-8X3VfO2af5a9cx2id=x?0RRBULpv;Wi%an`>5Zw(d~dvF$>d z&so7!oc4N)S67bUP3N)`IW|1mVaH)Yu}b<4gy-(*MCR~WL)Vd`@C=|#^L&p~2g!CK z>r=)4#(=ddb8R@aoMiU$AQp|M2{~QGZ_eSYeMpJMvr=Arav9dD5alduUZEE|r{t_; zITqz(U+g05*!NOGps#HAm19SUTLTYshc(uI7S%!QEt*+xpqgjjW6#q>l*nVIE{_-Q zUI1P3QVW;*-O?P5oMa<7HEQF`RQAzzvZmhyft0Fhs|g)zgxewo%@GT(?4&L`KF@g9nub_byXAW;2w>9wgQWpcCK+jb z0wX+nizdz^kA~l({y+6Ry%0HVEr1$}#(2T^rwx@2GuE143y*mqG}yn8GA2Dvt;nM6 zV?KB5+;iy`#UW+9uXn($bC6>%bZ>b?5?zkNMsnIpk==Wy{)?~ z^RIY6#I17p4kf(hm~@;+hf2`u^PK061HYX@RJuS@nvlzgjQd#fTOmPNp)T8y8A{42 z{>Z094ujgEj<9cBB2pV>xN)}g!M$Uv(eZuv-ZgU<{kcw;D6YNhxVLI{Zg-q@OHKE2 z<<}pG?5o}@P6r~)wz}$KwW}q7E=HTDGLbbie1(Z|@QvQXT!Eqo05q^$xU7@lTA6Xi z`jgx}QM(`W_0i;P40{tAPI2>CyT9Gy@5Q*2Loji=9sgoeX^SmsZ(NN)UkM2r>iZqT z#;gx~wvTSMbJqr(yLuz9&*LK8k_uk;)wV9&a;;6r1^3aZdC1u)w7(=ZO1b4CSWCvA zc4}Et;CC=3CS4HLz#&bby~gg3rwz7{PkL2zP>%ABueRB-*_CY$urFX&t3dIEj_GOn zNWODydb7Q#``*p``i2CWoH(>yyQ>6K4E^m_=TAZ>N%#Z^m+mV2*Iy6|mue-vN~P{5 zO>5se`v7p9xQ8iEA0B)drQ{6}laR@4Q zAF<X~(eX73$#IDylcl9ir)XUjG)uc}pl6*6SRL>|=i`zW@=iq@X z!diw|YHt=6CM-{fIvvCWtc~1W_r#0o0Plr?TOTPoV@VKS=EnHyu38>)`Fh6)UA6;L zxH;sb$l_QMs7fgWepJr6pWt1-X;x@5ESGrf21#msf#=gHXtI{mc-`&1xySY)lT*`a zbTzM`LRb1!A!(9*P9jsp6G|b~RN?vV#>uxD21nxrHRHNfb&nLOmR!sG? zlva2r=I`%nx41GFrPQuvbTlI84wpYpSNaCsoS*zW>h7U6lRW3HJM|4$pG?nJ*fO?3 zLG@|6CaCf@UsWFmq3BRbB2!04m=c`Uje_PcIT~LKSYE0J6{h71O+~pZQ`ts1uqVXJqc%w6$ z{x9k9$21vXG-MMm@n&^5VrE5k=`E2{4P_oJ&kY=1wy{&T_6!SdnZqxiY72G66k z1gBQa%JmGxNqK#!8U;@9$yWReN4DVdA1!^O^PrWhU=c&+qz3NyO@L&E&UGptYLn^5 zpUTRD52v18S#756s!}PTHJr`ddU2GnkU1gDv^Tm?1E8$J0^kGkwOppDK2P2Q-I7mtHfBa}_QvTlD zo=s(S!iqE5Q2nJdFQL4TY@U~p=!Y}P z_2uNDgjqC|l^DDc1=Zy;kIH=|cwALmldkVAaUbnsN$jMBeWI^#r7DJek?HmZjr(2F zsjBX}27(y9cU=MC6jwtJ|F(kVP$=m?}OUC^XQR44Tn zAFwA1ifX@df4t6I-*T*@r~LA1xst462sQx=UX_`7z3MoqiK%NnwoNYPeUtX<#R0>E z`UPC^2Kxn%4{;j>OFd00RHh-4P=!#SKMKZ>o*(h1QX5u+FQ}AFy_7nKUdzOf4ch$hE#6u?jEH z>ByD?BVbzQB}wFqhOg5wSk^;0>wx^NkJ!|!vuW(34KmcFDg8&c_tYbCRPyswY{z04cdb zq0GO!Z4U;LL?>;}0rs5N!CC8#@XUm;ST5Ot{x7l&l&l%B_1@^xCYE`RlP}LoYu`P; z`<46JV^u?zanYDt=?%1~o|ZJ`S;9 z`1*~OP26oTSQDW5JVC1`N3pZQORui~jgm^}b0`@O9+a+@0+?RQm!t->pzm$ZkBF^d zn*!JgniuRmdBehE&~>UnO#F%O*hdrn`MtK@i=vu%NS}q`E?a53pc0h;=!XK;oDReq zXnIv)tEyUOZAQg>Jz>M1blT-|5yHmoLa|sAH|N}j4!T`uA4>eNVG~=3^2W@}r*Mr( z1F{rb;637>;Yha1apxMsGC^1QHXbRO{sdd8^(F*%QBrZNE0wn<#!{(SA&NTwx{Gmt1ZbIe@&vRL=)jnY_WPW!rN)%XRU{R?~ayM1+DYRiNPRxD3+3hzd z%T?$KvsqBdhP7fP+8bZaMqD?Y^a))0s5E&s8dbUs$$aq+HkbE;s)=M)sWhc#G1%Xi ztMo#wA3ZVC?gFkl8oWvLx4Wdr-hZtYEUZe!i@vrjs0aefUs>8%un zCI(1@V}1&cuH__c_IPKp#W1fPHt9Dgg5$O1Cx5uPTTDCw%?7o-~r@}AU~;_oCP zXUV!vVLxwtt3|h~htapTF=^5J0nyuGrN7BB^EDqL2kB)oom+@oA48OW`8K9rmHZP; zAufPT1kiP+kXVvQ$qX$zRKI{A)Gf7a=a`kT4y?2OM^?!D&*xQTcAhGE&^i5YZM^DZ z*aNbv^SUL|x@<#AhO8DJ_FvwMIMxy-xUZcWzLjxI(AvNCs*Bi;p}!Y4`=;&zTvOMABk83%Ukv{;@0X$-^(T; zQ}Axp<HS|Ath+$Hl7s)oS~$*caZS)n!uN$V}{OizGQ2ZWokwC~ru$69qN zeDvxXt`Hs?hrwTpv!#{}O(J~hPvqiIf?Q*$QVv%_9J^DC^Nu#`$xZJz2pmZfT}yrf z&yS1WNAhUV@)(qMWM`{u$!Tchjd>KkYHE-PvPovC6V#NK)2(>*{kxoWG+V{B3Ysi* zmUTTZui{r)79A5UAa+F6v?oI62)^@CXUqf|Pj4<$%%U_BOArB`R3vz|67gQr)3x9{ zojUR0%Q*VX?ZSg5VcI^SNp6XtXx<_Gz@h*0QOi6ggZiX`sRz#_vy*u&q7+Dkdm9Kz zZE_{Ee;;OQWU5rE<#UD)E91Hsa(+sqgzB0B>hd+KX_Ma!nrOM3fr@Qd&I=I3)a&0@ zm~|Q(^?M^O1-`U1!K(DDs`TZAvmb-}^o)bOK#Ij)6>e!lSF5_0W}xgHC$9LfI1cxp zdV%hCT>^C%3GPSH(MjD|mq@aKOb@lBl;GxIYoBxEvAkJ!IhOij zU@e*CUdScnZGDFeUxum`cRX`w0*O{SpT1q8f=oi-ymU`jgox^oMrGdDdM^n!pTGA? z_d36-=eq7Y$eURIlGi+xc%fuf0p~>PD=2x&<#uZ$%e+{^j0ltKTR%0_>Z=qjj@|Up zVL_TR%h15w3u_FP2=JcX@Dx^%IW)$CP z*dh=v`B*=&MzfeBk%;*;J>s+rc?2DUJl(u4@(4j%!D%!YZ&leJ5YcDFeWGm=7Dtk= zC-k(ig3tA{&CZA1-+|I#rtVRIas-hQUz19|~Z>s|TcC z)?!)_=JKlBV2x~ImT@EyuvVyA0gsW{`UkB1w< z0^4@?j{xvcHFyS4!zQSN+1ezcXPJ8;`y*Y~a%|Xz>E#>OWE+J8x;(+K_58`jq)!dS zBd&9dr0z@HvOT-6i1OA|Rkazd00Q#T(G)$*+AI=p`x8G`P^zvL5+16P#5qE`Dvn9i zs>VL5M(-8t;r>T{GQe?8#1qjU6G+CH5DS9nugTU;pCGw6If6Lu0*hFr8WL0yg@mp; z*%1ckX(#=9uXw5qNL|OoxDGGc*AV%JiMtEJW*t6ira#%6dnPmxdFNZkT*u?Mrgz{N z(JSPdWl2{;BGrgISDeDziC8!}(NTY5Gtfi*Bt%3jFf39dOptWoQZgt8&WQ-gi8ev9 z2jsJiF^!J>0yNjl77Q_s(`NlJO>9J0L#B}d4Gr+K2Lsogn308M-MCv(C!!dM2{JJX ziy>dW#d@Wbt$1!%ZGVv6ihp%|b4u7lIjk2uGHQA}LUaU&8}=D%8NQgEw2eRC_fcoY z>@zh3QeW2Ht1~I}BqnRGdNc7Z@I?|6iwmm%+8$Q=xYqa-vz$f|SqRoeL6W*A+V2Uy z=TgK>?U7!2hWxhM=VDsc)E@j4p<6@VPsYxml+G8(s{_k90flV$4W*-xj*)=vLLKY! zUNOo0?7UUf+`x$&u?;*L_cizuxH$BM$hSX^sB)t(TkB4v8mhy7Fn9L#n<*$(!oERS z8cy6xg(;FW_DON2`1P~G*9p3-V`>^N7l5DrlZCoG)QjN%N-Mv$85WO}P)JDX>nFD= zWY3gL(ji9!fn|e4`OGU6UFw0eHoS`bMr@myx`TnwlMp_MPyqnLQu)mP14^ZSlbID+ zu$Do$aHkh#&Y_ql{W>W1Yp+wLEyAF?0&TUC@<3q&rtU@HT<6Px?@C{C?VD8PFvCpu zCq=uPHnW(0>#lXDJ>Nkh49|+cJztlN%%7XA`p)TIB&-?$5zzckbF#|k-$bV;gm{Wy z-DvX%DwuO0Rm1q)dXcF@z@oNx?(k@|@1Xa)S&`{|_+Tt$+Oes~Cs^f&L^f|vSq-VW zUDuyXT;<{2pXnCmRC{;}50g!n3tLKbfei+WCVyMFe!FIo`{m`P>By9d(>zg9iu3NO zUn6}HC{55akw3WYq3`j%$d&yxjBYVqLK8{sbvNCh23(DGCNhRo@6V zJ0#$J%u^$($ z%IzuB5Urm3C9^npqjZ}Yxos>ql~GHZ)IML})b26{Zf91PyQ|Ryb*8`R*WCfKDbl!h zt0?2(mcd@VUsSlXwpnx<;~SXK9|E0RmG5$MR&!bc^|9} zvr|uxRk-GLjO-S{Gk?mi(l;oA|3XQQ%u~(Qb__zGHJ(BSxXtls`aN~;MkM(_9Sut& ztJ=eX9yrzLGV?gHx>lm(3Sn~Q#7%wpL#Hui0&vdH!@?RYIV-HsKS zZ!-7Ed_?vco@ud{IqzfbzBZXkpfl@czdeg3nwOTd`B)LZ&lsEc#-eAc{VeIBXGDzu zD!g}OySX=YaWiymLJp)5=`ssbr+(;-H5zkRbnqgK zEjXBkc4?F!e?T&7UUxlkAo81O8}~G|?ib3iBs}@3VU4?VF0LiM|$_kXKuHU*mpZ_em}>c;>lZ zmBc>@AJj;U=|JjX=E;4_;4(py8I~X_c)cgX%sh*!g2tlOt+DE;-PyjoE03jY*ke?aN#fGNtZDS^dyjS zu=4&wFjb6-Nf)Hg@A&N^I9T6#RWUX>9$6;*tTm-+k?vgri?FrKM|sM4gzRBgnOznQ z%4mNZl)+vm|AmBT%B_xYY3@spZo)5xBlJFxg}8b918fzm zPB>V0W5cVLh!7(2fHjI8dT&|8b$WM6LJUdQzd? z1)kf>7jE~*>>501N{*xtiC{aGh^WJff_JUXoz72eP}I-1FsRimqgINk$VhHo*$OJmLjrabP)7z zcA%6wo|I=Rw)QP;I{74U8Vs+ZnhMw>w7K4TN1eaa3@DEz(>;GT%Q#gVK*kI%Mm9<& zZ+>7`yN@hW(3duQxzzFy**LQ&fPrM7$Eq*Tz)FTjHO^S|s7&&`v4+S%JPvp-V_PiI z3nnbO?&Qm8x|S=p7e|tIJW35C-hEst4ZGwfB7ZDZ#YNxY&sN>P7<0g6I3MprN1l))s@Jp5*9UtIM zkUqnaZaL$>hrR(nU2yrDl~q$`SN~`~crVQMbAaEY$KclL7%EphU)=js3C55xz?}3w zD^lk-?Y#Fx>x2A&u|52gM+-HMIv<#rnlM(QJ|UaXs)SEr9g;>CQO5Zwg02nmbQV1k zKBK0JN!cq-b&+ZO8nv6Av+cLmUU53cTD0R3c?B9849cdt)!+aTIb1c9_jC9$w_CLO zj$|dYpFWHvFpS+W~c21P)UXgj( zT`R=7Y!AAM`Vm;*B&#KDe9O7L_?++5P$Y4=nJQAlPz9k2vn)q;)OQr9AWIlxWtHxu z=5+_zzC|b+9N9B!hMV^@KeJOX)&{P>3g?m$0pwPWkNkZnd;v>U-vX*J+3RykD%7b- z0)Ao74?PK(+$i>KR>^?dl0#nDL^a)BrETumtNjrEY>nPpmZ@!_P(aY-=8C@O;3xh9 z{kRNZU$Xqj9U)M4$9i(b11`gQ zWH3i%a@E=*7BFTe9QX#$7W0qqt0M#R)no8e^FYA&n-P07~8cY2BKp_ydbzla6 z5G4&VJz!w_5N07W!cH)X&kM_oqbN#r25L`*TtTe10pH*!_&hj*qB~IzJW9TqB7lti z7F{kSJQZghS9ROzbc@X6J-3d{a!@{>2Kv;_uoy51^7_x zzOH%l%nb|SvDD-bUa_uiG!UT|VoRjndZS;OX6Je*h(HleY*La)@H;&l^YOmz+}t4) zOi0sR4;T_ta4Uu5Sl?b2w2QVN@QIi%aBL`#u{9VAXj-E{z7y9E_SN)}72J?^gh(=M zXp=+Z>&e?i`Cnd-s;b`o%Ji2b^J<2ld);bl`wCIte|a#3Hj5LT&0O$g76CHFge@TTh}(5j(W*pSX=`_@k{f1s!%j8ls7$NWLF z>+ANK`EGMHi(V2L@7Ehaw+=0>ptqMZ&t|mBChv<~=jhO=oC@4~&h<}^;n#_$p8g9Z zZc%r$=(D6~?;gxF`3N;6ZJjeC79Syk**@Ifi;QvT1%Z%n4s_l*rys5s;ujX20Ty*3 z190?{ix|~)qC)QPmL(`LdwT>^bx1%)-i`zKnA28*1QYfUXg4X_iezAhgklqtIo2_@ z_|4dj@$HgyM1O3-Wu!O_IppS87D9R`=C#_ryTUxZ>W!-umyV@hOtDV%j1*|YM<pCp9)A-<*5LwYKiu&-^M#Nq=H6|k3@jyC?%yz-a;_(*@gV#j7QzBCa zeux0?$rkYBdFKH}It~SwHefP#ho(ZbAra-V_tmX#jrBXhj!mj19?I^m^3}1z(+5fX zm3PYd&*=Ar80iQ*rDvs#B6;U@#WF-27kqEd(meFN_Mc!h;)P@@`teLn{7NC-@=^P) zgzV>pu2kAh(ng6$XIxcMJ>Ya5v;hHc>jRH6#jz_jw1f3AjP;8hzsonsn5VPzsU1fk z@bn`QD_@$i9A%q-Bx^pcDC;)X!Qrq zxL!1LD%m!!l8HS44;pVSu&@i2+F`1FzXbQ+9u&6-_V`}?JSTa^Z~%MuOmNuQ$$1C- zMGt-@ZWQeBXz{5Fy8rC9!>`I{1e(1Y8~W^x>&DwLP)bln$dryfwrp80)vTDXVI}a9 z110@{!1EUnwu0Lc!8BwkZH4D_DfeDwnHU^|$e2H9It=nCUOuHR*jbx;cAqoodpl0N zLx?AWkmGc*3SYN!V_gAJGr5Tr7>w*avn8LGp+UzS+xR6c794t~A?!za4ijF!gFQkY ze|z`vVKwmr!`E!etBD=v^pBo8N%M0%G(b@(K$7OGlt#_{H__3Jfs9-wv6}WK@9V-* z<>fa|{dpFMY4FEdf5kNQ{^DWLf~cuiJn_g(9v-06W}zTA@unU*M=JhZYvFg%`(m*I zAL@2b4CY1rZZwY%*IX^5kp`zYh)M_3Y!DOGZz{uw3~Mp|!!0Q#Te8O(Z0y%~zwI87+ZyKK|D z3Q1=QYs7Q2$E(}YFz{6bj~D9gi$=SApi6MUPeR4zC97mGDnWkeJmAu`F>lj45(EmQ z#=S7kwGVij6hOHiZnngW&QXT);QcA$`mz)gEUudrdCmJ{^g+#JAABs{u0?sd;DETG zk1nTci;bN@@o*1oRPY!SsK^1M+~PFj$Yw>InGWttwzqAsrQWA5u;s4telmMVyz3#n zI8*ZTjsq95>FX(kra$>R5~X5hJ@bg5*nKf7IP4JC(%YOS`eVI)fOciGf94W4=h}=i z#sucOsu6DRDM#Aiuj2Q!)_g!iG-4xftl@+w9-Gv5uEW_)Y&GUL>dn^k8!iCzK!*`z z-!Is^qG|HJnZ_xtP0>LCr!5q|ZntPiTXLY>@?%#QaKS`t zh+aM>wIy79j<)we{p)@W7_E2K@D+@)d#~7nZ zLDR+9Ioa&_gGD8{Fuj6${#^oxrll*4a*5Hf!HzSV)yRSxg2UagPs=kH>4W>f=JWU& z6|SI(gDJ-&$Kt$IRQ$l5P&k#!Lmqlm_(gh46yJ|fy@Q#{R2!MF!z{2&`3S7unnTm2Yh^KCS2Fujgql28q9@4C8hhqZ zAh1Wa2l<|pZV@b`jh5laD9b86qU7)`-<*6Y0)t4Ei? zBNrv4TbDZdU5`M%SKb(lj_nV#hWJ9Z5(W2F5#i^AH&2X=Cb_Gp1S20ntW_iQxp_4k z2xzr@0ZbM?x-av|M@4-K;s<*;ovuQ(Wh3W#pyEsGU@~fME1c=ZaEYsLodtbY;GTVw z9^ORC%^A`}vo5%drg%i{N3Vwz;8E8%R3`e>5+2_=3hWpITKB9YJYUbQBshz(#hKh` z(OYK%>)}bvm8ep$>HgJEGCiPer}QzxgQ7p0r&@rjSxrB}F^z;YW?Q*N zo@+v-^sQ2VC6G$Ig~DVyW5pXGFZpnnD=34mEL`yyC^Q90nq4Vs_){|fqNpu)6f|tN zKp^SIkSgm4{M=OVnt^lU1+)~C#ac_p!v=%WAaG`!$cND=SO_e`?Mi`N?}8HKhl_kA z#UIXpkP|*&9V#9`i9NL)l5u{;2u8jWSE_Sgraij4uWg7({-xVtJ?Y^BdIhhuV!H?1 zdJCbhT%kMe`n8-6P%u5M$?X5FP#c?>tC+8CN?H0sMEV&~}_HVti zB3(f01;1`-hr#gAh_8j?Qe#dRRE4-tF0YP*JT1_J(@PQ^%AU58HkpVUG_g&xMw&j75xQhF|mAu91cH zWqHF>w9q2_?a`i>0Rn>Slc(cHahw`%QoTh|O}eWwZ=ZXZ%3Bq`>e!!)iF$!42H3nH zsWW%25pvaT5CR)D2zkpi=<^R2!@fz@q%hz*^~eV^bW_zSjYra*!56Ds({DVR-L?}y zQ(n=)u^f7Qab>?S;6^3glk_Ezpd|2OOZaJS94ZPjOEMQ(YsdtH9-#)~?mx4C{YH$c z(}T26nmE(#rils1-R0iR-HqCihl=XFP~zFz!LvDL8TCGnq=2ycxek&#Pl#S7k6oqK zTdl?y(IGcun7a|Yn=YY!_E_~JYlBDf_f{2L7Re!_wm;-uLalyyenz5R!uV5}@ppi+ z&*VO@wx|~-XdjnX5&&#?*SExOURZ7OkzM$kC)u^&Y3{(=RwY*s#P-5Vz8#jT{w$p~ zw7AJpDlU8WaQPt^tnapMcKQh=9d50qHEZ;qx{W7fjPLEh@?y!u=zQ0$*LpDZ3<4>P zHXtJAXlj|LAQemb)_vwFyl|Kl&2cMZLV)9!>sUFwP))zowQIFfv&P!GO5b`Eu_I~> zXi?IT8LM7fyAluh12~IYn=`IHSk~A+6+z+5%-k^awk9rC0Z1-q+L<`;MCA=b! z_U*jjBTZb!t0})|?b?oCU@JUAz9h_Ah{x~vSr6O?lBuf8MBl53yq-6LE*hhln4NV2 zFU>P*O31#1d@8`)<=~Gvf3!#fo@gm~%_MJrlEuv86jb<*y{k471KH-*%?o{~F7G-V zY(jx82txUeHo^d812k4_uJ!yrBYvc@tfT^AVr~qmnHz!)nLb6w4= zU!bWV-{lycf4RB^QV-tA7)K{~)EdPH5YBb&(yMQYc!d}|eHT~7m07?k9&&162@WEHK1YhpAyrd>Zei_~)R{st-+XJ(2HwObJcaPC(dl ze*Huve}wZwtg43RRhzquMO4ZEA?vN9qHMdqe*_Vvxs+}JQBqL4K|ny7A*7^KVrT|w zR6@Fhk?tD0VP*j7E@_66ksP|4-^q2~&+mPo_0B)D7O+?|$9Ww4*zw(;oz^ZJZ4#z3 zBGd9{|6M!Uu%(~TJz_T?LFUU7ug@~&9PqV7nGwaZ=9>rZQuIxdOPAbQ9a z*55qnvfRX(eBlSqJblI8KI@Kspe2k?$%4Xp)`}z}_ink+w9- z7Ff8wJfAZ2%~E%cv3cf}$9N-k(;_Pt7pznCCX`*b;_058vYat7^A>+aK@MlO-*H6*9 zVx1sYzQLk6gx_(G$;;xu@he^51hLEwwT&YpHg`t5vl*d;iPZQr`%0FBKBsZd4#Oq$hu^$R2tNWy!wzem}*5EFUZxe^iU z+SLVHJJ`gIzH(Jecnq4naKV3KYhd#JBXZE3NIZnE0yV?_0r00k^zQl=^c>8^{`2hx zDSDcmJhpUw=jC1wskGHzPL`!zS4s{C5kZ1+O`mfnc zQho0f?^X9#BDUY?IWqTGZ~-jz`g@KdeQKj_I@>eK|IDA=pMStrzguN%|F=X&tmbtIPcOWs>2Z*`CKykp7@@dLd4FAl)+x; zT26OPl^zx@M#X3ssT5?a)7)PNIHXT-Bq`Q;-)n9Aj*5Ql&8^HC4?M)r9T9SDyjFKl zNt7wfmFK=vmv~>^>)w*%#F)j*SYBA6IsahK#AR*Tm9&UJdXBLG|9Y>fp^}US&sNCe zN=zbnf$^s%O>_WRf)~(sxrxnC6THA(;qdty?YVK>6}a-A=AwFzsd+31;XyPLu=u-y z^oG)aGSPD&^tfHj&XLlf%#V9cKRPQMQ;Ijv#?Dc6DlEZtP2G@jcH%89`vK?@%RQ6=z}9saO6NT711< z1uImf1eeEdy^b}dmL@6E#}Xszm(~9nype+ZYD~()2s@`;cA<`L?BwchF?xF0V*0eZ zMdxXYV`1W9SEIFye!*k?NtG%tMP3?AqHvUY3~7|c5BZC3n6)^MvXO#&=@05*x&$u; zP_yTLSCuoNL`y^mb<)V#l>6$(ewcMirD>rETQ(VxsyXkf2oH6?LHqkfOmd`k?ic#pbT*BMVK|m@o-+{ z-T5Oj__@Vqdly}&ikMbYkruQSeU!&?5NKrT-@c@Rii)$>rz4bj@OY?Uvx2(Ahn{nZrB;4|s zlN7J0J!YgkWS+q?Fueumb(V!~z~xm+3MMuAwOmhUN_gQ8bljT1eIMarUrIkVkrJx> z1!XQjW%(w+Xs4lg$GyN`i6vDoGdRrk7RT_#3H{EuDZvFMr%N`=84;Ore|v+b8|CN6 z(jQCFQ@(pG9)pdo8=LR^4WuUJ9ii`=RNtpnI5ecWH}P*=T5=!DxVR!FxtwG~h|RUPe8qN{d*kjO zrE#DtM=bDna=73_7rYVR<4hj}jbs(8!4!R4G*v;BDovtKzW#DEz4&_LRElN2K$JzU(? zj_}i{KT?a-`ocsmDBJXF$mXgX2O&Z(%(=Ckhizg(GN+*jLCbW!eofrlTT4&w2yv!* zcy@0OsFF=ySF}Mr=#!=yu@N#R{)QY79K}DuX|B?KYsEjSZ>H6wVM zwzGxr-vzy5$jkeQDe!wsZ;Bc~y^%i^7f$tt+n&DH~{YpAPjuK5jn6-G;T8lrs`8KHR%H zI#h5cS>5)|EWfmu5#AQ-_;ozVNvA7tug=VsgyfU5JGlbo?Bgz~+vSiA_ZAy6p+DD) z()4W-#?dIe-_ysRFkcu6za;x>7W|RIrzou_JxWpK8vG9){nlW5Xp)7w!c z;=2~hE!WYG?CyX2Jyyyl(vea^?_KH}j`|)0^nRE7{`|+hN~xlK{x~~{p(?Q8!S#dk zA2gVG(Mp>X+CL^*o{@8xt_c#--K_GFYwjB&^=zWPER5uWUj!?{ooR0o9V=lJA++s7 zQ|upXR6Zv0e_n$E6`om&W(f@I@;Bmv`Q#%~u6e;#lw)(2y8LJ|`qL{4#J!wPa#M-Z zqd^R&7a>lW%DYQ9o7KbP&)0L34-asn^FCQaogKcoh4%r6F z9Q`y+W-J!?rvgV)zbA0k-B9(tv5HK<*Cm+{yz!eqwZSkF-Rbq=S2BoJJ2Ff0i``FC z_kQ|!hEOB|YUp&G{$HmSzL|vUE6YN9Kp6nP@A!*A;ms(B^Wt#g*7;j0Da2H`02>!W z_Kd#6+9VC#g2Nz=(mJ;EZ9YSGxwb+or1VRuVD5V+45+!5zOLJoWWSpWggmnW#I-ma zXcr30XMaqCO;a)jKy6rnmZc>P@3_%VBrJ%0tVf1~qk;2(PyV z`@=`arb*R}icw6fiMNcY%+ZY09G6EY?j1CRv&5HImbrQt?vOrKJhq<2G zNn-(D_gbHpQLZ40+Nw|C`cIEtdfU6e>HH4Wj*d{cBeGu~_xswHwaks~-vt+*PwcOD zk(^1DW$)CfDY-a^LqYxKrb^?l-M=tA4RKz6TrkEyWKiGHfCdGbcxvbG)&b$vI8bWO zR^M-L$l{l(uw)P?t__CFq1Vsz?>l6Q!9%Rk(@!=OsMr>zhc|G0gygL*z}NWkja(=6%rcKU*c;B(6=>jAU=$ zhX^JXKsSbGd6=Z4u^Hw`BDZBot<#Rz(kR*<&RbKiGwig&dB^%mPkew}h|5`ZYu7oc-@=z!HQn{)DVX#c82e>{!c2LG@QirhH`gBA$K)349{JpM z6MNtiOy0wMYRYJKl%Ej&>FC>Rz*pj$dE5pb-N6PQ%GBdsUsaMs+Bmoa8Wp4Wq2bv| zD>_}$W@X2H31$iXQ(VRDJiLm_5w+gl<_X5v?m<`SYaq)3o`K@n-9%3-6Z29Ldj5lx z-?oi6DJm4}?rLGN>?q{sK?oO&eX`-28|~+DrTJX7-YYL&T(Q}3C074~elKa)v32@8 zP?|?SDaFCUlV~wz)ROaY)5THz zXgPdPHLEr3J$-{n!JCqqdCLU-aS^ckmYHyw(rNt97wHUQ6|X-9p|VhK=N_Dvzu3uv z^wQnFPrC3z+qyGsu8tgkm=}ofpIf!`iojG78Bb0bnKu@GZ!ZdVFMQqgVW0zk4?gWi zS3lO@QMHGB!BnrbLON8FsZe=zfchPM^ zF7UoGT!<_$!f{ByHRsTA%2XsKC+8=AL8behh;m-F5BbtF5EhQKo;}KRjP8>N#QTyM z&B+jGmibM5PKl2c6B&S|H2LjT;2!$Z*=~pY`|rmcvFFo&)=1G-Sa8Y%>15ih6cXOb z_z?p0R1)SrpAld3Ogk0^(|5&$wD0u11?-0ClU|5bp?m7;g=mT7_-bD2!tbNLI0S7P z)DXLw1hFpPWBJLrrqbdN9!3B{95_Pp*Lg)QOW;%0B)do6A+=3{^}g8f+OgAi%k|?{ z0mW#Bf(4H&l%wUg*z~c1hMVa3wcHHp*)5|Tjbli+n}qVF`n&OZz4$SmLDw~-knc)#X^`I;vQ(zm-ObiK8*42U6Q zF-hPjJ#BrC%`j?Tu*2IG3TGHXd(D|iKUKGL_C|Z5Z%vk@8u-el9$^b} z%j3CcVk`6u>;r{^cg@b^Yo+`}1XmHB_=i~i;~0GW9j8kdOU7?v*_1G@Bti8-=dJO- zFP;K<(8p0dN?5@RYiIWY7$#{UQI-Sv5nyxT-&jihmfgZ%vA5oIlQ;xoHGuErTwph- zQ9#-OJcWCXQGDq5Cl&R#4*&D%tf&=BUnlR|va*VWQvRr5znjsW2N8w*hpPj61;n7= z1{Q|X#&n-{M!U|Gpub+(8T3V07g~tw_zw8_I&3p(oEs0* z*f|=ZZmQcHlD{7)LtHeR#nI#2ZG%SJfaX3T;eXLy$3HyQ--$`WNW~ZUA(VHncHBJI z*Hr&To|E>S7B9wj8u`T|e@|$enpiE+;xJFVv6(XCRUTpf-n*F!$#8)%l_x!#v( zyu5t5GSPV2lYM2D*JotDz*_acp|P<5mCX2Q`CyaA&czLpr^95afE`*`+n^Fe&#xZp z+7*uaX-rb@Jd+38D6z1hUw*aPO*@5#{Ird{Jy4zOB`vKA$=d#)!a{T>l9tPQR-vh~j~A&KEtq>FTAFGK|yW%8a(EB2PX`>iPaxHN_@ zv5C!9$e%A^VrAK-0~WwLhZLO9Ho@@EI)6+WKXgi(JQY!n?0;2GTvq53;*3yV%}bNp zeh?36l41ewTNS`qiv?JB&n~F%|EpRaRsTbTJCZP!asJYJVU@|+y)^?S_e%#ION|y& zijY?;d{Ci>KR!A6{bE?8(^Do$=7U8UQ4c+jrORoeUlQvC(h2BhhENSb3^gkiC|3t# z&OOJh!L1h0OXi+Vz)Wa)DnqxcbmXWuGWfL>J<>kZ4Dhi>DYQ7~v>W#(a!t|&c7*ctbl;lL^*TNs#63%-V zRz}7Fvb&24;H@?{vhKJHIn8_b9C`J@X3QCU{#wAc)yxXuiy`zcC7jKh`ULIWahqwn z{8DAs60fUZZwdLardkkafB0MdYAd%c_c{0|g~GAtGMrIAVf8FEqK?xs$coJ^R!7l{ zuf2*R+0_^1ehM&Paov?jnq)|5oq|0hH3}2l@7npfsV8I8UX+AO08EV0z?b-+?Ed!$ z6fB6WgZ}3OCXey%C!OubeYEO=YjmPZA4A6&Vj-c!dKzkZ1S6-r{#9==u1GHp{QDW` z@}VZBA^OW`ldfj;M~+(dtQsvh;meb+AuE?4$KnzCMXhaYbHv!6ALw8cUhiX3#X;|n ze^{%$x-)(w#$FgUgQKp%3ADpy> ztU%qFigO-1cd$UP;PkxckO3RnHb6jYE+;I@o`B2w_RP1PO2Ffg z)b`^CJqzK`Xs{<;Y3V*LiJpCqmA-wB)ZLpJIA^^Nv$5zHCoSY>X&j~n!j9eSBLve& z>+b-NiS5&>W~auZLF%WWmCsjsAjyq8Iuq`zKj&=XC^M{wjz_^iw&S*7McXbz`MVL2 za}UFs6@B!};ZsAZMhK0iglWlsqw#aXLw`N-bMJiOxbZWSVzYvBPmShx`^gb~X>e6{ z25Ipk9-ETLW$#T@*PXZxJ84b4z?tWTI6lHY9x zx#YdgiTWb`vXIA|?%14;9bv0Nr=V}jH`pjoz*S#lE4Y;#{b1ftn6g}xML}J~u~&W5 z+!Rv`^S0iR&dY`UI&(;6y?%+&Uj<+t2*O&EY?rlb1r1o*7R5wfGw0N^T2+Qwb7KUs z`0Pc_G{0HFnVzL@WIHK6!3(}HF(GzdlLyw3FU$9V9*kOc;#w^qGhg!)h6BvS@ZfIf zs7-vNY>I;8W7Yb>I5S}%UY$$&VtBH8gjxa(MoJ40ex$-=zaVy0Q3gV^O5CDtfev*} z8@4A^T*xM|NKyi5|8svjWM3-k)z*XfcQ}aF2nonHWd=2+oqw4iTVdew5b%#J7^}xh zCqx-Sp@Qi6xT0FU`@=A$`53hGddXEl_e`SGZ6x63%3kXl>@rr!qWyN-!2?@vBEFE(X-15 zYy4We0pO8RmQJ%#tWa=PRF8Tyl8>r)i8Dt9e-C$6wUGNN(iF5xp>{|4`ENrAgPP7a zEVsqut}8s@CSP(<{!k3z(vL!Aah5&iekBEsNaY^*82qs+Y3RF-G*YC4ft( z*>-7wL7E);bf$yYPp?0x8^1hP-bkDs_OQgc+x`zH6G9~gj}h!_A9MVm9YzfyaMJ>okB*jOr!NTo>6N8mH(AF(3}>NLJhME&WXhK@m7 zbJEv7g1l3)@_aGh9;BL^qTADG#uF?4W9bFQ6-N`M4yzrYiE>EQu@{gqYknF&f+!8!%tqjVNIL91U*`w@1S|2?YW^Dx-C!O2N zV|*{tGdXtvPlzaK1WlF$PPbnO19nK=ecK$>`Wu$$!3M>qu5H~fjBoSyCF?Z`vRrO< zZs)9tl-!PHXey62L;>D&#c-XtqLPCmJS7)S>WCXmYSQ;Oza!B@j#2 z{2FjF>kFj-9x%m!pR+u;rs==?xx~Z^nQ-veQMl&{nZY(R1DR#VK8jbm9!zCD*lAO; zR%?CI=KW= zmo-o}9x2tqfA6as@X>tGZQ?Mr#r~3v0WXWC1clh$cljGb=t1K#vl*W^+}DOQ`#bww zqo^OK?pmZavpV0UvnKkflGgtB;spbXxA4CgFH>k%3w~gMU_%g$^ZFZJRw6~#)IqhD zKD0@$+r9dYI=pCadhUX#W^?F{SidCu=HX!=xqk2ZT#+r~-A1ph8?D7v{c9#|lIs;# zf%%wUmXAptSBs*7ghp(`qdnD}`s)T`0Z&=hK|uakvmLHCkG-xP^{-+7eb*l>R>hcOBY9SX((!yERet>BFSI27l=50Bm0unB9_E+vJRt29Y70HP?28l$R64Tp527hqK6KrPM zshBxa?}}mwp((C%V=$xE4L6tNj!>PHWFRW(nev??EnZ9zfnMV+;9Y&+jORBVqV{#2 z7ZHDf>`&kPGzf$sq9KL80G_C-U>M+aV8Rnoegh0{D?v6bHypjV-g9(r0}RwLf{KaY z6tL+NTki$4qlU+N_B!H2+a-NQ&y_2STvn(33pdk(7nFdjBR&BIa5nNoXE`IxB^(cr zyylU!_ki~9d5S+$ZH-(UlDvTTss0-+zZ?3zH;vO!c^)Xlp0B2kOkciW`nNA6>=|HL z|6~`i>1}J)--?K@Hxr__GB0^CBH|+jV@^eae)cRx%(i?0&S>jlIhskog~K7F2_p7x z!&XdpG!22;cDdT)qNR7mdteonz>|l`tFR~rzT~zH*$eNn)5zwboQDZ+jE;E`eM#I? zZ$0Hs*8KoLt5cya-;3G5byaGs^x1W5-GaLlK^CKdJG0JMgp;^nenDRO{1Yj~vh=Hl zEB8}G#BQbhfRT{e@R2Owi^&~ofBJ8D6x#;Ss4w8p_>sD@5R82M=H{PCUKQw{Oaaj zqu-{ht(fH&k3bo!Ic`f`7&<2)GM$Hn8Pq}7l3Z#3%Mt$$5WHdsDUVRtz4Kn zUg&2D#>0PNo0hPkiGCk8akMoB7hd{iZjGJ3rf4t`+>mx@AOE=0Wi#BbHfH(*bLusD zMt>D;Eb-@_sN<>lO3kQnZ>&6UG$Mw(|Cl_5h3T1{9{dT~Z6^uQ@f{|n_zwsCiN&eO zYoV#pI|^S_anx)ARWYPzXp(|AVFk4s*8l0zpTItm8u^-5m=}0NI4g2V%n7la2gGzV zKLyoKFdkK@^_M0vwdMDTv7$QfB%&DQ+#(G1SDy>5jjy>h<^oLS8BMJfh@no!o7BOr z=h)k1+dO~;z6((Hn+{uCw*TJtJ!CEW@lcW^v6+T7*Hzm?*`+|agq4?j!kf5t&4oF1 zM^`yaEn%>;cu+L*jx82+73nehbt$j*#_M>4V?Xry9s9D*yti#+ajhhnhzWcbC0L&u z4Y)pjj#DMS`%mHX|0L}WeZOvTw4RZZt~X;^GkCSd=W!~T0qWbGhqo3T>(xww?M9l*ML0DQ;a|h>^ATQ+#h1`l(9lsL&&e_=#=pximIW-oc;H zY0ixKl<=vZCh2r8{hjkdH?y%qYHCXzdjWKdy{04rf?oi$$k;Bn z`N@qeAT45ghB}HNlIIJ<6PVYpIpxqYc}2G*Ht!QLqyp%kBkvjXFGYE*Du)!%Q#kv$ zPKzlR+e-gaPV_KRJu-44ZhzBlkKtp@{@i%;@A@(PjU*|9s(5&DS{x8m!Bo0w9-%fV zu)o~piBQdwhC|e@)kM8>CWA&b7I{`5td+gqxq1Bf=RDj)Y^8a_AA|>g`?&=FkOhv!g-H#fQkSh9@5Dljnc2y^jW1K`k|1xwrC~WCfKr_W)3Zx32 z5)n!L9~(*isQ7Jv(VZn}1ffY`SatB6kwRb~AL}%qb9v8Y z`$xgw+}J4?4E{;C+E#%AW$hgUDdL)||FL5ay%EdH>x*I#2au8{6}9#`qf+vA`kRR2 zdKD5nw=#Okqvb+h#RpX{c0W=~cOv2jL=kfO4SAp}e?7%gy0`R=VN4w&?qX@1ZyLLz zK6Gx|+1l#<3PIIBD4!~x%&ARW)LSQg#c2MPf%t!tfK%`0-&bAo0#N3csGtfW9b(5>SM0e3Ogp}q9Z`7rVkn>tShl*@xVobB^vdljb8Xn8v ziw8tc0!*JVrZ^`6-|(NDND`s7oz3ov-97{%6ZDewsv~u*qL7|8fVnU`Th7#HU!n2l z0<*FLHPd4;tYBp%8=|13>|>3Vcp^OS7VmTRCxr7g!AD$r#+;fOUCA!r(|L{*A+R=! zg;LOVKM-DgeoU zwFe(pQL*Sp{S9Y8oo4vnbQUCMoa)v)5QF5AAp5zM(_riUW>It$*SjSm*5zm<9QaoI zD^*Ysw1F7coebkfx7gV~s2XWE@3<_>Y;{O29qfO#ujGl26#m=Gk?~`qSRaqL`^9av z^i2$v>1SC}-(!%wRH`h)5`QAE2`BL52ISFi)zSlM@V#_bEv;CIi}jp?tHa@96-B_a zv!wyJp^%AK#J{Xk;1th?W?{`}Ded-g35y#Et*s~vl742Pn=wr+4-=64Qu)qV1^_Y6 zp_cdc+qW+h9911um?q|}Uxe;Fet!5k1&WQC%?r1mfrG+kz&tarpW(`#4Rm}S#NSNT zW~X~t4B`I4m)OD$go&N0V=>hGlfhDRa=L9|#PV8pik! z_tiHvG&)qCA#Vt{fZgOvo6tM$a72Et;#D$RE(xW__ zZ&!&X0p)~nLo7!?3~fybxF=WQnkBt@k_GK@fxg3W#igZ0{>HIf|NN$4203;NVYS1{ zNxL6JJ4m~!?HkR;@DYApEn>{bG5bZ`&TMV5&&5W8wx(u<>fX0K`w1B6;BZ*FKj0n? z8y8nGuW#oyId_)IFq4B$sDnU+@}d;AL|0cN9f-N%biuoSREepS6SMb}@>wAucIoHg z_ZvsAH&<0v!Lj<89KzidI%(5cCut6^9K$b-9K%;0Ab7fV+ua*VrIGu~V%JFLu>POr z&}at*{y#uh2WkVH&ot~$x9Q#?)P240Q(^4J&@pm%fL{E&*+vn&zwa{t(~2Gz&txDS z{~n(coj*Kw6|`!HI`7f%e{+}t zfAO$_$gTM9$id3!v$B{U_9sjE!b{9rOi4tRumo8G5S3_by@bAjXM37m4^>CWF{tg_&+jzDdJ^?O=Z*qEGA5TqKu4}$6U)-9hUa3Pl z#1rx%HRn%~?aGP}rKY^;i&JL)Jo;w7weRZOQ_MvTqKzDzK#_bXM$ff0 z532>Fr%N}3N6-0MMmZzS+U?b$MrdSY0vJ`-+jP26yc51hP7(b%;$ym}B1qW6q;h-I zcSHJSpR{r5E8)0H8DdB5eCZqMW{?jMkmxc2*Sh%T`hU{s43&|S-I@VgU2r~5>YBlm zxqp3V2f2rvBiHQkpL6B6y{q(>XP@@R;`FQ3^N%HmQXd(s@q~%Uaiy;>up2F-=c??_ z4+4VtUdJwfw>cAs)pv23=v=BSs<#h{j_TX_MEklfe7nnJu3({GR#)N}*R&mgyFBLH z4zz_VM<-b17HX~tiBgVvE;0Zvko2ZZNF- zBRii8j1y57DXf{2+kkm2UoC!MU;xhdw{Wj*<@yArf$N38<`xsQN6caf(D=7nZf}Sg zHv+M2i}oJ~+D&pFQ#Up?#>K|6#B*rqMTct=)!*Z$o7ZUGYa=|k+-)g_z0{qW_q*H% z&SrFv+3kh?`BwGt-+7Nk5aw$p@jXTu_U-wwKP;0d!9H5*qLAQOhWC!>`3_=N_n0nS zIPuG7O$d{p0jSNqv0>Xhgdtz9_V#+$-yQQ+ClKsqWXR&y?k@JK-NwfUc_I64`?%cy zS~V!>Gx8g$lz}AGTYRqahGl}rjr1#K4nk=TSD*5+eYhT|TQp9_!oRM`FS7n2mVJ!< zYM@;}(>z2+H_iq>i%ij+k&$ZN<;mmr11*}*2fZBq9ifjv3AB@sWEWFKUH^V(jfyGK zDS%m{>+n0(MOPjRK48LrC9z2J@MbBgv z@o)AC>b*gQXW49GvdnzkErn@SNbVv)k8L6!Uj7a z^SQ^lTt_QiMIMut%{@)`3ijJc+)X@mg?Zq&Vl*R9doXdlhSd3Mce|qElRauWA$v`L zx)MGv%dAfBCwX&*=B#PE7|xJ33o^oAlqttc$AKTc7EUZkgCxW9+kg6sN#OVz*{7H` zdG!J#hqB~k-VT0QG500+d50r1Apb1%n6xep>r}R4S4)+f8RqK%u*CXp3RcA36ArUKLASUcBWy? z)~MAUe}9B5Q1LBx{;2hw3ASxb$1d1h?O9~A*Ho`j?;v0?BD1fn*K@GaZ(X^c1h*M` z`urKUZV=CO$o$BSMfU11S#DXH@_K`hKI4eOd2P5UW14fqfbne-{4S8UDwpamJj|Lk zMk@Bf!g7r^v0T;BfGi8dQs40JGzD5<7L0VL##?^Ai2}rT%Fw zeBeeZf$o5_Rle!+59Uiuzn4)7f&`1)z~Xw8g1sw2p6q*!`Xb4rt~Pn$pBj?KKL{u) zjoswW|Hf;;2&B1<7Ed}JY3Tl0q;o`OrBf}~4@+IzQ@qLUSFwMI99=#Ktm>u9cI_0* zd3{K9jb4z+d`?S=fjv#!L(jx(8S*pwSmDL#3Cgkfa)Xy|pSn<`Barts&7_u5ot63e zuB)DWFv@NXzm~NBV1~jdm$=7afix}uT?UjdsIyZb)8F5fM9b}JyV^I>pN`hCLC=>I zX+NxF6%hILuHts&DBKIwPF5VfB_C;nu;9Gs7Bi|Yr+&LBu3ztb=l68rxk(1xDwlb& z-oAk!say8WG%aSKPgeGmpnV76LtTC7m(RAGE6DksAC)Gj{A;gC;RkY>r-OaMY`tku zpz5C+lqs-1{QVRE<{trmw5j8e&Cde(?3u)1JP)c))j>UKc9)8Y>Rm0FmMZeq<%guE zeMIJj4gP5P^x5{o`Y<>m$zJZ8m-j z8V9p;-k<;ai8zZk95E$?f1Oc9A$>z{M^Pp_iH+BXg6`wl8C^+BJi9S#u!N37)A6Lq zLPdpCfVKHsk^2z*>5;(#e}fRzGQXx_$lA9Z!3@t;8qnxRVvG}=J?Z_J2EXw_EiFRK z(IKkJIvfTwsR1Bumtg*H@06(o8kMjR9gpx+36zGFkx z$Hc-ue(&2U?g>u(mMm>C7GAM20^uTUuRdScb{5|ip8gh+bpzt=)|@J*{$ZD~A5;UP z#CHjk_jJU>^7q0L>(>^!q)V@v-&55TF367i9slLX1xjd(1J7jjO{e!oEawYs=?CH! zO;Nc7_uN*Fqsuj7t}oKq@Qx%WQt6Tp`c!6qWbolCbaKAcP*sk-8#qL_wtpVxt2+%< zc+6|Y>#Ya)K@p?8j|N1=&2RJjHxgUaJXKt@y;59rvhJL9}hTlH%XDafc9u{IYTAYN_0}(`0Wy31B<{63A_@<|q#<=Afot%8^td%w)3Y zM;a1YUj-Q^|C~%e2&dvB0e0wGqu;exlAv885$&rtJgQ^K9=EvV98~}ivh-j8nhUnUpc-?nQsFyndbT{Y3m_011MkrKeRXxkFMtBcrX3^!ljJmH9F_>B~L)n7lDfR~@aM-|m#7HqvuFPC2g zIAgIf)3vW}E-xc(=eYboK><_&Bq?DW*i44j=@y=Vo~P@wTWQm!AduIkHxQ3*hxSE) z*`!}d*BIP+mhiV=QM4$u=O(qx!1LlXWhI)}47Vhpw5%vjmE%e^*h={JFu#a$<(3l| zBF%4T)X?#H_q)zwrP9g{`^U)ZkbRT7jTRhzD(<*Du@?QSB{%n_Je9BVUt?Xvhv0TC>j3l$oGU_#QXjCZe2BJSl zQ=LWeU1ScnaNw5)hOf^hNVaStDhR{`l$Yw z3!`Tb5UmHiWpJ@SFTQ~k^x~p-6PnZHZjs|Rml)zI_>#tXw^Vs}|5PePo?O#5LFqhVXc}+{D7H_7{YR9QFQ0qn6K)wFyk;rRxnqy(KtIyOoXSw~& zIq$!hpxwe#TKZp;Pus+FQ&>vm1(QiIn%j_31*%@hmg}cL9MM4FPu925Cw5<@Pym6B z65nhSYm$f%t#|q(CkkBEpoWB)7_tg+#W_ZF2TP{hX(WETV$>_4WHZqxa{NTFP|lb1 zYL^+eS4vfpOzYCOSJeck6+`&t4~VFl57&nE(SznQ25UfETiC65_8sWHr-9*W$$syC zoyWK;3FPfKALGpJ-dyhLTmH`CBs<(s<&R?G+;j4+cWBP3tVpXsB9RicBv^alP&6uam`6cdsi?o;j@h*Wqh}FkVGx zX$dL`4mZ!x=c1y9K|c!5@Y(GITtEE)vlq4FIa^whqoiE2BfKqoJx# zuliFT`K5&E_1@`b&8GazU?%$}bZEo2d)FEX?GMsWTfD2n6y0RTK5; zx}ER|5rt7<;27B+bHpsLhjpiZC^7lg5d7Hd#3Bpq?Czcd&D-F2lBH&0l(|VK9701w z-A@lgR!WTO)!l6x0dG(xL&_I>fwF&)-!Fp6ZA2DmlE5XTEJUgOd?Cx|wax;%4(8v` z>3kpJ#{h)G{q-TRaFJy(tqs%(iS?A-$JaJr+?ER~8T{UU zw#Ek5KX?~Hf&(8~p0S9?Yknt?*1cuH>ZohKVEHsY@4fUG)#;D8=MVx8V^){%r2ndW z->~ZuOyMeESlWP5&yb1=ULSMd!NDNM8NN%PzzL zQ_?L;I*n+`nrHn;NGP%mc)tk#o?P6z1BsY2D%sCrzsnksGXPb@Q5yZ;f#Zy#e(zJs zEM*ofdtOsk>n_qZha#K-Q8hrKG71c9vvO44(cKucX@GGbQ(0aCb4p^C`@pNIJu>>H zr0Ol2xH$aFnz9UlNa*7nSdC=!z1klO!zQ!_O|qovRq>DSTeh#E$}p9uWR8*g2Vql5 z(05c_X=%0lbdCNOW)mV_rf30}!^=kiwQZmD6<6UmX(1mTp!NYmJ+%$rI~UEzyrLL5 zckS%x3)?=lwj5P)RsXyslX#xuA9s5L$(a+sHa>Tl0Fu>uuuPH(pXWPnqTX}2Mf^}B z0m`ES)r^E?7=u7_cdMGIx-KUM>kCPjj68neuZLOW%x_R|_u|d4O2@@!m>7w)7r96l zVIPpMC?qSgo4U9rV6}%|?jS(WWc+fc#rIj{i6CQR?qa=C?Fl>lpI=)q{;sVRAIrx4 zjE&8j#A}_Z1EZ|&e7f)Q20+(U%*ZS*8>6cJ`k(zhR>lcW1L?qoN%x}`Ffe!S9l)Ns zD5@B|Jzo;FoUf?H>K_~&1obPNrmR1Bv_@V5($j-&2Or{J?TG~F=&~)J;1iQeZ88uw zkYEB@$jjQRDjcR6@u?~$BETVs4Q3VYY_@iQ3?9hFqstPEjz6L((LEM~h+kzY+YxDXwj#S#!%gEwB-vjY&gJk<;2< zmkp@s@6TKQZy+zF5n8cF!%Rbzj*&_?&8Piw)G2KcWiY|)vn5x|0@JY0mzlEd8oB%< zF%@;1`Kq1KQB%ELgJ*{a`E=j|;hA@ESzpEMP0DjTk~-N!DP%vJsNdO&B4SQ7!qD{! zzT@f%nUrQ@tU!%#|r z5O{I-du$#q>T7EJY&Qz}_4DN0W4)XDV}A!d0}qBmSsiG&XG4o0QR)<`{kCy)J75Km z0LR(v_R>7vkEk>YSTEK85fzIExxbFR8+7)sbY$U9I&!_vyi~O4pbY}w$cjM*Eb%Um zbt+jU$5QDS0l6(8w2eOKpN+Pfh{El%%pzC->y3L_yOgv3{b>$WL2~sXmBxIljzm4Z zZ`xhfGpkpo|3Hg8?V;m|>p}#8=vd#+;ChGGq#1q5eshg+@F?E>nRW2Fn62EZv}9UJ zA9sa%iX1N?YhIk8a`}~Xfiq3UXj(kHmj!1y5l|VBe0DO{Dd97I8hzyww3&aho<-Hq z@@+_<{9#k%WHdJ`5sOJ?jt2SFd#UCcBNn1I9|rnAUb@IZATiDOdFdV~7P8lhS4<#q zdwFqarYC=NaTcQG)tpXCPz+R8MlQ_LO6tLzF2~o$mP?PJIFkBJ3>EbLUZOXr)l$Lf zwC|MeltNW^xyk=vxx4S~1RIszoPjCuwQt2VOAC-}c`;-w!kn2>z2WWYe8RAal>%Lz zd(P#-t=SsTPg6W=WoyhK3Utc>{x-(w@p$QTgIpw7rOzLN zb{p{#W=Y=l`=VmQsfc0~^r4f(RUA*hNwCW)>BnAQ>2!|rL4-!ovB(m!q}0+O zxhw;xHdoV1oJCD9WSK)N^nmG^2CK;L3VfWzXJ|Osg)u{S;@c)%;lj+-Ih~ZH% z-urLyHym27AxXlH>8X%e8<*u!4w!9aaNCO~+3)MX53hZPV6Kq89kv!iUAq(6taZJSv+#;~$d*XCC!an-AGYu0L2Q#U<^%49|#Z>jN*l zz$b=?-4+3jbqc#w-3AL*rnlt%d)-8c*8=~*-|&zM0OIc)_GSl&2DNiuN8>-^K6P4E;`6-KaqyxMB6RkJe{eQ9o8ZAVyD0B`Djluv zjydc|x)d!H=b z(h6AamT=P+nOGD3MgDbTA7OFsdB(5s>{PI$Ib<(x_VL1NWX$Hwa2ts`jwYv^{ZIA< zfodOZuas859mahblMQF78-P*aOw>nVm5OOzHG5SZ;jZy6^oG_MAWiL7 z51MDPQsAIdlkoMWX+P*>nk;#rL)Y>u`XfH2L@XG@rIk|*{xs%G9v>~gX8+F+JC}8t z4`P!p4PJAUYc*aCnR%V$-%)230hF!&)7{4G;iV-*N_ zpH#F%Q!N{W?RWUWo)&j@IdgdJPbRYI&mYAVJB^72uO?R-#O|{27T>z$5Adj^Lo(9H z=NM}kCwZ|iny=3zSw756&NR7bYp+2Uey%zaXE?4;pn|U)|NL@>5j~_G? z^=3OhSz;4nI*n~lb4>!!AtZ)mD}|TxfcmHt=DNPd_^#+2wRqEPjca&mZQlcqnpHc> zOEGEgF)t)O6emb2)cZZ@AH6T3Q>Wz74 zJe#$Y(Xm}I75bCjtP!NnR2HFcJiHPq#a88>OgZZxQx6^Q($p2Ot0+-; zf7x9)cjJlqmqia|0>bfn0S|D!mF6BMX?I|)GL@jkQ|PQ^g(kARyT&X6SY1F0&Rz3wn3skp{F|jJm2G z{my`P_Q8082eFgyX_pbAsq>=6k|Mks$@7W=Wij*d8s>T_9#25v>SNJ+T7>f$cJ|4} z$`$gbh!=a9EQd|-o3qf`p=M;D1}9^8UVrRx(?I-UZ$Ye5s2iIKq(MqA#XEHH*Y#VG z$(6ugUpg@|EcM`>AoPX#QUssM46Fn46OX8r{CN9wta*U%hFxR*lxtjqWZskTjs5m>~2R#w;o<+DfA@ za48m-Fg?+{u0-_=v|_QDLYzM^{g>Z;6-v}t*L2={JdTHRPa`(XC6+s-;?TbZ9}*Y} zd`hcMA@*@&T`>uvGy_thaXi8#Y$T(dXdlW&leis0hPeyFNg|N-&1l}oMs`s)_>`H# zqmws=A6m#GD4oC_c#RZ1jqBq(&m;q?k&sp6FMkdsHv5CpLlH^|Xi_Pg1}lK~l{Zx+ zB6xA{{E-ZvENaET{%j|Xy*t~okKG-;{ee*wkb1}s*&f|TW-I8aY_smr!=m*Vs_oBlkpOz|JI3j zg_fi1D*uEw$07e`!M7Hzn@h7`*eu_M2rWf~I_%eKx_RJw_}dt{<|VQUM2rPxG}6Lb zF)?6GDd>FpiOx5{-20vKS{wV|y-XBN7^kf%V-d%5Ss`iH6p`PU6iaI7@pNgu@=1Tv z4Id2fKnAnx!q6|piYg9xiP`uzt{UgM)^fbl>*jPNShfJWn~(=+zy2#k6C{V@Ga^Ev z7@|DdXzTo}>rN=6pGj*VvB+`sr;NWKw{}01w0VC`_W?5*2iGipY3F9D?W{AC*ev?& z(^+XyAYo&Ke2huT0*~O59EeQ${dgi=9ZEVr(PM0sW|UUpupJcY@&pHGnjL5d9#6J2 z$!C0VCB4(`aaxdNr}k|VnA%)p{Pi<5B7?gPXNo-k!D}JP57q5q+?5U+2)(t6`V`6zLyr5Z9JK0u-Jv1 zS#IWb%n#9Av#ZkE83I~kt1pMNgE2ciDa8YK=plqFBGRFEZoe)DK3RT%9cofyA+Ao` zU}wKl%h3%bO7|#%-c8V(>HFQbq%*~Cha@kjlY%`n;^T#xdeH;z*<@**YK;7)MY+4m z`Aq-k2F_mb-uy*8Z=y<0fFNrQpwOLuR54Mw55g?? zbvtZNX59mHS~s8WIF|veRsZNToUhv&19@5?BO#sz^<{72*|d;%0YjtqVg#kAB^R&N zTd2Pk%Nzq>mXl}v#+i_KRq&_%+J8TQoPc_F>7H1?=E7vhffljZUp=0rLrSf?#C-C# zO1*{ow2oAmRlmfoWIvMx(s|kON}qo-r)_FKvUw!$m3|Dd|B4XTY}((Zioaf*J3q+R zj!$AGOpELpD1L)(2%0lqsFaa0#T_b8?*>i5q5ithNt*xv{K%VsSK0HQRSt3CcLAiR zPuaOyE@1@AZEZ`mPaXgb#ZSwj2GKjHkU(EcuDpY5PE`HGW?|WEUVnYwV>Z=7AYW@2%;< z06X6FvPfM#%W7+-w zi04}5mPuyD;MduJg0mEbdoPFa-GFRFM(H&r1lc7@wg&&!9i~0R?ku<=)_U2rZ!xu} zSf{CfiZ^SwJc2AQIW5{SMaT@1&efIr=jbvP|K6~^Q-O|KGwbEH)?r-PP`ouu+CEHM z|MPjO@8|rBjrktLz!h$~Vipz_ob8tX_E&+rpGvWuMh;YTKdBMdbV&tOG(wP@ZT5f> zOWZH2^!X_Fs?GyI{3CUD-fv-Ej&>pQJ4b<#P>tL}1RQ=|G8@=FL>w5!2XF&WKD#@% zw|xMh^!Rz7@~m|I_92TbAh`C%)T;ufYU)%F_=gEUhXH8~^uJ*T_f{FfvL5Z_m0Njl zdBc13{(X3UH3T*=(5$B9^uLVC1pECZ& zw-MT(5KD_N7vWD^m6Jn^OsnAM+30=tOwP)ol8Z51NI+)(#f#NfrJdeJU*fvVZ(Jhm zrCmeapG(fHOsg~9x=q)2@H5wGi35vKciA@HHnB{UzgwBP*kmb@vfiOHZk0K zZUO>TrcDobC}b~-O$o=Y>7>abba6NA&}aWcB{P(nq;IT*Wuzq;0)K)_LP_+VA( zUDCziLmtMBKW~g|NZWZ3eCUXE9eMz-4hUyE8Vct_s9wL9JEZPFvjtW( zjStcq8YiEotyY;x{*p4u5M_E};T7U;{rjJd1~f^v;b4&SzuKgKHrVsV>DMpFAgl4V zGtAwVQ*tYn>y^fbL@%^jUdv6{#vbj>b*t&H;;sEPFNx{WueRYX{q4K5?7RJQw2XGi z64F-bGK@LyH%T_to%j8X3zbG?l47$}be66jD{! zqavI$nX^jrW9MqqJZwZH|1S!eA;v#m(<}FyGQhS~*SJl9sICxO{dQ)77;)oOGZg=> zO|nizRx+`zAr*u0f5hd%>rI*mtTZ{(=}Q$*s~t||2rhar?`)X0wbobRD60|Gs|IGXHl z&>--Q$`Y$DDWR^~%}-a3YfAI6nnCM&Rm+){qQl`P)N)NH42BC>JSOfV!NUXG_{|2bPie>VM+iSbeV*W-bxIkKqbSad^TL1E;~m@2fGIg#r3d!~ zwz!IySzY^0&xx&aR)DGv8XR1?UsPr?5t{KcamMjGMuI?(*926TP4F2b?p(KF2>LX8 zbUg94@W<*Cfg6JDilx?7CHc;w4j7{l<(#Lw-rkcrldV~;rg7!M<73cYIqR`Cv7EuE zF&5K-3Sr>`#ZCd2DbuN-4*C`wP^ntKe_YzUE_9+6Xa=Q;MY`B+*NBC-!a$jDI0r0l8j<+9e95FC_)ni z1(p7y{TQE>WnJ5Bn0*r1=VnEjwQ1Khu2NkFfx04wb*Il4 zyH;<14nk0`<|Neq38_XDQLMG2(KyCBY(Cp0nkT!Csx>cu@x{=Ie_6imF|YQu+jRL% zXPUtn_)dti*w`Z2IMmp4ufIsdsL86Kc8tB|Xh&7E);V!-;Uo~WklsN%R}F~8udRwL zFw5|CHeH^*d2JMZ0wi=#9iI*O4FVGb>?K!R9~Yt;e4wuvOkM|7NEF}Va|FTdAsNsO z%(eb+7e!E(^*%L8<&__WK`V{>h+gP4N@A;*eRg?)zo3Q0vEW|TKA@uZBv2jhs;&2yQ*xz`%2Lb|dlTAtAad(;0Fn~&2)SH2e zPxf0yiDSGW=g`d8_WdS7j9Qi2(L5sxT$<{vjMCfGV&8M`)5eD-i}BFc=`|NwEn0zk> z^gk^B@ZYErrH+wZuvzH{R#j1<^S(YySa6wB6m;JCut;A{CFJrm^2y5&Ln%B6jvD}4 zzkv4c*C~uzfS;c71IA$j0OFDzy^oHL{s2z1THW@1LzR{u;QkF+rh<6;pHQm{FFbrN zKe|&BcYjS2XWQIno7$!=aNFY6S^ng7M#sVW z<#K9N>X*|7(+D_1eGkJJoNcwbO*ulSp}YDQ z>o&bFZP*~!1cZY~Y7s5no=QZ2Z3d7jhqNcu_4L@MbY0V$L9=~_i;&vFabxgvs!iit z&`{5#_FV5z0CAo1{-Rgx51>K3vLz7&HOG6de+(g3)GG}Gi|-DMHE(A~RmjNpq25r81*4>VZFP|4&Ypktu zvJ3$&-n#nKeS;&GCR$W)lDuu|fYjnjKkQ~3_2E@d_dq;{7@;hF2+H^?tE81)m$%Xo z{nUqWJF(p@+vuPmGbl^ZL`+Ir za1VX(!w5<6^Dgr>+sd-}C@h;_VmHIMsa z*7)WerP$L&3r*`A-2O;+x1sGY$(#V^CC#_IdB{ERCRd&2@7{-mQpgtEwF3tRP2V>p z+mX*CcJ?Pb>3Dg0jRYh-1HCYOW9-^Ry>CRmDN&M7+1K=y+nnx99IeHO!Ke-t{d@RK z`s4lDCF--T#UT%~B(ad`I=aEj=^|)vn$>2Xv8Acq{}7U_)}VF70_^a;p4$pKNuwE1 zhr}Vcqz-^HR`7$J5*r&E@+pA17;uf3zEOB%iM3sBP#|F833!-G@cxVYtEskrK*(mn zq;iTCP>0CO0nT!Ez)L47_ihsPg7V$NUK;f>ZE>Nd%Z*eMK9O9R6$^Bl3P| zia^fzTT3XlM?onOC**%ItRu&$7w__F@c8?OJFh}+9|fL03X03lI*Pi(HAeR?teNx6 ze1_J~rG=>h3$D%z|HN=|J*%8nW!n3KM_t>ea>4cj`WB48lEWj9p*=xq{0|?v1n*@t zS&=qN3O(6ue6m+%87XDw=2$bw_TnLW!INqB)X=@S4#V3kT!&lSsR4kckN**-B@6N~ z?uq;yN^_MINhLJ-O+M>K>-<1jz3OStRl7_uRgLy>?u( zarxSMXvr$wQpY3zp?x=RvoU29j_*j`v+08ROYr%j2?Qt@L6|c$GtQ5C>N>u2xNeWh zKv7E&U@mg<*RSU6g{NMC!wU1*2cH<}LB^P&p>tB*HB^ zN`T)M$;T7gu$t>>*`NDra?iTK}Ps zsAi~yj;@xekwZF1T!xtXSDObmpnVHXIA`Ngmn3*?9dV8b!h5@nGs*EE2pCWi_8Un0 zWe3s)MPfxbty9sYbI%d$Qshh14EwC(p3({FV8zPB~xk8CdvR(3of+4RZq-}x~XPiF(rasDLf`>2rk z0-E;5{K&Gvvb~hMwbdNa)%7>%<}T$irOJgBNB3b0@!PLGn@lx2i&IPem85#{a%;Dw zVuOVy<+w#reW@87Gh|Ffwlq9qlonBc*GjmuxS6`s*cVi<`j!Xnxp`e}XR3O$xNFY2 zDs2I+^B&k`KS#q0Q5)`9=8L7gaBh% zu@0fgs$i}vPTP@8i5+g6(9%n-+4T;(LFhY3>XA2=Kqx#~38jIB=Yy5dY|-G#nthNYcCn1gGfdX;==ODh-NTh-1WBs{ zj}=-cl^?<`uKI~qC+&&G{g@b9=XFJ%q}Scv1vK%p@8)tEZyJLVILEW87->46JgZ% zIt<3P86iW4hc3%@S`!ej_}~j4_<1bW<15(<39F-dU@;tiJE*T_ft1r-bimgDH%Z<1 zrFd)ztPa8Ro*Mi9_6x-BqX;t!9iJXky;z5^uUku?@27nEq{F(34mg^wr5@m@?bsjA zR!aIIG)hGT_{fKeY}$}uX1!lnw*gV9KtO-?SyhX9n@FuLCqN5hjzB^@uR`&qMZHYn z`tnmVptMXz^rB&Dg8c0nQt)9w>Fo0bYTNsifPCG^k% zAsB`u?j-UF#)oEtRbASAB*#N{a0P<*xQloVLHaRJ2IV#qNy`v1&l1EfySVwU2{(3i zIaKIj9S~H~K9mv~h& zjMr#b{r>rw(#3Tq%Ygasygsq}%Xg<*7j5^~V$j@af}5xepDT0cAk@a(hvOj!DG#JE zed^0XcHTr16BmZrPlE|DqHJb{ez=Z)E7%eGgdbO>R-t*A!yI zo)nLK>ftoU#DXm^(dO`Oi5^DU|3nKtZ286iZd}zWhYhr%Ml(rkEjrngT`qktZ%c5lsX8Z48E0tj zCfm<=T+y2L-EE}^7--3)$b#j#AzoS6(m|31f>N=;{d7SJ^=Z1xGNIx05cKS(KAVNc z!c1&`@_8M>LMqXXaF3- zE_^HafuiJ{7;vPT0V~uT4uQ~9V!!3DC=gjRDL!V? zvl_M*uu`+qwptUP6CDX^qq+<6Xydx9E^<}e-Kq=Wze{?GPV%wf!!^j~C)~6(FoU$W z9Ec{&u=1U@(CVotqzj0p+yeUPoIZ!eq9hUe7`kH(a=xYrXqwXVEMc$yIXs+5VN);R zY#WAzaW3m-gj`(=~;`37bkDd!1rwsfa>=z7*W9S-UX zT07j)*xk|#rlp)0%G&N=F!Bnef-T7(p|D0q`NW?gxD?}!%ZG=QDgvRL_zAIFM|Qo@ zRHu`@SCr!VJ*QV(X6n;DTiB1+&{l1~ulx<{=ZRGL#LUa$G!Sl~c++xNhezCF?$)x# zMX;llwMtS3bGJ*j?)NG<@z+SN3*dZ(QxfL!n%V=%?O&_(REl9zWxx-33khjzVv( z7@jvZ)p(a2vl+7aX)}B?ax>c6FBWahJ<|08W1)AL(CVePe)eR*6r-Lgs824fa>fbK zEO0!=tUClX%jy>ED*8OydJ-f0JeHJ~UCgTNac}e(Em(@neD7;VHLffEpT7VC`fPay z(e)^oVcUo2kFe#H-x#scZoi3D`F0M9H_!-Us9UlRrSu%EU~a;~{NFD4e(!_3=eYlA z)=48@>bZA#KSz+EpV%u&q=#;w{OHGg-6C^Bh?Ii}5or=afzNFUacYI}XaDSFczf zwUbgywLLK}xcMCu)+-eoXwnJ_$EL_VFyZ;|9%#l&CTVo(&UPl`qr5|aLUSIZ`B{xS zU5z3qBT~$)*^9{~2eTcP66%2{dSXCE zRZdPy&~BCK@S&OANh5qOMtrz!6*nRM;+k%-dkJ2@7Ohrh85#9yss|`DpQ+_3sQ3yw zt%TdnY9)j%Phpo?-+BO-%-RQHiy$m`Wv{(iU|$uABb7ZjQoc)D)4gb1d19cjmCZDl zTz;%Wvk;M?aWzMk7-4et*J|X;;>^hWixF^`IOORZy7f+2zB1QR-ht0 z`|WeNp0vTZc2sHNa5l4vkct@$o3}vpo`&8m?cCF)cgM7x*TBh0`rq$yLMP{ORs zA1#p+2N@l%b~BTS9|YUsttFS}wP-;t=rl&wQnKdW3cr5;J`uZi1ed16-yan-MczWU zfK}4(6VgND@hok5G{UVTTW}e{B9s_@VI_}HW$sr#A~C6_G0@?QRKvuoQ2rdU88l}k zx{<|=Jz=5oxE6VXj#k1i(NQcZi)`2u#Q+!u5$c0Bmf!izJA$uINK z++%nQl2Yewd316Nwn&gTi+U-O1L%@seTbNx8M?f|7uF5Vbjkqj8J=RKpkiO(ao20KF zlGtdkxybL3(uC#6x-KbX6IAH(M(@RGq2kSpomT(;b9*kvxq0Dn+5c;9{txO^XG3u< zMlhw?Sqki|Px}-;rw;mi=3j-~D+Tfmr$c6R9mWeo4mU??OdRj1SAc8!C@4B0_mqx< zT+R}Yx0I0w(BLLPZ|{FCdjH^qp4uYao46!#_b*bQNh8bXqj$I53fVO)*|qMA=&eKN z*PLyMH{m~mJ@NCfu|Dl)(N>y2Sx`*5`vv$*Ex6{XwdSeSzs}dV`1sBj=RN!0e!2eh z?HKq+^nD_Hy2Dl+foa=%nTNL>f=^T0`$#G&$#vd76tB17P+V7>WeDLw;K~!`>xfo> zRZG~PHNmj|)Jcjgg#E1w$6j0bkJQW4Dg823!D_E>z+hp2mY9wm#k4rWBh32gADQ!F zH?}Mi6PXc7VneE)kHTORmo#KIy^|?|1i4RBFR~CU8r=w2|9t5ztojiCT#u``$QQsh zIlL0$47;R*EGe}wJyjN3xaNv1nv_SKpyhjSI4n4^GR+LBq9|*J1m#Ynvc%V6Y8-pz z!cxev7n1}16?&?=VIO}y9BQG|?05P*srXFE>qYht_7r68S9KE_ zUDg`s;Nju>WTWBOq^o-iIw^kbqWGjcqXD}Io%p62rh$`oW`x0s@@9Qbv*!8Rhld6B zk~m6e)xg$pykvP~jQAFn!mJ_eeRzS;vt3?08a95Fzoji_S_>$|x-luI-l7?U=_1;$ zuHld4&AQc9A_P&5IkS0aw2rcb6os4u!?^GcXRRiSzuG8y>pahZ(4&3aIhHN1nCvkyJoZ3VUw((Us7jfpSK}#_uoN*$-48v-4{=IO= z;nQ+Y(2*<=Fllt&gK1A^WvQ8DKPi`S)Q*z*z9eLX-6$bF6-M?F*B`mjtt;4D%}&gT zS_|Ef3QZM)vG73;#4!higGRmm8re9HgBdy~YOlBLQ9~a-QDrYcy}71wnKpFT$_m{v znA3|EK6*n1ql=XK5%SpP>~!>$wJ}d*E%N1`f}Cg=cLD0SZ1E%Vab%P>m7LexdsN;h zqda&!zzM+!8rMmfLDLhKf;Fj6@Ko4K@mz-T^-TTC2)$Kl|G|aR2N~TJZSWyx`hj zAe5yv9HOJA&)yj$<$=&;Pj?B*5qlCr(wwUFh`Na<<+CpW^m+k(+Na?toTXU6>}pu{ zar@p}=700OBSVyOJfS;kI?=%K9zsP~1y;Wo901BHc0qpX_ih{67y*7M%WfLPY{fY% z71652%hMVr7TO$p2fwYOqhxrxJv2j3<8~f(jsc)%A9k_toTaxte?;dji53Bau~)UdUxXmguyV1pBLkjZOLu5cIDeUluo*csTuK z=V;}Zz!N?Yw^Sk+rUMTo1VF`tQ9xWd1pI08@H4S7)2l(IF|a^urrcJR(gYfx7W@xw^Bq{1(Pcqjz#Z8XJ67I9 z<4)tAyOisxsvTYjESZ30V6r8p)A_G6d~!evUyPM0!vR*Td7O0m=EQK0Da|YV=KQnl z2hcB9*$#2s9?Pw?TlqUF0t2Y*4pu-BXs~SG>Eu|;SCg|caZ)HD_7H*H|y*7pEbXhOGo z?c!3~3^K?{uS*ASgeDZ>#RT7MKQ=Wn*}n9>yUb6I+5B<5=57G6&MVP$%$Q)&cfe6f z^fe`ZV&@%7`V=L8ZIk=)M-iId;Jhx-NxCdGW&oN1i^v0#2RU6w*%&HTM&NshJ<-wGWXH=^wjpE*1%@>=6ChhYA zQO@Eb)Hg$f>2zI^ZKar$c78T8bq4JyR8CnL+Jj=d<(=P4U>871H&rq?Qe6u^t;2`} z=Jx&-0w7sXwLaUO8Ef1Xy1H(D5OSsLt7pDGgP%^>lgrY#_Irs4&Om zOE!4E12rCWM@Jn?Na){_cWty#mlEH)g(U<&d_-YT7a5#-Vp;m+~T z&ocF%Rs4IISjb`EQ9fVmjY&!u@z}DQ+ls3YM4y@)MgLfUFZPYqw&k|gnZskz3(j_V zvG%Um(}dH7`iya2bXCjS!NDPT?a;6VAqKrVhno&%UHvF8#iQMt1$u7aX+u3$toah; z{38zq~N#DLAy8d)IjbHtv)2sPKjpdY*nC$i0 zo->ZP5Nqh^*x1;K3-Sts)(~BD=NTu>vEAS;gi-d#r(;QAmNKrfVu>$>ls(-I4u1c( z9q&v8kFzcZA%FR>nqs+LrJm|T1BpYa0Mf8r&*`J-FE{Kg zE=h1-34YMX2r_T&>5m1VTv8XkGpk%A-TmTCGsLyvJmp5U72GlH0T7XRpn}$%q=a#R zW90W>B^KxmwW>!XNCRG?8JJy#+t6+frxgWq4az<@Rdt=GAL(@Yaq=<(`$K@Jr%6X6 z*3D$G=F^DBY-5JhlKk^aptf~3iZ&^yDz;7U-E)C!Tm3={^XuipHy-_Jf;^DZO{;a7 z)lG#Wu$$AnHX38>P3(v_C~8D8{WyKe>K7%jB_vcaHfFat=;TG5j9iV4tr4Z>G{Lvo zr?<_81#pkBeH-1qxwqyXDLkRi9g35j15e|OzD~gxN@TR4={e9+)WJrwN!GXF0m5}gH4%?P`r(}K z{mw(^B3;$O2yi86nJH_d?6(P)v!LlBe>!;;{6404{&3iEA2j|*KG$(f+tTZOU4b&$ z%{wF-An+Jm2iZOBquV2GM9=;SrWJ!pRhGI8XE#TsETduVU{CEmh3906?&5(ljDI> z2|0~VUF_K{h-gVRjdwZw2%GX>;Q3|l1ADQFh5#yVBqwk8#fHs&i)yJ;{J&p_O}2;} z07NBNoC>lDL>zCN`w7@7TckqFoxlQx{&)VnByg*1#z=+!D0-J6+L*9VZT|ZMz|zNx z)H$er7&bQmyPqvFP(To3V4EBv>=v6oB+@|hAq_o z&-+rH!VDVY*(`I`fLE+l;4W_wX*M@-uSSvP554Vjq>F{mROO$tN=)0Ld4LANXAt+d z4z~#=S12=2sm>_sG=43@Vh~p<6Q9SUVNs3U%}|y@+g%$awbL0-8=TpV+VWWjEjLNwro3$libKi*!!fg%ED@h4+rkg z7=NNmI8wPSbE{)yHRY+avse}lvE zQ;~0>m;!HR zxSdYB`Hei3&;!ELKfuCml8$~^pj>SF4w!Z@ThCUHUI%;c%+;0Qk&Ie1MYrRz9oTvC z=YbAGe=MEUiPx@JG|5~i?=Bq;%21Y6=#Don;&66PRw$iU;zt*LC zSqtyw;GV0g*dUmogqxj!46^$6D5L4aa8#Y#-I&S6i{@SB<2&WDKMk-OR^&@)Lav2J z8navR8h3)29y|Yh1RU6q7qX+t)7@!u1^qbjN`^I%G%(^ZWxVK(r_VSrxwj8Xx`H_ z;z*$cgt{iH?hl3WwYuq&tHkhAcIb(_j&r(o__1~m_)#R#>@jL%_Es);+vvq{gn~R1 z&?7<6BF+#-#e6dxc>c!xBg;ZK<6{nKX*C8?9t-S@^bvFw@ih5gsORC9Kd9R=KUw%Y zzw!X}7W<#O!~C1ml@EsriQ)PrKP+)cI}e#(Bl#h}x`UMMFG0VuAz#Xn%-`khbEvIz zKx+#EM$PP2=JT-)ysOwe?F=|H^0HN_RwnC6$I}>~gRRr&4`NWyn#4(T=9e;uyP4su z_Z+#5?UMq?Z3-%NRTIr7Fst_iD{d97Gmn>rSG`KV3TqxsmQ-yJ$wZ%WU+|ZMj3Yy{ z%JeVqYpSE5{B$qX7!}e|9_k6Pa+{Z_?#2Dvq0}Pk-tPMv3lTJQFcReE?3l2$*7(V{Uz3cvam3yGy#?C_ zEgxDK!c9dyPgqHRW~uxF%o*m*Z;rJ*p+?Ay9Ef!7Q#OpBNp_>{tWn{spp1Tyc%Aq~ zE*CrRvLtfrv+1_x&}$SLxZT_K5;;XFq+%0xqhv?_2qsO7fh~G0U5s0@gMleEpLqAO zmaJbdRI1CP-$yyelVj^O-Hx-A)_IU*(@;CowN}c{Y@Ay74jEBTw!@6VRs-0pTQ;yx^Em)y)81i;eN7!p@Pb|NHy=qmUGJo5H&ZEO1;FTG8p0vU_6v@zIC4JJK6sIC$+3C zZZzi|8{Y?#Zj8GK0z`fWvHmJ3Rr@RbX>e}t)j&f7fj`IUMMtzgVU9MFpRZGpq8-o?lfJZz;5fpE0XM;Gv=Ac~Uzq1ui44d9y;%jeU!u=xcsf6_b2zxd?lUoH%9od?3qI0`%jh1N< z^9A%JyK=Il;jrxUZ&Kd|9y)KNBpLige4%*f_*G0jeK#se7<1Y<+$xjVY$mWWKV?5x zP6*09zJ^73Ajkv%YP5s5kxCS?dmVaPLxYOFk;A@9?~CI+s0-1hS+?u<5k#{ac#|(5 z0^8oV5Jf@ZgcHi(=)H5(MTVQ$iNYBPRrZ3fOC=EZB*d8dRK~0Pihfa(#LK=n$=<7? zEK-EBT%VxVqdqnU=YULJUf)X{-Pkf~Ks0juFqQduJno|czNed?5lu#C46L={<+omNNiVF@Kj5%aepMcwxWrLq3pE6llJU-$!aBbnWNhA? z&xkvas`n-M%ac61b6Qgq#m)|pO8iEc3o@8BsEr+*RdREf_n_t_a(T?tA8~5--rywm zHr5*~%{108$xo1sQ&cyCE0O&K-?jdv+ehb**mUEv7`Q+uns1>J5#L0{9Tp(wIko z6a+W2+Td~p7M;n`>|GLZjfJ9YJFcoH2eYat8`3ib)XRJjQOpUo;)vD5L z2;L$4&9WyR;=Wf&`;p}071kT76glJnSU7N^Wd%k{_5&PN{I&y`0qUD0GSco&T{KQo zL8D7azZo&dQTh`yJF9xKz=-P$nU_A@%`wdF`fN=m^^M)aI^Wv`Ucw0{NSgHy1&yh2 z7fq>hdxrJiDT-i~;A}WshkK{(9KZzsyl0$0lajCBd}_hG>pZAON?*wIe4^dstu%4d zztdY(S~yA34`h~duzds~ZM;U}Fx&8W7w&0ke{ckk%INb!N8)mGwH`|#W0dk4A{%H! zb*;+v%?jRvt*v%Y-(csDKWWky?()V`*3R!%6wg^0woE#>5g?}ZXIa#zdtQd*#^OnD zu=UqHq6xlZ4^wcO7-6`#)WDV`ywF#Ayd0$apNwe!ohbryt$$Pzehl#&;uBOij@Ia!*GOJ1N?dZF$e=~gI-|y2u16fmh}g} z_7Jqa+e2r!*Wh*whL3viRQN|SH5LIUzgP##|Mx_@$~D72N=eiPG^8h^M;N51T*;y+ z{`)WkgS%Q-rhKy#G!DX55^l%3LAKl5fpbUvOG7rSfWAP88rndHMbM2mDNmn$0U!s& zBdlVu^Cugjpn94av@P3&Yqkm=& zGq$%6C`eZXoW>RGgSzFdp7$P)`_)&|4~KD#lk+yHxT| zK(ab$T9eLKTOv}~HAHk4*`Z*yjBr2%Tj(DeN*G{o)9HzB5if1ru@Kn4SBe7`wOTQ+ z_siNQ`=^0bBH>f~I8;1JIsj6Z5fc+@#Hgxu{QDL^10tThRbmojc+~wI@sxoced2!4 zYeB{^(W38jDU+x00%!Amsa9@a6X?ZiI>Ku0*Io;3&O5GyTIKiotxucq*~MC=+o6$n zM#^KK-hVEMN(Moy8$Si&PVo7R$-0~Jzu%Kube;^9YrYPm+3-IUeMn;MDUT8%f6ytU;P^sX7m{T9DD@u ziz0|$GzJBw!|;r$_IZD?Ue)WKNGg`9k3&RBI8ueV2R{qVKSU_ESSK4?a2QZs%Kv;SCOO!=GKw$D)=9HeVE~1YO*ZYbv zXV&xGgKke(1oDKYkR!&mfLXJjRxE zMG*K54qLTj+r_E;3@={11q@xAhSj5i5`oWBQ%R4&_yu6*Wjqwd!Jp4x2l2#fD*+8<`8aMD!bu;fMd zmS%-}1dq&Vt~y-7GTh>+?U<*k-SM8P2Kiy{phs|vL(yNNFuc=TdVUu6Ev`4|?vlcx zG)6;ouqTtFjqQSRqpSMW8oU{Hu=vFItt$eYavChO1Hl;etE1v67IS@H=IH;!)?0@~ z6?I|XbVy5gD~P0`NDM6klG2SdNC|^dYv~oM)g@L^7dTtOELd>CltuKS0Md_88k#XfSqZS;lks zo9l=nC)8EDgdqF@8K~NGTExj#$a=QLA-C;qBv473P!mA|lo}9+pG8dYHicMtDjsyT zcaeK_A3gx5mCTql_fu1sJj8KQ_gr4gg{IY?Pi)N=B&2(eD2tw-dLLxNJfB*pyLBG! z__wgs1toZcagI?8Qjt)q3c87L=}71=3ZyKCz%8!j$)JvA_y5Y5KvT)H=k4oH0zC~H z!v+D{og(8;;bNu9UdqMsNuKtC(H|D6?T&~+FATJ5ka$RLU2YQtTD4!KNQ?{ri{Gnj zRlTeY8{x2WL32OUCnIP8J&~p9Ls3*^xywuddbSNk51Yx4XK_cML;sc@$@4y{#D+-u zVn0B8q%M{;gz--&2?t^Fy+bAfiyI08s*_FNSw3Xr8Ww z6V|chmOotU#m+wEZ9``;L5HOzs;=QgG1 zReO)~Si*UW7;8cZ#tHRiUwXxtoy$)qet8cs)&ku3AL#sh)&r?ltzT2+4#snQh>&K- z(48qQ6M+_yT%uOL`JkHsOKb_xfWLpblfPQ^l1`+jBFCCOh*Ez9F|^O0%S!!z!92#Z zLC@9fxbD@j>c0A7?8!#=hDA#?eFx;m+X^X)P*u>;ca!bk zJW@P1`%uUI=k!VQj|pe=a_t)&Xvi;Yt9`Cqm0$QsCFwr(O~az9;m}bPCSn0vbh|?6 zPBd~Vw`V#xO%zsWYoG)k3XkFo2R616#FeZq;wGfj2q9aof~{>YwQ(C|G}>T;DQh~$ z^or7SWTn%$v=j33=6Odz=DpdmH|>b8Iy5Cm^$#^UkbnMk&*tPkME){0hjA1WP7Hjv zU^NuvO`WNC=0pgZ@PGiw%At3To;X+(Zx*2q09N|lH-D=W`u#np(pJ?p@RR3f9z}7I zPRg3j*8ggXp8_(7VYPMitGPyH;I&%o1n-EN!SezZ-%0?7h2rF?(smk0_W~lyx>qEGS;zc*lO@!80&XqI5Im_&uTyVUUke}ruBMPODkD<7;HKwmQUF6bGQZ4^QFz#zu zZj^J;N@?0MDjGtSysTbHL|w7KpmvXv0^sUub=!0%<&2O9IJsmA8B@$i6Xha zLl>!4a(sstnp;(EEBM}Pqm);!wW1T>Z@p7%!u-3rhUH%DLz$qK82>YUM@?mI9Jl9B z-=Eu03QJVIXp;JW)CD$OwJS_7^L>I!VE_4b3vnLI{n}cip;pcPI}5+5$X+kU69=*e zro~>)H|o5JipDBytfq6-;>`+=Ha-;xsE)8N-n1qQ_L;$2+^lmv2i^Lej{N`3X9oJ1 z%m*1t?YEF{i{z9TOAocEVbV*B$l?d1EIrg^%5^rYO+5;T9gvCA4Y<}PzKBaZg&bn7 z&HeJCh(DM9nUYY0obYGG_nPi-JCX zOH_7Yn?{X`l|7(uds;Uz#Y)tW{sdw&)oWvz35U@#kg0S9~N zMv}+Lu?pgcg=W1HUx7(wvVQseW7)_$_rBV?GdlLfTnO(ayhAY8&(AaVakzaj8If}$ zvq(UhImCQ#l)r^M#>a$oT2JSm$D^e0gsqYyww3zV0T!Xh&JjtjzPf**0Wu<#%p!t~RqKm9n7C?+Wv;4^*8NM_NgzQz+jx&=e&o?vP9Rn*U0z(6MzT z{=QT%5OBHrl&gPPYA%s=uIxPfYCfhtRgig#l)%%k23#3sbt>Q-`s?Wa*KGqyIU;F3TTUYHH*J?}l6h zvtu0SWiMf%#Ed^7#u@l@fP7K0^WI$N?=<{NS--2}^=+rm(z=EP{kFQ*I@9G7L%KZ$ zJ6yK}>aAEc56T$0=dQ!U)_;iGGET7w?5>7hlOmryE)lE?DyfD)WE;>mEbKSY4HV#i z?*POntxx;dfx0Tz@Oub@fy<(a>6{5A=5CLaBduQ-bSL;1!z262Ty+pFXcdsk!P*c7 z_8)gXK7>x2`R`=*-}56)^boA5A3)6{s!_=^O?^S*Oz2hQ{hX}f*!6efUq)5yZ;RaG z-DyQhsydl8=QeQb@%rFW-St8jfzP#Lf)~ZVvvt#q0}{o)rWxP5Ae%m6r>nHmJm0H&$QNNa?uZ5h$`4pUP&^;}7;|LX;|gj!{iy-Cb3;3ZV|!o)tb z!2iN7+IxI0#5Anp>hk4}BV?8{RK4i3JmV&@m6EGt^&L(f=fLxgmVnEA%pM&| zQreZ^SpzX_S0}Sr&lcY^wuP$ha+B|>`Z==%3Oy?p5Y zLp%n&zss-Pf55j6H#Y|oPo+OLnFnwNIWOLs9h-E&oWNc6S(=|R`5yJh_*&rXPXajx zzt>CZ6XKq9A}W)q?^=EdL|g-0S-r;wFErUg!f_maH6(~hbu3^-ImSY39ZPe^G_lee zo{h}z$H=!1y1iexysoaEd1+R$QRkS{^H{#cMGFx|yQXM?*_P$@>Xa z44#JuYUW$SxoGn(fw|; zW#rAOtW_EIygnjRtbW5-kUj+_&Ff{d&Gk6msPQFD(ohZ1U(JhDzo?AJ?Ja{07e(A2lkTG} z31xLA+geF_#H;?fVsL$`!))I79q3Rn$_29uw93&ecp#`Qn~ZLL&wuTIiK2B$I(Ll! z)0}Enb}O(o)|`2jNa8wvDW~zOQ*6U9XrmaHANrCVN9ZEKO1L*N)aOh!D)s^6_>=aE zB)g(NR_zr*Ws(|d6)%D=P>M`YQraSqXpa~VRUPBfT$>-)HNbNx>$YJ0DPX*$CK=wt z{i;R4J%kA*JmTteGTF#`G70|-v#C^j#mH}Z>|{(mhKWOI?;aLPbYi$uXRh1v+LjsE z3@rSn1nOCRvlrVmmQP5yZ%^H+e;W!F8M`^vG#?@Jg4<-ldlD#i_8CP)AC)GrpMpOr zO&&AITGj$aEzse3SgdVeKv!3_S?G0etukiM_MKs2f_sSdGmqW=auSJ8-im%EUNuqZ zykXAxET=SWAAC;RFqQh9bPe{3b|zJ&S?IZ^TTdm9VU=0{;Z3tb%T5Tj<7Xv1>b|8% z>P@I%ocY$Z-jd5|uL2|6x90V<(f%!+f~*24RWJ9V=Z3$NlcGuco|7Bakg&>!W_*5e zpOwE$DYKvb;qKxHFC?h4j%kg$C_s1A&lazwgz!j6fc4IT5yLJE<-BW~7{XxA5g|C+ z%SXnP$VOC;XFapnp;-!93Sj1^5oFm-Do9ZIxEZgWc!cL?(+XMSu71rp7*yp_b~X?h z{7UPFWvkO;e?ombaqnZs&Qx?1&$V-^xO{cK+T^N!is1SN5#$=aUKnb=lhd4Ot}9C` z!*ewDuoKJkCd~YBh4vc(;Q=jG&_yNlWuDM%XKm|}JC*-(ZwkvsTdTsoIrz!TjM3fL z)|7w_$m$Bdz`R|FUt?tg(RJf@>6(XA5yNCa-_~qE6#1M*9Fx}FAACPeQy=CL1(pc> z@224ni`MVTc)VnEXFGE8u9*|vYH@*Y-tSzqrmit(b6um7(8G#@^DYr@k`)?U>fu0_5tf22@Pj?>9Qq&{6F{3R|u27EJm@u)hraK>EPyT$r%DufFB7b}RG9<&o zNw}_+($8mYJObk5;!-vDxb+!C>ta|SZ`Ufp2ZG%j>J#C}ieKy1cR=dmvsA$0b3Xa9 z$;#+GRbg+u&TMzvN=m>E+bAWoh%GoM@!$VsQYTH&n&eFKeSVZ^{nKL1dRY%-{*&Fs z$Mcd6F;XU4`0A_d6G47>avGVGGNw%w~yRXy&x;+=>HjN2C0RlE7Ru^M`#qWh>2>Q#)Ya!$wgfZRJTd3*It zU)6Srj7N*V3T<<_Y@g(6DLxQ?m4Cgc_Ni4zb|AyDm{@0YURPH0U4D{qS5O*C(@l7e z>PG^q!pxTSCnRlEs2592J)H~(BLL{a#XwomQg7JZbW>)9A|ia5pft#ybKw{M9Z13o zzKMZqE6fR1#~*EHE2>SK3w}0W+}_(_D04h+uji@M>31+y$(fm7lnPyg5M^s-ROsN< zxht1g`zzd@HZ-{B5KT%y^^F&FRh9pUS<9Qr%$J*$pGJMU;Dhl~&)3R&W<~e=NS~!q!7iO#D@ec9Q-A7rxN02{ z_{q)-X4DmdVv=!q=s|VKOp?(?13%{c&hL@d7LgW@X(SW>mH5{us1zT~9LV&p<}9*e z@69v)q1lBz>6ZI54DU{Mo(Qrgv6-exKn)tym{&7)Qj814^Q;~ed@cN0ukPND`Ngyv zF=Jj}gf|rH98bUY{z^#D+jqw#`uuBM&9ko+;-qnm1U-&-zL7D_Ebw1=x@~)mYhU>- z8ys}JvT#aXE4EUi{d}{vwNQ33WWSUGT3lkbrdO*epvPs;kzpv!1BdKfqu1ui z#@g{uRMMs3tCl$o|M8neR#p8et*Y8}8=`92bL+vS{bpP=^7PY5aqWw|vW&YUCiD44 ziG{ZWa#m;G`Fxpeh?uOp3bYS#J1Tj>;X~T)Zn>tk>smcy9KOUqmfT%WTHvYOFhAz3 zfx>M|?&6jj^Q6_CDf~-cyd)-{@RPLHZ0EHyR`0hQ2DAy|YrgYH^9Sqxk3|!$--=up zAtJB436LzJIIu;1rgMm4HaF3x@e5t#NEwXl&gv;A_0h%EijM0BA>k*OuYy8d2rC|- z?kgRe)x6SL+xPIg!XvKFkIJ!&IG1~dD*2yQs`t@vxUrZCRj=Y};^(fcr~M!8iB3Bn zt&lZS7urkbw%%-D;oTB&WD|E;byKl}$=}?fU-f&E`LD~G!@^$tWa3vU*s0G~j2oXl z`XXk;#LYck&UylmHLii|Ji68CLxu3=%1Ux8o-ET)OVcZF6irAIVm$rnw75{CrhAa9 zRU_RvmEap@(OI^U5_{8_V4RS;sYR6ZlSm*8>gHs3lE=`TV`+?8p+ADS)=B>&j%RmU zF$x6?6v=IfaBlNgDk$qwRh;2u8zc-PhGybd*04B8S5)N)$YZuUF^6E74X6>u zCxd7KF!RlWoP{?9!vy!8JN@0sW@!7zxD}%3!`H7|pC4|U(m(JjrJ`A(3?%P@M^27i zu<%c2gF~wO= zukyLGN~7}(QBp_S5(g2Su(QYCGhtHuX9vawU9(m2y)Gt!Co*K!`-x%cE>C3U7gc}m z7u_=2wvc+&+oqOtZf&;TF5WM$@|JQ3Gt|b6m?MT66zzw-**m2URKW*)8MiFJ&zs8l z>`gFQfZH+MQuLQ`qA}TZ&Ax@Vx}SYZF0>Wc0U-4pTyy|^_~PgUTIc{%jVzp%(%r65 zan*&Fj3@>iwkw`_6d6tpW#4asKP>(K@2P{?Md$4XNb*^L|AI=rnNT;~@T z`n>)SM_*~w)Pm#Zz+#K5=XLWsy5w{zvDYmJ8dboi0z6IyI0f=1J9X*`Rlv8*1Njtr ztWBY@;dO$25r{5;(mnu33w- zpv1QXeyqL>;KCh9MFIa8(d@%)?2LhM(ka*@z2IQrkvPY@h*1^T5Zk4_)H)lFTA>CS z(4~qdw4==YuL2bxTEhK~hIxXIJ0|Ur*1>>P#l39WY5CZuEte&cXV4hSddj^g&xHrF zQm(ih9nk_E?ao&v>i^tp1#7T6|08a~m%9YtMe{tWioe~%5{^lL8--4F+@{dt`R{i+ z8oq_cYC`#C@HM|<6wjkd^xuuCHgt7heBp`w_m_(QR3@#mygM&Ha^%3nCd7#`qh8Yf z)9=`1{>fHRg&h9`-9kN)#Kf*vq`<2;q0 zXYihzkj&i}cJyIR=QG|FMAyjZUI<3y*&U8z32tug2`Y+l+#rVo*QSB(kJc6X;*W;j zmGc{`q#b+Wy`iE$LkSDG04W(Q$MH7~cO{i8R7Idb`BOZSW%=dB)%*UTp=5ylaw4VB z@?6Hp1d7~>#bZhZ=$(ejXL@!veJ7zathI&FF`~Yd?NvrT5 z9kD*^kqCe%@T0GhiV$q-aaC%Z)z-`YPQ{Lt-AxzNUW7bgMW zv&lxe0Da0^l0{iVBY~&VxSj{CJOpCn8NX2YRrB(Q#_3)g+sA=t>PgnRr!DM3vlJWa z7yi|zS68Q>y3LU1W@Qh`c#Ge*DDNwG{A^Io_GK+6shv0!!kNO&jzWIE+wF12KEad& zcJwkv&`#!Wi-@%zjn3`S(&iX1%DY2up*neRP*W8=$+r!Zvq5#{um{l`-M)s84Fq}3 z;#h-{;}A#zWX3ZvfUo6x#tA(T!oXu?V6Bg}Z+bI5w<3*U)dgYt?QQcsT!|#Rqf6Z6 zx#0c#VVNdLp4j0^0byaSJ8j2_aV!CjP3?RvZ1(B@ z-9KFvY=lakyoD(NBE1Le-0C6sT^dd!fzi>ivs*T%*vIBj=j`Lb?BA0gWA!cG38PFVw>>y1@A|*?#G)ep~%cVri@@bUf_2>PNr|mr;NB^;dPjNnpgtt z8GH8h1UjUf_?uM*Uo`ex-w2auF<7?734n5$nA|H{*HkiTI4k}o;KKs}u(%HVIJR@z zEF$nc36{NRX!;gs>jzSIovXR;Hkb&(9Dc|LPY##u6k0A*hjpC#7>51ZZN@9YDe#{m z`}U(R`Uk$&zEGMkrnWL)#%d^nrEE;SZ|=IF9wZq|HvW=v8+whUf2leGN#SyVnngRt zpsF{}J76(QOCk*?)7k2`&d$!;d2+yaz{#sjTQPnmugu2wx2LDta#NkT(^|x=XWk=KD-fCjZ;>aT__*-C$`LDjbp`e;kBAEOrGl+{`5W!aNam_nY(C|zy^lP#B z=j>ZX&G7LO!F++eF;1q(@vNJe>=-Vp<9~U#M^&*v>nWPj{9Ubv^tOfDA3_3&AO8+Zm<& z0ZVu&8xtl*%wJpBsUTvKFJ6zodpfVA@#2JLGAm?dCKn+l0i`-jsgc#`Mf>84ei1R( zkQ#miCVRB>>U-JX9U5?Ru@C)&tUx5qzKJ)SJYaZO+NJ1eB6I33Il;t{vn6i;lZKpG z%IE^_`2FbQ%5q^#16rvk6)gfyWYTvC|NiwQzjiY>KgeSV>u=_`lvR9T{f&SR;CF|h z`pPR!cK;(&7-*)Z-3?Jomf&7-X}YcCoSQ+NiCAG+7t z^Tt0a>lrV~6>IjS(Qgn~*&3Ejcb%*N^KC5r>x~}pO6DE<+sw~+qagW0}v~vWQtOdylwxl8NFNK0F(a)L$IXqH+ zPjM&K{=V1SzDfbOKcBwxo@&Ljj>n79cm2}ZHiA{jx$`>AZ*$_b8?fr&*Y`daXT7GIb~FtC z3=FLd4kUNya2(Rm#uiN7WvOc+%KNG?pA=Q|kZmy7_p#<7NUda@o)8Q-wcoeZXz8w`qH?7o)eMAw>Gmdr-YY^AE2u9u)c zi)(2b7#OIqFA7wwq;6w_N%q{&TuNuy=`T?>9%_0Z73c-Bk&N8N^(w!9Wab_8@@h-k zW#Bw|_3n5?Tk5-H;Fnkn4BA%CYt5NwOWK5i%5RBo@?$&XP}5Vt%F7yIyWD$WPh?W9g$;(;PQ`c8P%f87;5-3U=NW9(yfL+@4VE&RP~QRyMmo34Yn^ zjl>HS_w-j@?-1QAy=jKZ1kVN+%ZoEuzglExF|ijK_^fU8C_|~6)yN7*;5h9i>nOG- ztz4r)&Q5%d6~6oF4)>recDIxpnY-6MpiZwXg({%p{yD1|YThzF?gu$q&Yqs0iFCHn z6};V1O*qo!@83^EZG3Frl{F0*x134B_g?|@YAOgneM^-edkBiUo=1^T9oGMIj?tBj zfZkb~DTi!1_w|jBrr5d4Ca0#bIggBd<hzN zdg7LF$>Mr?wiB-}f=!fK~ z5wo0-1mhUW7VR}uj5N2Qktb4M9!5gpuwas2W>k19k)8D87?r!i)cHpqGjxqzpave@ zS^{Ju8>18IZ{FGC^MdX85ySH>3xp`{WTZ*)!ivOf^j#*wGWuJZlwH2cRI^~K4L~0X z-m-K7`R9;kVx5{g895_jVzBA{B+qFeNxKw+UD~%``|~X`F>s}yB=A>)k8^@GsUTG*0=4_H^bYAO;ZXP(jl3R0oSIqXB0R~ zp^^d%v|x-v;OoS-uX+6^akh!`IZdwyUvV?e)=$_t7sUV3-|Qz!`foq7^HG(vBz^|b zkOLX}u=e+DGSXv>v5)9u4&?WIH@#!#X4k_F&d8j9*0qeFp&3vL_0l z00HNRMPCz_0H-sz_Y=#*rsfRI`F|r495E|cJeJ$3Ox`unnxsGO$rBt)yZvhV1+*%u z!5N?X*hlVE{z|a%gMu0z`lNTO>;cp;ibrI5N5hmF1kT04f@OG*re(HW{!vA;P-tDr zHY9DW+%|p5@I)^PCcFc$eU(j=&%U@h+Mpo1?B0wL3_Vn}xWt-TJ={IVt=#U!?=%fA zRKu(ZIC8R+e0+j=5o*rUJk~}b3I*=lf1h!%PZhogF-d7_5Qwh^*~RHvhYz9+FSkC> ztv-zm>xi2yH|0azTsL0=G6=N*t>bLHb2Wg&qEXkob4{bE#%3-q<$JLK14;bNxAs8H z-cWUy^dhF0h=>T>9V#a;Dk_z%TAh(nA=3I1xUqf2YqMlk+V&RyCr!So03)HM0sdp2 zX|vY|i0{451MG3%wkAd3NBvn2(uMR|RTWnCR*PO+M=v2KeMrLiT*d!9(7WLaX99E# z;V_!k=j}T)k~kYmEhJD?g-wwPLMlv zlJU5QSRy=71M>H4sZpJZ>s?@x0fcE@@RXX4w|;dQ6-$n-0|c5HE@#*ux4*N?wK!p(lj zAit3A?C%U)%7aItMhRBgtF8p@0<|==Jqh|9BBLy?{RLC)(R+xb56NjIh{r1uNv&p9 zjAx|L&R@Ug8+mjM{OtQR+fMf2_iX!{UXa<8F=}ve{>kphfZkPS&ko=8oi*=O??sn` z)X_<5y7vm(X?AVum+&kAC|jd$fXM72A7Fk1u6~l!Lr3F`D6pq z9iHpumkI$i9K{)Ks6qiE3dLvRv?g(je&5NrM;j_!B8&{T=L-^unIAo$b2%-CM;g!d z`b)C7NcnXfE&WXwphfa&0c)p%f|@$07|-hZ#)@971A26!-e-UadNmIppHZ2YbNbr% z;qCxnc9#+5|5k>6J?N$2&nI^q!w;9xkV1W2xG@MVr<*J@wwvc{1`AN3!Mpi*L=`2N zherZt_&vaJD!d!4iKd=RAkOI?yQG`Ab>N<38y5m(sqzLO0vK1aOCsl+8!i`bt}@L6 z0R;dJ$pHKnf-@mK79$X&K!<9DP_pE*tbwhUq9a$0}F})3zazl z#Iu^D+gGZUVEC|31Jyr7`!`0{j{x4Q739qYZ01QG_V2+U;hC=ms<)fz(0Jo}{n&TS(Oq#}kHd z%VoOt&W$bmgXU`z(y`iOb5MM)6JJzD26M!0?tVD5o{UnP>awga&Z=8niPH9Qg z2z2)#_Jc98t-+=NYP2}+&`rQ_soKB+ATdK&mEyfH3-YoH@@wet8PQ#**r=B<#KW^U zm{ucsckes{=lqdYUDfS(zn7dcx-)Q}T;TYQ+u-m1UF7f2;~yf2L0%rAVM9K_9xSm_nCnTD0meY|vH0z3?bQd} zT(56ro7>cGbwmVtQWzwYKg>q9p*`+sYX4Qb{oinxD{@C*<~RcYXP%>tpR?58TEY4i z@BR*W9{d=K0OuXRS~g!ve8RXInhm8iBIGboRZ|T_VP zU;pxE;a3?^6~Cv(REv*?lk33J<&X3yFW%ThL6zc}9HegVCX&y}sFnft!S-gihbstV zECgOSOW`rpzy1AET5DSR@<9IYO01ygvs(oIdbIV?nqrBksipky5ku29^|mF_F>Sjo z{!aJmsV`K&W=+Am%?|{^P8pJY_YWIQ5)+p`ZS?ge7Q0YNx*UEw<0k)uE0R=O8^|PI zMG|yzU`2j`8_+VDi|b{MnkJJr>e!5T%QL+=Ip6OX{31~%I?x5*x>NXqd)B_>I)2&X zeqiv+>-tcl5U5dV?Y?H9q(M%8B)S4zR!TW*vqcmpRP`R3N+h~rpl%_{^%mz3r3U6s z?{IB7Pa#beD~We_>qA)WQlW0Md8(VH(gt@N@BMp$fPjci%y`)6kRf;>-=V>7<|v6Z z=80tRj``em3sz9!0gTx6!g;n{jYhzP2dt2{EXhR6RPcTUu?Qdg2pFveH0Ztd3;X;w z@XGB2Y_1Y)Q5+)zq!1n*79|erS(r~hZ^2eDE+*q1XZHn~fAfg^`)6|O-pD1a-rxye zg4JQ8iWddy=otmu6ShP&_lIRC0l=CQ4C<&L{Z5`?`GpqbAq3x{1QjqaZjO}|WOc$e zyI6g3SWooc;0;n5$$tUkbH(YpjI3G#O5?a7R785D~?B+_Abv z>JD%t7<2UBMXKu~Jq2M}<( zKNrgc3)4&62OQJjkRdu4sa4A|3UCZ#ncj!L@G9iYM&VTS3_&iQH+=8vd9QgkOamu1 zbM^kY6iVDFj!pZVd~IcshF^`MA9A)7_WGyjV_|aK0|y+1 zv134`E4W!&Ti<5GEE^_&&Ysn-c&%Haw;dXLLl8{v#V%7^A^ng*fIN;FU=zgsn^)r{ zJl}=tDV}w~s+!Q;t^n2!mTUW!gl#m0A}d1hqkU`SM2NkzH5L_)X`?Ha&?{DDvHGwi z?KAC|cTV5mvBRNMMh2G5NBAs3DMMnb#LV9!BKhn|qJ{yA55-^v&(349FvqY;&i=$< zq@Rsq4m=Dq|M}8yYVv~y#IT`K&KpLKLf0BD^iaTtLl2ZWmh|s?YGHrP@8*QX{hTvS z0$`r3LAuG8xpqTNRUkZSssippO`qTvxCciHfJlll>I#g!c!n;B=6!4GY40A)$fZP1 zcz{s9diOG`Q3S`wHt?s%$dPsgtDMs=pHU)5WmihPH~-Zs;%59Jwvu#}a-}ZTM);aV z4i5Gb{mE4@>Li)gG-{>Y3-!jPwYa8ad{OMw50n z-~WlPi$?O~A{4hdkjnYSCE@(B{?Fc3U1#i}2d;Z2t)vtYz37Kp3m&Q+o2N)n`1#52 zk~FV0L3;x4;r<^urYJ&ecn)JH=wFy#gTf9u5rm%VLfSJdzPDYFIk8M_RPi~#fS{jT zl7mTp%N|Zz+m);y?iRfIEub`(Ms;gvR49awMad#muopC=3MCKPvBfRq?d@Tj#38Ik zoH^Vq*Uy50c|KP20pg|$sw@8WYuOB=yPQc4!$DC@>Yt|W_=b*N{cnYRtj8^e2$ z+(tv_T@C@&iFPMzg4FUTMcB%7IBt?cpp(u2DN?58`e3FTA=>Fw%cAHOJBedvM^GqC zhQiNgrszq)(M_P7XK`PhOl6m*VUMA?lK<-HzcA~pjQY%V?4fLPa9SKFZF;-sF*?;3 zc^ZaB0iSavwK-P(POj z`_$@cu|;Ope)eAs(Uzys9%6G0RI&_FKI4iaOn`46%xz$PZNW;elb!Z#PKk&k4iTxR zvQvR$)pStU@)L zD9O_ITy=cj^yK?1?%!jJ)N!Vpy8Bx8hWdpIR>LFlJgHbau1~+x(p1j5sIIu`hz8P8 zc`+*Ju%mB0%r|WR>J01_~Wfg4DH<*%v)+AtDS7iIko3*!-<_RUC0pHqI>3Hh9 z0}Sj0t~n26k)kHwA0Lqmu#1)K(-_)Ig(s<3wET%-sUfwRY|XugX@r-}r&N0;AA6Sy z$AfNkF#NW?a(Gn}2xc^t*wCM_HdtihjcSuDGr&nfA%ETAv;CaH9g&%hX%s}zC3bHb@6%ZvGII+I6LfkZ{B#pdzD0r z)s$hy+kJN{@(AE-CoVz{cgQEQb*Zo*;mKS5 zzOs4h1`7xt?pwoxsri@5SEkJc-?uwatOEYe9H`KWZss{cs@8^YlbNQNx%W_8E*>17 zdxJ~~ssg@Cj)yHL-m-Uiu2ku~!AS5`_=LcWOo7T+2+y?OzZGtwi!g*4-W>k2c0}NQ zBBH@LS-Re~&j^}UvPY>%1X0RDdRzu{078+ecO~s*S=XO+fv1HIM@_a7%EoP5drV3ptm%p3ca`6ac`qo+W@rT=LhHB0H= zp@(B$dyvzfT(l#j|K4e`eB6=(OT4yTHkJuT3;0o1R2>OLc?AOEfT)`Ng z9_j%O@`syb^Fb>nS+mLy4V8jnF)+bGB_{XqKqhwl6Wp@dVN;HJo25BSEa{^=*aWCy zDEGJbU588Qxqj-qL`Jt>8c#iH!^wRj6;IL|g%Vm|s;>j>nR(y6a7y*z-dkd3II(AM zc7NrJ&mA}+MX1@o~Iy3 zfVU95SvlM;dpPm771hcjMFlr@g(%JdK(fP4{C?M=PteFo`fKOs9SD+dh6?SmL1Zm1 zzkDg@TUQp58)>c+7nbJul?!0}j^~?7Z<1_v46`(J>m=|htEY(YFXZnUCG*1Xrp*j^ z#Jx_L@Te_EYD=MdTHamkc>e#Xb>mCZG;?;o4-(be$3qD=jEWG1TN@+Mr>>}m;^EEY z(o4zd+6PMLK2wIT>z|U-4+fLktp!@UU7I|YSzVV?gh7;`0LkQ!8QaA7hjed7y5R^1sHf0>jhJu2@Xhvy)(++up)I0o@Wkr^{5BoOo$~^_z3o2{~km#(eMqmm=sn z`AW8`jLFtxcG&MvGXPw5h?|JI9vjd?j{)p-*h=K(;;<1}ndGm>BAsGm zb|%A3U?k3ZRv76BlD$x|p$uT+Gxp%rP$pScBj+4r_3)1IkjdLdGf)5gzs+#}x?rzV z)t(QVnlfzdj1(+9xHayFX*5iI7HZ1c8)jBE5cor`%4u--Nwxab@AgF^iI&AQgz={i zyVw|r#+WT5T|SRG;9yw%4r%Owj;gmJsH^=xW=a z3|9lHKja4<&5>PI8?YYW3Y$dXp8P$-wx24%oE19S9c`>z>^*x)VCMqgzH`M*Q#QAI z&rvtrIV(IYpmtw_tM?@>yzPsRx`$JIZ+mUP{BSSt*04O;xao%+>iN^fpbBG^1$144 zYuuPcI?RnMD#$377m}#`C;^VS>!5=(8szCFi;bDgd-e`*3r^*_LC|@aO)|?U;Z^EF z4dB)_EryFNCzY4XZ|1VYAT3X|9{&OvTC3D7(#i$UA1UgRc}2!*^h@!+T;C2JR6*yI z{CnA8|H$g_dI_Qq6V)oB)oPyA!weF{lPOyql&e#gk`g)a&>_OJW-Z;K-6I9`D-$q$ z0lUb=jaA&U@EQ^Y&p|X4h3@<1U+Wx8wblPP^_3*cARCI^?3LUlJBba!5LNtVyGiCp z4u9eNw$<4aSZY3Ap?08zKd?eZ8cO2XIz`7Gr=S^4qq${E9%N9oE#vJ4X1Hv>qv4<4 zxwSJ3Sg?Yi+V}*TWDo&JW%hNA4RcSfw}T;VeDC_l+HM8rK_Ae^Uz8b;@chse*h}i9 zzH2c6KhxAI`4Sm9WcI2~9*s^GJeU`FET~akZ@bMZw+hSryAxP7RA79vWE3NHS$;4> zw4qPVk>ZBA*ymP;HQQcCUvaOGmlpu6f3-B#+K+2%k6*!WaYn7+qBoG213;T{r=M8P zk+``aq*}uW*Z)9F`rnx@uQLSSu=z4lKB-w}1k^$kTC1$fy zfT|Nt9OtpEHato<=>k+#l>M%S0WIsskH5MJL5v?{WniQto?GNjq*|lsYe%>(w-pu| zj4yIXr9acMd{6Z^rpJ7D6gpGEa+-XGLNR$@A|7f2O<2^_sMt@>y;;))zR=XlqI}@Z z%`PlU7O|w8iBEaEMcj=orx;}UL?zLp;fhEpXHH}onGc;GDeK0)9V5{RVBzr|rvplx zU2?`d9+rl4ZTpKA;6QV<>To6UEMfMqA}E~HUXxxdW^5#0(W!9tx0EmWBI`$b3nDY7 z09FRt-C_ku7CYDyf9~cuc2v}Azj(2Fr;sz}JipNc&Cfg~TRw;63;|xk1yfmO zIrx_d#cChB_%;n4%B%C!4}$`(fX6iK_=Dhmkz{FeqKaxm5 z=l@#}0XS=4fFLd{Iy>3|sPq>)tixqCusGY1IvdsPDM@)?XX{3K#f}2>szVXgxqo$Q zmJBeEZBKZndF_3~5=|(~7s~&}f_?I?D?!ZUX*?5q!1-|!h|oSWGD`JsWtsQD7MPk9 zoLH^D)59WSkv8=xgOgv%RN8K_EntnUj%bL9A>jND^E?cnxA^wh zb39JiL>MC|+xIs$4b{$}q(9w2*XHDr@P<-Vs+|S%@h`h?#~2lN#mw;Wrr-F@t;n)v zZE)Y=E>8Tqxf&`Ripdefgyi{072pKdf(o%TWd^V!u#p+I`qo{CPPh8K*#^U$Sdd8c zdd2QsA+iR&{XBC-AQ(uZU2j-4@`vtcR>YwP0&#RW1rBPllZIlM_@2w{?P2k z&orC9MDFvyzNdTqzh~-3N3#ziyf=P)_H6|fmMV~$ex!=3?h^sY`YAe>EX6uI+vHK; zxihBhi`vOUEWHd8V!fEGvD0XMs~L282!l+ltyym`A`o8-3Xp;`Xe~!A?UAyrZ9YW( za)+JGu1tXeS9@mT_kl&1jn&fl?A6kYk9tAK%1VIBjKNPi(S_u4<(@&Q5cd()&jM3i^iT{13gi}c!vELMjPyBL=nyw&H17%OHE+RpZV|%4oJkHTYo2W9va)D1qllc=%$Yk z!NP$gHXiXX|FzH}X$J=uq&B_l_0;0;*#_iWXz<=s4P7qMhmN_VT z;=eJB(ZeI=kA{$^;>8lb$1nW;;{jyr+X+}Kxn}t~eXS?kY`Za&?C=&=3sE5Mn!>sAg;yP9+e%hIK;4SJ$Hj`*G?kODG+7_Hq9&w$3^rs;&L^Do99MbgCFI zq)3C*K}AYBh7{>$Na+|FQAuf}yJ2XMkVat`Vn8Hi=x**B-=pvE-rwE-9OKB$-g~WQ zJ@x%OR-kKUZmg*0jHGf>>*i^_&pOv{+!J^YM#){1hb4xtMT`b2?S>Ao@X7T+rAG}* zc*ojP(iN}sBU5_y1P+$5Laj_GUUvT{2u9?>5EM-{(IPJ?v1hc?q=8Q?8 zf?^%0?vPGO@W;u;ag0J$jNEP@X6vvq1${2PLpQU#H`gMa_OA7Kxr|Hm5pWPOv97Lq z08OIBpHdtXb&T~eW z{YkzQ{!Uu;B2in(^yOP~Kho8qZ}Ay-__#rH0^9zHN&Vj3htT=kc>1dm7gFl_hwp_Rv*{){eoU3q7FKpv z1jFPF%ug{Rc^_=nf|RURM)HpBaWx34_ff`VU;Fw-jK6^NYp0)-Pmmo6WTd>J0u~Iv zZ3B!!94JlwN?Qe?>bG3#lgq#CO3~rr#Pkz}!UV%lY^MvQL@U>&i0ZMnV;xc! zMS$Eqb!DhLZQs@;yG+-Ks*w5-#KBL|GdpwLc!zl&oU9_8`;3DTM+B^wqtde&_wl=4 zsK${KXL`x}-yzCRsm~JV1C{Jw$jYrZBi%SIRZPX*0M+%Lh_lIcjEu}^IJ946kPaJskU=|TrXq9ZH9&aYD=()zP4C5|jD-nXM&^T)1 z6RdI|=8g9B=sx*E8vuuzQz0>%&!jl=YYu6(d4 zPD9;SfJ+JS*%s@J2L?Htd5&etIBw;W`4a3qt8-WXF$)x+p$NzsatRHTG=NR7f|spa z^AxieOcsjAOq6G(Y{2TA#@>Uup(CvWZITa_dVe#Ket!kfz?|_KP(6LFn(0^?uV9^B|(o-nk=}aqjw<~59xd2v6`ziTB7n1$RV{#wb zO4qYe$gcGvrl?)y&*2E_7T7NqZKR~ZYh_4Dzr1+8HR)l~b!YAue_rZM(%;`9SOU5R z=5jg;m1cH-W@TNr$Ck`>93KU3t(IDWV+kk~{=JmHFK(WM-mwuX{ePqeu3pXhNeVf4 z@7~q?xBc|le|ju?Z_AvEnU2}E7+B`da_5GnfVC&h@hU655Y^C;7-~)MgXjAzY>5ZC zfimnb!aC~ua2sx8lKqH3H=iq3W`ezW@U9Rb>07k=z#ZgEEkpnOeK6>81%KU|#&OJL zLw`j$N#oJroWqNgH~mh}<%p}b_iCZ_i-BzPJc-Zi-?SF<4F8Pz`%kgz5x#50D=VZp z^_#C62tmPe^xm)qWC>R1+)t$OzEKan%Iiu?PL?()dhkF047kLg)$QgI)ySx5MK#skTIWfZXTF0uW502A*tcS_g8jG-Zaml?zAyd2Uf2!2 z(#6Nt1e3_uCYW+jas5FcRdDGq$Ss^{P5Uj8!G0jtiK9?X0MV1T!?Ed)p5myH#4@@i{9IKiE8jyRukgA?xH06Z5Xbu^uHi&d5HEj zjwf|!o4U=PVJ3Yj(6IHd7-gS1S8m_E$RmbL8CDK*YJZU6kc$nzU5OPXF~ z%O_i)!%{NAnD%u#?;05AF-Ozpm4p)v9Y$|Y^cZ!+p(U6CNc*1Yzdf&GKlSu2)UA63 z5^t<^b%Mw{EO~k6-|7_^e*ri?F_plxNTFjhOmt9dEU-WJJ`&K?HZnygqWTa{ZO25` z8za`74~CdC32DOQUO1y?N*!}>U&yIZj2oTU{dsl~gAH{%g?Y;pwT78|w>-b+C={tF z;Wu+?8ptb4p}+(Yk&_V>hs|IdlPT+(p3g4R$cya#G*UZICJ~4gK1XGO9w1h&C?sIE zNlSA_f^Q&YaFDTny}}&NnaZCOn3wVQ9}05Xze3pGPh}Ww)h4}&RTL9_u+ZWt#+lq^Rr0n|v(pg%9!^%vd^5NxFPvOVG$tGb8yDBX(y z3KJw9EK*nD7qE3V3kEM)me*)G8spcu{_CTMk~&G$9!H6Ta&^zA1li zStqygYM7Q!_?VvASUeu0`|a*lm&vA{hmPY4Xgg)G*aeCoVz)IMlK`qM zEUuITcm)$#IdWe1WrdS^w~;U)0HY&?7fzIqCf>No@g?lm-;imA48c}O2H|*%eRoATLYqsZ1hONBZ3I;3^Z0i)Bd@rnf;Ex&E-XDh_xpEK9~ z*jI|cK<*WWh6^!_-a8xW1F&+J4(r)SR(|AWM#V;npGo3-IJ0RKzSCIQI>z2{1{K&j z=K#NmX(7FcmA{Ip8ZjQ$nj4ddy!8{?q7xSjacX@$fAaPiI~?oxm7AU7zP*J;luJ{_ zj;=-CY-P~i8<%%qT63pu{%vW94VA`RA6K>5$V#MxwSBMu+MI!hgzru5^rW$cZ&$f& zfiX#8{d3CX6ISM*oPJj<@{m}5QI&1nk9Peok5o+{oAw6Hjyl-qYV=IchQlB6&*x`n zIzMMBAA**ovR^)M|*iB!nH1zXotYcfbf6m~XC{v%Dk9QUL*EJ7}@5MI;oVc8yR%}bqBbr4P zDuL%W3g_UJs&7wvVjaq-Rs#}TQ{#ymk5rI{CO!II2~E|~Gv}ofoR%(luZ!IJPI-L@8eK5EwcoOKGea4+P|6)B>cXGYI|o?fI~ zi}cJ9YQ~EsJJDa|99?qLiWPFnrxH*^ZO~VHr)Dpgpj3@{p_GhN}{y+j-c6k^PY zxm%~%7|s#@=OyRo`TFB&sYsY%3R0qgpApV*+xr=hX?{*A@s`3c)=^LgW9ZjR}SvDSp$HEf;^-w$NAJ2%AK z)&b-~PqfKSMT_dOv2{q&#dF`cjo)nhDYRSqZ>w^!p>*~8OyPF#Vv>)@mSfpzIY+I2YRTr;BJrC&j;`y}GTZZ<9j}%- zW0F{ucf#h+6J*|7UbPoLosER!?ubIx6IR}x*i zvr;#sRk&}c9xY}{>*#-h2e>d_>li7!r${c_3rJ@Jz#V#JtMK&49Aj=5quNq>DIuB3 z!k# zSEPTI-s!;?*Y~1uvut{(;#HdMM=l-cze#+V&adJbldhB*rFodNaAmd>xhdJ!Bfp{2 zj23{~bw;Yr12Jb&9#4Au%;xNgjtU>8O=0~)FEx^4?TvwOoQRWI##CjA1|nN!n~M`+e+|VK~u#jo1?1d{qQUuoN^g?%EK41W&9%x zn#=l8iwbV@rFZL=en@M5x-m59cEnX8lD%(fMq5KSG@X}IqSO`r6Si{Zn7cZ{m;15>Zq_3_^3*u>hhwUKh`Uj;6a1E}3FdjAPczEBqU|*FMZUGJ@E@zWB4pc# za_}Y77H{O)x`)woGn08k1|y~8mi+C{=%Hx@w+$>G5io10L8WOnnoo-PZrz;tNi_5m zlUPvvXbeHJw2-Z18#CB^{Lh=gwI(zd0k?5z<6W2u`q99+@o8`@{!pdqqn9C z3=X7d^a191dhpNp1io0xXS(XPcHJ1Y=H1iuLqOOmp4;L3r&bAHDHjoD(jb$2XDyS( zV=Kk=Me-op^OLa2Q=%M^UAeM#p>J905}PA0t!rd?;cw4!^l#g4_cBA#+bD{VZybD@ zu%Y*BEdw0X)2;W!iwSLP9li3{`>u6UpwZu0zA{4-1sBf!Z|otSTj-b0plYP|?#3(Z z3playu4c*hf2t~zK3%C(T%8-nY-Cn90&Lf5sZj0NZ9*3ODwiH%xwnW8ngMw3LZihe z&k_5+nVatt3eLVU_cIUDB|NxTo=0LvDRYG0sYX2u6>@=$p3jM}1nZV^r!m&QG4tzF z`@YOt=@_IE`D*D`MU0o*?3j_KSL6n?`GmGWgdvJ_wKKf2B~fZCBM+q4=O_5&;y&V* zxHCd5TZtb|rENzmC=b?Cn7i{En<=30#PD-;Axoa$oz zH4g^1Trfkuq)V*dxK~$C{FmH*EsV`i?F@`f{!=%b{mJCp3F9i#V*Qh?i@07mi765@ z+z996e<0d8Ufi{M6@yw>oYz({k&Fw8ooYa*vQ1!5Pf1Ijz0@W?a`&@Mm!}GEIrSsm z@9SUJB?Wu4#LH??ySeh2)ADUsQSfRi)J!}fEXxS1VA=8=xrO9FG5ZjyD77*6ugr>! z37>IlPP`t)hKcpY9bx>7HmVn|&ezD_<0-EINE_#`+lAN1lXUX^A6ktY2L=pP1*#zO zj11ze>l=w;QR<)1bJRP;s0sF}Z(r?l^Plr@`&=-Qqv5@?MpHm4F#~JAF(1!hlTe$c zIgp^s^daupi9l1|?wn|3OI)P){)OtGclIOtSM&}}{82BJmzq_0;dE2|_aGnWw-@pa zdRuO|d)&>bRn^m5jw2drR!cnQ&tSrJCh+VGH#DH+OnfyKm$1@a1c(7f&H7j=dffu^ z7dDR8+D|4|OBr;={sh?8Of3>@g7x_8&4Y>8zzmuDy@6Uw5!5P0Pw_90@@eQ(E7xtL z)E8Fu5UnNJPgFhxuT-+DT6nVsUEd=8)XbJU__jI0{3CzIH_gak$DJe7RP6&6|5!WM z6gzaV(X`-FvMrh@@z{8@OXmhHe;i{wN2Qv+HSx4#Dc`M1hlLlG`Rkx!_Rm#ABm;!r z0nJrn0~v$HJTWJIxEs^c*DN<*Q^;2ATYM@6=(V;hJL7#yEm<~ z@?oY1*Xb}OS>qAy2oFEwJ0?#04|hFkV7;E=l)c$guZ~PSpWZgXpO297LaQyF7F|Zm zyg`gHKezbg7H9&I_fj4-(cV_WYc)Q34Nr^i8OSi;fg4X`?5C@|C`A}0yxyauTwRFK z!pO}}j(XYG`=M=r)+#X0$7n<=$3izi++ zf~wGFatz-nEYUie^%r`udt@T7?p*h3ndn@JMU+{2=1)FnbOdtI)TsN+->%AvcvbLsO9pC{9-OC@WOu0f50A!5afU$f4Q;nY4@GNytJ9c z!HVqsptO>F$6$5O{W%#XDsxQZ3aZ?`g74M{h*2#ciE$TZ)&@QxnyZ;bK7ALHF#paU zQ3uluOtWb1ysnjU>s_(8|v||5YyG!=(};!1aF z<@FN})2G1g@qJtR<-V|I*0)C;%rX{rtA0LjYe#bGt3~qRIyG;EpIIMN#E8)&Nh~q% z58{qsHJ`*Upe!y5Y#%#xdfS9W7(?mTDf4h9avJ4$uG8~u@uyC2D8}Nqx3`Zr8B)_# zD4vyQ$mP(@^g?FN)+kdaoNUUv&v?V;L$qYdIXG)emYsQOYFFJbIMb>@RYcCVZck0) zKC=qE?$mEZ24|jl%(q0^Pz!gnS&r77c{At6%8k^|8&oq$8&`42LJp$OK$+iH28%a&t?o)zINO|@_EjIEy57V$MPpVoS^ zsw&&rWtY24Q$->M7DzpDl~ubh(2|5|!U*!s{;(9{p%JsQ_zwdT>VC9{C<|OfV-?_hU-}~@P z)Imw3rf)_!L#NEpN&r{KZaqbBJSSPDrV#V#*L$`g_k~IE)9nq$(0PoS7q##ZB=Qy9 z3i2Sv5#N0tw@UQm&WMwLCrzxLz(T}BqPCwPdefy(JAC~B?B$x1j}5p z^a$Su^Jd)fB+7S_IX8RYa%X@*D;wl&_sigVSCWDCwJ!V56V9Ps%n1)k>t5SNS@jTh zdjmJN%j;q6oqEK4+JMQR&RCy)?K>y!P1`a9xe(%wmJ0J zQK)~|>MKQ$J1)tpKEn8Im$sADWc!I-tnyk~xafNy#qiy7+Rn=XrwIA-c+{ZRX|&l` zu|MA}5&hxV_wTLbN0aAAZUU#`sN4jpx)vCztf56t3jy;11b(tv%iSKR$<9Y+>5x5t zS=dRgZC*fae-}?&}YVwxG(_{_0jV5t6Pe8dc_k5g_0tsT){Y%`Ms|ur7?}t zQ7QK(M|sR{#V62-ys2P_%#trxaf#N_w2>rWLMk7p9-Cuxt?7)#A z9_5HA-HWAfDV&~^H@A3EYmmM-1@xTbGS=e??oAbM$hiarRk zCZR-3E$Mq!Odi^$pJ?e2(6&=oyBt}j+=5U(+MU@O?n)V&TL@J7?#QrCCynq{t2=BX z>WRSD{61y^L;b`7Bfz$u`WJjpFVZ{T)g zL;_$;ovar}(rNFy(|zM8V$a2SS);K-K5|*IhQlJ+dF4pT!$XS8%und4++!ylbMW7T zXw4a1*pF8qj^m4%h)e1Fc)P5S?e=4)O85c_t0mww)9>yNGK^dvxIDm{#`hX}6&4ZE zyYN1YqfWC^&n}t|PV+*=O4;L4Vh^kUyBFvIi?N!(P|$ zixvlHc{>pr(*@>kDJcV1fN6C*Y%@nQIpRAo9!vbVyJC|6;Z*yik8 z6QLy>0nI)CfV5xlFQ>18l=|$Hy4@|s>5muENUyyW6V*!w%^tUJIa&UYQkmqsF50TE zc{B09^}LK9HAk~udMCef&{AbVb}g6jfl*609*|hpbcWM=edbehAt&g}6gxZC0t4u| zpDI3HufD{3oHcnC@jK?_X*q zP?VNZn(dzoq6H>wP&^KV?%D@EpLPc(5xrl6f{@<(2ER$td2`dNw%5F69Xa4Q_&3|43NsE!1hKIR7Hm{1j}og2RBKuV}p ze>wtGJ^F6%`SK`f=ldf_srw6vSII{}dTZsEWU6A#z@KNH52*}r-#kAl^k{v@R#}At z!(+_BgFlnf9_vpMLnlr&67^+933etCH7hS7A#JxfFH+bV8-|&u)cs;K5=*&RWB{ zdY+O}?m5$20{D?IQ5e`OvGe&l|Jfld855GV+pD|_^)(Hv<>fx4%yMRFd#k*Inkpnq zrBb~$@lqP`1oUe~IErE>m3(St?U4_flgISj>L!@g*uxhn^AS+@6vyc!kP8}^i;24^ z&|bRIYeetC|Je>36sf?X{!v3AgyPZy{-Cx_iqE$H&BTipR+o9KL0mw zue=MObv=P>nTot{*^&gs`lio)rYGmAh6>~) z@gSz0?KsEU?fTDA{)^E&;~O7?7XBOoy;ix|G2`Z=nie26q^ zcF)J8ED~BfrUG^N|5Z%X3EQ?#&JZV0^lXV@q`k2A1dTzTv((P@7{dOE5K(e)=<$kBy-`L!QiPh?J*KfWTWS5zcX6u z;A3YzH)VHLoW2dZfJ!@n*^Gz0Ti*Qw2i^ZVcW9}loKqp`fvEd_`Qk@HGzVg|vIZF@ zo$7Vgwhl*2kxg-an0A{4Ce8QGKizktL=Djey36M@sLmAsgZB(*4^2nuCpOa$K&698 z#XIR$@vWK6mAXgQvVzv2=ZQ7o3QJI|;AYWu&t#l!yAxv_??MT01H9HG7pfWUqI!4gCoX~^PTeZ!! znY8U!tYmh-v@0Yqk>dTgh--NF^O`;WSu=+5c6Qc5}@ZrB(H{a6oTpPlhE&u&H!OKX& zb=P0FSih8e{5bcx%YR=(@y^FO%(};CnXuSnFBu`1Uo7{;n)@mu0%JcW-Nk1V=|NBi zEO;gJ%098uwC&Gp`k*MPhDSEti_j?h_)%30;j~q3>{~G)B>NA8ZeuCwM78DpE_&~V z-HkDQAh~8G3<*JuJv`at##L@Vn9)}dTDW<1U_CbD6 zvBHBsc8(>?9=!lLci&~kBb8XCH%esL;AkN(^&Zf8Yroia7l>69KYF(ILGjxwl{*tr zD;7gGT=uh6obm79U;oL;w%36GE_z++5jnzZLR#zHBuSqJZBEyEX&{~v&;lorh(>p|L1m~7(R7#T<|^FVB<%o z+aJYffI;;j4GorVteI{>rDWZ(8e&DkDuo`LsX@LoJ=BzWqHr>MdW|WaKR65O4cWQ z&*`nqQ!xSi;&+uVN?LZlUp_cESDDJARmNfXUYzvfAbsQ87zrr5qj1tswUSilU%#-& zv#V~jXOh`WVM3)wuZQ42kbmt0MMt!X0yQK`WIv!UMOb`Ag8p~!hhL(*L04L_^LA+1 zXB5o|*El9-0HXbjRl8S>2|(QtH5Lya66)Ct(OrK4iAidc#Qc`=VD~~sb_Dj2xxx2l zHBhM3k-tn`fq2DYP~-X#RMY0`*O>QDpW@pQ%wqv5wj@q&A#McQx=2(sD0yvz!x1po zFeiT=r?fmhwxGvK4BQ_12c@8l2?g%ud{mK^kdKt5pi@MML9xmXF?zv778d5Fw7m11 zbaxB})1&^r5@`vn=aN{^O`IrsPTRfE8-P<)Lqix38%u5mD=&5=|3%q7e`tqL7^dIfz2I~x8!SKI%u)}QnS z4IDSJ|IzUAs0my7blVDC%Bro^oVoDodHh^1todMD`3~8~q$D~~`ax`jf^9(xD*L6K zle4z6eVrMa_vlTMP-X38;wMT<2*$l?pfVeL>`GT@BW>5xGXQbmtXM*>9^+Gh`7HqE z!IA+TVB}TD*U_^rC2Du=x($Q%&N-|*n);l$KzyaQb|zsgoGp^d5s&9dVb4Ja}e3s=y) zRKNW~ls>8m1Sl&5B0KDLtD$VvBcst+4&hWrM{(J&p|g9P**ZYLT$3hM6HnE1 zX2f9o2`9QFrC~S{V|-)!V7H5JHC>c(U?GLLcFWt>Ah#^+Nk_XG?3 z0;UD8d42wzs#PEZ^%jx_%Q;9W-;B?w>}?_L~siDLmcqs)|%=m1NCX%^oF!17rDeckV=dEaz{ zUhQ2(k#^O408G*OCxYf4Xk{I0HS^qb71;*xlCRC@dz{ojMxqN;w(i~*CmSzRRpdRv zY!XPB&>Q-;CzX*>adDp<9qurMkwOis)xCk_Tn{}#%B)v78xI;URA&Gt5i|$k0t7oy z1JZmpp>N}^oR<`MV*gXx4S*M5nEX)fGUk>pvaW-kD;(X6v@8_TSxRm0dkoqaKO#x@}?OX)^E;j?{{S-?2 zf_T8$d|I9aj@xY@qFyl%Fx~gOR1uXO0A^Zen6&qkK|497w!!pCJ90!IW}D|#U0`eJ zf6We!K%o>tAO|au(L%7YW(Hx%<98C501(O>J90b={5hDj-3x`@Wl@qOY7EsjN!VIz zgXIOM5zSRKVr7JC6V^3oR(v`;pURxFB+Xr8L8CD9ZfUeS} z&_dmf#EJX5%CR04cZF4LDPilUalF_rP{^cB;RS%!{RvA>^U3NWJ%%OHt5Jr@J(0Ki z+`gdfKui57T7DlWT5T!2Cex+x>wfqVz5dbSdz^F%o>aZ0venG$eeIuy`dd@+lpyy@mB3g8l3`~)&y!3eI?=A$tp!r|(1QTn>YwouqG#DglD`TY&K2R}Q z1Io)V1cU8Ur=K2g=VuRF;3^)cHcev2Y7m?N?*%)cQ*@dJ(W#4Y$|Eg*X&3O+6ete1 zLDMuw-NPS`WCHS|_3Rd#I+zqHlG$ZJ%ljsrL7ZeTqJ`+{H@7 z`Xb51Pt&>plr>o0n`(07>;2S`6S%<|*s!A*gSW!CW&)JW0P+RirfgIVCC!B4C$oeD zY^yg=XBOxn6YR*YPIkDX2C(YDu1*Y)dUz4{re9@=T>1@S*%*R6M4FEkCyTMt5nbV{ zd?sC!u4&sAKzJ84X989#V zSpe&4Y>A?TqSEP0vv;lW-O!-_;Vx6iC_3vk@!itl+Si@j1r3HT3+=aRp`$C375|yp z`1_~|SW2z;-W>2PXZr*}a}cQe7;9H>@6_aM1UsXY?N;s5R$08qS2AEjop zlYAFsJ>#~N>`v3=V?v>szBf@+Go61x$b7S{JBCeTCDvov?;ATDl<84bV|r|i-lt_v zQQP2v`09OeqTi^``W81l3+_WSOBXp+mL(i!pubaBFS>NCLlgh3o{E?J~H{Q;0H_ z5U~S)W{C-rn-8p9wo+*9@mSYjhvm{Z9du%haFXI{YekMsJ-o~xF%Wpw;!$kumZsw ztm#>_+5rH6rkLV=?uPzJV%%dmlj3!3j$T>CN{1zGwA~9Qe3oh=ZnY zA*W-&_sWd(1kz)e<hv3EO4lFkiY3@_ZO7Y-lE%v;B{^G^A z-i)iW38pD|HPjqVIIFyoXa+7LM8@W|UYu(9QmIP^^|hsIU128nt5{-J(G`k(!*Jok zs3nOs_)b{MjgFRMf*HGp>&+ShrKrULQvQtXwCPx6y4I{PP zTEkf0QV~CaN~QM4l6Tns%O=RXXI+Q3iRKE^--4BcXRdNKu=9tB;=?eTzOL55ahX*mH_YL91si1?uFf?x(r zE$a%}x=c|ULB%a;%ed3;WuSFK#E5}GmMYke6mnyD;Q>;X?Pa(poQYh5xmxb;mICzn zL4Z%j!PO*y4qyV~ddo^y_JS^x9MMDI!`fd52Nnr^aLDU>UcPwh2}i>r}jnSU0*3so)yW zmNBGHtD<5$EvrHClG|AWwFyhd)taeHowDRrp)4 z%m+^+os{BF1DfrCVoq)bdOxm8A!7WlFr+V)@y4L|#mEI~txU}af)_wyu7@rs?ef1w zGI!Nza`qfbyhG*pB8idr2~=%!iokH|t!pu+xLyI@rKIUNUl$-N5WU0s+KgZ{0$P$F zPWAa%58%XNRi^+O661_~y!a==rBF@)_e>lhbauS=0jp}umj9GpAC2`qV3zfy^g^0) zYoxxEh<~Kh;0xjxr;dP?;!g)k1@#gBxAU>oxJ!xR-c43u_;$@E{sDK;H1G*Cbua*L zL|hFgCr!T@X^bj0tiKgL7t}?O#C)k;z{c6NuvqeelSGK|A#m%QFhbw=?i$eeE(mWl z+yUo(sm&4G6U*ron6bqlPif&L-90 zXK=OSr6zm`0=&B#q;@la2x3`8>7yX_$kPc_!^JQ&wL2_ZP|STwFOUg$)S#~9vYcsZ zq;u@!M(m*g@~5c%u1MTNGv6R3f}(vaIF6oF?dEwxF)hUl&+V`Gg_N#Tyai{>@0iGa z&%)Cicz1{eMr{hC6gP#Z&jRgFR+-gh`os*iUTWMlFuVvNrO!Xu0zWv0(d$qmRez@; z{-38oeoDm}C3^0nR%FnqjKFj^hMNK5R28I4&5uxcowucj;Ew**2}>Pb{h#<1;qW&X zTN^$|PyT7wOq)FdSDOHTGxLx=a@L=9Y(jd#;OppN@M*CXh#F@z>o_1|_}=v1=k>zE zSD+(#SdA#}G>)n2{<||QUVvRMb;-Dm-FU|HV3e8WN~MH9-mi6bsjfUCD8BEY*U4H= zmpAaJll4mSIk+yTe}9;hlz}7ZwC0K>c*VL=v28@~PY3&g*bng=l_*PX1wXSH>%-2X+|AnBUEOC^%JSAs8Y#{TRl&=x_C@_Zq|WyJ`XsX z1d|Zc+9jZYDj{tiVj%^>r+y+z1H(q37VA57oVIFo`~V{CX@(q>9H_ELc;nh)B#GG3>eTkZa$n5$go4&d#6^4KSJ%Qplg$Qk@hbe4zRnP zAwZO|@H31v77N0twn0AvfawBVhp+d9n0O|M(6%_~KYKEs&4ZpIJ;)d-PjqC&514Jpk zVt5Sea53@y8%tz!dr+rg86KB)UC$H>I+ngK&g7Mea~;k12j*(+!P7;64FJ73nR>g^ zkJy{XVtI64O-Sj2wJUBTyE!LSn>GMsI~k)EHl~KNHofzj;+xN$#^mD$|DIM`owEnG zG*ZmQ*|n%vC%CWwnRGI}PF{)Cbbz8bOisYb+DwujSHaBpi9yRHG!5}A$zrDEvv9ZA zgoM0yc41sCGSS_43>X^_79eP41LUKh)&?y7V=1<(VsBq&g9bCLtLUozyC~uf-H)~x z5Pa02XM{3|_4O5Y|Fv1F(h{>@LFyJ*XLxQT!TNF};XxT4qD}f~h&79=ba3Fh$Z!#B zHQcysry3A@rl`DJo2o3wR$9o6zZ$-+$p==xprJwJtO2Fi(zFMHM8+CV#xl><`&R@- z@Xs4d70n*Pjiux|0n{1ew*z_+wl)I0qy{4dr?H6GME(Ur;opb?0 zO{ZGhu@?+ZYr`@d`1qYc_0Sx|D-@$qh8{bPcfl{3#~m%5&-_6K?jQd^n2!%B`P8^S zWx!)rl*Fd7K?))AWx=Bgc5U5c0JBBhLjl%iE!%0>&9?L*q=T!?s#I?1{^Y=FobqtB zWGZEExxbLRv^SCcUhKElWIuOVqM}IJAW}E6 zQ@mrpSOC#r)r*mn1MR(ovC0&wgZQ;?-}jvKl*_zj$-T!T5}W=<>8%v&#!ZBlrFzcJ)rFd6k}2*h57F90=sOvKTD57pJet$1Q4eR^ z__(4p_URU>@+Z^*=UI?W65w<{^=)|rAdxz>5#I0aj=sZ2k__DT-2Ep@^D9cEzVwJjX@aFM zGjI58RTLCZTdOUW+6MUf2bnZ~oSlr$M>e21RufLuZuKRY!T}ieufRm-c6t8J+N;)p z4g#%aPx#G@1;^)4T|z>T&IBtCL}7(lJ#yQwU*@iP?fzf2{oq6d9(@G|P2Zut563O) z5ej8%JCHxSS0?fXD$kTFx5XL^5FLhTV?)0)WuyGqOqn!^uQ68S7F%nhg}=YmM>PWO zwu7UxWl~Rxyh7r?vPr4n6Y!?~$Mrz3Lz+K6D=W+WRFEaZto?*2w0*X8Q5952Ua^Oa z+Heggo4m1DLm)VIPwonH&LAj-Q6!+jYn14d}=NSDCp0`CWlrb@=%Gwd=Db$m6^ zl-+uu-i`?Wd>432RqLZK?VpDfe(kAV@Axe;Rh_{W4wa>__L87lE? z$)OG;ioPUDNmr@OA7Dz0o^&jkCjaFR_~BV=EggUnwN52tmi^2up<PmP+y)Mw1~tmW#N;bTDR5XK z3(FQ&NuUbn;Ll&_>RR-g9GBakTC6T;#VU%!cE zJTV7Z&g~!mWIg$61-q^>VA2*qvE$cmb<&z#oE_A}UQgh&j1}4LzOxOuIV%SQ>~PNp zfI@%W;&U1KDjKAeJVWOjgN(5=UlzDASD;NZ1D7ci{K z!uCx-LKhLE{=jMutLeT>p=J#j!q~0$+`=Ni0pxKJ9TPi);w4gbU_ZYCT=%NicH>xA zUJUr!g5b+9G+&&RVCmn;%zCMJ``~wq3gTx@b!YpNu%T+hc09~5PdvZZsjKK2AXxPR znk*Y<(_zMW4fcn-RBcOPnt@-f(x6w;0DNQjIxOzh8v`Jn!553t+!@yH2+|euK7chgC+T4^r-3Dzl7X?$#LYBcXCwreCeFJzF`+79b+e14+;BdV@KRv>7 zPa5g8>wh+|5Og$;g3J`8J&5E3)&uHlZxwP~Gt?niQxMsbwilqQ4=k@R9YjucJQ)@u zZJkZ=SbqpSmSV3pc0fAggmVa$dB;JW6L!}oHD0}Xwd;_R?40NYu;ws#K^6;5JvGJ4 zkY#KW2xfHV@yDu_jmVO_OdL5XJm0BMe@rrkS|AoFv+47c6uPmuGAajG!=`9RUy{F` zUtCgu^I+@k*&SiT`AW5|#~bQ1ZFr0B4e z6v6XFq_WTb0PV5>R_*kfKF|}&PDA?vuIK}@)RmI^}=^K zDef;^whlmXYQw@lNZsTC9)r}oD+FrfW@%xP?Ea;FP4X>=24-ae%*7kZmY zHYqtsJ@AAuEuiAUIZ{-jATWztx115?ME)8iS|p`i!l?$WuxaQi+>^StoisJZeH;nK zPCY3fDK#legy=p>%Ej{tBu_T3{UGm#g2);>7sQhhvbjlhZVmRdJ2tvs@FU_FVzxCK zGW{`wZ}`bjvPKE8Yip7m2L#`zqyXU}N7xwN72SXdpUq+rBMI%cV`$JFKleg}_&}zR z{_whTyMwUbMlZo)+t&f2rmlc<=pQS}l7ZfOq)q?yQsDaiVV>?vT*+EK=T%Mg9utBD zSNDtbX5ghPfOc^}8N$DUEH^7>11Rou4=pf;`VJAzxiO1K#Rn;EzLO#yo@MYW8B&)u zL&M2IkpBd9%P435^Xsg|F*9otB+yN;f!$yfmmSERIjoj-t)$^zX4&7vCSvD;BIpEP z!5=MelVdV((IK9EalDvgycjCV$MTG@Lg+m!iRI%`kgP$N#Q55f5BFSaC8>rFar5%3 zr25ZzUqD?vLmYjKdAb6b?57*t8~|T%{_#oBvrIg05mgZ#ZHA0eR-KRy7t& zbn@43fea5l08AKMi2(gDo|a6fX2`+>7$>TT5fLH12?G^5OsuS#?*Ujmy#P}RGk9Yw z7-U{)Aj$SPfSn3Mgh{KSX^Xc*D`sb9X&v}ozi|Wh0K}BW%j@Jt>!pJP3PUo?o!6zp z*ea)`eqb}^)4uo&x&Gx~8o~NCx-!KF1fXBBl7W~+Wr*k64!NdL>JZ<3?IA-t@yfLJ zEhAl?B!4hDWW|Ph_zDGN2_zuYp@98A)D_xtzB?5T9}V1 zQi4q&z=lAcJQrjaOOu_~CZ0PulsA#R@e~g5Oovjk2uwD4){9YUc7<~WEey4-ftuim zFDdXmpI%uGEd>mFcbXz}n<%A0vlNb0i{mP)OiKKIWI8r&L@phdAfOQ7U>0M_H$$Xr}>T-=c z8QB5V3y;Yt4eVO^Ihs7T5esK@dpS{MYuZnk_+-a4LDZ#*&i!x}nbbYv)Yvo9@g&bk zV9-@w*Xe5(m>35N@%bHKsDsbtqB1T8nk%W#uEm}KpUNfB1V+eA)Ape9885j}`aNoG zIP>XKRDhoyDf(F=69tr6<{i2`y#!ys#~m~a zXh?f+1KtP>rZ3%|>zYNnwh|(ozIcWY2QiUBg2^+|gaIuU z6xZXh&InjB#%L(>6=FKFwhtP5ZZdG&)VJFqq}-B#2KF*a`H5j0uBaHjcE8~ifA~ZA zCQW7iJ&-C5E;}eCd*I5k3Ma&~r$c$SP+oG%3gHl08>(XM z?2vkP2#yrYTIK?Sq-=mx=06eNimEr?x)PuGaBxs)8Zj!D(naF8vPq5sZ`VwtMLMRv zd365k2bfE&S&^A3!h){^rvZ*`;|(nO^(~!az!b0NpQ^22 zr+UJBKOcyNYuov6oG!{%0RY{%nmrPUn{BsoA@bv2H1uMKI1!red+QLHl^NWNb>V8; zIF97{<)?g)Ulz%IdSXQ|ZBu-LQ5^k0yuEoil>Hk%{8U7gB?;L=l0C_mt?ZIy%f3g# zjD74pSyIA8c0#sfUk5Xm5My7Gbqr~&F=NZvc|Y?!&-eL$kN0={{(F!2^M~;VGjref zXSuHPIZlXwDq>cq*^V~E(MmO-{A4U>S(J z%;0{JmCF@DLO!4-`D@I3BJwZHUDNmCX&G}1&Ee}1DYBqHmpT-H@q7fO9mYnn(22wy zpwZ0&_yK$9+${ZRCgmHkn`~#zzqFhJAC-AfsvfiB0e++<(&3FMu1U(hW596fX>q=Q zC5|$e9zg;h4`#1o%hPO4@xVo)a%IMURTwL9<&1>sYwki-!AAkfp8@|t5k4U?*B)HY~ zQ7it>pAW{;Q?gytxoh0mq#bqSV?rX8)!Fk-vF>j}d>GV5lY2#)R9bFU&{k3@UaT9Z zZ;TDGqGKE6C_Ov;u=Zo>kEY5xN8Qz3UbeU9plZ8yMO@TN=G?ZnGk0~S4M%%mg`z{`f?HX? zwC^0T_5S^^?Q8cOEbEW&zZE)^d_-M3Av(p9xrvIeH&8+q{R%ML01-l-J-HpCbwryG#u|KauzLi9yc6s{x#)obXryhFDe+;VknomggD>{rM{2yX4FJThNJMy(^VL-hMBaNHoGG$fAN=w1>Y;1P zrA0y6to%)~zA?qAWjDbuxN|^m)x~)xN7X^rSFtZsUT|@LYpcrg@fp3}GKoR&M;flu z$K@CapjyeeI2q;1E=8*+kHpv;Cs~WK(Y;QPf=ty^f|~rW_lxeJl5Co28;!c$IxH-G z)mDP-JBVKTA{?6nc4q_&&tVDzzAsZ#A~fw+IZrkyWPzkVzNC7fr||=zZV?*X@`bRT z-z17%m4n0X(eqmx3`vw3_L@o+x@z<6jtUqd$P889zJ9GCR%q(2!+fRRs^!`Ef+cKl z31N9xDVfPKkiQzEcD5j|OOn!^*+%>XV@0#z6ljU(YsFqQs=#bgcaO;drTCZP5)A+o2DeA_5lrdM-PQ z!h}k2vTNvOS1r90VF7zZ@MZ%_l*Yi8zK`yH#`x}9-)39kv#m3ha)t4B76M-?oOT3u zCuR#bqB@Bz$wG}*oaUK6Gy4REwTNU(_m>ZS*^#M@2StJw_f@2?(tM{(qETg zH?>zkLXGaKnzZsC9SzysLUIFa=<}g$mUYvOy98NimUX&81@I@2Lkz1;_4Kc2*$qO? zO3(@>Ndnr0NLtQoa_Qnq4O8AuDDNYMpnQ(Q8xvHhoiPm7@259q7T=8cM7`hpbS76` zTcJjdU?Fv-%4Go!ONvv|a4XRez%XT%=Xe%8M!JuQS;3YiPKxyOaaB3rpN{GB8s(~8 zDhBA>Xo-n9nzh%h7s@6Pw-ufhaaGv#E1T494lka7_DfRrVv8y&ZNCi59r{0KiSnewoO)Yd^Xr_`9X{-qSw@tt{P+ImElc4*Cd z2-~mFuf~a%HYJ`rS)zlNA6JG9Fw)2#QTlLFAO2qFCA6b67>F#EOlz|gp8(U9%ME{opEqHEQCWM}-m7Jd^=E#kJDk!)O^O#5Z>yhXbIzJ(6BJUM~U z6+_FSc>`TOJ-0TjVU)&xr?l7M=x02#p~R{Q$qJ8!ihRz-AjCU_+xNVRC0!AvvM?l? zgjYnw{LwxeIPp?Tq)Esj8Ls*<=r9_3`GShAVKXCabm(1cSlDOzHm*^3G@j+$dOZ&A zv%9@G@PpY?WiV1?F>m4beku1*t>1-O*QuAMp@wmV$#sGG9aDFTtj5Q{5d zEgQTz>ByAm7yd-Xa4LpXR&sGOCZ7AT<0=u@v6#V z_%_1{3)ei^$e`Tex)8=8Z6ENbcCkTsi{=|=_&&@Nwo#d2$@m#Mp;}ce&z@^3QIZ9- zDF`j?Me%)BoQ551uJ@phM?#`H6uMtff@LSg&Q}c4@XSsKp z5d1iaU&H=L=y`x#$$Kbf{(@JQJ zvS^XQ3p==s;lvkvJC`EsWylj6iH_fH;F{jg?tqEfQ>@1_W>{uE39wCfoaPE>(Xv)i2u6+kt5RWlQEs_HLs9L1oXm&gwA+T7d? zj#i%KU1`pCf(z80%ALCIri^DxpM`*@w^d^B%9|vSO^j1K0GDqKL}qIND6!ycmkIzd z6JTyu>W-VRV7`(B^5e2*#8xkI zDoi(@95^2WvY*R*R~#bf5Vo5^l7%LbL$NW?YkOhLY@+A1;nyU307DZi2j=uh@ZKDS z4~c?>l?xRfpl`j2kBK-w`aPlpWtp0*>)xyoCa#~;J=+3^>dywU#Gl8SB_U!ss#4Bm~>%2H_Y$@(*}0Fi^$FR16g@O z5+0}B?FO2_?@Wa2NFpLb*)Q3>zw5#P$?f?C+6z6D4NpsZ_7<5Qi~?j155UVxyI7e{ zq}PhArluxA2L5N1Q>!wq{C7yYBKL*zMYR)0K*XIj?^+0J1I6$w^9f1cl1S}?HNkU8)H*0~J_@&2bckp{f*lUO)S}OHVs4anFk*Qd%%X0K-^gZ-y`*d&qd@Jw;2m(Dv zyeF`Jw&ro$W^|pi`{9RZy%%mp<`!2kF12RA=jDdsmMgYE zApj`rUba4Y)-7`O)@s~{z2>#u3 zZa}>Ru^3VAP-1RBm<&%QJ2Uejl5LGZtyQlCZQFBi{mv1%DLuBi^J_=eM`y=WbLgWo zTFx7nYBd+Mw-H_OEwXshknfHf*PhI^jZr4(y?-9c!9f5Qmo?9goTy7=`qwMC3!T2@ zy;rUu* z@L6x;R<3rRUC`p;aVTAkfGn{ZShq+Gy22M^B$cG6&QGaij~5vVj-PMgjEz}HMOPl; zcuMm0Vg)pb$`zf#z5|@JnCnNldaz0tiq>X=b}e>O=-xpXI>E{chGLqJ<#c2nSs{6> zddTrBV3Y5d@amO>df1JMIk4M}^QxSb7GB;zwrKJ9b{?sCX;!8*58^TUxSvFLBxgU{ zlJoKqC$>pSl=9}X$8EM5y6<8$CJ%g1n|$slx1u>hzF`B%yqh6@bLSG*&VD({5s1x> z8057KI4*4pWB2Q>4}9sg>AB0@Sa~FV4G!rL zhfcj7w!=y?Gl@2`hi0?7Hg{+<40K+Lj4hIg6*b@Q@Q<#G6m8j?#xgNkeOR2@S5r*C z?e4J{Q@JX=G#NvYVwABB+G*Rgx2Gae<7|uV**F#>nrW5z22tH?)*5n zgNs$1!GfeE!JBH8>dZ$5tjc9I`d9P@^v~#T4(Ib)SnFL<-(j_D)|F5vXE(Gnn4y1C zNppsg(bXVfID&7Ev6o?kUa!(c`kmd>tgTJ3^t;{{CL-4-Xg^-VT3n`bs1rKFjT;(P z<%KwK&K;|4V{JLW8A3R6JMyyAOtku~&<6j!CM&Z=ad-8JJ6bw`EQl;CLver=fAf#L zqMbKn9!`fyY_R$$q}Mre2=y;fVk~a8dkUdrBr6qK zdj-oInT1kyy%*ZWW91uZmLiTTON|p_hbga2p2z*HWao5nr}2&bu>v|cE+h>^ZCjuo zLjrzwe-elHXUST^jn7!={*=3PO?pV%ldUG1b?JTf`zLX@n-hK10#wKQM5zIpa>jC* z@*u!0nqD8EkXAft>fPrK$H{HW;TT^n_{jHVei&}QvVJaUsS^oKM*BnsVL>u*M0h4X zCxe9>duhu6h?nUneH8>aTnjIq6Arz3!h8TucZ>UKbgJXAWV+Gv6fHtnWze&OiFoQ2 z)E(F&fA+!2&;{y92MOmfuQQz6l;=KY@=QcUMBVKqmjkwo=DgQeD?}zZN1dmaUwHsR zEYw`O=#K}sSXc$VW4-TUX3-fqCrCF;hS zjO-TfdT-Eyu`k^Z3z2plOBvVSEd&{*ZjAbKbL-VJ_d@%VN)f(Te>0>_E-8C~sRnaK z3KE!cWhVHk*1w297#biZ?l zGskM6yMnZ6hEa>c(pyiaW6#S;vpbXfx{P)f85Fa~Ma5)CLPu=TtKx8DpxN)Al)7jn9CFLnl6<7ovt78aQ0L|>pFTnnnFEW?TdQtHH-V9 zL%%@Xz{AG4$$!WE7O6CV`tr6S_IC8pVAd&cheRoc7A{ibd>xq%KRIg_9Tr}ErU=YL z-0+KH===3*xAq|Ow6X%!spw6*f#JuZM{Y($}D8-}nvoV`K zL>u(#epEvN8HiNg#_O-00p|uh*eNAS4Gg6m<-tp33FX4FzC#kcwptH0A zXLGm~8N|?6C4%nR3XdQ|*n|g1Z=?5ZveqK)3Rs`CNyfg%@4Fuz`Q7~U2H7)CuYgHV zr1Qy;Q`r2m>nq}&b-C$}6q~V0UF&|NaDu+u5?8=tw;^oS+=o@q-5PjXcMa^q zDi3cOj=j-H{nT@hzqCis-r~i_9-yDZ?^IO6!0(@*UquLmE5LByhE+jpBo>Es-l6=( z5pbj_Wyy(sO;q@3v=OZlXkfy}tyfi8^=|<;FMMTueWyyC)BR*Ziq|tx|&oVu&(z(vxy?t?OY_Gye#NG;ZJrL z&=COOhMpMEAnQp-Jk{q_o<21PKE1(nX-b_l=-KL+J^OvX z?}fS~3mD{(Pzxmn5YaOCr&M`f^Yr0%jsUR)0`jI-aR*R;uK=|6Nx(UPfYplt_Dnxm z{(7)~|A=eiFA=;!CJm7PDqwk3k0$dCH&pn8`zzOLoZlj3x_*vtVC@Z5L%o@1t~ z*FZta1(2wqr`Hn>KUxwkg>`hu!>?y!S5yCYMUNks986#?M&$c#eLiFfcG+ zH>)fV^vWCDxee{o5>gPwsWe((ijR}dt(W<(=~gJV;J+;9_)OuKTAH8tJwS)dOY z^(n|D%U(K5uHY9uAS5{F+yg{=BM1N+a5~!BmomGhlK|~#60q$Z`965XlLEn3aZ)z< zpAn#MY(z=v=`>dIf)xIbI)s~$-9J%#qPD=;O8@c7OS)~7q$f_G^+iOw$h@Iy)iUnS zw@dP&UqGR?liWXC6;Mt-P>-an7w=Mbszo!;6-*L9!e@c%jAp@ww#M4S(1YtoXjagvp6OKAxAKsNDFPlYdJhoBBo&F;VaQKZ7|kfXQKiuk~| zR|fF?{~g`2ZAc|04dn=M56&cT`ov~O(R~6t&RBsqtMg1_19c5$ka6(Fk5-Xz(pFXi zSU7~vJK-T57>6}fZtT6DSXqKJCgk+kqM~!ck+dcDlF}z~Z89yF^j~6UZ=DrGXkPd3 z;)BYDWg1 zp`3|x2Z`bukn!=t7lG8ic+svU1J3YRx|N-2bqE&Q1X@!FeoBoXt42yzXV6}3mv$h| z!CP~&8LZIoAhwqO>_XsG19oMMk^3yW5~~t-+ucy{w(H0jd6#1aL_!My?*ugzIpheg zLd3iXq>`BP+qvhs==}GcWR(O3#wJ8YZM<|fd0A~PC;F9|)xk!c3^Ip>d2AS0zi~Wi zCBeQ@{c=;zJBEy3)BT2X*Ue9PlM41zLcz{Ig+0^4}YOJ`qF?^ zZy4>D4WSgJC90cUn5Wzeze#<= z7f`rNvlN2N^H~l5ENK_+%L3y5X2{K><(~L5ewh|IbqThQoUJUQp$6Bg6jO1rP?HwDnSG4P|WAfEmE3~YuMkQX{L&alIrxfleW=59zFz9X$tc~N()`gO?Hg_rZtD`ZGzVueIIGvB_Jf(G zf^x`Fk?X2mXQjd+cfvfgOt8RgijKrJ^p_K9k)qYYkOB zLW>fRsqYaF$YkUeCsNT9t_B_SPj$uAC9aLQycH2z$r<(;@A4#VeXLorZc$Emp`cC@ zML*yUHHo|*QxOB@Sy_yOT&B5P0TM|rHZIP?>`Mm3eRuo>)1dyPF1aFfAzLn_G1w(? zNBX9c=+J0^`r*WRteJ-hB_gn}%YEOipCXD))*{?v(4!^`_ffc6R(t5?lu~-3HSTDi zxWC=!e)*ej;?f|+A=h-?w^+$Ayf~al&s=p0F?c6ip3Uy}VFI2Z=b&=?OS3d>hWglr zI+G~ca>n&I-{A4SRQl8PhKk1@P$1qTe?Id|qBY@4A}r=k@Gi)PuO#vySJpK^Y~#;x zb8&r}7W~FWwfd0jEO#3cFeotI?5PX`Vxv&;=L0n$#}W3NmWkU^vH6hjlxj69v+b{_ z2rM1-_4hgmg`mf^;1Hh(vGS8i5j@O!QC$E#WcQgwl$zmNDG0QSNg_*D8+@qwZ@s1N z?>h;bMTy00Cx?W}?)Nv5Xg&W;@zbyGbx@)@yK)5qw~ah zo!%3Chct|eRMr6_Pp+PLz`C|)*|Zj~B}%>6)y!Rp%gFRUSP^07hafqo`U&;hB23>Q zQ>1g=#HDui``8Afy~?rw4pv@Xg9Nduk**avE(gro?x5fHUg%{5Sv!Csd#(RzUC@|B zICVrtAC3leh9n0mCvq2>lS;wqBHAL&^Ljoy5*F(W{w4r{{VRt$Ry-K$PtMr|2#WWp z1!v%I_uHUjBJW7gnD3t@Y2R~c++r2U%=-?Y?mjsg`bcK;N;#g3!rC;B*d8qCY3{}5 z-sMm?0gLC7k5xkyXu<@&3;+KAUvH!LNFXo2V2!50Q^MK*=o}pJZ_WeC1O32>M+h{j zWdp3BeIlm2yW9P^ELEH*In{1OGJxfkYp#m*ZtY0jMQ{ECioc z3)>d1n`n*navvPFp96>XToKakggm55(bDZ@txKHP_x8pHPyEWK%$mO*9tU<6@PY=d zd|Ulmr{$SZC5K|@XVAzp_7JnGugyn4xBH;>_)%kXxQ~3XzRT(IF}9Gj((05}A@) zCw4L$0TKsGZxQGN3*F3N^3Py~vVolA??@%i7Ki$>I*F4G00N%oPt?1VpR`iojjXnr zc3WjRH@0m8acVKx?d#z->}R7YGLYk|yJHwaSdhXVpN6%Wtk0SoW{Z=U8{Bk2$b``C z?YW(8)>5sYks5n0>jKArgPnadZW-cSPNcu-VJ?Kj{D3D~--z~}Jdb%;q{rJ!yl_Kt z|7Wjtw|v`D!n+O%zGH_yY>S)f;`dV$KV0sc+<_sIlCCXz$;0FlLT#G(j!}7Rj zBjj}E+^V~X34FWN|D^G+ivD}N$7A1hbeJa~TyQ$P!mfplhoM1n&{aybu5Y5vjm>9k*70gMbgg zzxbhM0QXPj5Wa&RFum1W+JCnfB1P#UxC~jV4uz*-P$BhqUp)=PI@=I_>k)&)05TetNAGu08ah93<}-FUs;?yY z3E+RW4!)$l`#Ja-rwe+WuOvI71uZ@~0E;9~t3Rf^r94iqrCkJ1-p{Q+}&(Y*q4EujHIDvmrmO{z7aouVqqDJ2mYT zY=O)-Z1@$Fdhtc6#iZ2-kY<|N|ID<`S}Ka`l<--}8&{_N^b5Y0mAr|lh`vr9MnUVb zyNNtTG!?rS)^Pi_QE)b{6LNKraXShtH+(qD402`rGT3~MHVK(x=$yez=L2^lP`hZx zn4Xf2lQw2f(D(1`Wf;W6;!*1U>sQt;dpDoDYwSQqMP2UF&uI^nrJ3ouXy92@t zT%{-^+B;KxR$co}X9d`k_+MNZBURN&3BqTUM20}eB!*6>?JDYuDh5I0dxUz+R)Yb| z_L;};Zw7RhvPyatqCTbfybOC)|4>M&$}uM0p^t~oPN;5~)#9OlWoQYgn=8c|SFKWw z_`KBAxMIP}_?FfnkU9SS5gVb~eSdmNg1kzVp5nQKIwuCPgtd@J9 z;oJUvV0W<{P&`ZvKU%y{c?TQ0G>(FrT##A`PORLZ?6Zx4k-x!jr)^BJ`5EjAm499* z8iJ6e>Jx}*{vLU+hYhVj@GwcjZmT^=VT|p07@48E*J>KRbV&^BS?U`FR4A;bo7Sns zr^yS-8wD@=$#WE3kOr6!%%My3hx%=UD;9Q1H^VEU7hpSvMh@pQ$Q)=De!KPk>JRlG zormM$QIBRu=Eg^ilELECApZA>rPe`@k=6osawS0$&j&!wIJfAQY_q8gVOqX7QcT1O zgfx9?*S1MVn!F?hHc--etPjgn19~r*-^ad-u-mY(zFhWog#0FD*ifS?wNKXjAbAcY zSx%3GKbHHd2VlDq{XPx;KVDKa92)->+LW8d?f$6A-aOd<^Zoei+j~>au5N>jzX#90 z&3n41{muri1Exzod#kM+Ssev=v5iA5r;4tf0QIfwLY3N4shz0j3_B4M)gzrwL3k zd56ZKBa6*>yRl3N-UrgY6LaeIhmK?q6;jw0TvAY?7kp!kN-Y-(ipLA*2-FA9xrEH= zR}4RA>_Tr-SCi%t?|5}E!*#1afHmBz}rieK~_5* z!9lM#Nl~HQYgHra58pn)QM+?2h1@)JH@=VvZ$#5bShYNKpYflmM)YZs)n zJ2)-8uTpeIzYV@b`H)r0X{~^QmSdiv`%aO1PGDqX@a62)C84WUke&d(qXU2P<81+e z;>Gj-8*F&Igq~s1e_QeTi4CX_iAW#ry&trAA_4i8VBNhZxA)~Zb(QWWT~dWSqL(-c zOna?dd&h)DGJNqd!KsJOo5E;UehRz+F_paWop#XuLs(?+4IiI7DSkOS@%d90wBPJ5 zZPI{js0?BqC3Zt7+K@ewJ@oS??v4`U)X%{)yV0%aeGUb=+_yUOJHD{B34#(!rkxD5 z(XwO^Vdb~bVcp%Pnx9NN=Ub{4&5=II5!+t(*UId@!Zcu257Cj^_gXxBXSYGM_57uP z{wc?gr7x~;$D<+pRNoy9(hq*g5PR>{U@1KR&kMJGUuE|RHH+{rM!^>q`)J`djKcRW zZeX@BG_uFv^{4mT!v7!>B75$|us0QARZBY0jGYEgj!vrE?}bYn7|{Dx$|JOv8Jo19 zSab$v?jGt;wIu-HRzWNKEQdIO*+!$jA7mmhjP>mBVHZB*6@8!fhdVO9&m_H;by^Lc z%6x#cmZ8Sj_4nA;Ue~u>dmi{pv3Pe?m5^m+KZn&Igh^ z{ccz?KgNBem_B@Ue_&majd0a~6&Dnvs-hC56;bm&0o&?T=Ab>hjW&atBAo0Di$*VU zbR;DuIe=nzQi8$Vm;vb2p z*Lx)6nM}%5KSVDCV`?yCH$GvwVi+vam(*iV$GiL`1X9`ACS6Or#26D3YOs>_hRD(w zHXg@w=%-R1GZg|`Q^FG!y)+O#F%LP15$@itYaHKi;R4RF@~pZm$jl(gCkQ~vSL^ZP z*j1nY43^E)OzPF|4bHcD_1qRqEg2qZ>b@8+w7Csf_b;?=yK1U4N`oTiMIK zJE8|^edT3V1Fm~aqe4^5XObt^XX*ftg0yW}5EnA;I-5zgrj7PchBY5b^p|lowx>PS zswmUGjBRv}^Dc|&G3W-`o~!E~FTZE+qg*E9 z@2)C>_*Q7rz8HZ=2*+8}6{TA1#6GMvjpIy>y>uBLBCd~5t&H0lS4o1G$hu;ovfSU2 zAp8zSAx+qVvKf1H-Sv$kYpcFTo_N`OZBg)@?lEig-ToxV47&_1${b*%1C&a$DG9c~BhNNcLc8MJuNxCf)%vBg^H*e> z?Ny6)8$x%|Q=B*lG-?$}1x;ekx@;4$C}9Z+iLzOV)v>Rq0U{+fxi?!AG+Iqsgk@6V zbM#vLcdUWma-L%&@t0t00yt!c8x}=7F!sd&hDwaHex1OLC2G|e=@dJ`IkTQwu-=&X zfPG&w%ULwl4Y?DFu( zw<5WOK>7|`NJ?x=ZuCXs<^Fhqr*1Y=6yo33s=@>(&EkTl{T{_1BfRU1JKKLtpoAo< z*vC>E7Xe5s5&YRMo$@Q)zEvsuU}eZ z%9OWiCbkAkY>{~}mhYZ}S$`W;gtW^=mfsqU&FD3Q7rK9wVa z)@XdPQLoDC zWKK?TLN0Z`1jYwb9(T+(UX?@rV;Q>rvFl!wnZ1E`1g6((&pkh!ir8CZk@Uo-ZU<^H zT$^jxt|D9Fo)cr9R(U+7>F`O7xUZe3O)d4TCUN;T{~dRiYL)a#N$gBkno~NAfQa?o#bN!Cw)Yv+0|NG`c-7GepMg8}?&VupB9`Xxg>D-4 z+*21#A6zl}cuo#GDkP`h6xExgzL>9uXoU&vzg*!?8-HA}=1S{P znMifd6Y_jm95wdwK~9qb|EQk$t94HZl339L>uya1TeJmiX;*d)&;L0I;jAM|Wfsv@ z22+{Z&a%?ON1egoiJShSh~t3%#M{C&RnzTIB^e* zzhwN*X;!!|sD(VDrzNk;5B2lML*jau^Tw~whWMAbV&jMNzMU!q{Y#$TO4gUUCU_BI&g^u}@tv5ZawWmk>qC?##8sXE8--$M?N0BD(xn76rZ|CA4a0*`EyGEbYH# zl*@`XYr)!ZKGN~FaE9t&@I|07sF3=>iHY5y`(#+WnGveI@m*oSw_cffwdc1jiv|RyKEq>=vg5oZ|^! zE3rKBhro%NkY@FPCgWNq?)}<2`bLBM9_4ku@*e5IXcT(S|D&zSKgl3?iSu|sx;xQ8 z%h`dv*pxqoUiXs|xwAo2DD@1@i+D#qj(5ufy#-}c_E>N%vfu?Kbr1PW;Yp08KC2HU zL+p^eYm%7qr{qimbKjH&Cc7yNYJMdOPPE1_;NMtkN_x1bfkw&4hwgJCs7f>5VuRM` zl$FMF;s`W8zRQao11Uxj5b3cc&vuH^*%NMhT*gqF*c${8Me>WV|Tw=mo(=5fajWa$fG-*Tm2MndJKdBN6@7ro%ASJ z;M*ukh_~7f*Qj?ig>g+~&VTkBaLjEMze`HHyt{;}F3_PV@EET$WG&V!b=bItsHwTD zrJ+#)gmtWAHIBZ0>z7=g#&=5d)VCwLFsWj=<%9V8*FT(`qf9!ww&&Hul`K7qCI@P; zPxEcn3{CM}p5fXP^*p%&eQB**F3AsTi{k88RS->JXBz8jM8>@kXuCg(LE=%R4teq} z?*$qz$=>N~FE;WX41R!0#nlZW)430UU(;nWiy8=Spi6-VQqDL@Ti9&Z@GEX1K6C-$ z)`#k=jS#~byDC4E&va-pID3_Gs!ryYw6x>^A3h(;vGnJ{3#oE)!?!!R1Nsj%0o{In ze!l+yUQGFiOM`n2J&@G{@$*dhoBhKhWx(fCrxSmjpkUAjNV?fH1{w4P`(2+*^P?Z4 z{Nw!QvS~&IQb%J-tR$)~Vm2SJPrRc2_67Et*-jx|Agwrh`vE&;$2GM@pgZbeOYYp) zY)AH_hPN?jEMHjR$Jx27tB2V%WUpNYDZH<z)5?pvn$tm%A>>!7V_C{dM@0+JmB zJ|g2>=)DcoD^H*Nrvw4E%Ku69{+|2%H~)q0{yuS|-u#P^{0)@YlBzNPGxAby{U=xa z|L`q3IL7ineWC!&qzL7f=l}h}rUsbYhv+jSe zxPO-D6=u>W{LknBRlEN#U$B71{*S8Czv$54e|Lr9|IfF`p9*+?6T_*vH-xoh7QdMS z$bF=tckl0c7N>{XxuE#`)gAcJp8oB+jnav#4*YsN{B()ff2^n;O_`baQ}RVely#5G zUYjZ@5GM_d71HeiBWn5+Xw`TH9j;?-x%MNp(sgm*QqqiFfT`1MdxSeW*1Bjzo;dO( z9qEye*U<8WH*lU}^rVFU{tnz#qJQ5Sjkxq07r)!Jb%ubGWnD5m*mA{xXZmo#gRQKg+8 z_W5ER8=&&8w<$IR@Uw_0)D#D3*JHhY54W2CJ+tG!ef;mNMxQ>=?0pI;d03m)n%idh zQHk6~OGk%xF(I(IALX+Slj1kd-<0R#ZO>rYKfGVBzf?v_SW@f!wQuvP=3C^x0u^8c zh9byLOA>mKBbD0Z%Y<9jqpVE(>B@VCMH9|T8TbM#@CddWu6qBP5dU;CqrGHQ&u;Ln zgUY|{Fx(YnHh&F`2e%LvWuR$5q*;WyxVRPrcr0ao2wtn6P`{RWCVaL$$GSTCpZ4h>g3|)ZP4xFs z>2i~cWhSc#ecmmfAujFoi4F^t=}6jUP@Kq^dj(v1*V$o-!|PoDTc`UY%S!HQ`L*hx zXZsub#G}=oJL{Rd>bw4Th@6LW8AheX{M#Af%2O2^0bjD-Z#2l=s2Xg^+K`pP@6-7{ zo^RZPRUH#A@hpjK-BYU*7e$j@zV%?yVRrZ7(zP`S}hNZw@pdSPy^ytkAU5mB*rA^F|VTUEknSZb)RB~;C<59;|g5>)RxEPT# zC-4h-%X$c$qsho8b8ZKHg!rnEc1NPxV$N;@1860W&wkxt_Fvl`-NfNXx@OTn!QvAU zR>86*y||DV<`s^mSCXCgXgEfiZx8IpSY2{klAGoj+g?hSjM#^&n=EGWsMQbkuRkAt z74x*t)KKbDESG=KBa2GDXQdXkQ7GCht&la2^8ItOLF+_DC||ET^g!ps)xPdovCXON zG?f+yq0{}o)K<2CR^b|>pRsz18s#>iRgv`eodMIY>vAyNyJ&XVF_HQoX9GZEca?!^ zrAVSSNmk4Ph~om*OiKeO_B^Ttys?HK<=J5pZC`*4E|a4KBV-y-F-bJZh@=R5$|SXn zbC&Hu!lXk4wRXp>!ummTs2HLh$)grs0ovad_NS}l)&BpsMz5tG>R%gxn$lJ_BD}lVpaZGl`aD;tgCwEDetC z8@B|Na;NDyR4L*(&}u25WNY2DMr2#4<0 zDfC&SU%4^+cx_*8H6YHUNxvxnLsUo(YGVn1L;Siu^-o4RpV!rXPvBFLQ8^Tpo4gV| zfkJKf(g3pSjCQwqTb_giGJ-pjfFbETS(Q&B;Rx%vDfz^c$3PTzr#*?N z+2es=;L3FtOM&hq8syhXoz)YVAo5;cX!Ho)zV`j)?j+Dy!4pvH2vT!b1e2vBN&5AJ z*EdZfP>DiSr0kZ3Sdj`JtskkP9_G7QEBS;rtX$hiy?YlaLMOWH@p@JAJ?0$W(SUd2 z@_xlz=w-i5!cBRk&2M0PzR(c~^B(D=r506oWT5$Q4FGjU9Kk68C;N&S1Z2;}!xycg z)=sV^T0SWyy+JTXTFl}^PS_)k!{e;U&-%Be+VdED!#+-4c=m!jOH->JX`f? z(F3z>&qs5fJ*!K}OVjpVtEoFXf6qzKU2fcVudS9u-vV-v4kMp*XfwMhjSHo7SKF?| zy|oCvSCkT%t-4X=yJ>3%D6O?n?3B}ZS(8z=@}F(QV_{UqP5*}Fp+3a|s&|t6l_Nhd zI8N}bKCi=1tJDd93aTpiO^)FeJ*48)hxH!VI~x5)R0jy>?0e%9$B$J+IfH|YlYeO! zZBfnxEkTX|Q1CG~#NyzJP?CzBc82t@_Xx}SCg~_9ob0tm5{PcmmGjKIf>P1wPG-k& zw>kGwW-FoTe22%3Pxrzk{e-~WtMluh)Z(7lY=Zsz>vD{EFrRVnDEh#CR8;7=LbDOv}F2;{6 zOIY|D^a%^!pxKpuvwK&kVC}9|2z|m+q7j?gr=Qp#fh!pi$Ic)(E%D0rV zNvP*iL|-Xup1$&8m3BMCdxVX;{QWHApY!kWR?^xPIwcwb9OxZfLcaWsHM*QLRJ#E5 zZT_MSa#6LurtP`!Yt-OjFAFF}L@E>CN2)V`b+-oOo~udKsvo@f_CEfM+Qb8$d23Jx zhGBINL?n)@p=;|YN zaOl4#rFaef;KvF)%>ISdUgLcD0wwnfEMezD;nQ+U{9+_L4z`^l(3KT@&@J4nAQL(F z|Il@oaZR>w+&7R^LPbzYS{hWk1SLcSrE4^j8(mVjgeWOUDJ6nPca9PekQR{g%;|L}VVAGPJ!_z}b z=9MAJkdTWt(XdC=vSb-*Q{sSCNt~XY4u}xjc1R6bC;y8^c1<+kU_O#KCF;AuK9j3o zq*vKVqc{x>Sn5lbZlwVcm+frhnd1JeGXktJjXtOKvy)@lL0Q+&+%_<_GG;w&>foH) zQZhCwhI@w<#uSwp-54vN8+WfOwNOlp5_-<`FsF_E`W0bb63uyy`$NdV^Q3SMwIW={ z$9fgR5A(=Ap#Xl)PL$?LZ-&zgT7g$14-n3U%emv%f))mK$przOq!MplIKwu z3nbHgd+T)CFEBXppIkp-`syPiHO8vb6MWMzDLB*g<;G2(gPXV5uX6q+1NeZYR-G?l zax(A-zm+I+G;5v4%HUU_BD|MLr9HH0Xf1C=AfY_ydup##99sbBsS41zS;xx!a@fTG@S zz)d7(mjXkC@zpEf7Y@>RelMgQdo(M6UDdPa>z3P)QM{+-{)d{^OXRf*2Xp6}!1rA* zE^qa~900!wPf7FWkdvM43sXT{$oXUCbO)s3$rjBx&z?3pa|_$lL-n59%)BV$A7k9u zU@+WKpPmvQ1k0=ECe5XS-NjnJGG5ydqm$4XR1c6-mW8W+(n#7g`a4PF zlI*&MpbI4$9n=AZk!huM1eH1fXs(_sAWewg0rRqx2?o+2uZTPoV+pR87SaC#34}d6 zma8q5+Ec2V55}%3F#rir?soK(*KUC!%Z=upI9W2m{=+E-moWY>_F4Yj#2NQ-d2Y=6F9~0gqZDR&+ypZOraCLH zu!7raQvK{PgHJH<2z!U!oLSiYZIr!*1v=h4<&Mo(DEvmNjpE5>(55=L`qow%A|V0G zKWFWIb{WgH^RxBa@JOyrbc(5pzS3mI<9iJ-Qx8%7ZTBJR)0h#}{mgkvN#!O& zxb|aZ)SGUBX?mV=0evT``zXim(F@ONVv$tBUoNp-$zg|t-!8N83w%J!THNtZ{lP<5 z(29jzk!W_sFeM6O+1G>6z4BW9(WNg;mo)O26QU8i^@}{$D86Dil6(3}73~+=ufzdo zpOZsOljC=Bj+`s~bRKkjPlLLoY`uKdQ`7ZKM@qR++Lv$qc+6|X-v6TxOj0-P{Vcao ze5T&H^*xh^-UOI_dFL=eZteXV>%X8BE(`GRzU{VxYhjzw=%%F<(`gB!^Akf9-85+T zcd1^O0Q@C8fG_YqJN7Bn+=)08&~x9L1>y&|$e-I&s;z_K;_IGpt5)nVK z5csW6I#rIN`Nkd18CVGLreW}HXq#Q96}^>%luK;umdT>NmtmT&LCL`F84FBz zY*=B2{v{}9y;EC|JWuzoO$^*LPMYTt@;V-nONcKnUa)LmP;x7$5=TXPyddgnD&EXH zNH74_UCTLlR*6;L3{0DQpVg2m$#vE|Cy-C!*zoysjC(ivCvpSwZ1T97kkcRrju9d5 zv+OS{0ZMG zSt)`8Jnt3wE3UM>zBq}e?rLXLC+Yy_m|@1<0?en^YY%1jNZb&2T2z+bTN<_l(?@1s zx+IPnBM!UZE@7LAo4@nkYI*1<4WL!uJkqydq|fl8(YV#?+>Y%OtCnjQ#2`ejDA=z> z+i<(>>c4CDUAXkCLTFpYZF=}*$B{|)nU|;`xOSBNMM9>K`m_VD?u+Sgj@CY&6dQTi zmce~*$0@F~zRh0;6cQd!yJrJjA}faq)OQ#^m*#y$#q91Mg=beYhm`zP=@=`oA0KYX zZ12ZX*Ckhn8CEloXzF0Te2AZj-&do(=IrvtNJheiQPVEG&}(URmZ>JXr=I4hTYhL* z%)QJgJL-NLYDzzmqyC_28q6jWUwm~HaTQ_iSd&_(rE`KEJa9g)2^oNHLEVlqR`YwH zu4bvMe^u$?SzRv&)q)N=MMXk0je*h2bzPP&Mwf6Mud}`K^meUHgU!}W;34p}qB#NM zms5bKi7D!x*t;Y-Jy(Pyk0hVB&S}vLqa&f?F(;;2A;5PARw8q*O9E)U`4uad!h&yweAh*60r2bu<-o7EW z<`9ItKB!!C;M!64BVi{Y6|Fu~H;5X3C*MC4gcnM`?w<`3BlUL5`0L$i-jXzo4k3iO z`*?@GpUgewRED~h%vg6Yc=&4$OsRPVsi(%C0+Psj`no9Mo!Ymb^`00oE?3QM_gR*V z#3rVGIi8(a!iTa$r081**f)M--O$XU@#~c+z!i#E4U-AK-#nc$Q8#D~@ju!pgYnwuD+6$=p>?ir8^hxAIcRf z9m?CSWJ7=xCxqtsWnx~Fu~XsM9f+uF$hT22T50&MOMcA%@X}lI=LNSp*EsH3Ps@ko zTE{yn!I$$o1g{}@V{%O&!B=eG{}oT0@K=mm0>3=%(Tlm;&n;ZCw~#|p=!?Z>jUEGN zs~}j7__d)@#kLwOu&v9+MtK6WuQHGLdzHRGGFvM^9qwEcUnca9+OWee5^ZVBf4eb$ z8B@)S8E{Sg@)jpi$RW4;Q@2{rtJ@h{C(ni;$XPYF>=-EGp}mQJl>Ar2tEtzLxRWSs zf~CSKWa0h@Cjy~ieg)U)4#A7kR|3+ka!B`11-t~UGja;cs7i)IW8;#k`3QnR7H9T(hy9HraH2 zPxTF(eAWjl3V>6{I|!>z_I!u+iMk3qX!RHQu6E^{AX3MXV; zTO64rajOb?pak7aVOX$5!X2J;r49xb$X8G_^Ikj_`_y zdWwW7sxJ6=?kU23)w(wM-io3vF@VR}2J!z^I9lN}>{4^PFIzC38-1U@hv>b^ zFjaA>X!>Y>W8<7a(Z+=9UFDlF5_@8HaJ-X!T0zxUSdHSBK0Y)S;wxv!SpY_Tt3x6$X7*=8 zT+5rcqXHfu9|AYR!s8{85chU8$QynQxq9Izc%Zy)0FqZhv?s*vzM>u{9Ok7zsoMp^ zm`z2JDQM}Tvq;OJAww|C0tM-y5Ac&}7>`HiJ|AVfvrkgrJjDDqLOj~$>(&k6mNY+;AKlct4^pz|1 z5icrUI&t$a5vNb#(Jo*p{@JVhqRREDF{V9fj$Q%Zyn>(hs)-{&bH|L~Ey;ZnQDD26 zPL+|SJ#mHFcID*F-jfK`f-3?gR;*S-L=a+q&^g(neWUnwy1(d{>BylI6}}FgM_v!5 zfsYlqwHO!TL_T!jb5P8xn%`niiOqDaLeNozu)GC;eoJO$tG!XvXK80+e?wCzSJ&&W zu#}{0_SYV8oN9bC82OY0>hktY(w7QQ0mJQD$tiW{rObQJfhN)+2FG}e)z_0EjT`iZ zXjnef=W&GiEc^I&G#n&L`C#Ik_Ev2(tv#&%$#w9 zDs*<`aBI%{k=BrjF{WjI2wC<>^Y1hH?}NE5O1y;g0ecK5SB`R=hG0jTn~~a=?!Zun z&=x=zXgahaxm(FUV-$B7F6i>MNaCEhq6G7pogSchNd)Y+d&P<_^q|3U8T@pr-MRkC% zKdw*zBjOq8!>wzF9KDqVnWkhCb3b5axf+_eN0|2bK7Gg}onmB^Z6ga(E!2c3SY#n< zQ_khycsTG0fh4m*EpGsnrI&sXNtj@dn7fN0#^STvncgio;g1%ataq|aVH2bnp65(f zg7?Q*^g{qw+!qt)sr{t)aQkeYE9WRC!!u6S-nDt_Wx%>LsA{xMX37>(NlUN|9eGa- zfe#M_p?)oZiZ$}LH-Dhg^h=WPmfIxS;kUy*Ncf1OpAH&(x;1&MZtL2-*1kd~pl<#HI5s5k#Jkfu%o*K_lV9P8ubRij9GF+wi z1_kz!vZ6Oj6Ex@%cVS|D+Ht#khtp_5ilWpn&d$avXiDjpS^>a*@f*qma*A(a231`8 z_b7kjs5r1)iS6EUg9*b|I1CFxcF`25!lfUqw@?{^n`G$uayZAleZ=ZBVFha%!Ms@_ zNUR9I#R(isSX(hQr_{uHOHohl^eCQ;v@jIFb6NDp+=cxHus!}@%(}L?z!td{`6hmR zkj(pod`UfU&Ga3Jf%G_EH|LSWj+a-Tum#h~O)+7X#t(N&&5w@|b)`?-o5a&71WFdCv7QyZM_#oKM()&NZ&|@tiX6hntZI zvgSlt3>((GfYK%%meEpJH+()9<(;;-zKP^?ILFQ~Y#+IFTsNVBv|&+HO{aMth%}N2 z)YRNz#vX~`0`VV1RED)$5c^fPy?fizB7-JWOZi^ib?PH2hJl@a{Zf-L zp`P0()A*f!n<=(qlcRA8xt=|1E9og#XQoPUC-*Zl?5DaLZ9+1%Lozl;!$0XgsiGOW z-rpr-?~?A>U%4%_JVpRD#g9}cjB3?OmU7HBT9gwTO%= zSwr-~0_MHZllJB*vE0qUTGm26CmsLyAEz@{s1Mo-JV@K&koGqfO>TPKMsV3^-pv;> zuep`>Z_7jQ7wsUg$*~Xm_~BCn(es@zr(|7stGz+%(DUEN1_)XNK_6b{RbqXYg)!z5 z^Ja3(&Ymf3TK-=P8~n?M1nu6dAEEv$q<7YGX=Xej*8eqKtUj4vp_NAqMZ(3?`efmq zYp3&M?VSJpxZruN^!=E=sj zZE{#Oj**p^f&c53Pz74{>g*abb*@${fZ;p`|C({zUxzqS`tMgCCFs#dIGCOd_f7+M zrsWuszK1Q}36uUOx+ngla}Bi6`5qwadC7F~u%EByVHcakoejwT=c?5Fxhj-JRYOd2 zE6$QHQG4si|NSlRf!+Z8mbz;$Mv`#H{UmsROfcRN$fk$MD*%y@M^TNWyGB|9`(BgmZ&s{JrtD{c-EAcJW=PGKj{(b3v z?uQ(S{m-5L6x$(_psZsAv3x0H-u&%?PaA>Y`9D`igQ#AJutg#|K>2VgW_8poHO&(< zKmn8^|9+`EKDF+U>E6H0_o$Bkho5(4%ys#`8UNz!QnN~q|NVPPL`i&uZk6#UxQdO= zlSQ%mg$8&0lH`@)U%vu{p?U=+JwJ)3ibmTOx_heD(1Ko$|3--1>A9vuM4QR(FY(Yn z&N7aUj_#+yU>x^k*3&9e#`jYG1InT1G3QV|KK}I^;urJ(b+H~qsa6^w4xMB=WG;B? zAgJ%gfJ)BjYkgEYPngJ&O7`$MToH9K&uit3HOZ?|1>a;>1Y1K_qF-&$W36wk^eD7n~6NhMp znmSJxB#f0okieB}`On49+6=}74db)3&j+(ksRRqls01q%f$kqws!+W&)iroF8=oBU zN$&+7j$wrhmA?VW(ozz(miC_&u6|hKuzEYa)-7SIz#J9fb?Mi*@7ah~U%Q9N6nP2F zw6LZRvfG|q5de9v&i+tq=9(sb_PaaJCQOfKDva;gll*6C_R+xi(_1WaKCNj~pO^I_ zvKB84zfy0$A@1Uk$)TuN*yPig%^O^nXGvV1T)oIB#gg;M-XuPH|4K^1P$ok!vK|=& z4o|0KexG~&=ckRl0CkZ-VE$h9N&huLZp*W4IQ41gY|0J2C#z!>IdL_+t%_4gS&Gz>?dsu&~Y(JY|m`Qe@Hdy(2zhK-8!p zRc`PpYOEB}?_^NUDks32Ew7!eI16qOjI73iZh$@^w8EkH@_4lwrVdIU%0Nq8>x(a) z%j?8))yU#CUiOzY^ugdu2K%0dS>Rj(SfzjTSAZA>ooyUVDL02QNkZ%T60l!Q#GQ=B zoW@E#K54)LSrxoWp5!Q3)TsAX1%SEkcTT|f?b8Do^6gvbPKpo=u2uRTQSy|txM<%yVVEt5bNUMyW zp2B}VkKw`Zb#J~{@CH@_ySUI`O1X($F`~3S|M7bxfVvSZ^jMlRPWS=s8Op44M5~(8 z`NvBZSq$$vPfzeCqn%P!9;Jfu0Fy9b{DZtrL6hbQeqNrbv-k~$fdnFSKu3K@79*Ih z7-GIzuvqXkHy;&2$B=pUDF88<3BV%(F&SlKYm4xwci@dfN1_B-F%o>dF6sQF ztyTOr0k<5@$YDok@yhi2Au?bc?u~%^dpbX<*V@!PtQ6YbpIVEEF42vo{*|Sj_r|^S zuJaHxcH-BWV%El?RDu8i2fV(TQ;Mu3)#dI7%Vlj)(!8EMjO+sO0jDIJHMeMX0chVl zm(A|bo;^{o7PQq*!8b}iDLn0s?ODCLs`($_u{ovwN4j2xym)5MyZz@Crp?Rd!B)K zzfQnoD;XtOwOaR5(T7Rg$rdC$g4^GtDxQJ9o)2Ilk$7$sTZA>lovCx z_UC%V6CPKwdk7c4yv8@Ye0o$o7DqrDv7V^DV>=8eF^PSTdlbf@<8`oYy^Rn;7@!|4 zn=YKEAspubQKz$E`Nez>!_P4JVk16`BG2KOOsf3mm+B-pZF=Hrfy8DKAc>#=DF&<- zU%I#g>wy}e4QV=S`v@jT0+=MqqGRraN;h)m zflx{^RE>KaSUf>(7R`Lte)hJg_3;Y_H*Usadkh!E3QITLDR>IA+mm|lvhyk!jMXi?I!y| zd_al_UL5xG8_=h&mbEoxscUNLJ>liPv7tTlx!J;hcKc-M{_<49ET?0k;~sW_8`m-< zCHh+Bz+cs|-ltQQVPTa1CdM#N4&A@;C`H)Y!n)AFdsZP^a5XrV@c6sj_WobNIF+bt zAwbLJ(%9P2K%=o_;jcGJN6q5?mCk3qF!HR`^6^hR zW}5v$%-aSpg1@}P^vpcN12-WI-JDQF=01;=P|M|b?MhK@S}&aTmL4Ar+}%sn;#v2I z0xqz8=IXQ?)J-Q&h$`Z}dMI)kF@FfaNVd{GqS>Cx0S9L>evWv@&zZ~0l6704IMC=+ zzbO{BbNJ(tNTW?K=&r7_ogPF|NrI*4xG$tq5fqnwX52=8s@>m=uJQYRa)4l`*yzh< z(!Sny_Y_jad{yCVGq)0gK!-v>wI5je}gaCz^l zT~hTchB9Ru-^6{_%PT2JOtJ;?DW8pv-{0^V`?6<~7USIBiqO(OC|BgLI~$Tdie^Op zOkHvZ{JxnrO0wUcB09eh8qt{eG6(Ju4Lds&pxU^Md{lwC`F1cVvn|{Ca(>|W%edAl zxwwS$3m@eb9!V{ z{F?f5m_MkeG6ZPw7s}?mW5%PB1=dDSgP7&`50^=jKdXVk{se=pYxMfS)aFwk{Nv|7 zIAOGYTxIW;HaH!G!*d8jj`WQP$B7RwxL5Y$lB}BBR)t<-&4TOm)XH3)#=g%AN*h-N zHtH7}ppJuS6D|hkM2J+oBJ0L}C5?!EGAJ>|!rRMofI7swJ@xFtT3cCnX@9B?zEE!L zNw`)Fx9XDz4aun3iioo7o%&7@v1KxoybvYU5W<%5tu%n74~Pq4q?iVbO-G^wZ|3t~ zg~EB9Zn;&lMODRR@IHC9O$oQTd-bg37$WFfnJbi=zoXy-mhr~j>5*8!)?z5X#GC)0}La|{I|wKBkW zx`I}AE!711`bulq`jxB}AdC>U4FHw#X`|=F);W>@9GRy5JZs|77%7MIQU>OVDW5eG z=l;m1hW%^8p1h<{lMC%hhrxRXK}+d-+|F}Q1aHC#QLIgny_g|(%!@=Rjti!nKoJ_{ z5%_k*aJkFbG={P(5!d27Qztp=C*%iwoG&W|1wgopx3|}K7dkf5W7`?^ZZPQfU76Wn z;TWH4K0Q3#p>}Y)~qAB}rm4m%TRQJJEK2-uiY`JVvyYLdW z;Do*AW58FSl8N8@ta#i@lzcKQX8=3Lcap4EIyUDMHfAbrJ?T>M`>G+D z>+xixr~Nov5J-Gcf&4gfw1dFer+^&0)_{)lY|nC)oxkyd0c|z#UcCQ;cT%cO<+bJ1 z{e8W+bRO$%rzd5mLo+P_P2LowhobWZxp5x)-kJd!Hek@Ih{*glq)=1W_;5`%-NDy~ ze2dXHZoOI&w9dJ5L*GDkSRQ^*OM58#&E1ng^1Ssp@V;U*jiO?V&tmxZL=EMR_Os_n z8#d$fvMb^|gNY?ZSN_W~2e;VfnCDgixe^09QPZVsZ01o}pP^tfu;njn^j^PW6YyupLymn7b zoQhiIZt27v9OfRVZ-4&z(mPz7L;-aC>95jzktl`Bgd3i8GllctEh>7WTcG!bJa46M ztF(T`BiWkh`c_<%8{3-RzH+lK^6~sl{-bkAmams6QUDx}iJe*BL7H9kqHFX{M;$Px zxnRnO4FnrKZn{bl9>cW~P2IN=m)O^^8OT4jGL#5)a|y<`vV{A({K4u1Q_cI5a2oGfS-yVH!(;U#mfU*w*FGE&t#1;u z%fvgxCoI737>QMh#rYVPn%a}qxLhBg<7+dy>k2DIlzH1oY8a$TxVl^Xq)(W*b!MW% z(Q~uFW%6B0%F-QqIzAHu;ZuQqLZHBy6$?aF*sS6E1uK&KAVxWzPIJ+`gScTc83Z1F ziRZr^43+ftlvu3jpzy`SM`ngme?&>Yzu!lEP&z-}#i4If)8otgFoKEw8suRpdVBsF za-Qw!6f1QnKugZobyfZtd?q-*1bheGB%fu_RHgCU1mb!lC6`B5|+(iaFF<9N|U-y;eXy z%I(8fABy@FEr91=hM5Zn`*-_tW)PKC>!4xg4)OQ_y~O~ZUw=8m&836_lCt$~e{`1r zh@ucXEufvs&Q8}p}T=s~QEaY+y#RC~Ka@Sr|Ktw*gr zMy=ywXX|U75f@ostNS>q1ZzpCp2Uen6Bu?>@>W(cuCxC?00GaHvrHnE=51R*%Svi^ z_yCCD&x;PmTE+#0GAdpQ%?3Q82CC(b2l|Zj%y`PkaG)02WnNDcvr&DP29914hWyI4 zaEdF_&7Q;Z;}8nTNzb=4BY!75h9?3Fa19nAb_4mrRJ|LrgL-k9oQU#_?Nk+2 zWokckK*4v-*=j0jy2m)L=JCJTI%T{cFShit31vGV7b=f%oNa9>=Fbbzq*dN-R@`uj zcaj?#RU%`tB?dQmRhpizz$uLikN~ia2k-Sr5EwmTczY_{g(=25$f=D}eQ2$T4uZIe zdrVT#hOox=nRY~Pds*Qrm4n{xW(H}Asi&MC^PLLUciwmoU>V9m$pI;%s7=nAtR-Mr zQgI18Zi=U7DTOVH-x@rC&~4O%jQ%xormR!-`i5^pXie)?!_^dn-C{$Ud@k0&fFRGs zAdRIruf7_HZTlXA1OsJ>4SWmPj)Og55QaP}k(dg`6H4mR04qV-h%Y3&w#t)SOAk^8uW|^+M zFZ$VqQPw}o8(TDN{~&7gYwz3AfN|k=&faL9$xA#|Ob~hImwjunU<#F8Ge`^ z{AnY7abG0ADBOR5!Y1nJ3*Y5;_P;tSFBjGLhFzC%`;xl%tZf{MiDMy-gd|+-O$cEs z`qe3#V7BF1^*H3wQaT(--}?@ZL~(Kp4F-{NaY&;vT;lTb#88A=sj#GEXGQBJ|DB>| z9vuoRCzV_z-XB`Ldez3`Tcfq&59P8)rRSR~nRBv}H20_dBQISiJO&5FLBIF78cdQT zUW4JkV$J3e5Nj^z8nm^TUtNLu&Q~oVDueK#1o`#0J2ZkOvBAp8TH5@}wU0GD=jteu9&6Ee0Z-ACvI*Sf`P zx1JGn;#3tyUKmEzI9K$xI3`(#B?k99&#q@{LlMVilHVXoE zpYSHi9%q2UqueJMP?apKOU{9bwh%3=zQDfxUGL9p&i$ciP(Qe$v)OeYDOQVN>yrS7_peI!z$w~jdV35*XLIp^|r7dF{-b_cM@x*(< zxAD8wEMa;T!*$vKD=48fC*G38e31*pT7QxWsBxV|uLyyo6-Z{6Sb?wb6ljJ@N%Q$x2@Wgo%?MRiZ=HCON;Gwgm^}gy#@# zsRm8^aC0+MoEsMWYdk00|MVX6+zOf?2?yYfD5Mm(`|&{buz}UbrCxY%_OzLHfSy=6 zraTL|NwkBi7I>gsPn6_e@CJH9w-=XRm}`+IkiVrYK36IQ(iOh(irZ}yK62-a;%TU2z$I*PGSbb$y#Sww{7F4({;)*Ot|D*@Wq-dKdU73+%;;Bo5$5*obQv7(^XGA-+&*d^ImzVOr~9_jf}nZ?2H(De>6?&BH~F z8PN7iO#CZKn(gK7%*@<4c?9SUtmf0K{uo0=U*!R`5~32@PoK(ezI%HP4gJTiy|p7ahxPWFrB@{Zho%?^%p z!sqUvliKrLOi+W1_L0GE#&A?{On|CiuG!5VAII}nSD{Y8j*IH7(t(=(2SuI^(T+lJ zhM10*K_DyOq^oe5yba1Lna%>(KNR!~t_QX)MhtYspqdIr4MIVpCwzeBneNJpV`AY8 zoYK=K|)dUW$()6%hMVD5pJXR9@qk1?726gB7PIkOM><@ikGOkxNmtH9ztRs{x&=al@hnfC92!@6uUR zDYbYYMK+fO<>lrE8o1hN|9P{DO9=bflWBkNUq5@NPr=N=T*v)AbbasP?@>p)3ha-J z-={1019oD^!_@xW5?l~>nD`bajcaIufyap=MHIBT+}G@;>Znp^6RNbVAnfd-oa!95 z9Di|q;4I;g`}i>$RG1^*kddg6cv#8x+}`ZJ90MTOe}NGQT?Tcr>>%1#BjTLw*Cxo$ zUdCQlep-C}k`Pv}k7XeG~Yy3mC z0+ros^zJ10yc*S$uSxQEkbe!NH}*>F+Md7n+R=hSjj_uHp3k+y!EF1UzYdHG&R)<` znETiltI_5Lev}#V_;&m+aYb0VMe5ue4cVe$@~R0^^oZDCT_CdY^D&9bngDYsorBmA zs}eUf4<*N-AY2YI1fnF+H<-~G_UmUMEQo(!O2RFWyj;6L?Uu&)TasL6MfMx*96K^V zKOU;dzvK|sbDPB9%dU5Cl0k|21uw9nDqN{7ue9lb-;489NuOXyju+J4Wyf19AW_$A zs^#XVbs+m)_Syf{GPkur`R(e%0&DkYo{!3(Y=oFsyp6}sFJ}fEZB)lJ?H%&6AvtNL zvm4{uDyK8+XIye4X=qZWO@9X)rFeHBEs@USB|gJF9iAm2tA|1RCL)LfH>%}f&z{a! zWDl7L@-k0-mGIDHk zYUcLEZY{5{CJOUWyqzFJ@><#$BR(g_RlIRuUwL+$89{fkN~pV?32gCHD8N&Xe!N^A zR5V5YZQ|NI2b8zwe1CONcSP>7-qJ|0vRWLC;G-u!dla2gY%bAzbiX5>UQoj`%Em!Q zNcl-9wt#f~0ow<6bHY&u6?}@zk86%o-S(6ux#k$yFL+`0(rn^-JqRQPYhh;+y;tCG z9gCKww3HR%C3a*yN@^m4Jj$f^NrEy2I%Ln8q+BwbOy*^hgjLiZwOA3SV*X2pK&iZq zC>3t-Z<@sdCzWfGu1niX@6cs*zX{l_9+%B8XC+osvr%&KORAUHmOJ>)wPaMVb?~Ox zvBX0w){($~_?h2VxvYT0L(JN^|4wLQ00NH`k|guo^V=)rMQwdIPoc759k#1iq&;Kq zhm(dit_0oQ5HU1c?x-PbW8QgQrowC|?i@{hK343j3i%#9bOHK`Uhn17e#WCo9isfz z`L!3t;27x7uo+q6Pty!{)9#cdolLg&1>Ln?%X|RE^)AUy=^jBT7pzpS+yHAc0 z*z(I_!n#qpM%o=qxz1Pg*~q%cK0j5+qiT~F={et~(63T|CHS)2Wl5K2l@+mtQ{us=0BU%6Lc>Z=HDT5S@(XsR|f$e@Xc3vEUb0%hNP3VO;1c!_0T%DyUr$n1{G4iE4_Xf48~O=T6NVV%~@Z9 zLoLgH`}M%C;=%9g0Zg+Iel=j`5OMfMxXx);15XHHvnSOF(mD-0KAu-Y)u?eZoxNVx zbZF3Yuq`ls*J^S`_^zn>0#vJ?3_$bj^XR>t& zgvziLjO24Ru|dT-*Uc;D3Rt}x6|)1{V=tw#6d`GyPcud%IWbHb0wFW) zheuZ5Xnhq%@{I2U><-pb5i(LA90hQl?&S&V%#ptiEI6N^d!ApJwIgTK1!LDnU*NWLxTAm~71L}3nVFaE-k+IAPPw7+(7QrEo<33Kl357$SVJ8)BKz6LMjIoA!P*reM~fZ!R#+e>8bQg zLY60=X%&wMN7Zm*J(McHkC^s1iLHUo(G8+#iw{ZOOz=BD&4~P~lGFohoiF8H`AyPd z^*whz%=nL}C+|T1_X;{d-@dCDv(*yHSKUQ*jYKzKC+De@+#Um2ani^j?Gs}^qbN7^ZT?~f~&6I37l ztaT}W08IZ8z{q@tXGoB`H^9GfwPDQqQj}S$VQU8#p=ypz}V)6TAZ}*?Y1#X7(%xyFh&aw0`3|?DmFgP)L zbgLZUI_<(F$>18n@*5oh$Rr2Vb%W&6NBgSH``xb3)oUqA` z8o(hfe4f2?l*yh5V1H2-R^i_9a&B#xSfy_ICAD;rWAAP5ZBq?zjFHy)@9s*j(NEC{ zo~);&-zi@7NQ4-rj-M&M*$MYE2eP=!<;v@%o}fn#Up2tN9GiSDD4tyyD>Fv%bMt(a zvrzFyHv4-H9F9nWB(^zC);_LjxGW%L&5f>K1%y7Q3Z5CV@KM{fCL_kvIJ<_lrR8yS za67>t#}VJ-az{3pDVWVAvL~jTfr=rbq!ZxtV~@Yyhy-2>e@itlM7Q+>sjD9Be94VR zrrvM$WKV6Qmw*Qm@SXASW1X#TKaZPlIFis)UFaJfWZru7bgx=|cc&Xq^*2ugy#4Jo z{^!hw=6Z%NA{ReA>6A&>z9pulXfOhxGNtaFM?g7JO3aJZC%;Ubv#f9vmO!_A)T8`b z@IFf^gQn9FcWqE&4l*{gbgxt%QIk4nOV~w0LdNLdK|0;qJPs+b!7i$EDX0%iYi}z# z-P}@RT&0h;sI7ydlkdg3x>jionuy;)e(So0-lSV3+8g{yVEBx(1E*(ESKd7RsLfS($9>!S5@QvF#Qinf^i^s6ol5zFNXXwu)yU$Joy%9`!4R{W;{bkB=oBgrz`_ojo^!(}ijh`cNs|j?75o-SB zk7A@G6TvWsSAodnd(>t|o-bHnoa?Y3C4~X3cn`Th351Sl;HI}mwk|5@p^^heV2x32 z_|eS!ttF)l)PA!izruXk&1!tdM~1TH=sNCh1_tzen;=CayUh z7Zg>O3GqCRg~@!T8VWhV9}Yz8;wDM4I)kL7Z{xcy*I!{ej){lizTP(#nx8|#D~Oi? zSHBV&6T~Sy3PXoc5D0Y-L>?_HVY1^7BOb~fPvo{I0UNdK%bKsh=Ibft{l(4os|R3I5F^~r zbe8)5RR4a&y1vkvS8cdZG*F;vL#SJc9;&oaZNz7_JnvddT&@7A@4lH^w+HT!!PfM; z@Aiha=YFoLEy^BH`e(q@2tGqI>ma&`CdBlvEdKewFTCGUK;0(lj>lu=@!!F6O&#}) zx{St$6?Pw_%taMRbhq#6hw$zxOrp>QHt}FfHTT~-9B}5HdW=8z^OL2g!ANKwmL3 zn%(y}7up!P0ZOsp3u14;XD>!RH=o@Z^4(tx6EUfx#+x-;zDQ?_N8;eT)j=l{lUjbK zHw&6}S{I6)l78I(v&7V&oS~0D+WlpOR=rfBOymgU3C@Kkz&HxQck3ILI}UH6L3hMb zEgMNz2-}P-T~Nw6m4G$~XwLqP;*W6u`YcWr`eZv=!;h-Mv!Bbl@I+OLmu&Ift2e32`QZ_tYBmP72cB>lB3 zP1^lMfs>JQ+QL*NH}$PN+G%4_B!>&_+IF;zEQ5}eHE!`Vt@SBxcxQbK;Ml^)dbiG% zAAgKbcMO@Iac;&5B-ub(umuajs1z8kT0Gl({sLBOE2 zF1Z+xwW4Ng9-_kvn^*szl00BjZ~aq6pADJJk)?0_M8S`1P|ur+ITKBFUziq6zwtac z+l)C_W|L_=;^M641%}G`J{f-00fHCQXclno^~UWHb_eO@m5cj+eYvmS@|y0KUB?&@ z4>OLf(T(fJL$tloRR^;7+s=cc^a*RPA~4^)dei&GJKxwF5*4JoSkid#==8;P$G#`g z1;axw-uuD#b`N(jjrdT+&Ve~DOG6Ug@f%{fEi?k?AK|BaD@9`hs30v$yx*Uv4*c+W zZYquox7eR5>iDaC={@lF#{Q%xD#4R3jef=z8tl+JWztB0MQLYAiFtn64}GxDKVK#q z#E{0D6_!D7N+Yug)XDcM$22u2WET1sz`y1vVuKUabP% zuZcUuayFkA=g(j6H3wCk5|!v{hz56?N1B5EHl2l4!Xf;IML^Gks5klL3&KMUI(UNI z{_j~N*p=q<<&}$1PcRoG?@15IpPuuj>DK!YtwDMdbQZBtB|ViJ*zFfTTLW)-d&RTj zf`Oj@U05SNs>v_ITg$>%dp~7leXe2U*{C7qwJzeOsNTLX>!~by68DWx?=i z5sJKxtA9p70eqoO3ZL;Uu3G2uI#XC<7wM%NwnV`V#I5~;L5_07oN;e4&?HW_?9Vs@ z2ipqQwqpbeSU%bV{R00}j5vGF;)PeARL1!A%_1PXPWpdF2DsT!kAtU9IVJa)*sR@c zVx-u9jvOz3GJJMyiG88Q>Ir##BIB9`@i4b&`b}uXb&BAO_rca%9YGa*>2Fg2ZREXA z5TEn!dz9%v&@ehuu`P}$;G~5~on2=ghZ$QUf{1HRry@>f&&YS9X>e$;el~C&N3*JP zyZc=3AYssZ+x@!56VR#PqXHl~(V~{;`#303A1M#GQV1~7JaCw(2-^)t`=Sp(L@ zWN{5>v)TprNM`F)^XG-T8?&=z&D(vKJ%g`|U0PNseA@D!YORQi`;Tx{Ls+>~7S}Qy zVMSuZ+D^aYhXeUVrQs9A(s$UO)A(M@E_q{twP~ZZ-SYF0kb@D+)r(_AhQkfz2?6vn zc&z7?V>@T{740}w=l$IeA5rm78GMkC{fYDO3b+ncg>Sh*W1P?iu+EXP$BMlknt#U` zd`LlBf=fuY?h+s!+Mq${BQUDu0g{C-ANH}K@5my$dfFZ7^nZtwEkK4$w7L) z-T;wN)^_q7Aj5Xd>>v~1UmGB|YFwXT*y`ib2Ak&6E8?f8`Z3xq{Y;sk6$-qedYHHJo?*#?2#gCSGoCj56{tB zT!Sxnr-wFPha`*^pH+Q4eMhxo@v$)>GiUZJN0)X;{9<n0xT!9MEva4u2!J}!w!T{p)W1^l&wp3sNx>h;tyOdq-AY07^7aF84$;gd z-G!w7O{=!9^BHv7S87m*neol&bo+Mi$(io<1!l}uvsX#MlF|** zT|>8kfV7A-LpRI-(hLLdHU6LDc%LuN{=5%$?z!i>);ia@erNJ*2e}>dsh61E-v)cq zbA6tcs>r1IV=6;0B+6UltT8ldl{ybVBJ%Uqpw$G$>sM>kx9DWj=@hq+d;r4%$vh-) zL-d`&CEu0XQfZ3v`QHXpY_815p0KfTB05lUd_ulxE%pO_GV(#e?OR*F4-s2F&*`z{Xx|<^;!zP>p^8Xw@6dDj@hb-*Hn$y13Nz=%s-Uj& z7}^|}+By-RX{CmkWk0&^iyBinPl;nZ0_K{zBzNq^y1ei)xrHY9)l&mrRXJX zd2)JOWCm=NxZQFgLlkAH4^> z{b851c*lOdBOzN^@Af6u2;PP^AzjBhzhmP0eZSrKda%$o1vb8rXTaFt8w(xP9QX zW3mzeI6`gkI5{2olxKl)6?_sIn91`tFg$AcUg=ShhAz6mTh=W@G&3|Neo$CKd+Bi@ zOT7R1P*v^C%)5k(7k;1xt)%SeE})|+e)%0kQ-GuWsL+;!zfdp?pju7rWjU9beazf3x-jdodsSmF8K6BEILzUg3#yd5m&($oH@$)6IEC!a_+ zO>Y&oJNZx70c>1bMENYcLAN_Ue8&Y}BjNGBswu4%5TM8Kb{}jAaJXr2aVgP{Ql2kb zPs)Ek#H59WRi)*z3_EGpci<`p6q@@>e3Tb?b46a&!F5M zP?G1pw=%7PA*s!Ge>^jL-B4aW9PL>}n-mT-O=Sf59To)8{4Fa&#-vCt@)IHAtlh~{ z-MmnI1E+sTWc8WntQWi~bML$p)6o)o)OepLNzq6Q%;T@K=z@+zOu z$Z%rZKR=szb8E@lR{ERlbY|p}en2s4tvQ_`rfvx9Pmbuggm11#jEOm)E2Z(e<`{SY zCCg~|V|;ZC3K-8i1*2Sv{X25Uc>15UXDv0HH|jeME)XNbmK@5>H${%GLgq>Q&HZD4 zhn5PqOm7U~ybOhtwni_}3qX69kYyjKgCO88TV7N5ve-5)o-)(4!)fsTTjV<~eDH zpcnL|Ru@=KbWrUEc1A#&(bYyNqvRW=E)pU$xVQ!ALq z+9{&v?9j`Pih7Z!%KlH2#`w%5qYfil!%`-mj{3u{Gi-u#swctew8 zJABZA9KAUy5^p}*2fn0jEGmu&z?E4KQYqbLZ(e_j95TLH9o<=Ib`7SN$I_f4>hN*@ z(E43@OAlRaKAhm{r%Wa_Y6ts>TxIppw>ot$z4GT0XGQlroz1^-jZ)@3GX2eR`^DdX zdrH3pG`*Ko!!?UO=R1TV={)zuy6L7)k=HIiJyVf>x0#K>^gL}72l&LFog=CJu5>rO z{BHdKXP?UF8mAR~N6OTU8y0&yC5tB79(~J=a(c4jf%JI%>=!Une}=(|#m88Ogcby> zO+<}JF_^Eq&BqOWdqxmkjZVp#H6q9BYY2+pl;0d*o+le#TA%w(6pk#kZL7Y`uREM{ z{j_*;ngXzrK~ zar9g?Tq$wgf2spS`9uE!r)5o7d)`yeJi#*r6N*_6OHz0ac7?T6E%hN%eLAaThU z!|h;2V;m-Ry`$FfY{p+io5fE^4STYjfwUr)qyxL}xY)*&GB_Bc+5F*@*^^rOPH{F3 zIB{yx{gm_hh=A?YI>_OfES;_nyw7trMa;w@c76DEzS&&nQ1&5VqC4=TH&J^1lIY3^ za_&ChX5T+9{l6v?Ge!UJ$;4*GuB?3D0qL9iv8(e&keGFFkM&^Tn4?;us*QOFdnz(h zIyv%_;R-W*jD4o}pqxY62Tp44%hLx~C66LP2uVW z;1rvQ5|1=e)|_Q$9yWg?V{iQyQ?vZ~@lJ66!lbmvHPCwPi{?p{r2`5c<&B~5&zU$-B zl#DTvOUccHsqNG2gOcsbm26Sw6wQ@namypm&;abu&%{xpagdPbQ(qGJHIRlN^NhY> zw~7^*Aqq1gi{4YmO<7$Tt9jMR4}-gbmA;zY(T$7sskmX?ri$E^Xir#=Mh0g<<^dMF z(4PS|$smG&ZfddqS|f=tcZ~x;U1uTY3fRRX`RZ(0>| zsfo^Fz&kv>+=+1~ps%=ljca}z$lQ%1UOhq=Ti?&L%5@xyP6XYnHt2joj46OmJ>swn zPy8E4(kD!$=w*HM*Mjv<{Z9buR2%8D{6ZhP-uO>NUimgp+M*iap7)!!ig*z73;Tvq zz>VN^h`v#$Aq%bdG$3hV8w|`hG$Xw}1)uy=D0+iSImOo3dJu8M%^d!EFh4_+eR~gMYY(kzPV`y=(ZRAIT?N$HnLboY zEXN18U?X@6w$;bcPwXK?o$K5yDgPAg zssy(yBoa5C-nrv_Ehj0V@!l9B`XAahs_sUj62dIJUce&ogsB)!sf@uGf%4eH1#a~~# z<-w19&crz^Zyv3;Ik(+paE*io?++aiUoQeuj8oR-iwM`=0Ku^gj;!-FJtAx)<6BES zBW*~Q7p0&I1xpoLHD5^rAwqd?^z=$PD5sih3ku=PQ|bGyJfmWaDcs0_!(|g@zFU!7 zs&|RW>DJjkzujxbIz2n~6l1(a`iWCq9u8kLW^ll-H^PS&{;t5Q@o(@)*xTl&QO8m= zHytJ*p=yLU%Qt!+8$#|)L2!F^>?!YXdp4md)ZfQ-byjC;RGuFV`c@sl;dZ zu>L$I+FYgr?WqFq@JYo6(TBpWL-y2N! zl$Ez^F<(P3t4@4*YPng-)@Gj=J$VIa5x@OqC4afjCPF-p^U8jdP8P=k6l6Iq^ZVM{Y}RSF7AQLpI(~;OmZB~H)@yH^hx-bTW$!WOYE__OSf9EBm)hm8p`-;!XRIhQc;Y1)qPua=z@e+@TVuA^4Q zpKpfs?-j7srJ6*!Dx{-2Y{HDQA;>bV@}_BclK$-n!lKb?ep(2>fmc_EgOJ}EfXoo} z*{`MXdfXa%>ekCAF2F0MjcQu~P?>D9!Zz8!DG>i+pGP>?R{MM*Ft&5L@aAuXW~D04 zX2WVbC16b_>C~v_EDo0b|H3w46g-W69~_2PL$G+u=|$IDA-(-&UzCC*Bn83+& z_mAKffwk0M^Tl0W5P6a45e0I3p2pO~7wI(qq(0lgA@&E>=Ll)B@+j%UJ}Le3Eu8*q z%$H+5kfHd9@8H|lEj=PmQ;|6v>M-)%kpdIc_}1kR$Cus67m;}|zt>6|N+d`_VAbHyKJynkOkYkF zeLt33l(AmeJQH=Z+)BuHUZ9FkBPX}goJ1F?ZRto+ww$&Fn<5%HCc2|}UmgHN&n)w_E zd9|tPxcabuRZ~(>SU8u)Yg?|IDWuitV5r~bRl^HFs%YIm)3kg2(7;OjzMbUapl;fn@!gH z_(d+OGjQcvym5Rt2l{z9Uf{IrWcjk^OQ`m@>40^*;LaPN<2Q+1@N18zujdbjQy_4B z(lzFf{Ws5Tsr_Dj$1K0)V?KuqyVsffSVSsxiJ3>CIL&5MJylY)je>+? zh&-AxqiGAP;$x|LKAe4kAmQv(6n+ae_AtXVd*F#H=KeR|ggHPE zo^AW&$L{5)!zd0;v&nEG#A06QC?x0aZap-YMf0%6FiRiii%RLn~ORvj5!bPAwI0L)Mvo-xx`piKsP({EOxjS292s24~1>Cv~Rp6-Pu^z=k zk3OC~VxA!32#k1hkClC2MC|9O;ppSg5RT~P3os}{!d?-FtRRf9rM7@}gY#>-^JtfY z)^&};FONe5XBk>n{AF7F7UgF}gmX?o(7#pow=afr4bjsVNwI@a*>NpxC63MAx-Zb} z*KtV|<+zPpk`Vg{D3Zx32jIXmGITpaqBe-R17db@AJA@SgVGV6<%_5Rn~r-)Ls7>+ zF5`lFmzFWiOhoFpAypTRi?^*tUuoV&?H>8dZTwgS3?AKahZ~e6kUtS(9IG&hks?k= zDB9^-csA7pfMBI=hk-D(;sz!gk2cdN0h#RI()R#kc6s*5)7SqVOozEICq4Z@cSwZY z_m5TfU_1KXq|;wURl3po#shtm;+niE-L6y*NadudWf{_e<<+nfdFnKa?C}dfS$y8D zNpbX^{8R8tnSKA24h|A)+E#)>RM?%Dp;j8>-j!EQ7o7aCRuyVb4qB-g$K_++uq7oo zH7RX1x2+#hTx|Z@dXZ1wsV;SJRIs<~yPVVG1@!-Gv=GJO+HN}vlds0a4`rpN&1ls- zer1{i#S1NXKirg67EsCHSi&!Smf`f`47J?Vr4jnC0CN?MgL$>it{ix_{IVFfxiNZR zeE*W2^&GQ3WSy=Pc}}xjI$5^hPcokYTpj5S6q7^W(-M7?wjA?8jC`XLarV)&Xm(bX z!_ETnPc~@93C#OS_rqjqBFwp;a;nkM*mj|*#{FOsCMpI*Bu%*9oA<*)1IY>;?IJ1Y zVT%wo-VJ*SGX+^KyW`+-in|}@UaRuTo3SwGX#>cbk)d>-9%I^)v{(59@zHxZGxnaa zwau;=|NfiY{!eS&PsYusF1bkG-@iYY4H|N;;D*DQrvZ48?*sfoGy3XHvI7iS4x2~= z$|H5w&=5%w5QEEAyAP5(Zmp@}#Xw z{%m+EOgn_lN+laah5%GW3u{N9olj`b<`+cS!Dt{QZ5ly zZ8X8KiqH-nIqAuZ7ruMrd0{|y^Gw~s1&`#wEJ}Claxd)A{msR}-|fyNSMpkRkx&nZ z-1(=A9?Iq|SGEy4=0otIo1U#N=Et{M$BtKT&tdVG2i|V;-Fv++8@cv8^7Cf~-O24V z*OOXowbxP9A~jV(l3^d3q}^@xC$3J*<<lTCG#-=YO<8~ajtVk?3FK_A>v1qZ5Q9x*> zmXB(>g`Cu`ZiF3MzmBbuRCe5ivgQ~{gt#B(n0ZA$?0BMJX&8X@b*wB1Z!gL5X0ou7 z!iGmHriMuWxt`1JbA=_!=9z|1KQTRn=rQ<%g!VVZJK$ssDe*cvxs!^ewrsm@)$B^q zjlpEp_U@&xoQ8-oKzRoO=Q?@v-(OZgiab7<)Ha?4n|O&u^2vXLJ|X~LwVG#Cpa&#_ z^F&5=x3mp0l^+|E-J3kp7!OId-rqkYc6NEVm)m(becpBq2Udv@7x>qA`e(f5^V6uX zssiZRn3|4Px?uhM&`z4Uf(tY%Qc7j`LUGl zsxo`C^|h0gvE%-p9v3K$=cU_&yY(?GUH{0}voabT&VgSD7X9a8GHc%Kw5}~799YdW zo81Z3wqOE*piS~+_Av5U8)*+}$#7CrHtE9@B3`vih94)+dD5q3DA;X8;n^xGx=M!hn^HL2yRvEEv2WE>EVfG|EYmCak^j@J;HMNn^(%Pu zcE#&R;?#cE#Fs-F%H?KXaER<}2N}{EToT%aFS&eOW{A!f*BR}O`ewWI(4$j5G?(t` zWXBvBp8Yswx&=5gs7K?UQMELm1(0z6fDw?2{DisU$0mn+mmc^_&AWp{ilDarmhT*R zNGPOI*eF0OFYJD$zko+2&VJwKULvjCN@xZY9Zqs4h(1Iup$r9b^ zKal{{^x(+EpLx4!nZW{y9)N5*t4#Y`wySR5%fvP8n_PR7h-(6#;C<8FrT(uH#`B*| zNpmQ3EaeXL9Ir~%&LDXXb=rMPmJ{014Td{5NeMcWA&wfqH;5-aG5kJxVtBqJhS-cn zw~St){(eL?*f>;cj5bJ3f$2?bT*!yS!9eZ=TkSMH^3wR^ z{xqG&mrEnTQK6!$));MI_3ld8@Xlxrs^&mu3)^~F{pznLm{u8|emAQ*Ou1mG5^^=e zl^0afrr&5&+b+J&sNZNAF3LWRUNS2=YMyB>`!A~EL^Khy_e4cX65L| zJHs%hZ_?^9UK^GmeKieoCBbCxj#F3vh16kiQ=Y=~TbL+u(il0S@7us>;00p zTdLgq62!oS}ygbrUpYC z{woHg*VXOpp;Y$lJ};r&X+v*=sJ)78=lpMb{Xs1K8uy$L9iGtugI`PTRmiHJ2i5&y zh9D*0XSlF}%u@JwTrjU>{(q{xXvUtl6#9ZNuSwL(!2Um9L9ps*n37Qd^IG@xgQ~U* zzfE2|Lq+u(8PBT@p9;?Xp_@x+{=r!s*LC-_IwSRTkD-e58X42n*E@|%-Z8D#$o(+e z`a|OXnv=|^rY&Y?6SExj<9TiwYC=-j83_r&44zMg;cDsAP1c<$BZ_VGLHd~gL- z##wht=UlZ^HrAMhtb$5C&GDkUW&n>?)T7OCS(|#{ze_=<6L7d(j0J{WJasJ-OX&P& z<{n$k8>w^T$0Zq!3kFFl?ax;ip-ZH!{lvIB(d6?6t@f!=dfeZQsLuKM`8Ks{jq2+M zhJxxP^Q#N;^L4VCr0h4|NMt0GQf0vzgY-76H+3@bJJtG!D{H@IP)qv>0frcDll z#|iNUy;+?}|FNP^=mILAlcQxdt@8fUXZ)41>>}qG?WJ1}L=KwHJBHa&&04sSz&Kkb zPt#NFjg*_E->25nDN+b3=biN8MyRpZ*?cm+XI`yGH1JZaWHX1ZF!kgMDVa|dVz;iXfGQGE?Tu( zBVc5B<$QP0%WE7=y}k_N8Yf9zq*vU`tWo-*62ywI-dV|aG&+PGr! zLvFcp%vfsQ%vQ*doF6V7xDJIr@#^?}pyWxp5hir#HSA%duiP!VQ&dF8PUrD0Gtut#YViKgz6!LD>~4b;2kAH|kj3NE29xz91Vn z7IY`heBQ}jy6qGsql0*9rM7~*mN4Ii4H0NZ7$GDKk5n07}P=i>Oh4M26iwwVEyB5CWwPfq(Xmy>PSjULmfoR6XBjk zs9#aO_@@21^x(nS#j2UdGhq%Xapnq^^)G~{% z8<&CCc0gQd12&cag0i6dfrITu!+(a~mkan8hkqwp${qi_f8NTqcX4J@F5l4|H-Wt~ zug=$6n$*0<(EKnVj@AF1{XFN2Cdzk)C`@#{BlYITAP_2T98~=c(R6{mS{?|-^)IR~gA`{%4&ex(BMO$<@vJ zOD^8tl;fP)Ez-0JbsphZZd9?)LT4@~r&Qm72f$C|3m0! zrja%>%O%3MbY1NiPIMb=Y+alZEcLTmx(sT43M!%&B>&(S0^KaEdmpP-zCeDe%^`C+ z_QzY;@H2MiUG$1ay2uf+XU-1SH*cT~%nNR18(XY(ZX_R!#s|(iw(ez_IE;Uuq#wyA zdJ8|zK8P`R!T5YYKn)pmRKBZeYX=crm9teVG6&J2(RCKS>qWTm>)?axw`nI%$KY?4 z9UrV9SM2MhD^4G2N};a{pN@(0HcJ=REo;eyqnK3YGDVFehIx@&pUdFUR8?~U^>Y@i z6ac&-1syCQSBzQSMO%Xa`-wB<-5Cgwg+M{j#}dfM18WfAGbVJu2IByjmw%FN@&5jv zyL>=Pm&J7xetP3f+O6Y(*qyxM7QQ>3`F1`uIC2l@PZoV0e@lha(#k)PQe!RttRq&_ zxK#Pz>`{2}H(A23Mg`};Y#-*I-;6b<;-psxTEu@<@}lm%v^q!BWez`Tb=}M$r^Lm+ z#Cw(_S#UiMU*CQ}&7tDe(!5(S=ZFpWd*ylAd2t;>&#c2}`BIqIF>>BY``*uOg*IbS5()$%97B16DK5+cpd zjkWjrb1`dzRrRP6l7=$hf2E*%EyfgTc?l6v@NV>+T8i0TkKl`ksei2-eum*a)!S}w z{DybT$H&$v+dloSV={B;5>uB6<@l+4y@}x)z4EI_DmHACS@`fiUZNB~bXMb}gh&1~ z@p3NhXj{Xa^JjERA5e;EfwaOa0ZyXAd3e&bsq7|mx2LK z;)>+H!lke~T`jbUU2ZNOfnQKl;KWeFT+fBrFyw~Y9IbFTbL|8vVedkrwO`XxBcBJt zj&!yNaPj_p!3wZSqmn?yFekD*?x70Wbj84 zWn+}jHP}a}<++F%(+|wglY@ZLZh&kG2Y|sR)cz;24%I@Fug!xp{B1~>^ajxvj1c(8wr=ov&Ea`m*qN*cgZ~w1C$-NmUnN? z|CUYHXSZChaPM?ZjVhB{7$it!%OH&_e?`Pz?4Q#=h>Cn;rNwa1-~U&Uzpb0ixJHFc zMOho(oS-6kiG9cLwR5jlzDed``F@@_+D%+avR<}SKdAde?b2Q314l!aK304t+(;l9 z_d41mnq=JKA=Ud^thNl)i8gE5-o(@KfhQkc(9RzryHu(HRm@zj;-hB;W+|#X3xlok|Pr-Aj3!iBW!G3Tu@{r-h#^z8}moT z{FB13)A#P*AMb=fPTK(ClzCoxu7GvXz7eKn=D$0Dj7L9_&wpLqokvGXS>#q?$Gx`t zF$DtHpOx6`9J+Y+P@;UzoTks7BkNfRpc;cKQ6)dSgs7L8hbzGxCih|Q`trA{@|U^c zGTdWHA$~>NGJh9yY{vMpTjBv9`7NlleBj>$GsY_07{HQ6ejiAYFV!flQ^1O-OV%J&^oINu zQ-GEi^5(a_h_(N^L?wu-Mm6{ZKP>gZ918_S48H!GxQdtel;RU>K^UpIhwEd*LgF4@Z$ac znSr2YOelAc6(SuV*{$2w>dgIgVzq9}W#Ft!<2QFLPyMlKq0l*={q-G+eb%MwSJv|r zhi-qnQj%24wl)gJTBg|a=hjC^HIAMYjtK?l<-L4FEfxvFDqo7-xGd@R^4iUCDrO34 zV!{E@?sfxfC!eDgSmTL+SGo^m5_5tapF}xEKsk!SruKUbNV+`$zZM3PNlVUF4-XH& zgB+l7KnbVC+>>t^YoWv@$WcRGeSi=e5@;XPA~eBoJkecIPT{SUl~#vYN-txL-M4ezULdkb3mzi^+ks0A;*uk;s$83aK!wmwfcUH}AXKq?S0j zp8WX4$Kz}}5r#gDLIdnImr{ObTY1wEZx>L!h^>gdlXL=@y8Alq1s1Z|?(M$keSkQb zMqW&~va*u$%H}E96bS`}rVXs!AHZT9nI-C5s-8;!q?qt;$2uy}T`M!b-9Odwek}b{ zym;;uZh_=qFNWea@>U7$~O}WYk=HUOJCH!-{X` z5y@zKvTZ~jg%bXj3L(bu!Pu+PbKDAn9L)#DaMq3)%vdLni7{1%q`F&_4Ikt$kvB+K z<_H!)ZD_c3G_%rbdDv3_U_W#|P4pq8k?e{EQ<$7Qh=5--yvWxtgxO(ou-9-O8U5)S zNG5P{cc0Y%EU%)*z4r+tzCfekgol`%ysYuL3OLI(RF#v?!T9Y3E30C?Lh2AUmDe4m zv{zl-A-FYeJL;3{Ep9uxLAG(ajDc+_DI_SOJuh!>Qviu7)~+&&y>CgMsq1;M&UA5g zQEX4!LiI3S*SZLWSAsCc%$n;|it9}}CeK}$6?cE><1W#8R$*FXJpXfe@QuM6+R;$s z?k~7GGoGu@8sMUldDa{+xOk-uabvq)beeG2LhIotZ%1B3>dKADDbx9+QE8LQaKuA` zSr7lK?F$S^$=(-&^h8+>l@AUp@c5JCh6Y<>dG^X5O?^QZ7-HU$cU#FH2fIs3YCMx%ODtPL~X{|Ff~I6C@9+9Q;2^iRNy zP_f-JYixddCoO-`)P2KAS4Madwswy z+Y4|~YONmjr+!DPy(C;_p9a|zpQfmaZpVJ4W=31f4rwpOwqJV*(p+-7`23Gs7)}{o*U$T=HcN5@ACbX=gyOO z$`Dw$+Du_l+nCIqk_?HlwzPan!$extLwk4-Evi%JfE#U-joU1td(}`^Tb4h)Dm1Duc;A=)gzW7V1=u=sA^!m!$T3(}06*!!jRT(9? zFO?T_-i9qiLIY4&C3iB~818lh^F;|dA-d#sW}U)cDZm3W<<^DV#GTU|^lJ@{U3q!a zim@w0q%Fwl{!5x@%*Z?QcKsAl`;H6y9m0gFn9zk?r_B_%(EkE+F&in&ZV>q~oi8Rn z9w*Cz{qXoqk{4o(p^g6<{;jl_@L6#vsLe61w6v;Pn}uvU{T1i7gm8spDEeFHT(T}t zY{8*Vs^)w&caFzYksAGJ{TZEtvET34^tm(jCUhp+jS_@srsxgfjUbGaYf%vmV|NV^ z7i%N3V0VkWRrQz73}+AaS#&$*Pxa{Z8D6sBcP&P7752IfZy(`P?Ocmt@n?Ka(rnFZ z(e~HyIMSYVgGT>m#ZFJPZ;tyCkw?CuwD>?lprlblk=~H`b1|L0K)WoA*ZBE*me;^l zq8QhPA3gtb*{`Fp^^&V@zv>=+uTo_4wvp{8k4k7IYktQ4u^&`Z*|TDfDg;01>9)r{ z+r?ni=Nqg8zTN5bJxVb@lC809?Jj{5w;DizTKJn5C(5{_v|gW|PnW342s*4U#l`Z28UW4%my+i}G(bSE45#vZpt41d#pAWZ=Nt1t&!L44$|Sr( z0gtO!1~Ad(Eq(4SiQF6 zRcgm~>F{Dn#2_O>t@Z=as|w0Us*1Ec<@!=5cW3p$_S;7x%Wm&6(x!2z=7N_It9aIo zi~_{f`082j9QqQ!8{55kdLv8{q&e@o@_k@p?pPAeug)N1V4zuOw$i1dN!r-0PW&@AM66z>1W$;#A6iBAG}i06GgEBwmTmJ= z1GPtI^!EA#MVniQk3ui>K=#3hKgD;owfCSwpXDPAGW7i}6t3OZaRrEKjTLczT3QvA z;R!MoF2W({KW}c*xRmXfd81Sb>alVNfs2<1-X-wrV997vECSTV(Jr6XmvFfr+5+34Gp&# zxc4lMQe`134?R5Je$D0(0usdC%()zIn2Cjz6^)SC-9%B?ib*g25RM#^fX}7~-##p+ zli#7|@-Sk~GciN|GsQmqF=g_{=n*p0D;=yodHI?l6TQ{Fy_gpKba3MsUR+|AK22qi zSsVxFo@9Ya$18a!<$JE0A`5B?$ZoxfBJTU{1>YxNlprBVmQ8wxBKP-GGS6ID;!0Qc zIAIgJvMne5S{Zvaz6MK!43 z{LV-&V$4ut0FPpuO>#rQ!0f4(!&1m>C!5yYvdplU)$U$d0YSlB<@!6XN+=@>-9MB# zSCrmVHr!ZP1MRDuXE&lpxClEg(Q|C)fZME;7)bO;4~zfi9vczv5In9TTm`3> zd=DWZZRHb~Jys?+q!^Mua35ZJ`gS_)t)_U&(>fMh^&5Uc(I=J99n`;0FY55zWxLmE zs@nedo$1!ehODk4gsAS?|!p(lh2|4NQ)gA{PwHSr2uI{e4=}3m) zJ9}Se=&q!V#nhJ{`E(RQ-Vc??_%!%$9w#Qnjg~7YDfI7BwjTAwX`$g_E4UF z(0J=_UrhAu8+4oQPI6&paDHctx%JrE_N?kBDd|#ZD*N0Pve2V~)5?T8@yN=)+F@<+ z{>5e$QE7~bCoyq7J5wUldaH_torn;>V`Nc(lsc&gJ?J^mZ@;A0zh`cyPK)ckBCKyY z30w3lRl?l;0nJ;=RZH~H#>bEqY+FCUKp-E6D2GM!sB0OVhq#uC}p)aH07UjxUvXSgi$ zEc0yhj%5o5hAVp;A+=jW)6Eg@4{8W?nyd&Ls03(lACwI@RaT^}X6aw8Et=lvTG@VRGhMx5M_h6Z>{<_(oDoy2U=U4yz`{*FL{la;cd0#w0-PmPZj!Ai^ zOc{FhhGRqH@7H}H-kE_JWlY+NW}7dp=G8!s`24w?!4r;oarNSQRjNJYCm&tDbXVo? z`UBd;{Ul{xtQ`GA&h}oueSG~G*P8xctl!EO%~JE)<$MVSu4==>HarHjG9&QSbgiXm zB!q~u`4!(E-(zU-#|cDqU9nj1y#u;6#zi%cv~^ zs9GG?%fKq8cZJ(*Qnj|z>_DlJvD}tBn*qJt6H3YoBM?`x^hd`C7azYDL>f&V1JQD2 zdpxhykR3XfEpBYNN)%#OW!Gre$yR3AP6p-Xc9QVDmE4e!)WFlSgMGPuMEUNn7d3$= z-p&-xJL$!s^j448?Yo*)KZlQ<+$D~E>bamQo(tlBoGo?l?@_A|Xm-2o-MrLk3rOE> z93@+vyGozJkxt%J`qd%#w(f%}amDWR04doY>3QkXan2^P1q0kA8398|bkhcE8dh{C zt!B!es}LG-g3Vudbl)e!{M2!^kaU2;HZS_s`hVB6_o!Pb?tPe zc)8;k;~)~3>2c70o(s?#J_;*R($b}3dw@9|4l0e3nv)_Xbh1Yz3D-Tq=z0rct(~`j z(M$%M?d#%^aNbc7Il=(Fb_ifM=++Y_*%jGUu~|>1mQfoJa@BAN^d8?yyia~k`C}6m z_LzvgOy1DLX8c)vD89P?gkjWCv!hnya|F529he@k+HpTUof)$0@pTdYRIw)Sojl}u z_la}k+L5r#I%#2a2ho@kNmMH~>{Hs^n=1+p13a|y`$Vng5aG^TwZ7^dqxW(dZXo5z zM&p+K%)Hg08O7eDSgr9fxE)H4XJogYry~!{vBhf=E-Bu*N6* zFdfHwd|MUP*P1bNr3;o421-=2@-frdi5!#nuUGahy2s7?2bG)x9a!TspFe*55lFu} z;P?ZfLo2{+{R7M~z82jIFgY`&dOWQY_B#Bwn6|b)5RVQyI|6A?rTdw=U*QSx`qOfu zU<(Sq2alv()N=

7bf9vEwt|7bM;6QY9VRA22aj8x~=zBeyQ%_DMgjQD%x6H+b)j zsvbGOC-I{`Oul~O@^I8R{705~|KwWkUl-4}J!zBUmCpC;9CSFAREgo~yl>X@cr`t! z6Y&7V5n1r*^ZCQ`*s2=%f(xGg$(;;J1Mq|jtmt}r#|G3wWK1 z9HPjI_g4a6($JLOd(9_zZvezMsrrv5CIGjtDPo~{rp6o_jZK*B*Ki&<8}LYK{N7j= zftxl}76#gl3?cuPpLgYR_g3t5FhHheOv)$83){|$`B$Yeh3-{ZYRMUC;T!s%tG5By zM8c0KM@Fh`Rcpz}rc3X7YFp>OpU4m(4#y?tu<3+^Yjx<$LfkO%8OOp*VWa*!EjGf> zD`DuK+iW^^ZO&Kr_f}!9+5ZkLd5i-iMtzrxi0xF}o#KOOvP47h`VO_cgDj7|&CXF$ zb*!tH(spcbnOXnOE2Ztknur*Ep~?*?wtV1AqY-5x;-754uXHWE%hn*l9RXQHLf%vT z!beOCgvnNOy=;B&uQ!|a0xm2+^6dqMxbwZO(QNBN_St6x>SgK$57C^L_JRu|2+Dl{ zKm$OG1TQ+i4Ug=VETq>5>JQD_pf4NEu$bX3eMipV>q{Zxf&pIlD;CKH8d?Ujl~^uW zMR|#jG5l$NO7A-I^P?syj&S6d{FOBv4xhzuIF=E3(4sGf7&~ z_>6VSzz2SAyO;m)^&Uf1y=Pn$D(n%B2<;n7ipR6}E*tIlXKIR#J1w}KqBin(`@I0= z`p=9WRAjc}?~S8V#qQ*Ewzg445J3?E>24(j zq)Pzyyu)_ zjB8xi7$jF=Nq>^l=}X-1L}JXiZQ6)>Z+C63%RM>!znAfee`eG8r}h|akV`R?`M~*5 zIg^Ds@?BEb92#c>2n38Q5b?CNl1dVXiH_$ysym=pE8sMZT&i;yXq} z@=sq-E@RPFGH|PhfsP9gbmraq?Ii^ve}VfA(sO=(t`ACsxXT=RBKo))9`#R7YMv;b zfu!tqF~Ia>DhE2ZUJn32W2nTLc~|>||DSVL-14VG{V3SY;j3<6x+On-`p&nuB79NR zJ=P^vk!=Fe?+X(=H$FtirMNQNH217AeeJDN@%&05@x8Me7lTK&p++wQ0RW0rpWVnU!i%RlmEv$D1t?E9^9pjHAjx&eGRJtV?Jh==1M?Y&4I0UNXYxK=63+sZPC0N5>c7L+wmYK9=Jw>Hk8fTYdSmQX_E*ZXczA< ztnOr2!9vG6d|LKVO(;33(F85#zt?H?4SsqW+Y%KO8HleoSF}c~;gUG_>5x>|LoMbw z7nkIjgoH#x%*Lg=`{bC+Sa%WbX6)RfR*31?wz2N~7FBjzi8QvP`SkEG$Kn#?y_1jd z+dNfKl&y?#LAUT+v)ucXV8=i}Zb(ySoW@C+I6KNTx7im7aSYM2+KI;3itG=CuiYr| ziY5b(|YbumHbw z>iTl>mn>8G&d^g0mU0<#>|qg3MX4#*OZDs8yGJ~ebsNmFM#d(;2PznnHxDrq0bGt^ z*N|b7wG{4`V$j#67a1P|Qp$yFnImTyU(7-J@2hNC2zc49Gpd_+fUw291O@&J{dqPX;{$x(qF9ECox{a734OgT z5t|y>OT8nf+&p$&?QRMU7q&xzwOub_RO(7|P%t?c9*gPXj@ekGdh#0GWbDw5Vd3n3 ziraw``ko1+Z(0;e4CjCBQO7vIM#ap5;!+tGmRw;o zrqw+@)H!>8)U^I0{^j>bIdWCnH&3@)K`wP=0q{5e$}dEA;zf&>$g^z8d@Rtavi@6T zlQQ?o`6stc7-;K}Lt$VR-3%!S>#mDJAGexuc(6ZkMaqv!9?%qyFFrR)diI<&M_M~5 zFo&T2v`@ft#^V8CHXJxRv^KNs9<0Pg9@zGHI4otx@p#^>vwJo{GP{rWM+?xBtGCtO z=Bg@N$$ajzZ~Rm)Yjo{aQdBb1PCQ5Ci81FOzzgfWYL`8y@&o@2?)<#9_-cMH4)CU$DospIit+i-Y>(}ToFbeNn zk~`~YDC-kSZ5CUb$A&9{7G85o&Hx2!KC9CevFxTT&mYH!PBnSAxs_5xQJybt4VmJM zqP7ytk8Ayqyq{7@{hhk~##YdQ>lg+{fLP7o`us36N|m0VApNK)!`BI9T;5z&wVj)6 z%j3pDnabDq2t$pXEVh*&;HMipAUS(H*LNLYaXk+Ed|+D#SD5tbkYDt3Yg!&S(fY_S zNM3ca`CY=A+}v&||H7?}$g_5V6<`FdJ*^lG)8)+}hc3+>jM=PnGv1^X^KZqI9&S>D zil7_}m<3af#17tiAvYZgxsB&r$S6y7@d~-CxGUn%$8nkWK?lNn_nO3(!|j*aYSt8H zJ0rhxYzp)>AsPrB#UvvDCYbV6H zm{7Y`T{$M}auSfb)wpg2*~s;7&V>JDi(9P!p(7Zv7ytFhiHe<97Ud$(UAs|3QY=&E zQo3%pa(b}VY4Y)v(G8q*r!F+-7zOn*U9PqEz|ldG_GrNW12DCufeNz2*$?tmPJg$i ze_ukFWG^*-_G5ZHPeZ&{M|*egCmq;3C==R+nvcJ-Pu(+ceC8ZL($O_&i>qIdX*Ivg zeexwXd6PaYnK#@DHH<=l{gYt0f^0iI;_f$aipDUUma=d64fb{R1U4M` zGtxiQAG85ym|c17+rHGUu4se_saJQ}#mxc}6UGG|$cYuPyD)6cX5O#Z zS~6`v?1KxRf!{;@8CBY_q$Cu2RCSQK;k=&lJs#g?d@V@UM0)-tL7r7@fUyoa$G+}^ z;JT#{qN;Z29lNXF3_%GsyZR@P4~K8B^(O__?bXWI)ZBVsZqkPka%7Fdw~#rubLts$ zd-?1(MhQJnJFpAp8i~7J=RV0>3K#;cmfsQHwnK~(5F;be+p>HJ{n_m*7EVeIl2cRR z+!u~ti+MX4$US5=hSlhg@!Ei2shX97e1qia`KH7{t2fb+d*_7xCkTStcINSywg1qD z?2PCXnzZCOo$tQ_og0pi@(BbWPr|-TObx?3DZx3d=qoFr7{uvQQB#)ZW&s%;diz}9XB z$WMshHb=Duvmw5%pNw17`5gI~4yICqit|zHHfFm=IoJ1L6}pT!j|^Scwnaz2-K{M4 zrb3=V691dLi)CP)q~#Tw!=C1sto=bs4CY5i<(Jq+tw{Q0W7u>`FmdU2Uj2AW8DGxP z-k;%cb9W~IB=j*PJa7OiGNI`>^`XAzlq|!TCV!xkx2pg;aD7asmzF2N+;DQqOICs3 zwBv%HkY@^*KUERx-PLHvggQF2w=}`IAG>UR ziR5+?O)`gFRlzQtzmas@n>W}^02WycbaT8&(Q9m9r?`@NlsEHLqjveT`J0>YPilTY z$Lt0oZu1hecu0xD6!5OU;cDHAnt$RmM?TNr74SL4rb;tZ8K3zp;$=I){AiR*qJ!QP zbg2h6j zqz&W8HR>TXZB4~&lD7Sc$Xou!1FKNp80KXH_ORUFKOOHLZRFla#`7EsHP8lB^iWf! z5&H!w84q4zrjpP4d7)w@>_J9!a986J#S?XZzZGCuJDb5 zf@d=-CU41h&cnvO@|9k1oCV6Fe+bxmq>>sISR^bwL81Cv?J}!Jfh920BvX4rsg4TZ z%RXe6B;+>9K@N5uDyj09tMyGc+iECVG{onFnY%gr(~sq!v$!*2>0ll;w2Y16DhQrL z&)Iu*xf|VN66R2+)vsKMrT|3uC~GfAuZ(XPz;ufSGf8Lw&wobq0A3ZD%348+4o4;QBYO7r0fJn zb7bx31yb$0qE=VF*Y-tK$-&iuNfKd;O0orfCgoPzeR!D; zrzHFiPoYW3r#Sj4OFg30g@*Z5efcRqOAZ@um}eF<3j9Z)HO;JVK+9x{YD_R2{Y|}& ztUy4YiM{k6O_}alsV~+iKQ7K~5r*eYCug4zBUx?PHtQMO%uGxGajae^Zy~voHCI-M zK7g^u9&fxQkXggWoieXlRrG4>(TN&Jvh_WxrIO)C)u6iR^Y6glcQO5JWMpEn{%y?F zr1eGv`v{l4V%^^Q$f+VQ%ebUYwcS$L25N?jy@GYgjp^hBHn~a#7Xf=Ze4EPAVZR{+>?8S(&jnq z`u#>|q}?Pja6?=Lz+Sb3iOFuODDG=KJ7+_LSrU)kZ__bykD z*@n2LeL<4OY8@?w+U^W!2%ce*j$eSmr>cR$qEC7!GoK=*KF3v^k*YcuJA@`EPG$z( zqJx-Z6EWO3B#P301np6jNOxWpcuk8P&Htj5klf1qncnSLJzp%~;6x-x`tk|&9Y|(l zzSxmM7@&J(fud3#b3o$r#1`490j|+SzR#GYg&&(+BHPSskfmg?D=6Emr#YI zsybrp-C5k_fMd}Kn4Drm5P6=f2PFrGOiYJ%g%>x><^prudAIct@k>%(PIc0{MfHZQ z#DRZ?+w+C>_N-h?7Smof&w4MkFbQ+iPupyBli>+{%b(r?%L*&|e%sOHY}09+*obJ8 zSwhYD_TS~F(zcHJW>zu;1t8|WCu>^0Ybdp~b8Mn|B#vZ`W;S&0zAme(2B)ygjpVU6 zLxp|!48G6PU$!JbW z0_UI7v)1TmWpdKgrR-MNX-L7_;~YVxaL3zs(~Vn~Bp<3yM{Rh>J)T+lS^MT2$`dkD z)!x$7S%K!a8$-*Nkm_!Ch*xhOH3PA@hAw=f{nQpzOE|D zs&C$TnsKTy(RjgkV<+Dsz$KdDEWu1B^5DO8GR5GIO-!gP#6YN@+6DyV2cI@j$;1>2 zklRW5e7GWuN=&;PzuKM0;Bh&mnn_I3w|D&5QkUZ|*8AxIe|&Eyz|~3!D<#^0dHsDw z@oVQJRTMf@R382qD|MO5pccN`U*+br;xYcv#oI2-t-@Hjgxhj=xl3`J_VUNePJ~P` z@1rOBu2i*Z+(WmNi_HgPNWT!#;ueRY!d)Lscuk!aHPkR}yX#5e60qK|s%`x^Q2KcX ztW4$vwiNkbc5kra+-$$gP56#8bTwAf*)pe?Lb{3`a&&cQYf}*o_1HBIBj8DWrT0 z+E3v%lJq?IodNuGx&xxr(%RpbkeXK<-dzs8-RL(hmWfc%4hd_ER9-LNXNoCrkxwYH zm!FiaMe=iU6rF6apg-N6O(zQ{a*{|6o;z~=dw{idnBv2tVwgU_?{}PFRKB{;FT;}8 z^TBFUy)Ul4XPTIl&-pi|aDN?DgmJXgasE;OYvZ*Vii=V?G`>Kz8>7>6*!sssEySI0 zi`(=IC~6&)no8l7XTec9Vq0+r(((OU2HuL5s=g@fou`C7_QHjpg_;4{YvK^+$9>SRH{~rjK6N7L^Ow7%%3hRtmjl-hb(_Yif+G(IAb2j z)X`-PB*{kLU;mnOa24xkV@kp2tz;sV8IQ(i-ZFtxwA(}U&@{s=i<#6bCx)-yR#tgb zk=5*Ts9muu|2@+jy*LUE3F@7d_bbJO@c1m&&;4}RgZ^s;N1R!ba0Av^5^}YQL_;F+EEkJjSpae?vtN5RN~+l73z@>0png3qPhgr^oM< zd){xlGeMTFCELm&*w`j$Ws=rtW8rntR<^stjw>mEkEwSIye?6);BU`Ua!_S++`P1qg(l10 z7mN`U7_8G_45_OjPp;qQs<++Oaa}6Xvh$eV+Zd|l6_{l?d##SWrBa*+KVxU-P&J+z zD#L#PjmWW<%L7S4oPgtwFQ9W?t%z3$`3z>UEE$NZ-18_>jx}8*?#Q-Ec^r?Jxc2!o zte-^a>(+^%EJE0GCtk5W-ro3*m?`5>iFnWADa^Zjgt9TA>!XZ94?>>>1aFyY!q9rs zBB+_!XT<>)F1wP-ASDwCbT286zi*JzZ}bSFGcb^ttB@3n{Jg%tK}Fbdm^Jnp2$70( zp-yG}}&!tLZoi7_(PTp-!3j z?tbZVJ3fPQ4pUcUkF!iu;Co-0c5kKKI%k7!Kj@gDn_S%4FCOFLS7UTRWePM;=zR3h zczQ}{JEjs9Og4*k6AIMVNIC8OKdn29=GE;J z3AnjCOO;1^b*QMcsEyw2o8D&BHd`ID(mv#_ai|AjnpI9{Z-K0~bbad0E4hI52Iajr z+d64p;RHCGBN7&$=j*sf$2x{Tr^9Trut}zuFU!|8hp@v?8NmyP9u}}Sqc^s4!=B%B zM>)(LDk+8(U$zqgMl0?c8meiwl3SkL#Lu-3{d&&w($#mI|kWNegL>f@nm?c$k$ALMl_H3oLS7rVJ| zebV({6&WKFNH_6T@$m5IgX$zDRjf&tFExvp^u}8Y_|lFjIhjd+#iqT$!woIztQR%S z7%vJnT*8TnjLaQSbd@uo5X*n;w79(Z_4rsek%v4e1y&?(`996PLB!Tcw&n&;fZOiv zz0yOERbghR2|u~^ic8?F{S)83738hc6rRvbt;+n}$bHsfb)9f7=7qfZ0(mz8=;4az zs}-tTG+g^>mviI0Q@+esFH#Aog^IDf>-lC%eQ-uJgHbVf> zQ4l(eb7y*pDT7~Ul*HO_{@yzEedjl4v{!*s6$oSbldUm{&{e8hyF=Yh0q9;rDop)T zP;FsVI9Xx4R+VKJM|gyODl#g~N5_fT<>T?7;_550)001F%VS_w{@l6y9c9=ar`~z( zai-1U$1u%tj}n-Cd`LP;#%8;q&xyCzah>+fNBd9+LMR?#vd}DIo|r-+V_*N%1}wyO z&vrZO&?Rp=1XMqNha0i_1aU(hZwu3KPk}duoK05hcyRU)OkD&?_j|#~{~!hg9oibB z&a5EOLYEr--qchK16voBe+I=db8a(%?n@u;qJ&>%En3Nue*hA^OA;{%Be>an`rVn-%luvm-);J|Q?r!K4%JC%%JrDIXc-=RJ5(6? z4Oxnfk6O&Mm&XkaE)(<%$aePeD)8nfpfZ@^c5CnE|Wn^alQb-Znm?%z}Q-VWk;GUY8STUINtp1C$HBE~n zdUt=apY{ec9UNYNh(lZ%Fil^RQ!Ou@@S-bNtL@CxvjMiC|DR}xc1WnI*XT{7`y+!T z0Gf_H%1ixh>!fnpo9j#au$rt;tGNkY#pOer7+mfD!GinqRZDsvLZB;;crcgw=O~(5 z_@*?7biYx?v)d2x-s$HuWgz2(u-ioGa5&E(pJ*Vxx?t_p>tPlR$X^K39_%MCe_`J; zU7b2#@>!IVi#}chhQuOH*!?BXjiZ3(kvNlHrEF+lSM7>mG%U?BA6XW17fkMRt{aNr z_qxm=LVb+KTqb|3d*KIXe_0`1wp~bb`UA@p{yo#sc=po;TXL(wxy75xjzqg&nRi{o z0>3q4Jz1Dh{;cqD`hH)l+~_E_OVmoQPU%XMlDtf|B>1=?aU=u=j#=R#?P?cX#fF6}t_Zg7j3=4i2qXFE+3W zkghJec-OQop9oDI6Byehg}IauTy0ylFQ+qyFNXV-fpe^>I?hoZWtEnP-tX9tev(<- zC+_*_^Bm;i`}=lV%_P)k}xLMdd#xolDRy1|a|_S}UU&%D@5&{iy_v|KzL=!jC4 z`A5<6f~x&#V%pBO^G@RGuJv|!-QS;R#yX@gukw>7$%Z`{$~@$(6#9uSoBAqRFy#KeF@0Rsy|z!ebPs``iR!mAo@$0%H`oF(9^x<@BYe; zCEFJozv!@+yZnwSh89wIAuUQTe#4G8hGcxAab8rE>j8~whAyjYlf~M~z7euvUjPxO z#fI|Vtf;^AFeIML*P2%W>Tx#VcD=;3!pv;KLc!QCIN;S{BAK+sndL&z;n;he}s%)x>N*yWy=( zD@}dbqIZ4W;zQ0(!`CKfKUs1XJhUCy9ZUP~_9q83T1GU&~m(Q*2A!&jrd2>{OE+*9s>Sd}A81iq172wc2GLuL>%P<=n1dLn9)h6Ztz4$04#j z39`0MQN5nqya^;j6-LVUF|O~Un@B*`F)HTpa0(Piq-xo}d=c74*>5*pFo&LXS;O!8rJ zO$l~4CX@(B#Du@y(3QBMSxTqA_O-CnQuj__exxOf%va6Vlj^z}Q{?O#bqWmV2#S>A z@Z#G}KH8J`=+wpTF^e~wx2P)QP#8>EW&H89m7t`8n2N5XSr?j>u76co3Im5p#Dm%R zzpV@wEZHmCMDiVEzawSpZ0XkCP(ejio0QSaO3eWYPs~x;zdJB8cy4%p)Xb_Ds)%Yw zwe=uOVprWyKnU0C$+}^<*+{ZFq1!NP^0BB1WQbsu1q03;RXV|Wj(1N6t&kIgO#ei2 zY+v|(mh&Jff~k&$GhiV;d4B0aS9qy13$wMWMb)S;-sF#zPds)(?53CYb%mRCyVtI6 zi$jBVb8FI^XbPVT#bCNxvReV|dP>9R?ZYvjyVmLL{nqazKISIGIab}h@*M~5n7_gl z5Q#s2bY^v;*mN1VZRKV!Y;5FI;e|6v!03C7)JPRCs50r25=j;_yu##a{2l?${$RQD zn@bmSKNjYM=AK!(l=KZG&w92rb^IB@5==n3%1z=RvEA80xi0g<2Ne*B$^e>;>7$wR zJ=|M2C;6@s2p;$O{SP`#fqMRz1A>l#BbEEo$+D0&1|8(#!AF&8ua8bVwo{F}%}1v) z;$%jN=nWt~d0&_5^;t**I;1hDIfc2_8d|O3?^gLYl3L`9r_MB^t^xo|x4yOUb?u>`%E7MElA9P!a@)1n{<7~*36yz5i>?10KwRN8a^ZOE%pF;yJ=bJ%ibxzk; z*dvCD9ogT|E3fLtzEsKJ#^6pcpX0@FnnXBAst)MmMkEYx3JQ!YYlT?c2mtk(l+iXo zX!oS`Sp*jUfd_-qg%`@KI1VnS4&%yp&8}U%Gb>3qw~Qaw@KQ2Uqi~Pa-~b{?7VFnQ zOGR^YhFa&{Akg&;5E#ic!M8?*q0mMM!;|~aKB}=*JhWC+5Egs_f=YHsmaw2` z1?~q84SCJ?7Cno&ZM9AofPtcnRQxs`6}y1hL}N%L+Dj?UaPIp2t*~`*Tm7hk;#K(D z=oJ&CxqwnR;7fiPSnpK}5AFdU4Ew4>J5g6{L}@|o9p zTn1}7c_yRh#AJpPI9BLXaVO+qgy$}hVa1SRpA*eqOO>N-g;EUgF?_UFG#Q*$Zn`?`HsnF}v@G^p`M2qp{X)YRpg`S2F^zvG7;fX-7`X4;;J@$E zP=HaKb67QnD0aTaEUOX!yXA-15;X-;G^8HdpyT(xNaC9TCPeH}ZB@j%Iaq}uFV z_pUVFeqfgJr~?(;D+*&>rT6JP`(3%&$gzo-3K`)=2@nqgfd;_6Ntdv3ut-x<*>`F3 z`-kSpq+aJrO3I74i+>mDh=If55dh!rOYz_M>uM?NihQ58APorr4Pjp#pPN1SoAa5# z$3ghmbc_VUTurp^fe&)eM@|ZpCr{oj^KsrIv$72i$RI;VP+MW%{Z5Ax#01v!DB zI>)dAg4em{t!MLjro9c83V%yC3i5wy)7Vpds|Fe20YA zUiqAaM zY9fehzRiyPp@Sbh}|{;^PDQgP06GJzb>bF{2n zh;o`LNQ)s37#H5Dgu(oNNmSiM>9cvsirJKFjR_9uwRi*=X{8iWcRtqt;e6*(&-h>yIBu#E8&O z8|f;k$4rm)^Us=Nw8p_k+#DV#@=|*BIPLt!0xhxzwF;;aJvO$dzz7QIG+xjX1NAMz zRQgjQWOemSdW*-G)Hy-n?wmlDn_sox4)}n7`l&mBa!wp&KLfM2{MeB*^!oNksKOtg zfcI}eDG}F2#Qx#b1ma-RSD0;kqN&7j#QCJ*m*(sz0{#O!0fzz8dOkO#+7#GEq=_r1jW}p$-C@nc+o%6`BjazJ{jj- zihP=akPfTIKx&`maN~u$T)f1%{+seh(QV!MNGyQJFEWlS{Cw2(gm>O)QLjMokeH-T zdRp2!!Ou%RYkD=RhS%><+vs<$Wp(1Fta<0={;+4nM93;ZrpHr;nuM67TqL(g+uA$5-wX55IyPdCHb zEBwZ27Khl*L4M5h^lIMqB)=x^a*o6*E_B`4Cs`(Km^x{I%D zF0)wH?x)o0V!ociu}tcIOcMtHIJ1{A>qa>N4O&- z$TOyW8Oay*sX~hoa#uHx#o*#bHAL5SyLa>iu%7S?At?4a)Ztr%TgchP`cfu?tub;f zI#owhy#it&@8XKd^iG3c&pQgklw`o3+LuY@^qZZ0^u)X;!pTXyhmCPxCM!}T%#Igt zwIWv6v&F!e5*VoE&qr#j^yK?|GBG7knHl@9f{gr(CcfA-J<&!ocTT(cplal-P+OrK z`S*k_(G=gnZho{pHy$_YmEq^AVMk@V0~EZ}STW@TUYgPa(yA?jXv3kVM<0_d`KcJl zX^4xgrYoy&PNz>`X^|HYZ{snn7`Qd#>-KP+s zy`X&i_)S2m(Vd9Dgm~_QnLWTb{yZQ8+-aO?Oj1zLrr(BC*hWEn80PSr4i8PLOR`5& zqJe1aV6c#%TGIczLs`9&GU9A&rCtKZHm*vp4GJH!!dIL*JkmW_5m5Y>lgIs zRc%O9J@b+FRL5KrcO5+&rAX+A5|hi4*5EdrWs_f~QUVDD4i-zz7h&_2Ck68*@^b2f z_RKZoS7pvxZ2(d_Y+FxRH8vo;qE+KRlz9OeZonC9WPLU%ghhy(+diQ*cnlXp6YAuW zdLvOu|6$sBQhrib^!5TW-{X12&AIk8{K){cfkxz|X4th=$a3?OQ-Yvcg^=Aha|((& zR!z9hlj8Hnj}glseGTkqIz4QMPlHKMaIDC|(aneKl}xqyJ`& zBaBm2WOv+??kW3fOIJ+__p(>FbI-i(@^=jLpV!;miF|f&$^8-iT~C<6(IDi68w<_^ zPEu@6Jo}N~_XzC>!TL)=r3%CMVG_K>ar1xQi8)d~IkgVCnr;fq)iM4h(?`khh3;#` zaqp-B${r2$1B|lAp4;tSI3+OT#I@FV1*jkF6NN$<9 z^B~z5aBe~`h$kVvm-OOiCx*BI7O%<);zPps6O|Nu?6}~dUk2GjPbmA>|UhEBz%6DN0_NU6lG5)mw#U0=f zbIUY=Y=w7+%}9Cz3DgqM>Wpg@SuOqfalVybT+m2aO~cFgrYyF*%C`~I|6eTWNQRg^ zk`-c1`9E@`pIW+9?3)xbLadC{U}Wz`yhH!0)>0vu85xP~e*ECU!TZ`-?Hcn9pAaW_ z!yh>#+a%R)_b0(znT)mCOy#41F)q|gweQ7M^x8>@MIO988de_vuY6|Dlh+J;F4&K^ zI~nfToVXz^wZpA|){Ltr^?19tEmNHG?H)~kJE@54Z%r{eop+wnvHkOsD?YZCedQ{`aDlq?`$`kArs3%5wefa(v`m4ir*OhF|M)*{9U^0~(z=nkU9C?XLs|UaT5DZQ%p-b`n0vC!jZ{`1^;rdc8Gu zb%vnJqv=dF+we%wEk_@y3g%)&SWxyIGD?@7MajmiX*5~G$KTR3yBkEIrx~R`iz>|e zhYC=D(E|VlIL(($L*4yfv;nP;*xbne^ocE59KogcU{|!GuF=wzy8V}=B*6?%V?`-7 z8#OgLP^Cy^ytqjV1JpM1D{84~9^lNj2wVbO*H^4sPsY)@iaZWlP}xlSNg6Wsfh@Qk zXalXN^5sF9l2x70eop%Wd}ud(l|y=&`BHKU9sI&9%{KWH%PZe(WeJAKNA>`HJm=m2 zHRD)VlfF^Cb1}U$>9NiR3LAVRfVrKsVmnrq7?C==YF`&q{@AKht<720cHmVFV=IkQj$dNh+KF@Sv$`Xjg%w(PV^v#Kk2-nDyz}bVNj=uUn7$@;s@B zE#F(D<;Q1j<)u{|fcX33UI2#9b+&$yGoShp80L_8R-if6O{hT3O8#e>0nyDNH@+)S zlE<&CR00dn2OA&CLcw)G1t=zC7KECFwj~ZtQAevF~RND`35@K zQ~AqbX*|HtbDNX~JYMJ7^l+gd(0D|{re>HrT);P6=(5uoP$Gd@0ht{Qm+267m6y`e zvX9Ttn_I`E1Yr-zH0iGBsX1^I?d$;cRD2`z)eLVccQT+7=IH+~Z~2~RYx$KKWt)VA z#P(=KDnZH5dp4vQcOh-onSQUqn>k!AD=lLjPLVekr$vrbnI~ zyOlcKCPzOhNr>*AlJd_;vlmCQRhqL0TisnocbKJkS}8RwhYI?Pjb5T-rezZ1`!wJ^ zCcJ6X+ri%7uL1d_r}pFeNlPyu939Y8LHWLaxT^npFr)jG#_w^;#OJv2MJASIv+zrC zF)Lsfh7oa^|J5!Diw6^c8?A{?NE`rMy8$xh27-F}LaghjDK+u}%GFWv?;9e<;$a`Z~sH zcuP3YV-rYW!H#9j=k+Csk`WsQn8Emelv>>&Ykw~;6@xsrWYeIZbi!xRes^`c3vTex z$Hyl|760W+2$c2>;XUIz6|6ZHuy%UEE)f$m`g+gK2Lp~$Nl<_jrNiy8CR=}f)Z@DN z4gcW2y$eJw>7HD^0q?2t`{ySA{7|vZ%+59hv%B%PG@WSLKpeb}&X0dz>;8Ia=oB0r zIA6bhjpMdSCISmqOhxFQJO29`Dk2aQll#&Z=Aa$w>Lc(1DpY`ns&_(rGTc+V#r(~1 z*At>SmYNsG>G2#?X-zxL51Dt{e{`dIe|0cwu_V9WD?iA=G${Uf!^@vrnow6qgb%Ag zL>d)0+|uzm?qu*q3wf=*H83<#%$K+NpMM4a4d=XHf2tIKW}vdnDs=aZIsmgZqUF&+ zrzli)`ed-m=WZrM=${+?^P`sQe!DRQ@{7;s3L^=naA^4;`|Ca#Baac%BiG}E_5MHp z_I_30kD%tEmSj;jRPe+FO5*OHDsSU*2B)gbGKJHQ%%_gChqC0f&Ot-xo@uR$Zvo$y z4;Dq^PXDN!2sGu1s2;AAXAkA6GIAp@sIQtWcwpNkM$Ff*_Nq&Sf(LKKvbn{42l=a=0e(g+1?>y)WF7 z-ID`jNXWu znGL4+0x@85d-i%;kjNg{Vg1&ztr9KXySe%6lpS{9m*xj!c*Hn<98;$PXFDM?1%ihB zPvMZmrI{Oca8jAytXZw0yU&`&-n=sIbyeH-m`pZP5c)b>=bYzEIX#@Oo+2>qxzhRB zsaIz}R+Pc5ef`J3W)W=3G<{>zA&iY}n^Ft(mXx!g zMgKS$^nD}?I4Iq-kNpI=ANw5&t?sh`ew3833x}TPMbHWHNYA$JoNi4Iv?;y3ODMvN zk}92Q%mT%#_2TLJiCXi@PDZ=+-ky1)o=7qA?rh!3#}+ASNe19|66baN=4o8r|6HJ# z6=^6RmZDZTy`c=+-u!#S2!iEk{jR^CCfzJQme5}}spW6Wm!6rU{J*mofi zi+Irblw0*c6iG8`k_ORP&mN9!zrra4Tr_i@Tj4DExy&;6>ikgV$Po6)$6d&8I~@#P9FZACG_~^EG{w~IuQYVuM(Z#BwOe-Z zv-#aRD~bXLLGk?>$@L1spn9md>?Jv#8ZuF+m97iDVd*GF z#xUX!J?S~5@=->c5)^jG`U(5b>Im$_1E-7QBajk)NheQ`l5Lq9@g*pdkakk$G1`LU z12Lvg=Mu^GKiCK8$-Q!fdwQlWio}r|lvp@?UW>lAc}24kEj;MTjO_@$`P|qGYPu+e z(pDRiHAj7kMP8=SfapF}>by-9zQaG!=r$x8x6#OM$DU!=gGCrgy^|Gu-bhl76ZMd8 zJJt!8`>)g0#*lfvQxA+$+5^0AQ{7Ho-5yzX)%%##=y&S3o2y>Zgvy^GCb~BFiTXX~ zE{)sga2tN-?$@*oBBF?8EnT0ZA04BHlk5M~!~FLlqy?M>tkuXUSXw(ss(Bo5WD5Is z8+0r9(uy~CB~~CbTLnzlwwLpT84_1}V4LAA9GFZ$n?Rz+Bd_!rVcaO+s&~)dLW2`R zG^6b3d;LCRpW~pO?kTsxuUqP|sI66(%S`%nN-H4o*s0jUw+9VG>n@kaQk>79^%Bc6 zN!r`@+ZjY>)hE*g4`1&aRvT^D;@U=gB?&jbx=+xh_w^Y6*ZQQrU!VHJ5|bbar$TPg z{$jz$NV6Msw9m6sd}J}+@4}4j8PzzNVZ)BFY9d3*TSG3(5Xii!4Hc1w5QXR`^4PDG z5OJFgi-mqG^`SxZKY_)gB0>r(fIA8vvDYtD32AuPncMQOWP`OXY=j~{NJ)3t(;d;< zvfcOO<=RB5i2MWjORTr^Y6ubOVsyiK&|~F4dx!I%y@TzkS>ujDH+%Qs-cZ1cLPXf1 zmhs4&Ypmy@D8DoQWL;G1DMay_G+HA>BsZng$vHnC^U{k5`60Ih+6A^&m2;sv2jWyil2$oE#%_xiilE*D5BXm9Ij1oOym0k4>69-Mq0NaqF6jz_Xk>)6ETQmF@izmmDM#FJ73+~tu*xydh}-RF zz#e8ziBDQjHvSTQyedz>Kd;usW_g>;gaPY@{MTm#GRi>fH`vJR@HDzvZV{BoB3hc2 zKq8ritXBm|#S|{#eXp@zKP+HNm(bj)DkyK;^cp}xLCLjKB=}mhH|xFv>x@oK7x9$^ z&+uxbdbw%WT$@B9Y~`BNAL|vIh4@&eb1z1Vlug6im?afaQ;2us=z4E zHZ!5=^VfRCVp%K@F@Lw5hMi%pXBf_&5UJHG=B}FJ3v(A znoJSHl%Cogc%M-gaOf5gl_m2zT&=n+8>S^R#;%Y05>cQm?eG(Nb`G4GJWAp8eO|Qj z_%n5rH%Jb0T5r`KGHNPF8DX+$RjPz$?(@n_)Ag$=ertOW z8{vJ)gkt&)t30|_5Ydz_dk4_o&4D2KuqrPPhs(#&s~UWbE7b{{9$~j27XSCi*--`Z z=$>(M9NeGB7h3m6s_1s3G zc&2e*K1C=Orm2L$g&an$);#=xhAd5&DiCY*R5KiT6n%t#@-(S#tU7h`sr&4;AetdL z(KHo}>07(st^iTKIF&(@eZ6jGeUrsp(=%J?^fXI=M^ljH8JaxdLk*b}MYMLpOy9r51chk8AJj4Bd z#2NF(zH5cyZ;idNFkCb)=@(-fm8G-4uL<_2vt!+5SHll$Ko{G8jl5TJnqXr^J%~US zpfRNs!9X*RT-XR65N>V9ARc}D0}ajGGU8dWM3z8wLJb622*P`BJTrr1M-fp!iz$W& zl9^NtJM3oSmH9U`tA=XCtW1WKw`)ry4$Z%DRtZ4?rxM|6d3wLb-zvEBYlRjXuR%R zI`UeG**&?Bd)`w=&JgsZIRjp3@wo@9R;5@d#>HJ2(1X`>h=CLMbX}M(#7SpYBXYP1 z{%lel4T)%)`JQK8>QW{~_n#9EYx24Ac%&+L|9c1j-(`=0->owApQz?P%OvE#UGn?C z5dSx?|39!h*&BhmifYbX-_yS~JK pE|c^BKgNHi0{s5}Xf_^R3nLvMore >

Oracle Backend for Spring Boot and Microservices

Oracle Backend for Spring Boot and Microservices allows developers to build microservices in Spring Boot and provisions a “backend as a service” with Oracle Database and other infrastructure components that operate on multiple clouds. Oracle Backend for Spring Boot and Microservices vastly simplifies the task of building, testing, and operating microservices platforms for reliable, secure, and scalable enterprise applications.

-

  @@ -2440,7 +2439,52 @@

Oracle Backend for Spring Boot and Microservices

Oracle Backend for Spring Boot and Microservices Version 1.3.0 is now generally available and suitable for production use. This version supports and recommends Spring Boot 3.3.x, 3.2.x, Spring 6.1 and Spring Cloud 2023.0.x, with limited backwards compatibility for Spring Boot 2.7.x.

+

If you are building Spring Boot applications with Oracle Database, you should also check out Spring Cloud Oracle which is the home of a number of the components used in Oracle Backend for Spring Boot and Microservices, and which you can also use in your own applications!

+
+

+ Try it out with CloudBank AI + + + +

+
+

To learn more about deploying and using Oracle Backend for Spring Boot and Microservices, we recommend our +CloudBank AI self-paced, on-demand hands-on lab.

+

CloudBank AI

+

In the CloudBank AI hands-on lab, you can learn how to:

+
    +
  • Install Oracle Backend for Spring Boot and Microservices.
    • +
  • Set up a development environment for Spring Boot.
    • +
  • Build Spring Boot microservices from scratch using Spring Web to create +Representational State Transfer (REST) services.
    • +
  • Use service discovery and client-side load balancing.
    • +
  • Use Spring Actuator to allow monitoring of services.
    • +
  • Create services that use asynchronous messaging with Java Message Service (JMS) instead of REST.
    • +
  • Implement the Saga pattern to manage data consistency across microservices.
    • +
  • Use the APISIX API Gateway to expose services to clients.
    • +
  • Build a conversational chatbot using Spring AI and self-host LLMs with Ollama.
    • +
+
+

+ Learn more + + + +

+

To learn more, watch this short introductory video:

@@ -2572,40 +2616,6 @@

Oracle Backend for Spring Boot and Microservices

href="starters/" >Spring Starters for Oracle Universal Connection Pool (UCP), Oracle Wallet, Oracle Advanced Queuing (AQ), and Transactional Event Queues (TxEventQ). -
-

- Learn more, try it out with CloudBank! - - - -

-
-

To learn more about deploying and using Oracle Backend for Spring Boot and Microservices, we recommend our -CloudBank self-paced, on-demand hands-on lab.

-

CloudBank LiveLab

-

In the CloudBank hands-on lab, you can learn how to:

-
    -
  • Install Oracle Backend for Spring Boot and Microservices.
    • -
  • Set up a development environment for Spring Boot.
    • -
  • Build Spring Boot microservices from scratch using Spring Web to create -Representational State Transfer (REST) services.
    • -
  • Use service discovery and client-side load balancing.
    • -
  • Use Spring Actuator to allow monitoring of services.
    • -
  • Create services that use asynchronous messaging with Java Message Service (JMS) instead of REST.
    • -
  • Implement the Saga pattern to manage data consistency across microservices.
    • -
  • Use the APISIX API Gateway to expose services to clients.
    • -
  • Extend a provided Flutter client to add a new “cloud cash” feature that uses the services you have built.
    • -

Need help? diff --git a/spring/search/en.data.min.json b/spring/search/en.data.min.json index 757f232b5..23ec6e395 100644 --- a/spring/search/en.data.min.json +++ b/spring/search/en.data.min.json @@ -1 +1 @@ -[{"id":0,"href":"/microservices-datadriven/spring/observability/tracing/","title":"Tracing","parent":"Observability","content":" Overview In a distributed system, it’s expected that occasional errors are bound to happen when serving requests. A central observability platform helps by capturing application traces/logs and provides an interface to query for a specific request. OpenTelemetry helps in standardizing the process of capturing and exporting telemetry data.\nOpenTelemetry (OTEL) is a collection of standardized vendor-agnostic tools, APIs, and SDKs. It’s a CNCF incubating project and is a merger of the OpenTracing and OpenCensus projects.\nOpenTracing is a vendor-neutral API for sending telemetry data over to an observability backend. The OpenCensus project provides a set of language-specific libraries that developers can use to instrument their code and send it to any supported backends. OTEL uses the same concept of trace and span to represent the request flow across microservices as used by its predecessor projects.\nOTEL allows us to instrument, generate, and collect telemetry data, which helps in analyzing application behavior or performance. Telemetry data can include logs, metrics, and traces. We can either automatically or manually instrument the code for HTTP, DB calls, and more.\nOverview How to enable tracing for your applications To enable tracing for your application you must include the following dependencies to your Maven POM or equivalent.\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-starter-actuator\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-registry-prometheus\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-tracing-bridge-otel\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.opentelemetry\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;opentelemetry-exporter-otlp\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-tracing\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; If you want to enable tracing for your database calls (Micrometer observability instrumentation for JDBC DataSource) you must include the following dependency too. You can find the latest version here.\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;net.ttddyy.observation\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;datasource-micrometer-spring-boot\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;1.0.3\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; You must also add the following to your applications application.yaml file.\nspring: application: name: customer management: endpoint: health: show-details: always endpoints: web: exposure: include: \u0026#34;*\u0026#34; metrics: tags: application: ${spring.application.name} tracing: sampling: probability: 1.0 info: os: enabled: true env: enabled: true java: enabled: true otlp: tracing: endpoint: ${otel.exporter.otlp.endpoint} How to enable tracing in APISIX routes The OpenTelemetry plugin is enabled by default in APISIX. To enable tracing for your routes add the following to the route configuration:\n\u0026#34;plugins\u0026#34;: { \u0026#34;opentelemetry\u0026#34;: { \u0026#34;sampler\u0026#34;: { \u0026#34;name\u0026#34;: \u0026#34;always_on\u0026#34; } } } For more configuration option for the OpenTelemetry plugin; APISIX Documentation\nView Application Traces in Jaeger Web User Interface Jaeger is a distributed tracing system used for monitoring and troubleshooting Microservices. For more information on Jaeger, see the Jaeger website.\nExpose the Jaeger web user interface using this command:\nkubectl -n observability port-forward svc/jaegertracing-query 16686:16686 Open the Jaeger web user interface URL: http://localhost:16686\nJaeger UI In the Jaeger web user interface, click the Search tab to find tracings using various search criteria. For example, to find traces for the customer Microservice included in the Sample Application:\na. If you deployed the Sample Applications and have accessed the REST endpoints you can find traces for it in Jaeger. For example:\nb. Select the Service customer32 and the Operation /api/v2/customers .\nc. Click on Find Traces. Several traces appear (one for each time that you invoked the service). Jaeger Customer Tracing d. Click on any one of them to view the trace that includes multiple services and extends into Oracle Database. For example: Jaeger Customer Tracing Details ","description":"Overview In a distributed system, it’s expected that occasional errors are bound to happen when serving requests. A central observability platform helps by capturing application traces/logs and provides an interface to query for a specific request. OpenTelemetry helps in standardizing the process of capturing and exporting telemetry data.\nOpenTelemetry (OTEL) is a collection of standardized vendor-agnostic tools, APIs, and SDKs. It’s a CNCF incubating project and is a merger of the OpenTracing and OpenCensus projects."},{"id":1,"href":"/microservices-datadriven/spring/platform/apigw/","title":"Apache APISIX Gateway","parent":"Platform Services","content":"Apache APISIX is an open source cloud native API platform that supports the full lifecycle of API management including publishing, traffic management, deployment strategies, and circuit breakers.\nAccessing Apache APISIX dashboard Oracle Backend for Spring Boot and Microservices deploys Apache APISIX Gateway and Dashboard in the apisix namespace. The gateway is exposed through the external load balancer and ingress controller. To access the Apache APISIX Dashboard, you must use the kubectl port-forward command to create a secure channel to service/apisix-dashboard. Process the following steps:\nTo expose the Apache APISIX Dashboard using this command:\nkubectl port-forward -n apisix svc/apisix-dashboard 8080:80 Open the Apache APISIX Dashboard URL: http://localhost:8080\nusername: admin Password is retrieved using the following command: kubectl get secret -n apisix apisix-dashboard -o jsonpath=\u0026#39;{.data.conf\\.yaml}\u0026#39; | base64 -d | grep \u0026#39;password:\u0026#39;; echo NOTE: Oracle recommends that you change the default password when you log in the first time. Even though the dashboard is not accessible externally, Oracle still recommends using strong passwords to maximize security.\nAPISIX Login Enable tracing in APISIX routes The OpenTelemetry plugin is enabled by default in APISIX. To enable tracing for your routes add the following to the route configuration:\n\u0026#34;plugins\u0026#34;: { \u0026#34;opentelemetry\u0026#34;: { \u0026#34;sampler\u0026#34;: { \u0026#34;name\u0026#34;: \u0026#34;always_on\u0026#34; } } } For more configuration option for the OpenTelemetry plugin; APISIX Documentation\nExposing a Spring Application Through the API Gateway and Load Balancer Once you have your application deployed and running, you may want to expose it to the outside world. Some applications may not need to be exposed if they are only called by other applications in the platform. To expose your application, create a \u0026ldquo;route\u0026rdquo; in the Apache APISIX API Gateway by processing these steps:\nCreate a route to the service. For example:\nIn the Apache APISIX Dashboard, click Routes in the menu on the left side. APISIX Routes Click Create to create a new route.\nFill out the necessary details (anything not mentioned here can be left at the default value). For example, for the \u0026ldquo;slow service\u0026rdquo; to be included in the Sample Applications, provide these details:\nname = slow\npath = /fruit*\nmethod = get, options\nupstream type = service discovery\ndiscovery type = eureka\nservice name = SLOW (note that this is case sensitive, this is the key from the Eureka dashboard)\nNOTE: The API Gateway is pre-configured with both \u0026ldquo;Eureka\u0026rdquo; and \u0026ldquo;Kubernetes\u0026rdquo; discovery types. For Eureka, the service name is the key used to deploy the service in Eureka, which is normally the value from spring.application.name in the Spring Boot configuration file (src/main/resources/application.yaml), in uppercase characters. For Kubernetes, the service name is in the format namespace/service:port where namespace is the Kubernetes namespace in which the Spring Boot application is deployed, service is the name of the Kubernetes service for that application, and port is the name of the port in that service. If you deployed your Spring Boot application with the Oracle Backend for Spring Boot and Microservices CLI, the port name will be spring. For example, an application called slow-service deployed in the my-apps namespace would be my-apps/slow-service:spring.\nAPISIX Routes Step1 APISIX Routes Step2 APISIX Routes Step3 Save the route that you created. APISIX Routes Step4 APISIX Routes Step5 Test a route to the service. For example:\nGet the Apache APISIX Gateway external IP using this command: kubectl -n ingress-nginx get svc ingress-nginx-controller The result of the command should look similar to this:\nNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx-controller LoadBalancer 10.96.172.148 146.235.207.230 80:31393/TCP,443:30506/TCP 25h Call the API using the Apache APISIX Gateway address plus path. For example: curl http://APISIX_IP/fruit You should get \u0026ldquo;banana\u0026rdquo; or \u0026ldquo;fallback fruit is apple\u0026rdquo; back as the response.\n","description":"Apache APISIX is an open source cloud native API platform that supports the full lifecycle of API management including publishing, traffic management, deployment strategies, and circuit breakers.\nAccessing Apache APISIX dashboard Oracle Backend for Spring Boot and Microservices deploys Apache APISIX Gateway and Dashboard in the apisix namespace. The gateway is exposed through the external load balancer and ingress controller. To access the Apache APISIX Dashboard, you must use the kubectl port-forward command to create a secure channel to service/apisix-dashboard."},{"id":2,"href":"/microservices-datadriven/spring/security/azn-server/","title":"Authentication and Authorization Server","parent":"Security","content":"The Authorization Server is an engine to authenticate and authorize requests to various components in Oracle Backend for Spring Boot and Microservices. The end user can manage users using REST Endpoints.\nNOTE: Oracle recommends that you change the default passwords for the default created users.\nUsers \u0026amp; Roles User Management REST endpoints overview User Management REST Endpoints Architecture Users \u0026amp; Roles When deploying Oracle Backend for Spring Boot and Microservices, two users are created with the following roles:\nUser Name Assigned Roles obaas-admin ROLE_ADMIN, ROLE_USER obaas-user ROLE_USER All users are stored in the database are deployed when installing Oracle Backend for Spring Boot and Microservices. The roles determine what the user is allowed to do in the environment. The allowed roles are ROLE_ADMIN and ROLE_USER.\nNOTE: See each components documentation about the roles and authorities.\nThe assigned passwords (either auto generated or provided by the installer) can be viewed in the OCI Console (ORM homepage). Click on Application Information.\nApplication Information If you click on Unlock, the password for the obaas-admin and obaas-user can be displayed.\nAZN User passwords The passwords can also be obtained from k8s secrets using the kubectl command.\nFor obaas-admin:\nkubectl get secret -n azn-server oractl-passwords -o jsonpath=\u0026#39;{.data.admin}\u0026#39; | base64 -d; echo For obaas-user:\nkubectl get secret -n azn-server oractl-passwords -o jsonpath=\u0026#39;{.data.user}\u0026#39; | base64 -d; echo User Management REST endpoints overview The following REST Endpoints are available to manage users. The table lists which minimum required role that is needed to perform the operation.\nEnd point Method Description Minimum required Role /user/api/v1/connect GET Authorize All Roles /user/api/v1/findUser GET Find all users ROLE_ADMIN /user/api/v1/findUser?username=\u0026lt;username\u0026gt; GET Find a user with the username \u0026lt;username\u0026gt; ROLE_ADMIN /user/api/v1/createUser POST Create a user ROLE_ADMIN /user/api/v1/updatePassword PUT Update a password for a user. A user with Role ROLE_ADMIN can update any users password ROLE_USER /user/api/v1/changeRole PUT Change role(s) for a user ROLE_ADMIN /user/api/v1/deleteUsername?username=\u0026lt;username\u0026gt; DELETE Delete a user with username \u0026lt;username\u0026gt; ROLE_ADMIN /user/api/v1/deleteId?id=\u0026lt;id\u0026gt; DELETE Delete a user with the id \u0026lt;id\u0026gt; ROLE_ADMIN User Management REST Endpoints In all examples below you need to replace \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; with your username and password. The examples are using curl to interact with the REST endpoints. They also requires that you have opened a tunnel on port 8080 to either the azn-server or obaas-admin service. For example, this command opens a tunnel to the obaas-admin service.\nkubectl port-forward -n obaas-admin svc/obaas-admin 8080 /user/api/v1/findUser curl -i -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; http://localhost:8080/user/api/v1/findUser /user/api/v1/findUser?username=\u0026lt;username\u0026gt; curl -i -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; \u0026#39;http://localhost:8080/user/api/v1/findUser?username=obaas-admin\u0026#39; /user/api/v1/createUser When creating a user the following Roles are allowed: ROLE_ADMIN and ROLE_USER.\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -i -X POST \\ -H \u0026#39;Content-Type: application/json\u0026#39; \\ -d \u0026#39;{\u0026#34;username\u0026#34;: \u0026#34;a-new-user\u0026#34;, \u0026#34;password\u0026#34;: \u0026#34;top-secret-password\u0026#34;, \u0026#34;roles\u0026#34; : \u0026#34;ROLE_ADMIN,ROLE_USER\u0026#34;}\u0026#39; \\ http://localhost:8080/user/api/v1/createUser /user/api/v1/updatePassword curl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -i -X PUT \\ -H \u0026#39;Content-Type: application/json\u0026#39; \\ -d \u0026#39;{\u0026#34;username\u0026#34;: \u0026#34;current-user\u0026#34;, \u0026#34;password\u0026#34;: \u0026#34;more-top-secret-password\u0026#34;}\u0026#39; \\ http://localhost:8080/user/api/v1/updatePassword /user/api/v1/changeRole curl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -i -X PUT \\ -H \u0026#39;Content-Type: application/json\u0026#39; \\ -d \u0026#39;{\u0026#34;username\u0026#34;: \u0026#34;current-user\u0026#34;, \u0026#34;roles\u0026#34;: \u0026#34;changed-roles\u0026#34;}\u0026#39; \\ http://localhost:8080/user/api/v1/changeRole /user/api/v1/deleteUsername?username=\u0026lt;username\u0026gt; curl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -i -X DELETE \\ http://localhost:8080/user/api/v1/deleteUsername?username=\u0026lt;username_to_be_deleted\u0026gt; /user/api/v1/deleteId?id=\u0026lt;id\u0026gt; curl -u obaas-admin:password -i -X DELETE \\ http://localhost:8080/user/api/v1/deleteId?id=\u0026lt;userid_to_be_deleted\u0026gt; Architecture The following picture shows how the Authentication Server is used for AuthZ for the following modules:\nOBaaS Admin (OBaaS CLI server module) Config Server (Manages Config Server Entries) AZN Server (AUthentication Server User Management) GraalVM Compiler (GraalVM Native Compiler module) Authorization Server Architecture ","description":"The Authorization Server is an engine to authenticate and authorize requests to various components in Oracle Backend for Spring Boot and Microservices. The end user can manage users using REST Endpoints.\nNOTE: Oracle recommends that you change the default passwords for the default created users.\nUsers \u0026amp; Roles User Management REST endpoints overview User Management REST Endpoints Architecture Users \u0026amp; Roles When deploying Oracle Backend for Spring Boot and Microservices, two users are created with the following roles:"},{"id":3,"href":"/microservices-datadriven/spring/azure/","title":"Azure/OCI Multicloud Installation","parent":"Oracle Backend for Spring Boot and Microservices","content":"The Oracle Backend for Spring Boot and Microservices is available to install in Multicloud (Microsoft Azure (Azure) and Oracle Cloud Infrastructure (OCI)). This installation deploys the Oracle Backend for Spring Boot and Microservices in Azure with an Oracle Autonomous Database running in OCI.\nPrerequisites You must meet the following prerequisites to use the Oracle Backend for Spring Boot Multicloud (Azure and OCI). You need:\nAn account on Azure. An account on OCI. Overview of the Setup Process Watch this video for a quick overview of the setup process.\nDownload Download Oracle Backend for Spring Boot and Microservices.\nSetup A few setup steps are required in both OCI and Azure to deploy the Oracle Backend for Spring Boot and Microservices application.\nOCI The Multicloud installation provisions an Oracle Autonomous Database in OCI using the Oracle Database Operator for Kubernetes (OraOperator).\nTo allow the OraOperator access to OCI, an API Key must be generated using these steps:\nLog in to OCI. Open the Profile menu and click User settings. In the Resources section at the lower left, click API Keys. Click Download Private Key and save the key as private_key.pem. You do not need to download the public key. Click Add. The key is added and the Configuration File Preview is displayed. The file snippet includes the required parameters and values. Copy and paste the configuration file snippet from the text box and save for later steps.\nAzure The Multicloud installation is done using the Azure Cloud Shell. The following steps are required in Azure to prepare for the installation:\nLog in to Azure.\nOpen the Azure Cloud Shell. For example:\nUpload the Oracle Backend for Spring Boot and Microservices stack. For example:\nUpload the API Private Key (private_key.pem).\nUnzip the stack to a directory called obaas. For example:\nunzip azure-ebaas_latest.zip -d ~/obaas\nMove the private_key.pem file to the obaas directory. For example:\nmv private_key.pem ~/obaas/\nRun the configuration Helper script using the values from the API Key. For example:\ncd ~/obaas ./obaas_configure.py Install Ansible Install Ansible to run the Configuration Management Playbook. The Helper script creates a Python virtual environment and installs Ansible and some additional modules. For example:\ncd ~/obaas/ansible ./setup_ansible.sh /tmp source ./activate.env /tmp Deploy the Infrastructure From the Azure Cloud Shell, run these commands to deploy the infrastructure:\ncd ~/obaas terraform init terraform plan -out=multicloud.plan terraform apply \u0026#34;multicloud.plan\u0026#34; ","description":"The Oracle Backend for Spring Boot and Microservices is available to install in Multicloud (Microsoft Azure (Azure) and Oracle Cloud Infrastructure (OCI)). This installation deploys the Oracle Backend for Spring Boot and Microservices in Azure with an Oracle Autonomous Database running in OCI.\nPrerequisites You must meet the following prerequisites to use the Oracle Backend for Spring Boot Multicloud (Azure and OCI). You need:\nAn account on Azure. An account on OCI."},{"id":4,"href":"/microservices-datadriven/spring/on-premises/","title":"Custom Installations","parent":"Oracle Backend for Spring Boot and Microservices","content":"The Oracle Backend for Spring Boot and Microservices is available to install in your own \u0026ldquo;custom\u0026rdquo; environment, which may be an on-premises data center environment, a different cloud provider, or a developer\u0026rsquo;s desktop.\nPrerequisites You must meet the following prerequisites to use the Oracle Backend for Spring Boot and Microservices On-Premises. You need:\nAccess to Oracle Database Enterprise Edition 19.3.0.0 Access to a Container Repository Access to a Kubernetes cluster Python 3+ When installing in a desktop environment, for example a developer\u0026rsquo;s desktop, the previously mentioned pre-requisites may be met through an additional setup task, but there are additional desktop system or software requirements. For example:\n2 CPUs or more 8 GB of free memory 60 GB of free disk space (40 GB minikube and container images, 20 GB database) Internet connection Minikube or similar Podman1 or similar Oracle Single Sign-On (SSO) account to download the database image Download Download the latest release of Oracle Backend for Spring Boot and Microservices.\nSetup A custom installation consists of defining the infrastructure followed by running the Configuration Management Playbook to build images and deploy the Microservices.\nFor a custom installation, you need to have a Kubernetes cluster and the kubectl command-line interface must be configured to communicate with your cluster.\nA Helper Playbook has been provided for desktop installations to assist in defining a specific infrastructure consisting of podman and minikube as outlined in the example documentation:\nmacOS Ventura (x86) Oracle Linux 8 (x86) If your infrastructure does not match that defined in the above examples, do not run the Helper Playbook.\nDownload the Database or Oracle REST Data Services (ORDS) Images (Desktop Installation) The desktop installation provisions an Oracle database to the Kubernetes cluster. The images must be downloaded from Oracle\u0026rsquo;s Container Registry before continuing.\nAfter installing Podman, process these steps:\nLog in to Oracle Cloud Infrastructure Registry (Container Registry). For example:\npodman login container-registry.oracle.com\nPull the database image. For example:\npodman pull container-registry.oracle.com/database/enterprise:19.3.0.0\nPull the ORDS image. For example:\npodman pull container-registry.oracle.com/database/ords:21.4.2-gh\nDefining the Application The application is defined in ansible/vars/ebaas.yaml. For example:\n--- ebaas_edition: \u0026#34;COMMUNITY\u0026#34; vault: \u0026#34;\u0026#34; vault_key: \u0026#34;\u0026#34; vault_crypto_endpoint: \u0026#34;\u0026#34; vault_management_endpoint: \u0026#34;\u0026#34; vault_storage_account_name: \u0026#34;N/A\u0026#34; vault_storage_account_key: \u0026#34;N/A\u0026#34; vault_storage: \u0026#34;\u0026#34; vault_storage_lock: \u0026#34;\u0026#34; apisix_admin_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; grafana_admin_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; oractl_admin_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; oractl_user_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; ... Create the ansible/vars/ebaas.yaml file, setting values as required. If this is a desktop installation, this file will be created for you by the Desktop Helper playbook.\nDefining the Database The database is defined in ansible/roles/database/vars/main.yaml. For example:\n--- database_oracle_dbs: [\u0026#34;BAASPDB\u0026#34;] database_default_db: BAASPDB BAASPDB: # noqa: var-naming[pattern] username: \u0026#34;PDBADMIN\u0026#34; password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; type: \u0026#34;EXTERNAL\u0026#34; service: \u0026#34;(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=BAASPDB)))\u0026#34; ocid: \u0026#34;\u0026#34; ... Create the ansible/roles/database/vars/main.yaml file, setting values as required. If this is a desktop installation, this file will be created for you by the Desktop Helper playbook.\nThe database_oracle_dbs and database_default_db key values should be the name of your Pluggable Database (PDB). These are followed by the PDB name and Key/Values defining how to access the PDB.\nThe type can be either:\nEXTERNAL: A Pre-existing Oracle Database. Define service and leave ocid blank. ADB-S: A Pre-Existing Oracle Autonomous Serverless (ADB-S) database; provide the ocid for the ADB-S. Leave service blank. SIDB_CONTAINER: This will create a 19c containerized database inside the Kubernetes Cluster as part of the deployment. Leave ocid and service blank. Defining the Container Repository The Container Repository is defined in ansible/roles/registry/vars/main.yaml. For example:\n--- registry_username: \u0026#34;oracle\u0026#34; registry_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; registry_push_url: \u0026#34;docker.io/myorg\u0026#34; registry_push_auth: auths: docker.io/myorg: auth: \u0026#34;b3JhY2xlOjdaUVgxLXhhbFR0NTJsS0VITlA0\u0026#34; registry_pull_url: \u0026#34;docker.io/myorg\u0026#34; registry_pull_auth: auths: docker.io/myorg: auth: \u0026#34;b3JhY2xlOjdaUVgxLXhhbFR0NTJsS0VITlA0\u0026#34; ... Create the ansible/roles/registry/vars/main.yaml file, setting values as required. If this is a desktop installation, this file will be created for you by the Desktop Helper playbook.\nSpecify the URL or authentication credentials for your Container Repository in registry_pull_url, registry_push_url, registry_username, and registry_password.\nFor the registry_pull_auth and registry_push_auth sections, manually log into your repository and copy the values found in the created file, located in $HOME/.config/containers/auth.json\nThere may be duplication between the push and pull URL\u0026rsquo;s. The pull URL is used inside the Pods while the push URL is used from the deployment machine. If you have a private registry inside the Kubernetes cluster, these URL\u0026rsquo;s could be different. This is the case for the Desktop installation. For example, the push URL is localhost:5000, while the pull URL is \u0026lt;Registry Pod ClusterIP\u0026gt;:5000.\nConfiguration Management Playbook From the source package, run the Configuration Management Playbook.\nInstall Ansible Using Python, install Ansible to run the Configuration Management Playbook. The Helper script creates a Python virtual environment and installs Ansible along with other additional modules. For example:\n./setup_ansible.sh source ./activate.env Desktop Helper Playbook If this is a desktop installation, then a Helper Playbook can be used to help define the infrastructure. Note that this playbook should only be run if following the desktop installation examples:\nmacOS Ventura (x86) Oracle Linux 8 (x86) Run the Desktop Helper Playbook to define the infrastructure. For example:\nansible-playbook ansible/desktop-apply.yaml Copy kubeconfig For the desktop installation, this step will have been performed by the Desktop Helper playbook.\nCopy the kubeconfig file to ansible/roles/kubernetes/files\nBuild and Push Images to the Container Repository For the desktop installation, start a new terminal and tunnel or port-forward to the Minikube cluster. Refer to the specific platform details for more information.\nFor both installations, run the Images Playbook on the original terminal. For example:\nansible-playbook ansible/images_build.yaml Install the Microservices Install the Microservices by running this command:\nansible-playbook ansible/k8s_apply.yaml -t full Footnotes Certification has been performed against Podman. However, other container or virtual machine managers are available and may be substituted.\u0026#160;\u0026#x21a9;\u0026#xfe0e;\n","description":"The Oracle Backend for Spring Boot and Microservices is available to install in your own \u0026ldquo;custom\u0026rdquo; environment, which may be an on-premises data center environment, a different cloud provider, or a developer\u0026rsquo;s desktop.\nPrerequisites You must meet the following prerequisites to use the Oracle Backend for Spring Boot and Microservices On-Premises. You need:\nAccess to Oracle Database Enterprise Edition 19.3.0.0 Access to a Container Repository Access to a Kubernetes cluster Python 3+ When installing in a desktop environment, for example a developer\u0026rsquo;s desktop, the previously mentioned pre-requisites may be met through an additional setup task, but there are additional desktop system or software requirements."},{"id":5,"href":"/microservices-datadriven/spring/infrastructure/database/","title":"Database","parent":"Infrastructure","content":"The Oracle Backend for Spring Boot and Microservices uses the Oracle Database as a persistent data store for metadata and the Spring Cloud Config Server. This documentation will refer to this database as the Metadata Database.\nNOTE: Oracle recommends that you install an addition Container Database (CDB) and Pluggable Databases (PDBs) for your production applications inline with the Database-Per-Service pattern. This document will refer to these databases as the Application Database.\nBy default, the Oracle Autonomous Database - Serverless (ADB-S) is used for the Metadata Database, however, there are other options including Bring Your Own (BYO).\nThe following chart presents the options for the Metadata Database, based on the installation type:\nInstallation ADB-S BYO ADB-S BYO BaseDB BYO Containerized BYO External OCI Community x OCI Standard x x x x Custom x x x x x For custom installations, including on-premises, it is the responsibility of the user to ensure network access controls to provide both operational access and security. The Oracle Cloud Infrastructure (OCI) Networking setup can be used as a general template.\nBring Your Own Database - Standard Edition If you select the Standard Edition during installation, you can use a pre-created Oracle Database for the Oracle Backend for Spring Boot and Microservices Metadata Database.\nThe following are the minimum requirements for a BYO Oracle Database:\nVersion: 19c+ Bring Your Own Network with access to the Database Listener Database User with appropriate privileges (see below) Database User Privileges The database user for the the Oracle Backend for Spring Boot and Microservices Metadata Database is used to create other users and allow them to proxy through this user for database access. While the SYSTEM or ADMIN (for ADB-S) will work, they are over-privileged and should not be used in production environments.\nIt is recommended to create a user, in this example, named OBAAS with a default tablespace of DATA:\nCREATE USER OBAAS IDENTIFIED BY \u0026#34;Welcome_12345\u0026#34;; ALTER USER OBAAS QUOTA UNLIMITED ON DATA; GRANT ALTER USER TO OBAAS; GRANT CREATE USER TO OBAAS; GRANT CONNECT TO OBAAS WITH ADMIN OPTION; GRANT CREATE SESSION TO OBAAS WITH ADMIN OPTION; GRANT RESOURCE TO OBAAS WITH ADMIN OPTION; GRANT SELECT ON DBA_USERS TO OBAAS; GRANT CREATE ANY INDEX TO OBAAS; GRANT ALTER ANY TABLE TO OBAAS; GRANT COMMENT ANY TABLE TO OBAAS; GRANT CREATE ANY TABLE TO OBAAS; GRANT INSERT ANY TABLE TO OBAAS; GRANT SELECT ANY TABLE TO OBAAS; GRANT UPDATE ANY TABLE TO OBAAS; GRANT CREATE ANY SEQUENCE TO OBAAS; GRANT SELECT ANY SEQUENCE TO OBAAS; GRANT CREATE ANY TRIGGER TO OBAAS; -- Additional AQ perms GRANT AQ_USER_ROLE TO OBAAS WITH ADMIN OPTION; GRANT EXECUTE ON DBMS_AQ TO OBAAS WITH GRANT OPTION; GRANT EXECUTE ON DBMS_AQADM TO OBAAS WITH GRANT OPTION; GRANT EXECUTE ON DBMS_AQIN TO OBAAS WITH GRANT OPTION; GRANT EXECUTE ON DBMS_AQJMS TO OBAAS WITH GRANT OPTION; GRANT EXECUTE ON DBMS_AQJMS_INTERNAL TO OBAAS WITH GRANT OPTION; -- Additional for PARSE GRANT SODA_APP TO OBAAS WITH ADMIN OPTION; GRANT CREATE TABLE TO OBAAS WITH ADMIN OPTION; Configuration During the configuration of the Oracle Backend for Spring Boot and Microservices, ensure that the Edition is set to Standard:\nEnable and Configure Bring Your Own Virtual Network\nTick the \u0026ldquo;Bring Your Own Database\u0026rdquo; checkbox and, depending on the Bring Your Own Database - Type, provide the appropriate values.\nAutonomous Database - Serverless (ADB-S) BYO ADB-S Compartment : The compartment of the existing ADB-S.\nBring Your Own Database - Autonomous Database : The ADB-S name (this will automatically translate the name to an OCID).\nBring Your Own Database - Username : The existing database user with the appropriate privileges.\nBring Your Own Database - Password : The password for the existing database user.\nOther Bring Your Own Database - Connect String : The connect string for the database (PDB) in Long Format.\nBring Your Own Database - Username : The existing database user with the appropriate privileges.\nBring Your Own Database - Password : The password for the existing database user.\nThe Connect String should be in Long Format, for example:\n(DESCRIPTION=(ADDRESS=(host=oracle://somedb.example.com)(protocol=TCP)(port=1521)) (CONNECT_DATA=(SERVICE_NAME=orclpdb))) Application Databases Oracle recommends that additional pluggable databases are used for your applications, following the database-per-service microservice pattern. However, the Metadata Database can be used, especially for development purposes, with a schema-per-service model.\nThe Oracle Database Operator for Kubernetes is provided with the Oracle Backend for Spring Boot and Microservices and can be used:\nBind to additional ADB-S Bind to an OCI BaseDB and create PDBs Create a Single Instance Container Database in the Kubernetes Cluster ","description":"The Oracle Backend for Spring Boot and Microservices uses the Oracle Database as a persistent data store for metadata and the Spring Cloud Config Server. This documentation will refer to this database as the Metadata Database.\nNOTE: Oracle recommends that you install an addition Container Database (CDB) and Pluggable Databases (PDBs) for your production applications inline with the Database-Per-Service pattern. This document will refer to these databases as the Application Database."},{"id":6,"href":"/microservices-datadriven/spring/infrastructure/databaseaccess/","title":"Database Access","parent":"Infrastructure","content":"The Oracle Backend for Spring Boot and Microservices includes an Oracle database. An instance of Oracle Autonomous Database Serverless (ADB-S) is created during installation. The ADB-S is used for Oracle Backend for SPring Boot and Microservices metadata and Spring Cloud Config Server.\nIf you selected the PRIVATE_ENDPOINT_ACCESS option, you need to use a Bastion to access the database.\nNOTE: Oracle recommends that you install your own database and PDBs for your production applications. The database provisioned is used for Oracle Backend for Spring Boot metadata and can be used for development.\nAccessing the Database NOTE: Oracle recommends that you install SQLcl to access the database from a local machine. SQLcl installation guide. Other tools can be used but is not documented here.\nUsing Database Actions from the OCI Console Local access using Database Wallet and SQLcl (SECURE_ACCESS installation) Local access using Wallet and SQLcl using a Bastion (PRIVATE_ENDPOINT_ACCESS installation) Access the Oracle ADB-S using Database Actions You can use the Database Actions web user interface, which can be accessed from the Oracle Cloud Infrastructure Console (OCI Console) to access the database. The Oracle database is created in the compartment specified during installation of Oracle Backend for Spring Boot and Microservices.\nIn the OCI Console, navigate to Oracle Autonomous Database (ADB) in the main menu.\nOracle Autonomous DB Cloud Portal Click on the link Autonomous Transaction Processing, and then select the database with the application name that you configured during installation with the suffix DB. In this example the Database name is CALFDB (make sure that you have selected the correct Compartment).\nSelect ADB Database Click on Database Actions. This opens the Database Actions page where you have access to many database functions, including the ability to work with data stored by Oracle Backend for Spring Boot and Microservices.\nOracle Autonomous DB Details Accessing the ADB-S From a Local Machine using Database Wallet and SQLcl If SECURE_ACCESS was selected during installation you can access the database using the following steps.\nDownload the ADB-S Wallet If you chose the SECURE_ACCESS option for database access during installation (or accepted this default), then you have to download the wallet to access the database from your local machine.\nThe wallet can be downloaded from the OCI Console, by clicking Database Connection, followed by Download Wallet. Store the wallet in a safe place.\nDownload ADB client credential You have to enter a password for the Wallet.\nWallet Password Connect to the ADB-S using SQLcl Get the ADMIN user password from k8s secret. in the exa,ple below calfdb needs to be replaced with the name of database in the installation.\nkubectl -n application get secret calfdb-db-secrets -o jsonpath=\u0026#39;{.data.db\\.password}\u0026#39; | base64 -d; echo Open a terminal Window and start SQLcl with the /nolog option.\nsql /nolog Load the Wallet using the command set cloudconfig.... In this example the wallet name is Wallet_CALFDB.zip.\nLoad the Wallet Get the TNS name connection names from the wallet by executing this command:\nshow tns Load the Wallet Connect as the ADMIN user to the database using the password you obtained from the k8s secret previously using the command connect followed by ADMIN, password collected and the TNS Name.\nLoad the Wallet You are now connected to the database that is provided when installing Oracle Backend for Spring Boot and Microservices on OCI.\nNOTE: Oracle recommends that you install your own databases, PDBs for your production applications. The database provisioned is used for Oracle Backend for Spring Boot metadata and can be used for development.\nAccessing the ADB-S From a Local Machine using Database Wallet and SQLcl using a Bastion If PRIVATE_ENDPOINT_ACCESS was selected during installation you can access the database using the following steps. You are going to need a Private Key pair to be able to use the Bastion Service to access the ADB-S.\nDownload and modify the Wallet the ADB-S Wallet using Private Access If you chose the PRIVATE_ENDPOINT_ACCESS option for database access during installation (or accepted this default), then you have to download the wallet to access the database from your local machine.\nThe wallet can be downloaded from the OCI Console, by clicking Database Connection, followed by Download Wallet. Store the wallet in a safe place.\nDownload ADB client credential You have to enter a password for the Wallet.\nWallet Password Go to the directory where you stored the Wallet and execute the following command. Replace \u0026lt;Wallet-File\u0026gt; with the name of your Wallet file including .zip:\nzip -oq \u0026lt;Wallet-File\u0026gt; tnsnames.ora \u0026amp;\u0026amp; \\ sed -i \u0026#39;\u0026#39; \u0026#39;s/host=[^)]*/host=localhost/\u0026#39; tnsnames.ora \u0026amp;\u0026amp; \\ zip -uq \u0026lt;Wallet-File\u0026gt; tnsnames.ora NOTE: On certain platforms you may need to use unzip instead of zip as the command.\nConnect to the ADB-S using SQLcl via a Bastion Get the IP address of the deployed Autonomous Database. T=You can find the IP address in the OCI Console:\nADB-S Private IP Address Create a SSH Port Forwarding Session using the Bastion service.\nA Bastion service is deployed when selecting PRIVATE_ENDPOINT_ACCESS during installation. To access the Oracle Autonomous Database you need to create a session between your local machine and the Oracle Autonomous Database using the Bastion Service. Create a Dynamic Port Forwarding (SOCKS5) Session.\nSelect the Bastion Service in the Identity \u0026amp; Security Menu:\nLoad the Wallet Select the Bastion service for your deployment and click Create Session. This will bring up a dialog box where you need to fill in the values for your installation.\nSession Type : Select SSH port forwarding session. Session Name : Enter a name for the session. IP Address : Enter the Private IP Address for the ADB-S. Port : Enter 1522 as the port number SSH Key : Add a Public SSH Key that will be used for the session. Download ADB client credential After the session is created, establish a SSH tunnel your your ADB instance by issuing an ssh command in a terminal window. The SSH is obtained obtain by clicking on the three dots symbol on right side of the created session in the OCI COnsole. The session will run until you close the terminal window.\nReplace \u0026lt;privateKey\u0026gt; with path to your Private Key and \u0026lt;localPort\u0026gt; with the local port you want to use. For example:\nssh -i \u0026lt;privateKey\u0026gt; -N -L \u0026lt;localPort\u0026gt;:10.113.0.28:1522 -p 22 ocid1.bastionsession.oc1.....@host.bastion...... Get the ADMIN user password from k8s secret. in the exa,ple below bluegilldb needs to be replaced with the name of database in the installation.\nkubectl -n application get secret bluegilldb-db-secrets -o jsonpath=\u0026#39;{.data.db\\.password}\u0026#39; | base64 -d; echo Open a terminal Window and start SQLcl with the /nolog option.\nsql /nolog Load the Wallet using the command set cloudconfig.... In this example the wallet name is Wallet_CALFDB.zip.\nLoad the Wallet Get the TNS name connection names from the wallet by executing this command:\nshow tns Load the Wallet Connect as the ADMIN user to the database using the password you obtained from the k8s secret previously using the command connect followed by ADMIN, password collected and the TNS Name.\nLoad the Wallet You are now connected to the database that is provided when installing Oracle Backend for Spring Boot and Microservices on OCI.\nNOTE: Oracle recommends that you install your own databases, PDBs for your production applications. The database provisioned is used for Oracle Backend for Spring Boot metadata and can be used for development.\n","description":"The Oracle Backend for Spring Boot and Microservices includes an Oracle database. An instance of Oracle Autonomous Database Serverless (ADB-S) is created during installation. The ADB-S is used for Oracle Backend for SPring Boot and Microservices metadata and Spring Cloud Config Server.\nIf you selected the PRIVATE_ENDPOINT_ACCESS option, you need to use a Bastion to access the database.\nNOTE: Oracle recommends that you install your own database and PDBs for your production applications."},{"id":7,"href":"/microservices-datadriven/spring/on-premises/macos_ventura/","title":"Developer Installation - macOS Ventura (x86)","parent":"Custom Installations","content":"This is a discussion of a non-production (developer desktop) installation on a macOS Ventura desktop.\nRead the On-Premises documentation and ensure that your desktop meets the minimum system requirements.\nInstall Podman To install Podman, process these commands:\nbrew install podman PODMAN_VERSION=$(podman -v |awk \u0026#39;{print $NF}\u0026#39;) sudo /usr/local/Cellar/podman/${PODMAN_VERSION}/bin/podman-mac-helper install podman machine init --cpus 4 --disk-size 60 --memory 8192 --rootful --now podman system connection default podman-machine-default-root Download the Database or Oracle REST Data Services (ORDS) Images The non-production installation provisions an Oracle database into the Kubernetes cluster. The images must be downloaded from Oracle Cloud Infrastructure Registry (Container Registry) before continuing.\nLog in to the Container Registry. For example:\npodman login container-registry.oracle.com\nPull the database image. For example:\npodman pull container-registry.oracle.com/database/enterprise:21.3.0.0\nPull the ORDS image. For example:\npodman pull container-registry.oracle.com/database/ords:21.4.2-gh\nMinikube To install Minikube, process these commands:\nbrew install minikube minikube config set driver podman minikube start --cpus 4 --memory max --container-runtime=containerd minikube addons enable ingress If Minikube fails to start and returns this Failed kubeconfig update: could not read config error, process this command and retry:\nmv ~/.kube ~/.kube.bak\nDownload Oracle Backend for Spring Boot and Microservices Download the latest version of Oracle Backend for Spring Boot and Microservices and unzip into a new directory.\nInstall Ansible To install Ansible, process these commands:\n./setup_ansible.sh source ./activate.env Define the Infrastructure Use the Helper Playbook to define the infrastructure. This Playbook also:\nCreates additional namespaces for the Container Registry and the database. Creates a private Container Registry in the Kubernetes cluster. Modifies the Microservices application to be desktop compatible. Run this command:\nansible-playbook ansible/desktop_apply.yaml\nOpen a Tunnel In order to push the images to the Container Registry in the Kubernetes cluster, open a new terminal and start a tunnel by running this command:\nminikube tunnel\nTo test access to the registry, process this command:\ncurl -X GET -k https://localhost:5000/v2/_catalog\nThis curl command should result in the following:\n{\u0026#34;errors\u0026#34;:[{\u0026#34;code\u0026#34;:\u0026#34;UNAUTHORIZED\u0026#34;,\u0026#34;message\u0026#34;:\u0026#34;authentication required\u0026#34;,\u0026#34;detail\u0026#34;:[{\u0026#34;Type\u0026#34;:\u0026#34;registry\u0026#34;,\u0026#34;Class\u0026#34;:\u0026#34;\u0026#34;,\u0026#34;Name\u0026#34;:\u0026#34;catalog\u0026#34;,\u0026#34;Action\u0026#34;:\u0026#34;*\u0026#34;}]}]} Build the Images Build and push the images to the Container Registry in the Kubernetes cluster by running this command:\nansible-playbook ansible/images_build.yaml\nAfter the images are built and pushed, the tunnel is no longer required and can be stopped.\nDeploy Oracle Backend for Spring Boot and Microservices Deploy the database and Microservices by running this command:\nansible-playbook ansible/k8s_apply.yaml -t full\nNotes VPN and Proxies If you are behind a virtual private network (VPN) or proxy, see minikube VPN or Proxy for more details on additional tasks.\n","description":"This is a discussion of a non-production (developer desktop) installation on a macOS Ventura desktop.\nRead the On-Premises documentation and ensure that your desktop meets the minimum system requirements.\nInstall Podman To install Podman, process these commands:\nbrew install podman PODMAN_VERSION=$(podman -v |awk \u0026#39;{print $NF}\u0026#39;) sudo /usr/local/Cellar/podman/${PODMAN_VERSION}/bin/podman-mac-helper install podman machine init --cpus 4 --disk-size 60 --memory 8192 --rootful --now podman system connection default podman-machine-default-root Download the Database or Oracle REST Data Services (ORDS) Images The non-production installation provisions an Oracle database into the Kubernetes cluster."},{"id":8,"href":"/microservices-datadriven/spring/on-premises/ol8/","title":"Developer Installation - Oracle Linux 8 (x86)","parent":"Custom Installations","content":"This is an description of installing on a Oracle Linux 8 desktop.\nRead the On-Premises documentation and ensure that your desktop meets the minimum system requirements.\nSetup Create a Non-Root User Create a new user. While any user name can be created, the rest of this documentation refers to the non-root user as obaas:\nAs root, process the following:\nuseradd obaas Download Oracle Backend for Spring Boot and Microservices Download the latest version of Oracle Backend for Spring Boot and unzip into a new directory.\nAs the obaas user, run this command:\nunzip onprem-ebaas_latest.zip -d ~/obaas Setup SSH-Key Access for obaas user Future access to the obaas user requires a direct login (not sudo or su). To setup ssh-key access as obaas, run the following commands:\nmkdir ~/.ssh vi ~/.ssh/authorized_keys Paste the public key of your client machines into the ~/.ssh/authorized_keys file, and change the permissions as follows:\nchmod 700 .ssh chmod 600 .ssh/authorized_keys Update the operating system Assuming the source was unzipped to ~obaas/obaas, as the root user, update the operating system by running the ol8_onprem.sh script from the unzipped package:\n~obaas/obaas/ol8_onprem.sh This script performs the following actions:\nInstall required operating system Packages Install Minikube Set Python3 as the default python Enable cgroup v2 Enable IP Tables Update the container runtime configuration (Optional) OCI Host Filesystem If this is being installed on an OCI Compute instance, grow the filesystem:\nAs root:\n/usr/libexec/oci-growfs Reboot IMPORTANT After the operating system has been updated, reboot the host.\nInstall The remaining steps require direct login as the obaas user without using sudo or su.\nDownload the Database or Oracle REST Data Services (ORDS) Images The non-production installation provisions an Oracle database into the Kubernetes cluster. The images must be downloaded from Oracle Cloud Infrastructure Registry (Container Registry) before continuing.\nWhile directly logged into the obaas user, process these steps:\nLog in to the Container Registry. For example:\npodman login container-registry.oracle.com\nPull the database image. For example:\npodman pull container-registry.oracle.com/database/enterprise:19.3.0.0\nPull the ORDS image. For example:\npodman pull container-registry.oracle.com/database/ords:21.4.2-gh\nTroubleshooting If the podman pull command fails, navigate in a web browser to Oracle container registry, click the \u0026ldquo;database\u0026rdquo; tile and select \u0026ldquo;enterprise\u0026rdquo;. On the right hand side of the page, if prompted, sign-in. Select \u0026ldquo;Language\u0026rdquo; and accept the Terms. Try the podman pull command again.\nStart MiniKube While directly logged into the obaas user, run these commands:\nminikube config set rootless true minikube config set driver podman minikube start --cpus max --memory 16G --disk-size=\u0026#39;40g\u0026#39; --container-runtime=containerd minikube addons enable ingress echo \u0026#34;KUBECONFIG=~/.kube/config\u0026#34; \u0026gt;\u0026gt; ~/.bashrc Install Ansible While directly logged into the obaas user, change to the source directory and install Ansible by running these commands:\ncd ~/obaas ./setup_ansible.sh source ./activate.env Define the Infrastructure Use the Helper Playbook to define the infrastructure. This Playbook also:\nCreates additional namespaces for the Container Registry and database. Creates a private Container Registry in the Kubernetes cluster. Modifies the Microservices application to be desktop compatible. Assuming the source was unzipped to ~/obaas, run the following command as the obaas user:\nansible-playbook ~/obaas/ansible/desktop_apply.yaml\nOpen a Tunnel In order to push the images to the Container Registry in the Kubernetes cluster, open a new terminal and process this command while being directly logged into the obaas user:\ncd ~/obaas source ./activate.env kubectl port-forward service/private -n container-registry 5000:5000 \u0026gt; /dev/null 2\u0026gt;\u0026amp;1 \u0026amp; Build the Images Build and push the images to the Container Registry in the Kubernetes cluster.\nAssuming the source was unzipped to ~/obaas, run the following command as the obaas user:\ncd ~/obaas source ./activate.env ansible-playbook ~/obaas/ansible/images_build.yaml After the images are built and pushed, the port-forward is no longer required and can be stopped.\nDeploy Microservices Assuming the source was unzipped to ~/obaas, run this command as the obaas user:\ncd ~/obaas source ./activate.env ansible-playbook ~/obaas/ansible/k8s_apply.yaml -t full Notes config-server and obaas-admin Pod Failures The Pods in the azn-server, config-server, and obaas-admin namespaces rely on the database that is created in the oracle-database-operator-system. During the initial provisioning, these Pods start well before the database is available resulting in initial failures. They resolve themselves once the database becomes available.\nYou can check on the status of the database by running this command:\nkubectl get singleinstancedatabase baas -n oracle-database-operator-system -o \u0026quot;jsonpath={.status.status}\u0026quot;\nVPN and Proxies If you are behind a Virtual Private Network (VPN) or proxy, see Minikube Proxies and VPNs for more details on additional tasks.\nNext, go to the Getting Started page to learn more.\n","description":"This is an description of installing on a Oracle Linux 8 desktop.\nRead the On-Premises documentation and ensure that your desktop meets the minimum system requirements.\nSetup Create a Non-Root User Create a new user. While any user name can be created, the rest of this documentation refers to the non-root user as obaas:\nAs root, process the following:\nuseradd obaas Download Oracle Backend for Spring Boot and Microservices Download the latest version of Oracle Backend for Spring Boot and unzip into a new directory."},{"id":9,"href":"/microservices-datadriven/spring/development/","title":"Development","parent":"Oracle Backend for Spring Boot and Microservices","content":"This section provides information about how to develop and deploy Spring Boot applications with the Oracle Backend for Spring Boot and Microservices.\nSpring Boot applications can be developed with no special requirements and be deployed into Oracle Backend for Spring Boot and Microservices. However, if you do opt-in to the platform services provided and the CLI, you can shorten your development time and avoid unnecessary work.\nOracle Backend for Spring Boot provides the following services that applications can use:\nAn Oracle Autonomous Database instance in which applications can manage relational, document, spatial, graph and other types of data, can use Transactional Event Queues for messaging and events using Java Message Service (JMS), Apache Kafka or Representational State Transfer (REST) interfaces, and even run machine learning (ML) models. A Kubernetes cluster in which applications can run with namespaces pre-configured with Kubernetes Secrets and ConfigMaps for access to the Oracle Autonomous Database instance associated with the backend. An Apache APISIX API Gateway that can be used to expose service endpoints outside the Kubernetes cluster, to the public internet. All standard Apache APISIX features like traffic management, monitoring, authentication, and so on, are available for use. Spring Boot Eureka Service Registry for service discovery. The API Gateway and monitoring services are pre-configured to use this registry for service discovery. Spring Cloud Config Server to serve externalized configuration information to applications. This stores the configuration data in the Oracle Autonomous Database instance associated with the backend. Netflix Conductor OSS for running workflows to orchestrate your services. Hashicorp Vault for storing sensitive information. Spring Admin for monitoring your services. Prometheus and Grafana for collecting and visualizing metrics and for alerting. Jaeger and Open Telemetry (OTEL) for distributed tracing. Applications deployed to the Oracle Backend for Spring Boot may use Jaeger or OTEL for distributed tracing. See the Environment Variables page for variables that can be used. An integrated development environment is recommended for developing applications. Oracle recommends Visual Studio Code or IntelliJ.\nJava, Maven or Gradle, a version control system (Oracle recommends git), and other tools may be required during development.\n","description":"This section provides information about how to develop and deploy Spring Boot applications with the Oracle Backend for Spring Boot and Microservices.\nSpring Boot applications can be developed with no special requirements and be deployed into Oracle Backend for Spring Boot and Microservices. However, if you do opt-in to the platform services provided and the CLI, you can shorten your development time and avoid unnecessary work.\nOracle Backend for Spring Boot provides the following services that applications can use:"},{"id":10,"href":"/microservices-datadriven/spring/development/setup/","title":"Development Environment Setup","parent":"Development","content":"This page provides details on how to set up your development environment to work with Oracle Backend for Spring Boot and Microservices.\nThe following platforms are recommended for a development environment:\nMicrosoft Windows 10 or 11, preferably with Windows Subsystem for Linux 2 macOS (11 or later recommended) on Intel or Apple silicon Linux, for example Oracle Linux, Ubuntu, and so on. The following tools are recommended for a development environment:\nIntegrated Development Environment, for example Visual Studio Code Java Development Kit, for example Oracle, OpenJDK, or GraalVM Maven or Gradle for build and testing automation Spring CLI (optional) for project creation If you wish to test locally or offline, then the following additional tools are recommended:\nA container platform, for example Rancher Desktop An Oracle database (in a container) Integrated Development Environment Oracle recommends Visual Studio Code, which you can download here, and the following extensions to make it easier to write and build your code:\nSpring Boot Extension Pack Extension Pack for Java Oracle Developer Tools You can install these by opening the extensions tab (Ctrl-Shift-X or equivalent) and using the search bar at the top to find and install them.\nJava Development Kit Oracle recommends the Java SE Development Kit or GraalVM. Java 17 or 21 are recommended, note that Spring Boot 3.0 requires at least Java 17. If you want to use JVM Virtual Threads, then Java 21 is required.\nNote: If you are using Spring Boot 2.x, then Oracle encourages you to use at least Java 17, unless you have a specific reason to stay on Java 11. Refer to the Spring Boot Support page for information on support dates for Spring Boot 2.x.\nYou can download the latest x64 Java 17 Development Kit from this permalink.\nDecompress the archive in your chosen location (for example your home directory) and then add it to your path:\nexport JAVA_HOME=$HOME/jdk-17.0.3 export PATH=$JAVA_HOME/bin:$PATH Use the following command to verify it is installed:\n$ java -version java version \u0026#34;17.0.3\u0026#34; 2022-04-19 LTS Java(TM) SE Runtime Environment (build 17.0.3+8-LTS-111) Java HotSpot(TM) 64-Bit Server VM (build 17.0.3+8-LTS-111, mixed mode, sharing) Note: Native Images: If you want to compile your Spring Boot microservices into native images (which was officially supported from Spring Boot 3.0), then you must use GraalVM, which can be downloaded from here.\nMaven You can use either Maven or Gradle to build your Spring Boot applications. If you prefer Maven, then follow the steps in this section. If you prefer Gradle, then refer to the next section.\nDownload Maven from the Apache Maven website.\nDecompress the archive in your chosen location (for example your home directory) and then add it to your path:\n$ export PATH=$HOME/apache-maven-3.8.6/bin:$PATH Use the following command to verify it is installed (note that your version may give slightly different output):\n$ mvn -v Apache Maven 3.8.6 (84538c9988a25aec085021c365c560670ad80f63) Maven home: /home/mark/apache-maven-3.8.6 Java version: 17.0.3, vendor: Oracle Corporation, runtime: /home/mark/jdk-17.0.3 Default locale: en, platform encoding: UTF-8 OS name: \u0026#34;linux\u0026#34;, version: \u0026#34;5.10.102.1-microsoft-standard-wsl2\u0026#34;, arch: \u0026#34;amd64\u0026#34;, family: \u0026#34;unix\u0026#34; Gradle Download Gradle using the instructions on the Gradle website. Spring Boot is compatible with Gradle version 7.5 or later.\nRun the following command to verify that Gradle is installed correctly\n$ gradle -v ------------------------------------------------------------ Gradle 7.6 ------------------------------------------------------------ Build time: 2022-11-25 13:35:10 UTC Revision: daece9dbc5b79370cc8e4fd6fe4b2cd400e150a8 Kotlin: 1.7.10 Groovy: 3.0.13 Ant: Apache Ant(TM) version 1.10.11 compiled on July 10 2021 JVM: 17.0.3 (Oracle Corporation 17.0.3+8-LTS-111) OS: Linux 5.10.102.1-microsoft-standard-WSL2 amd64 Spring CLI for project creation You can create projects with Spring CLI. To use this feature, install Spring CLI following the instructions provided in that repository, and then import the Oracle Project Catalog as follows:\nspring project catalog add --name oracle --url https://github.com/oracle/spring-cloud-oci/tree/main/database/spring-cli/catalog To create a new project, for example called test2 with specific Maven group and artifact IDs, use a command similar to this, substituting your desired coordinates:\nspring boot new --name test2 --from obaas --group-id com.example --artifact-id test2 --version 0.0.1 Review the README file in the created project for details of next steps.\nOracle Database in a container for local testing If you want to run an instance of Oracle Database locally for development and testing, then Oracle recommends Oracle Database 23ai Free. You can start the database in a container with this command specifying a secure password:\ndocker run --name free23ai -d \\ -p 1521:1521 \\ -e ORACLE_PWD=Welcome12345 \\ container-registry.oracle.com/database/free:latest Note: If you are using testcontainers, then add the following dependency to your application:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.testcontainers\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-free\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;1.20.0\u0026lt;/version\u0026gt; \u0026lt;scope\u0026gt;test\u0026lt;/scope\u0026gt; \u0026lt;/dependency\u0026gt; ","description":"This page provides details on how to set up your development environment to work with Oracle Backend for Spring Boot and Microservices.\nThe following platforms are recommended for a development environment:\nMicrosoft Windows 10 or 11, preferably with Windows Subsystem for Linux 2 macOS (11 or later recommended) on Intel or Apple silicon Linux, for example Oracle Linux, Ubuntu, and so on. The following tools are recommended for a development environment:"},{"id":11,"href":"/microservices-datadriven/spring/platform/eureka/","title":"Eureka Service Discovery","parent":"Platform Services","content":"Oracle Backend for Spring Boot and Microservices includes the Spring Boot Eureka service registry, which is an application that stores information about client services or applications. Typically, each Microservice registers with the Eureka server at startup and the Eureka server maintains a list of all active instances of the service, including their ports and IP addresses. This information can be accessed by other services using a well-known key. This allows services to interact with each other without needing to know the other addresses at development or deployment time.\nAccess the Eureka Web User Interface To access the Eureka web user interface, process these steps:\nExpose the Eureka web user interface using this command:\nkubectl port-forward -n eureka svc/eureka 8761 Open the Eureka web user interface URL http://localhost:8761\nEureka web user interface On the dashboard you will see all the internal services registered with Eureka. If you have deployed the sample application CloudBank or done the LiveLab for Oracle Backend for Spring Boot and Microservices you will see those services.\n","description":"Oracle Backend for Spring Boot and Microservices includes the Spring Boot Eureka service registry, which is an application that stores information about client services or applications. Typically, each Microservice registers with the Eureka server at startup and the Eureka server maintains a list of all active instances of the service, including their ports and IP addresses. This information can be accessed by other services using a well-known key. This allows services to interact with each other without needing to know the other addresses at development or deployment time."},{"id":12,"href":"/microservices-datadriven/spring/get-help/","title":"Get Help","parent":"Oracle Backend for Spring Boot and Microservices","content":"If you need help with Oracle Backend for Spring Boot and Microservices you can seek help at the following channels:\nE-mail: obaas_ww@oracle.com Slack: https://oracledevs.slack.com/archives/C06L9CDGR6Z GitHub Issue: https://github.com/oracle/microservices-datadriven/issues When asking for help please provide the following:\nWhich version of Oracle Backend for Spring Boot and Microservices are you using? Which component(s) do you have an issue with? If possible, provide a testcase that shows the issue. Diagnostics Collection Two utilities will help Oracle diagnose and fix issues you may experience.\nBaseline The baseline command (Linux only) will collect non-sensitive information about your cluster and can be used to compare the current cluster state with a baseline state. This will help to quickly identify any discrepancies between a stable deployment and the current deployments.\nThe baseline utility can be run in one of three modes:\nGather baseline\nThis will write out a file \u0026lt;VERSION\u0026gt;.json by connecting to a kubernetes cluster and evaluating the current configuration. Use the gather option to establish a baseline of a working deployment.\nGather and Compare baseline --compare\nThis will look for a file called \u0026lt;OBAAS_VERSION\u0026gt;.json and write out a new file \u0026lt;OBAAS_VERSION\u0026gt;_current.json of the current configuration. The two files will be compared for differences.\nCompare baseline --compare \u0026lt;baselineFile\u0026gt; \u0026lt;currentFile\u0026gt;\nThis will compare two existing files, generated by the utility.\nCluster Dump A script is provided which can help to collect information about the configuration of your environment, logs of platform services, and various other information that may be helpful to diagnose and fix issues. Usage of this script is optional, and you should be aware that it is possible, and likely, that the output of this script may contain private or sensitive information. If you choose to run the script, you must review the contents of the output before providing that output to Oracle or anyone else.\n","description":"If you need help with Oracle Backend for Spring Boot and Microservices you can seek help at the following channels:\nE-mail: obaas_ww@oracle.com Slack: https://oracledevs.slack.com/archives/C06L9CDGR6Z GitHub Issue: https://github.com/oracle/microservices-datadriven/issues When asking for help please provide the following:\nWhich version of Oracle Backend for Spring Boot and Microservices are you using? Which component(s) do you have an issue with? If possible, provide a testcase that shows the issue. Diagnostics Collection Two utilities will help Oracle diagnose and fix issues you may experience."},{"id":13,"href":"/microservices-datadriven/spring/getting-started/","title":"Getting Started","parent":"Oracle Backend for Spring Boot and Microservices","content":"There are a number of demonstrations (videos) and hands-on labs (Live Lab) that show how to use Oracle Backend for Spring Boot and Microservices (Spring Boot).\nPrerequisites Deployed Oracle Backend for Spring Boot and Microservices. Introduction Video Watch this video for more information.\nBuild a Spring Boot Application With the Oracle Spring Boot Starters for UCP and Wallet In this video (18 minutes), Andy shows you how to:\nBuild a Phonebook application using Spring Boot with the Oracle Spring Boot Starters for Universal Connection Pools (UCP) and wallet. Deploy the applications to the Oracle Backend for Spring Boot and Microservices. Run tests. CloudBank - Building an Application with Spring Boot and Mobile APIs with Oracle Database and Kubernetes In this workshop (~ 2 hours), you learn how to build Microservices using Spring Boot and deploy them to the Oracle Backend for Spring Boot and Microservices. You learn about accessing the database using the Java Persistence API (JPA), service discovery, exposing services with the API Gateway, managing transactions across Microservices, workflow, and using observability tools to monitor your services and diagnose issues.\nIf you have already deployed Oracle Backend for Spring Boot and Microservices, you can skip Lab 1 (Provision an Instance).\nMore Learning There are more channels to learn about Oracle Backend for Spring Boot and Microservices:\nCheck out our blogs Join our Youtube Channel Next, go to the Platform Services page to learn more.\n","description":"There are a number of demonstrations (videos) and hands-on labs (Live Lab) that show how to use Oracle Backend for Spring Boot and Microservices (Spring Boot).\nPrerequisites Deployed Oracle Backend for Spring Boot and Microservices. Introduction Video Watch this video for more information.\nBuild a Spring Boot Application With the Oracle Spring Boot Starters for UCP and Wallet In this video (18 minutes), Andy shows you how to:\nBuild a Phonebook application using Spring Boot with the Oracle Spring Boot Starters for Universal Connection Pools (UCP) and wallet."},{"id":14,"href":"/microservices-datadriven/spring/infrastructure/gpu/","title":"GPUs for AI","parent":"Infrastructure","content":"Oracle Backend for Spring Boot and Microservices provides an option during installation to provision a set of Kubernetes nodes with NVIDIA A10 GPUs that are suitable for running AI workloads. If you choose that option during installation, you may also specify how many nodes are provisioned. The GPU nodes will be in a separate Node Pool to the normal CPU nodes, which allows you to scale it independently of the CPU nodes. They are also labeled so that you can target appropriate workloads to them using node selectors and/or affinity rules.\nTo view a list of nodes in your cluster with a GPU, you can use this command:\n$ kubectl get nodes -l \u0026#39;node.kubernetes.io/instance-type=VM.GPU.A10.1\u0026#39; NAME STATUS ROLES AGE VERSION 10.22.33.45 Ready node 2m44s v1.30.1 Running a Large Language Model on your GPU nodes One very common use for GPU nodes is to run a self-hosted Large Language Model (LLM) such as llama3 for inferencing or nomic-embed-text for embedding.\nCompanies often want to self-host an LLM to avoid sending private or sensitive data outside of their organization to a third-party provider, or to have more control over the costs of running the LLM and assocatied infrastructure.\nOne excellent way to self-host LLMs is to use Ollama.\nTo install Ollama on your GPU nodes, you can use the following commands:\nAdd the Ollama helm repository:\nhelm repo add ollama-helm https://otwld.github.io/ollama-helm/ Update your helm repositories:\nhelm repo update Create a values.yaml file to configure how Ollama should be installed, including which node(s) to run it on. Here is an example that will run Ollama on a GPU node and will pull the llama3 model.\nollama: gpu: enabled: true type: \u0026#39;nvidia\u0026#39; number: 1 models: - llama3 nodeSelector: node.kubernetes.io/instance-type: VM.GPU.A10.1 For more information on how to configure Ollama using the helm chart, refer to its documentation.\nCreate a namespace to deploy Ollama in:\nkubectl create ns ollama Deploy Ollama using the helm chart:\nhelm install ollama ollama-helm/ollama --namespace ollama --values ollama-values.yaml Interacting with Ollama You can interact with Ollama using the provided command line tool, called ollama. For example, to list the available models, use the ollama ls command:\nkubectl -n ollama exec svc/ollama -- ollama ls NAME ID SIZE MODIFIED llama3:latest 365c0bd3c000 4.7 GB 2 minutes ago To ask the LLM a question, you can use the ollama run command:\n$ kubectl -n ollama exec svc/ollama -- ollama run llama3 \u0026#34;what is spring boot?\u0026#34; Spring Boot is an open-source Java-based framework that simplifies the development of web applications and microservices. It\u0026#39;s a subset of the larger Spring ecosystem, which provides a comprehensive platform for building enterprise-level applications. ... Using LLMs hosted by Ollama in your Spring application Our self-paced hands-on example CloudBank AI includes an example of how to build a simple chatbot using Spring AI and Ollama.\n","description":"Oracle Backend for Spring Boot and Microservices provides an option during installation to provision a set of Kubernetes nodes with NVIDIA A10 GPUs that are suitable for running AI workloads. If you choose that option during installation, you may also specify how many nodes are provisioned. The GPU nodes will be in a separate Node Pool to the normal CPU nodes, which allows you to scale it independently of the CPU nodes."},{"id":15,"href":"/microservices-datadriven/spring/platform/vault/","title":"HashiCorp Vault","parent":"Platform Services","content":"Oracle Backend as a Service for Spring Cloud and Microservices includes HashiCorp Vault to secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets, and other sensitive data using a user interface (UI), command-line interface (CLI), or Hypertext Transfer Protocol (HTTP) API.\nTip For more information about working with the HashiCorp Vault, see the HashiCorp Vault Documentation and Tutorials Library. Setup Information Accessing the root Token Production Mode Accessing the root Token Development Mode Accessing Vault Recovery Keys Production Mode Accessing Vault Using kubectl Accessing the Vault Using the Web User Interface Audit Logs Grafana dashboard for HashiCorp Vault Setup Information The Vault can be deployed in two different ways. See the Setup:\nDevelopment mode Production mode Warning Never run a Development mode server in production. It is insecure and will lose data on every restart (since it stores data in-memory). It is only intended for development or experimentation. Vault uses the following Oracle Cloud Infrastructure (OCI) services when running in Production mode. When running in Development mode, only the OCI Container Engine for Kubernetes (OKE) is used.\nObject storage for storing Vault data. OCI Vault to automatically unseal the Vault. OCI Container Engine for Kubernetes for running the Vault server. When running in Production mode, the Vault is unsealed using the OCI Key Management Service (KMS) key. The root token can be accessed using the kubectl command-line interface. The root token in Development mode is root.\nThe following Vault services are enabled during deployment. Other services can be enabled using the vault command and the web user interface:\nToken Authentication Method. The token authentication method is built-in and automatically available. It allows users to authenticate using a token, as well as create new tokens, revoke secrets by token, and more. AppRole Authentication Method. The approle authentication method allows machines or applications to authenticate with Vault-defined roles. Kubernetes Authentication Method. The kubernetes authentication method can be used to authenticate with Vault using a Kubernetes service account token. This method of authentication makes it easy to introduce a Vault token into a Kubernetes Pod. Userpass Authentication Method. The userpass authentication method allows users to authenticate with Vault with a user name and password combination. Key/Value Secrets Engine. The non-versioned Key/Value secrets engine is a generic Key/Value store used to store arbitrary secrets. Key/Value Secrets Engine Version 2. The Key/Value secrets engine is a generic Key/Value store used to store arbitrary secrets. Accessing the root Token Production Mode root tokens have the root policy attached to them. root tokens can do anything in Vault and are useful in Development mode but should be restricted in Production mode. In fact, the Vault team recommends that root tokens only be used for the initial setup. Be sure to save the initial root token in a secure way. For example:\nkubectl get secret vault-root-token -n vault --template=\u0026#34;{{index .data \\\u0026#34;root.token\\\u0026#34; | base64decode}}\u0026#34;; echo Warning It is very important that the token is saved in multiple places. Losing the token can result in loss of access to the Vault. Accessing the root Token Development Mode The root token is set to root in Development mode. There are no recovery keys when running in Development mode.\nAccessing Vault Recovery Keys Production Mode Vault is configured to automatically unseal (auto unseal) using OCI Vault. Initializing with auto unseal creates five recovery keys that are stored in K8s Secrets. They MUST be retrieved and stored in a second location.\nWarning It is very important that recovery keys are saved in multiple places. Losing the recovery keys can result in loss of Vault. To extract the five recovery keys, use the following commands:\n% kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.1\\\u0026#34; }}\u0026#34;; echo % kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.2\\\u0026#34; }}\u0026#34;; echo % kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.3\\\u0026#34; }}\u0026#34;; echo % kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.4\\\u0026#34; }}\u0026#34;; echo % kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.5\\\u0026#34; }}\u0026#34;; echo Accessing Vault Using kubectl To access the Vault using the kubectl command-line interface, you need to set up Access Kubernetes Cluster.\nTest access to the Vault.\nVault Documentation contains all of the commands that you can use with the Vault CLI. For example, this command returns the current status of Vault on one of the pods:\nkubectl exec pod/vault-0 -n vault -it -- vault status The output looks similar to this:\nKey Value --- ----- Recovery Seal Type shamir Initialized true Sealed false Total Recovery Shares 5 Threshold 3 Version 1.11.3 Build Date 2022-08-26T10:27:10Z Storage Type oci Cluster Name vault-cluster-28535f69 Cluster ID 993662ee-b3ee-2a13-3354-97adae01e1ca HA Enabled true HA Cluster https://vault-0.vault-internal:8201 HA Mode active Active Since 2023-01-26T16:14:32.628291153Z Get the token and log in to the Vault.\nTo interact with the Vault in Production mode, you need to log in using a token that is stored in a K8s Secret. Get the token by running the following command. The output is the root token. It is very important that the token is saved in multiple places. Losing the token can result in loss of access to the Vault. In Development mode, the root token is root.\nGet the token with this command:\nkubectl get secret vault-root-token -n vault --template=\u0026#34;{{index .data \\\u0026#34;root.token\\\u0026#34; | base64decode}}\u0026#34;; echo Log in to the Vault and provide the token with this command:\nkubectl exec pod/vault-0 -n vault -it -- vault login The following is sample output from logging in as the root user which should only be done during the initial set up. As an administrator, you must generate separate tokens and access control lists (ACLs) for the users that need access to the Vault. See Vault Documentation. For example:\nKey Value --- ----- token hvs....... token_accessor Hcx....... token_duration ∞ token_renewable false token_policies [\u0026#34;root\u0026#34;] identity_policies [] policies [\u0026#34;root\u0026#34;] To display the enabled secret engines, process this command:\nkubectl exec pod/vault-0 -n vault -it -- vault secrets list The output looks similar to this:\nPath Type Accessor Description ---- ---- -------- ----------- cubbyhole/ cubbyhole cubbyhole_a07a59ec per-token private secret storage identity/ identity identity_8b1e1a80 identity store kv-v2/ kv kv_06acc397 n/a sys/ system system_df5c39a8 system endpoints used for control, policy and debugging To display the enabled authentication methods, process this command:\nkubectl exec pod/vault-0 -n vault -it -- vault auth list The output looks similar to this:\nPath Type Accessor Description ---- ---- -------- ----------- approle/ approle auth_approle_00ffb93b n/a kubernetes/ kubernetes auth_kubernetes_c9bb0698 n/a token/ token auth_token_68b0beb2 token based credentials userpass/ userpass auth_userpass_afb2fb02 n/a Create a secret at path kv-v2/customer/acme with a customer_name and a customer_email. For example:\nkubectl exec pod/vault-0 -n vault -it -- vault kv put -mount=kv-v2 \\ customer/acme customer_name=\u0026#34;ACME Inc.\u0026#34; contact_email=\u0026#34;john.smith@acme.com\u0026#34; The output looks similar to this:\n====== Secret Path ====== kv-v2/data/customer/acme ======= Metadata ======= Key Value --- ----- created_time 2023-01-30T15:53:41.85529383Z custom_metadata \u0026lt;nil\u0026gt; deletion_time n/a destroyed false version 1 Retrieve the created secret:\nkubectl exec pod/vault-0 -n vault -it -- vault kv get -mount=kv-v2 customer/acme The output looks similar to this:\n====== Secret Path ====== kv-v2/data/customer/acme ======= Metadata ======= Key Value --- ----- created_time 2023-01-30T15:53:41.85529383Z custom_metadata \u0026lt;nil\u0026gt; deletion_time n/a destroyed false version 1 ======== Data ======== Key Value --- ----- contact_email john.smith@acme.com customer_name ACME Inc. For more information about the Key/Value secrets engine, see the Key/Value Documentation and Versioned Key/Value Secrets Engine Tutorial.\nAccessing the Vault Using the Web User Interface To access the Vault, process these steps:\nExpose the Vault web user interface (UI) using this command:\nkubectl port-forward -n vault svc/vault 8200 Get the root token.\nTo interact with the Vault in Production mode, you need to log in using a token that is stored in a K8s Secret. Get the token by running the following command. The output is the root token. It is very important that the token is saved in multiple places. Losing the token can result in loss of access to the Vault. In Development mode, the root token is root. For example:\nkubectl get secret vault-root-token -n vault --template=\u0026#34;{{index .data \\\u0026#34;root.token\\\u0026#34; | base64decode}}\u0026#34;; echo Open the Vault web user interface URL: https://localhost:8200\nVault Web User Interface Log in using the root token. As an administrator, you must generate separate tokens and access control lists (ACLs) for the users that need access to the Vault. See Vault Documentation.\nYou are presented with the Home screen:\nVault Home Page Audit logs Important Audit logging is blocking, if the file is bigger than allowed space HashiCorp Vault will stop taking requests. If you deployed Oracle Backend for Spring Boot and Microservices using STANDARD edition, HashiCorp Vault will be deployed in production mode and you have the option of turing on audit logs. Note, you must be authenticated to turn on audit logs.\nTo turn on audit logs execute the following command:\nkubectl exec pod/vault-0 -n vault -it -- vault audit enable file file_path=/vault/audit/vault-audit.log You can to list enabled audit devices using the following command. The file_path is pointing to a directory on the pods where Vault is running.\nkubectl exec pod/vault-0 -n vault -it -- vault audit list -detailed If audit is enabled the output should look like this:\nPath Type Description Replication Options ---- ---- ----------- ----------- ------- file/ file n/a replicated file_path=/vault/audit/vault-audit.log To disable audit execute the following command:\nkubectl exec pod/vault-0 -n vault -it -- vault audit disable file Learn how to query audit logs here.\nGrafana dashboard for HashiCorp Vault Oracle Backend for Spring Boot and Microservices includes a Grafana dashboard for HashiCorp Vault.\nVault Grafana Dashboard ","description":"Oracle Backend as a Service for Spring Cloud and Microservices includes HashiCorp Vault to secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets, and other sensitive data using a user interface (UI), command-line interface (CLI), or Hypertext Transfer Protocol (HTTP) API.\nTip For more information about working with the HashiCorp Vault, see the HashiCorp Vault Documentation and Tutorials Library. Setup Information Accessing the root Token Production Mode Accessing the root Token Development Mode Accessing Vault Recovery Keys Production Mode Accessing Vault Using kubectl Accessing the Vault Using the Web User Interface Audit Logs Grafana dashboard for HashiCorp Vault Setup Information The Vault can be deployed in two different ways."},{"id":16,"href":"/microservices-datadriven/spring/infrastructure/","title":"Infrastructure","parent":"Oracle Backend for Spring Boot and Microservices","content":" Infrastructure Architecture Considerations The following points are considered when designing the infrastructure:\nPerformance The ability to scale both vertically on all tiers and horizontally on the web tier. Resources should be able automatically scale vertically based unpredictable, changing workloads.\nSecurity The database should not be accessible directly from the internet. Data should be encrypted at rest and, when traversing networks, in motion. The Kubernetes control plane and worker nodes should not be accessible directly from the internet.\nA Bastion Service should be use for directly accessing the Database and Kubernetes when required.\nAvailability Remove a single point of failure by introducing redundancy via Availability and Fault Domains and native ADB solutions.\nExtensibility and Flexibility Designed to seamlessly cater for the addition or removal of resources, capabilities and/or functionality.\nComponents The infrastructure has the following components:\nRegion An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centres, called availability domains.\nAvailability domains Availability domains are stand-alone, independent data centres within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance.\nFault domains A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. Applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.\nVirtual cloud network (VCN), Public and Private Subnets A VCN is a customizable, software-defined network. Like traditional data centre networks, VCNs give complete control over the network environment. A VCN can have multiple non-overlapping CIDR blocks which can be segmented into subnets. A subnet can be public or private.\nService gateway The service gateway provides access from a VCN to other services, such as Oracle Cloud Infrastructure Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.\nSecurity List/Network Security Group (NSG) For each subnet, Security Lists and/or Network Security Groups are used to specify the source, destination, and type of traffic that must be allowed in and out of the subnet.\nLoad Balancer The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to one or multiple servers in the back end.\nBastion Services The Bastion as a Service provides restricted and time-limited secure access to the ORDS Server(s) and the Autonomous Data Warehouse. These resources do not have public endpoints and require strict resource access controls.\nAutonomous Transaction Processing Database (ATP) By default, Autonomous Databases are highly available, incorporating a multi-node configuration to protect against localized hardware failures that do not require fast disaster recovery.\nContainer Engine for Kubernetes Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. You specify the compute resources that your applications require, and Container Engine for Kubernetes provisions them on Oracle Cloud Infrastructure in an existing tenancy. Container Engine for Kubernetes uses Kubernetes to automate the deployment, scaling, and management of containerized applications across clusters of hosts.\nControl Plane Services \u0026amp; Pods The Control Plane manages the worker nodes and the Pods in the Kubernetes cluster. The worker nodes run the containerized applications. Every cluster has at least one worker node. The worker node(s) host the Pods that are the components of the application workload.\nObject Storage Object Storage offers reliable and cost-efficient data durability, it provides quick access to large amounts of structured and unstructured data of any content type, including database data, analytic data, images, videos and more. We recommend using standard storage to ingest data from external sources because applications and users can access it quickly. You can build a lifecycle policy to move the data from standard storage to archive storage when it’s no longer required to be accessed frequently.\nRegistry Oracle Cloud Infrastructure Registry is an Oracle-managed registry that enables you to simplify your development-to-production workflow. Registry makes it easy for you to store, share, and manage development artifacts, like Docker images. The highly available and scalable architecture of Oracle Cloud Infrastructure ensures that you can deploy and manage your applications reliably.\nRecommendations Requirements might differ or change from the architecture proposed. Use the following recommendations as a starting point to adjusting the architecture; changes may impact pricing:\nDedicated Networking (Chargeable) Access to/from an On-Premise data centre will require additional networking configuration including but not limited to FastConnect and Dynamic Routing Gateways.\nSecurity Zones (Free) For resources that require maximum security, Oracle recommends to use security zones. A security zone is a compartment associated with an Oracle-defined recipe of security policies that are based on best practices. For example, the resources in a security zone must not be accessible from the public internet and they must be encrypted using customer-managed keys. When creating or updating resources in a security zone, OCI validates the operations against the policies in the security-zone recipe, and denies operations that violate any of the policies.\nWeb Application Firewall (Chargeable) Web Application Firewall (WAF) protects applications from malicious and unwanted internet traffic. WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer\u0026rsquo;s applications. WAF provides the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwanted bots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request.\nATP CPU Auto-Scaling (Chargeable) It is recommend to leave auto-scaling enabled; this will allow the increase and decrease of the databases CPU and I/O resources. Use Apache JMeter to load test functional behavior and measure the performance.\nAutonomous Data Guard (Chargeable) Autonomous Data Guard monitors the primary database and if the Autonomous Database instance goes down, then the standby instance assumes the role of the primary instance adding additional fault tolerance.\nData Catalog (Chargeable) OCI Data Catalog is a fully managed, self-service data discovery and governance solution for your enterprise data. Data Catalog provides a single collaborative environment to manage technical, business, and operational metadata\n","description":"Infrastructure Architecture Considerations The following points are considered when designing the infrastructure:\nPerformance The ability to scale both vertically on all tiers and horizontally on the web tier. Resources should be able automatically scale vertically based unpredictable, changing workloads.\nSecurity The database should not be accessible directly from the internet. Data should be encrypted at rest and, when traversing networks, in motion. The Kubernetes control plane and worker nodes should not be accessible directly from the internet."},{"id":17,"href":"/microservices-datadriven/spring/infrastructure/kubernetes/","title":"Kubernetes Access","parent":"Infrastructure","content":"The Oracle Backend for Spring Boot and Microservices requires a Kubernetes cluster where the components are deployed. You can bring your own cluster or, in OCI, have a Oracle Kubernetes Engine (OKE) deployed for you.\nOKE Access At the end of setup, you are provided with a command in the log of the apply job to create a Kubernetes configuration file to access that cluster:\nTip For more information about working with the Kubernetes cluster, see Setting Up Cluster Access in the Oracle Cloud Infrastructure documentation. kubeconfig_cmd = \u0026#34;oci ce cluster create-kubeconfig --cluster-id ocid1.cluster.oc1.iad.xxx --file $HOME/.kube/config --region us-ashburn-1 --token-version 2.0.0 --kube-endpoint PUBLIC_ENDPOINT\u0026#34; NOTE: The generated kubeconfig file works if you are using the DEFAULT profile in your Oracle Cloud Infrastructure (OCI) CLI configuration file. If you are using a different OCI CLI profile, you must add --profile \u0026lt;PROFILE-NAME\u0026gt; to the command. For example:\nkubeconfig_cmd = \u0026#34;oci ce cluster create-kubeconfig --cluster-id ocid1.cluster.oc1.iad.xxx --file $HOME/.kube/config --region us-ashburn-1 --token-version 2.0.0 --kube-endpoint PUBLIC_ENDPOINT\u0026#34; --profile \u0026lt;PROFILE-NAME\u0026gt; You must also edit the the generated Kubernetes configuration file and add the following lines:\n- name: user-xxxx user: exec: apiVersion: client.authentication.k8s.io/v1beta1 args: - ce - cluster - generate-token - --cluster-id - ocid1.cluster....xxxx - --region - us-ashburn-1 - --profile - \u0026lt;PROFILE-NAME\u0026gt; command: oci Using OCI Cloud Shell A simple alternative is to use the OCI Cloud Shell, which is provided in the OCI Console. You can open the OCI Cloud Shell by clicking Developer Tools in the upper right corner of the OCI Console. For example:\nOCI Cloud Shell icon Run the provided command to create your Kubernetes configuration file after which you can access the Kubernetes cluster. For example, you can list the Pods in your cluster:\nWelcome to Oracle Cloud Shell. Update: Cloud Shell will now use Oracle JDK 11 by default. To change this, see Managing Language Runtimes in the Cloud Shell documentation. Your Cloud Shell machine comes with 5GB of storage for your home directory. Your Cloud Shell (machine and home directory) are located in: US East (Ashburn). You are using Cloud Shell in tenancy xxxx as an OCI user xxxx Type `help` for more info. user@cloudshell:~ (us-ashburn-1)$ oci ce cluster create-kubeconfig --cluster-id ocid1.cluster.oc1.iad.xxx --file $HOME/.kube/config --region us-ashburn-1 --token-version 2.0.0 --kube-endpoint PUBLIC_ENDPOINT Existing Kubeconfig file found at /home/user/.kube/config and new config merged into it user@cloudshell:~ (us-ashburn-1)$ kubectl get pods -A NAMESPACE NAME READY STATUS RESTARTS AGE ingress-nginx ingress-nginx-controller-7d45557d5c-bqwwp 1/1 Running 0 4h18m ingress-nginx ingress-nginx-controller-7d45557d5c-klgnb 1/1 Running 0 4h18m ingress-nginx ingress-nginx-controller-7d45557d5c-l4d2m 1/1 Running 0 4h18m kube-system coredns-746957c9c6-hwnm8 1/1 Running 0 4h27m kube-system csi-oci-node-kqf5x 1/1 Running 0 4h23m kube-system kube-dns-autoscaler-6f789cfb88-7mptd 1/1 Running 0 4h27m kube-system kube-flannel-ds-hb6ld 1/1 Running 1 (4h22m ago) 4h23m kube-system kube-proxy-v5qwm 1/1 Running 0 4h23m kube-system proxymux-client-vpnh7 1/1 Running 0 4h23m ......... user@cloudshell:~ (us-ashburn-1)$ Manually Scaling OKE To add additional nodes to the OKE cluster, the Marketplace installation stack can be re-applied after increasing the number of worker nodes.\nNOTE: If changes to the infrastructure were made outside the stack, re-applying the stack may revert those changes back to their original values. It is important to PLAN and review the proposed changes before running APPLY. This will ensure there are no unintentional modifications to the infrastructure.\nIn the OCI Console, navigate to Developer Services -\u0026gt; Resource Manager -\u0026gt; Stacks Ensure the compartment is set to where the Marketplace Stack was deployed, and Select the stack. Edit the Stack and Click Next Increase the Node Pool Workers Click Next and Save Changes Run Plan Carefully review the proposed changes Run Apply after reviewing the proposed changes ","description":"The Oracle Backend for Spring Boot and Microservices requires a Kubernetes cluster where the components are deployed. You can bring your own cluster or, in OCI, have a Oracle Kubernetes Engine (OKE) deployed for you.\nOKE Access At the end of setup, you are provided with a command in the log of the apply job to create a Kubernetes configuration file to access that cluster:\nTip For more information about working with the Kubernetes cluster, see Setting Up Cluster Access in the Oracle Cloud Infrastructure documentation."},{"id":18,"href":"/microservices-datadriven/spring/observability/metrics/","title":"Metrics","parent":"Observability","content":"Oracle Backend for Spring Boot and Microservices provides built-in platform services to collect metrics from system and application workloads and pre-built Grafana dashboards to view and explore those metrics.\nOn this page, you will find the following topics:\nOverview Pre-installed dashboards Spring Boot Observability Spring Boot Statistics Oracle Database Dashboard Kube State Metrics Dashboard Apache APISIX DashBoard HashiCorp Vault Dashboard How to have metrics collected for your applications How to access Prometheus How to access Grafana Overview Oracle Backend for Spring Boot and Microservices includes a number of pre-installed and pre-configured components to provide metrics for the platform itself and for your applications.\nThe diagram below provides an overview of the components that play a role in metrics:\nObservability Overview In the diagram above:\nYou may deploy applications into the platform and to have metrics collected these must either register with the Spring Eureka Service Registry or you must create Service Monitor resources for your applications. Prometheus is configured to auto-discover services that register with the service registry and collect metrics for them. Prometheus is configured to collect metrics from application described by a Service Monitor. The Oracle Database Exporter and Kube State Metrics are pre-installed and Prometheus is configured to collect metrics from them. Grafana is pre-installed and populated with a set of dashboards (see below). A Prometheus data source is pre-configured. Pre-installed dashboards The following dashboards are pre-installed in Grafana:\nSpring Boot Observability This dashboard provides details of one or more Spring Boot applications including the following:\nThe number of HTTP requests received by the application A breakdown of which URL paths requests were received for The average duration of requests by path The number of exceptions encountered by the application Details of 2xx (that is, successful) and 5xx (that is, exceptions) requests The request rate per second over time, by path Log messages from the service You may adjust the time period and to drill down into issues, and search the logs for particular messages. This dashboard is designed for Spring Boot 3.x applications. Some features may work for Spring Boot 2.x applications.\nHere is an example of this dashboard displaying data for a simple application:\nSpring Boot Observability Dashboard Spring Boot Statistics This dashboard provides more in-depth information about services including the following:\nJVM statistic like heap and non-heap memory usage, and details of garbage collection Load average and open files Database connection pool statistics (for HikariCP) HTTP request statistics Logging (logback) statistics You may adjust the time period and to drill down into issues, and search the logs for particular messages. This dashboard is designed for Spring Boot 3.x applications. Some features may work for Spring Boot 2.x applications.\nHere is an example of this dashboard displaying data for a simple application:\nSpring Boot Statistics Dashboard Oracle Database Dashboard This dashboard provides details about the Oracle Database including:\nSGA and PGA size Active sessions User commits Execute count CPU count and platform Top SQL Wait time statistics by class Here is an example of this dashboard:\nOracle Database Dashboard Kube State Metrics Dashboard This dashboard provides details of the Kubernetes cluster including:\nPod capacity and requests for CPU and memory Node availability Deployment, Stateful Set, Pod, Job and Container statistics Details of horizontal pod autoscalers Details of persistent volume claims Here is an example of this dashboard:\nKube State Metrics Dashboard Apache APISIX Dashboard This dashboard provides details of the APISIX API Gateway including:\nTotal Requests NGINX Connection State Etcd modifications Here is an example of this dashboard:\nApache APISIX Observability Dashboard HashiCorp Vault Dashboard This dashboard provides details of the HashiCorp Vault including:\nHealth and seal status Number of secrets Number of operations Here is an example of this dashboard:\nApache APISIX Observability Dashboard How to have metrics collected for your applications When you deploy an application with Oracle Backend for Spring Boot and Microservices CLI or Visual Code Extension, provided you included the Eureka Discovery Client and Actuator in your application, Prometheus will automatically find your application (using the service registry) and start collecting metrics. These metrics will be included in both the Spring Boot Observability dashboard and the Spring Boot Statistic dashboard automatically.\nTo include the Eureka Discovery client in your application, add the following dependencies to your Maven POM or equivalent:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-starter-netflix-eureka-client\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-starter-actuator\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; You must also add the following configuration to your Spring application.yaml:\nspring: application: name: my-app eureka: instance: hostname: ${spring.application.name} preferIpAddress: true client: service-url: defaultZone: ${eureka.service-url} fetch-registry: true register-with-eureka: true enabled: true management: endpoint: health: show-details: always endpoints: web: exposure: include: \u0026#34;*\u0026#34; metrics: tags: application: ${spring.application.name} Alternatively, if you do not want to include the Eureka client, you can instead create a ServiceMonitor resource for your service. This must be created in the namespace where your application is deployed, and you must specify the correct port and the path for Spring Boot Actuator. Your application must have Actuator and the prometheus endpoint enabled, as described above.\nHere is an example of a ServiceMonitor for an application:\napiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: labels: app: my-app name: my-app namespace: application spec: endpoints: - interval: 20s path: /actuator/prometheus port: 8080 selector: matchLabels: app: my-app How to access Prometheus Prometheus is an open source monitoring and alerting system. Prometheus collects and stores metrics as time series data with the timestamp of the time that they are recorded, and optional Key/Value pairs called labels.\nExpose the Prometheus user interface (UI) using this command:\nkubectl port-forward -n prometheus svc/prometheus 9090:9090 Open the Prometheus web user interface URL: http://localhost:9090\nPrometheus UI In the Prometheus web user interface, search for metrics:\nIn the search bar, search for application_ready_time_seconds and click on Execute. You should see metrics for the Sample Applications. For example:\nPrometheus Metrics In the Prometheus web user interface, Status allows you to view the targets being monitored by Prometheus:\nIn the top menu, choose Status and then Targets. Notice that the targets \u0026ldquo;slow\u0026rdquo;, \u0026ldquo;customer\u0026rdquo; and others are in UP status and others are in DOWN status. Prometheus Targets How to access Grafana Grafana open source software enables you to query, visualize, alert, and explore your metrics, logs, and traces wherever they are stored. Grafana open source software provides tools that turn your time series database (TSDB) data into insightful graphs and visualizations. Take the following steps:\nExpose Grafana using this command:\nkubectl -n grafana port-forward svc/grafana 8080:80 Open the Grafana web user interface URL: http://localhost:8080\nusername: admin\nTo get the password, run this command:\nkubectl -n grafana get secret grafana-dashboard-authn -o jsonpath=\u0026#39;{.data.password}\u0026#39; | base64 -d; echo NOTE: If you do not have base64, leave off the last part (| base64 -d) in the command, then copy the output, and use this website to decode it: https://www.base64decode.org/.\nIf you did not set your own password during installation, then the auto-generated password will be a long string of characters that might be similar to 210BAqNzYkrcWjd58RKC2Xzerx9c0WkZi9LNsG4c. For example:\nGrafana Login ","description":"Oracle Backend for Spring Boot and Microservices provides built-in platform services to collect metrics from system and application workloads and pre-built Grafana dashboards to view and explore those metrics.\nOn this page, you will find the following topics:\nOverview Pre-installed dashboards Spring Boot Observability Spring Boot Statistics Oracle Database Dashboard Kube State Metrics Dashboard Apache APISIX DashBoard HashiCorp Vault Dashboard How to have metrics collected for your applications How to access Prometheus How to access Grafana Overview Oracle Backend for Spring Boot and Microservices includes a number of pre-installed and pre-configured components to provide metrics for the platform itself and for your applications."},{"id":19,"href":"/microservices-datadriven/spring/platform/microtx/","title":"MicroTx","parent":"Platform Services","content":"Oracle Transaction Manager for Microservices, also known as \u0026ldquo;MicroTx\u0026rdquo;, simplifies application development and operations by enabling distributed transactions to ensure consistency across microservices deployed in Kubernetes.\nOracle Backend for Spring Boot and Microservices includes the free version of MicroTx, which has all of the functionality of the commercial version, but limits the number of transactions and only persists data in memory. It is recommended for evaluations and application development purposes.\nMicroTx supports the following consistency models:\nExtended Architecture (XA) Long Running Actions (LRA) Try-Confirm/Cancel (TCC) The CloudBank sample application includes a \u0026ldquo;Transfer\u0026rdquo; service which demonstrates how to use MicroTx to implement the Saga pattern using the Eclipse Microprofile Long Running Actions specification.\nTo use MicroTx in your Spring Boot applications, include the following dependency in your pom.xml or equivalent:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.microtx.lra\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;microtx-lra-spring-boot-starter-3x\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.1\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; Add the following configuration to your Spring application configuration. The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI or the Visual Studio Code Extension to deploy your application. For example:\nspring: microtx: lra: coordinator-url: ${MP_LRA_COORDINATOR_URL} propagation-active: true headers-propagation-prefix: \u0026#34;{x-b3-, oracle-tmm-, authorization, refresh-}\u0026#34; lra: coordinator: url: ${MP_LRA_COORDINATOR_URL} Upgrading to the commercial version If you have licensed Oracle Transaction Manager for Microservices Enterprise Edition, please see the documentation for details of how to install and configure MicroTx. Oracle recommends that you perform a new installation rather than attempting to upgrade the provided MicroTx Free installation to the commercial version.\n","description":"Oracle Transaction Manager for Microservices, also known as \u0026ldquo;MicroTx\u0026rdquo;, simplifies application development and operations by enabling distributed transactions to ensure consistency across microservices deployed in Kubernetes.\nOracle Backend for Spring Boot and Microservices includes the free version of MicroTx, which has all of the functionality of the commercial version, but limits the number of transactions and only persists data in memory. It is recommended for evaluations and application development purposes."},{"id":20,"href":"/microservices-datadriven/spring/infrastructure/networking/","title":"Networking","parent":"Infrastructure","content":"The Oracle Backend for Spring Boot and Microservices has specific networking requirements to ensure resource communication while providing security through isolation and networking rules.\nThe standard installation will provision a new Virtual Cloud Network (VCN) with the required subnets and all networking rules to get you started using the Oracle Backend for Spring Boot and Microservices quickly. To use an existing VCN, please follow the Bring Your Own VCN instructions.\nFor custom installations, including On-Premises, it is the responsibility of the customer to ensure network access controls to provide both operational access and security. The Oracle Cloud Infrastructure (OCI) standard installation setup can be used as a general template.\nNetwork Infrastructure Overview OCI Network Infrastructure All infrastructure resources are split between two subnets: one public and one private subnet with access restricted by Network Security Groups (Firewalls). All access is blocked by default with specific IP and port opened, as documented below, for proper operation.\nNote minimum CIDRs are based on an Oracle Cloud Infrastructure (OCI) deployments. Other cloud vendors reserve usable IPs within a CIDR reducing the usable IPs that can be used by the infrastructure.\nPublic Subnet The public subnet allows external access to the Oracle Backend for Spring Boot and Microservices resources. Ingress/Egress to the public subnet and from the Internet is provided by an Internet Gateway.\nAt a minimum, the public subnet requires two usable IP Addresses. In OCI this equates to a 30-bit network identifier (/30).\nICMP traffic is allowed between the public and private Subnets for resource discovery.\nNOTE: Resources within the public subnet are not inherently accessible from the internet. The public subnet allows the resources in it to obtain a public IP address, however assigning a public IP is not required. When a public IP is not assigned to the resource, it is only accessible from within the subnet itself. All access to resources in the public subnet are restricted by configurable Network Security Groups (Firewalls).\nLoad Balancer An external Load Balancer is used in conjunction with Ingress resources to expose Services to the internet. Ingress to the Load Balancer should be restricted by CIDR and ports (default: 0.0.0.0/0; 80,443). All TLS communications terminate at the LoadBalancer. For more information on the certificate for TLS, please see OCI Load Balancer TLS Certificate Setup.\nKubernetes API Endpoint The Kubernetes API Endpoint, within the Control Plane, is used to manage the Kubernetes Cluster as well as providing access to Kubernetes services that are not exposed to the Load Balancer via Port Forwarding. Ingress to the Endpoint is restricted to port 6443 and should be further restricted by CIDR (default: 0.0.0.0/0).\nIn Oracle Cloud Infrastructure (OCI), the Oracle Kubernetes Engine (OKE) Control Plane is allowed egress to OCI services via port 443. Access to these services are required for the OKE Managed Control Plane.\nPrivate Subnet The private subnet isolates its resources from direct external access by prohibiting the allocation of public IP address to those resources. Ingress to resources in the private subnet is restricted to the Load Balancer and Kubernetes API Endpoint via specific Network Security Group (Firewall) rules. Optionally, a Bastion Service, within the Private subnet, can provide additional non-restricted access to the resources in the private subnet.\nEgress to the Internet is provided by a NAT Gateway, while Egress to other Cloud Services (such as a Container Repository) is provided by a Service Gateway.\nThe CIDR of the Private Subnet is dependent on the number of Kubernetes Work Nodes and other resources, such as databases. It is recommended to specify a CIDR providing at least six usable IP Addresses. In OCI, this equates to a 29-bit network identifier (/29).\nICMP traffic is allowed between the public and private subnets for resource discovery.\nKubernetes Worker Nodes The worker nodes are allowed to communicate with other worker nodes on all ports.\nWorker Nodes and Load Balancer The Worker Nodes and Load Balancer are allowed to communicate on port 10256 for Health Check/Availability purposes and ports 30000-32767 for forwarding external internet access to exposed services.\nWorker Nodes and Kubernetes API Endpoint Worker Nodes are allowed to communicate with the API Endpoint on port 6443.\nWorker Nodes and Control Plane The Kubernetes Control Plane is allowed to communicate to Worker Nodes on all ports. The Worker Nodes are allowed to communicate with the Control Plane on port 12250.\nOracle Database It is recommended to place the Oracle Databases inside the Private Subnet. Worker Nodes and the Oracle Database will be allowed to communicate freely within the Private Subnet.\nWhen using the Oracle Autonomous Database (ADB), it can either be placed in the Private Subnet with a Private Endpoint, or outside the Virtual Cloud Network with Secured Access. When the ADB is configured for Secured Access, access is allowed from the Virtual Cloud Network and additional, configurable IPs.\nBring Your Own OCI VCN Using the Standard Edition you can use a pre-created VCN for the Oracle Backend for Spring Boot and Microservices resources.\nThe following are minimum requirements for a BYO VCN:\nPublic Subnet Minimum CIDR: /30 Route Table: Internet Gateway to 0.0.0.0/0 Private Subnet Minimum CIDR: /29 Route Table: Service Gateway to \u0026ldquo;All \u0026lt;Region\u0026gt; Services in the Oracle Services Network\u0026rdquo; NAT Gateway to 0.0.0.0/0 Configuration During the configuration of the Oracle Backend for Spring Boot and Microservices, ensure that the Edition is set to Standard:\nTick the \u0026ldquo;Bring Your Own Virtual Network\u0026rdquo; checkbox and fill in the appropriate values for the VCN Compartment/Name, Public Subnet Compartment/Name, and Private Subnet Compartment/Name:\nVirtual Cloud Network Compartment : The compartment of the existing VCN. Virtual Cloud Network (VCN) : The VCN name. Private Subnet Compartment : The compartment of the existing Private Subnet in the VCN. Private Subnet : The Private Subnet name (this will automatically translate the name to an OCID). Public Subnet Compartment : The compartment of the existing Public Subnet in the VCN. Public Subnet : The Public Subnet name (this will automatically translate the name to an OCID). OCI LoadBalancer TLS Certificate Setup In OCI, example self-signed certificates are used for TLS communication to the Load Balancer. The self-signed certificates should be replaced with certificates signed by a publicly trusted certificate authority (CA).\nSetup Ensure your Domain Name System (DNS) entry points to the public IP address associated with the service/ingress-nginx-controller in the ingress-nginx namespace:\nObtain a new TLS certificate. In a production environment, the most common scenario is to use a public certificate that has been signed by a certificate authority.\nCreate a new Kubernetes secret in the ingress-nginx namespace. For example:\nkubectl -n ingress-nginx create secret tls my-tls-cert --key new-tls.key --cert new-tls.crt Modify the service definition to reference the new Kubernetes secret by changing the service.beta.kubernetes.io/oci-load-balancer-tls-secret annotation in the service configuration. For example:\nkubectl patch service ingress-nginx-controller -n ingress-nginx \\ -p \u0026#39;{\u0026#34;metadata\u0026#34;:{\u0026#34;annotations\u0026#34;:{\u0026#34;service.beta.kubernetes.io/oci-load-balancer-tls-secret\u0026#34;:\u0026#34;my-tls-cert\u0026#34;}}}\u0026#39; \\ --type=merge ","description":"The Oracle Backend for Spring Boot and Microservices has specific networking requirements to ensure resource communication while providing security through isolation and networking rules.\nThe standard installation will provision a new Virtual Cloud Network (VCN) with the required subnets and all networking rules to get you started using the Oracle Backend for Spring Boot and Microservices quickly. To use an existing VCN, please follow the Bring Your Own VCN instructions."},{"id":21,"href":"/microservices-datadriven/spring/development/cli/","title":"OBaaS CLI","parent":"Development","content":"The Oracle Backend for Spring Boot and Microservices offers a command-line interface (CLI), oractl. The CLI commands simplify the deployment of microservices applications as well as bindings with the resources that they use. Download the CLI here. The platform-specific binary can be renamed to oractl for convenience.\nTable of Contents:\nInstalling the CLI Using the CLI Available Commands Help Connect to the backend Create application namespace Delete application namespace Bind database schema/kubernetes secrets Deploy a service Create a horizontal pod autoscaler Delete a horizontal pod autoscaler List - show details about deployments Manage config server data GraalVM compile commands User Management Logging Information Installing the CLI The Oracle Backend for Spring Boot CLI is used to configure your backend and to deploy your Spring Boot applications to the backend.\nDownload the Oracle Backend for Spring Boot and Microservices CLI oractl\nDownload the CLI from here\nRename the downloaded file to oractl\nAdd oractl to PATH variable\nYou need to make sure it is executable and add it to your PATH environment variable.\n\u0026lt;copy\u0026gt; chmod +x oractl export PATH=/path/to/oractl:$PATH\u0026lt;/copy\u0026gt; NOTE: If environment is a Mac you need run the following command sudo xattr -r -d com.apple.quarantine \u0026lt;downloaded-file\u0026gt; otherwise will you get a security warning and the CLI will not work.\nUsing the CLI Expose the Oracle Backend for Spring Boot and Microservices Admin server that the CLI calls using this command:\nkubectl port-forward services/obaas-admin -n obaas-admin 8080 Start the CLI in interactive mode by running oractl from your terminal window. For example:\noractl As a result, the oractl prompt is displayed as follows:\n_ _ __ _ ___ / \\ |_) _. _. (_ / | | \\_/ |_) (_| (_| __) \\_ |_ _|_ ======================================================================================== Application Name: Oracle Backend Platform :: Command Line Interface Application Version: (1.1.3) :: Spring Boot (v3.2.1) :: Ask for help: - Slack: https://oracledevs.slack.com/archives/C03ALDSV272 - email: obaas_ww@oracle.com oractl:\u0026gt; Available Commands help Short descriptions for the available commands can be viewed by issuing the help command and detailed help for any individual commands can be viewed by issuing help [command-name]. For example:\noractl:\u0026gt;help AVAILABLE COMMANDS Application/Namespace Commands create: Create an application/namespace. Autoscaler Commands create-autoscaler: Create an autoscaler. delete-autoscaler: Delete an autoscaler. Built-In Commands help: Display help about available commands stacktrace: Display the full stacktrace of the last error. clear: Clear the shell screen. quit, exit: Exit the shell. history: Display or save the history of previously run commands version: Show version info script: Read and execute commands from a file. GraalVM Compile Commands compile-download: Download executable file compiled compile: Compile a service with GraalVM compile-purge: Delete a job launched compile-logs: Compilation progress Identity and Access Management Service user list: Lists the users in your platform. user create: Creates a new user in your platform. user get: Gets the specified user’s information. user delete: Delete a user in your platform. user change-roles: Change the roles from the specified user. connect: Connect to the OBaaS Admin Service. user change-password: Change password for the specified user. Informational Commands list: list/show details of application services. Service Commands bind: Create or Update a schema/user and bind it to service deployment. delete: Delete a service or entire application/namespace. config: View and modify Service configuration. deploy: Deploy a service. Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com An application is a namespace encompassing related microservices. For example, a \u0026ldquo;cloudbank\u0026rdquo; application may have \u0026ldquo;banktransfer\u0026rdquo; and \u0026ldquo;frauddetection\u0026rdquo; microservices deployed within it.\nThe create command results in the creation of an application namespace (Kubernetes namespace). The application namespace provides a mechanism for isolating groups of resources, especially the microservices.\nThe delete command results in the complete deletion of an application namespace (Kubernetes namespace) or for a specific microservice. Ensure that you want to completely delete the application namespace. You cannot rollback the components once deleted.\nThe bind command results in the automatic creation of a database schema for a given service or user and binds the information for that schema or database in the environment of the microservice. The option of a prefix for the bound environment properties is also returned. For example, most Spring Boot microservices use spring.datasource.\nThe deploy command takes service-name, app-name, and artifact-path as the main arguments (image-version and java-version options are also provided). When the deploy command is issued, the microservice JAR file is uploaded to the backend and a container image is created for the JAR or microservice, and various Kubernetes resources such as Deployment and Service are also created. This is all done automatically to simplify the development process and the management of the microservices by the backend.\nThe create-autoscaler and delete-autoscaler commands allow you to create and delete horizontal pod autoscalers for specific microservices.\nThe list command shows the details of the deployed microservices.\nThe config command can also be used to add, view, update, and delete configurations managed by the Spring Cloud Config server.\nA common development workflow pattern is to connect, change-password (only if necessary), create (once per application or namespace), config, bind (only if necessary), deploy, and list.\nFurther development and redeployment of the service can then be repeated issuing the deploy and list commands.\nThe following is a description of the CLI commands:\nconnect Use the connect command to connect your oractl CLI to the Oracle Backend Administration service:\noractl:\u0026gt;help connect NAME connect - Connect to the OBaaS Spring Cloud admin console. SYNOPSIS connect --url String --help OPTIONS --url String admin server URL [Optional, default = http://localhost:8080] --help or -h help for connect [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;connect ? username obaas-admin ? password **************** Credentials successfully authenticated! obaas-admin -\u0026gt; welcome to OBaaS CLI. create Use the create command to create an application namespace (Kubernetes namespace). The application namespace provides a mechanism for isolating groups of resources, especially the microservices. Names of resources need to be unique within an application namespace, but not across application namespaces.\noractl:\u0026gt;help create NAME create - Create an application/namespace. SYNOPSIS create --app-name String --help OPTIONS --app-name String application/namespace [Optional] --help or -h help for create [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;create --app-name myapp application/namespace created successfully and image pull secret (registry-auth) created successfully and database TNSAdmin/wallet secret created successfully delete Use the delete command to delete an application namespace (Kubernetes namespace) completely or a specific microservice inside an application namespace.\nATTENTION: Ensure that you want to completely delete the application namespace. You cannot rollback the components once deleted.\nNAME delete - Delete a service or entire application/namespace. SYNOPSIS delete --app-name String --service-name String --image-version String --help OPTIONS --app-name String application/namespace [Optional] --service-name String Service Name [Optional] --image-version String Image Version [Optional] --help or -h help for delete [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;delete --app-name myapp obaas-cli [delete]: The Application/Namespace [myapp] will be removed, including all Services deployed. Do you confirm the complete deletion (y/n)?: y obaas-cli [delete]: Application/Namespace [myapp] as successfully deleted bind Use the bind command to create and update a database schema or user for the service. These commands also create or update the Kubernetes secret and binding environment entries for the schema. These are set in the Kubernetes deployment created with the deploy command. For example:\noractl:\u0026gt;help bind NAME bind - Create or Update a schema/user and bind it to service deployment. SYNOPSIS bind --action CommandConstants.BindActions --app-name String --service-name String --username String --binding-prefix String --help OPTIONS --action CommandConstants.BindActions possible actions: create or update. create is default. [Optional, default = create] --app-name String application/namespace [Optional, default = application] --service-name String Service Name (Default for database user if username is not provided) [Optional] --username String Database User [Optional] --binding-prefix String spring binding prefix [Optional, default = spring.datasource] --help or -h help for bind [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com ATTENTION: The service-name is mandatory and used as the name for the schema or user to be created. If you want to use a different schema or user from the service-name, you must also submit the username.\nUse the bind or bind create command to create a database schema or user for the service. For Example:\noractl:\u0026gt;bind create --app-name myapp --service-name myserv Database/Service Password: ************ Schema {myserv} was successfully created and Kubernetes Secret {myapp/myserv} was successfully created. Use the bind update command to update an already created database schema or user for the service. For example:\noractl:\u0026gt;bind update --app-name myapp --service-name myserv Database/Service Password: ************ Schema {myserv} was successfully updated and Kubernetes Secret {myapp/myserv} was successfully updated. deploy Use the deploy command to create, build, and push an image for the microservice and create the necessary deployment, service, and secret Kubernetes resources for the microservice.\noractl:\u0026gt;help deploy NAME deploy - Deploy a service. SYNOPSIS deploy --bind String --app-name String [--service-name String] [--image-version String] --service-profile String --port String --java-version String --add-health-probe boolean --liquibase-db String [--artifact-path String] --initial-replicas int --graalvm-native boolean --apigw boolean --route String --apikey String --help OPTIONS --bind String automatically create and bind resources. possible values are [jms] [Optional] --app-name String application/namespace [Optional, default = application] --service-name String Service Name [Mandatory] --image-version String Image Version [Mandatory] --service-profile String Service Profile [Optional] --port String Service Port [Optional, default = 8080] --java-version String Java Base Image [ghcr.io/graalvm/jdk:ol9-java17-22.3.1] [Optional] --add-health-probe boolean Inject or not Health probes to service. [Optional, default = false] --liquibase-db String Inform the database name for Liquibase. [Optional] --artifact-path String Service jar/exe location [Mandatory] --initial-replicas int The initial number of replicas [Optional, default = 1] --graalvm-native boolean Artifact is a graalvm native compiled by Oracle Backend [Optional, default = false] --apigw boolean open routing through APISIX [Optional, default = false] --route String set an APISIX route path [Optional, default = /api/v1/] --apikey String set APISIX API_KEY [Optional] --help or -h help for deploy [Optional] CURRENTLY UNAVAILABLE you are not signedIn. Please sign in to be able to use this command! Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;deploy --app-name myapp --service-name myserv --image-version 0.0.1 --port 8081 --bind jms --add-health-probe true --artifact-path obaas/myserv/target/demo-0.0.1-SNAPSHOT.jar uploading: obaas/myserv/target/demo-0.0.1-SNAPSHOT.jar building and pushing image... binding resources... successful creating deployment and service... successfully deployed or, for native compiled microservices, add \u0026ndash;java-version container-registry.oracle.com/os/oraclelinux:7-slim to have a compact image and \u0026ndash;graalvm-native to specify the file provided is an executable .exec:\noractl:\u0026gt;deploy --app-name myapp --service-name account --artifact-path obaas/myserv/target/accounts-0.0.1-SNAPSHOT.jar.exec --image-version 0.0.1 --graalvm-native --java-version container-registry.oracle.com/os/oraclelinux:7-slim create-autoscaler Use the create-autoscaler command to create a horizontal pod autoscaler for a microservice you have deployed. You can specify the target scaling threshold using CPU percentage. Note that your microservice must have its CPU request set in order to use the autoscaler. It is set to 500m (that is, half a core) by the deploy command if you did not override the default.\noractl:\u0026gt;help create-autoscaler NAME create-autoscaler - Create an autoscaler. SYNOPSIS create-autoscaler --app-name String [--service-name String] --min-replicas int --max-replicas int --cpu-request String --cpu-percent int --help OPTIONS --app-name String application/namespace [Optional, default = application] --service-name String Service Name [Mandatory] --min-replicas int The minimium number of replicas [Optional, default = 1] --max-replicas int The maximum number of replicas [Optional, default = 4] --cpu-request String The amount of CPU to request [Optional, default = 100m] --cpu-percent int The CPU percent at which to scale [Optional, default = 80] --help or -h help for create-autoscaler [Optional] CURRENTLY UNAVAILABLE you are not signedIn. Please sign in to be able to use this command! Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;create-autoscaler --app-name application --service-name creditscore --cpu-percent 80 --cpu-request 200m --min-replicas 2 --max-replicas 6 obaas-cli [create-autoscaler]: Autoscaler was successfully created. You can view the details of the autoscaler using kubectl, for example:\n$ kubectl -n application get hpa NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE creditscore Deployment/creditscore 0%/80% 2 6 2 26s customer Deployment/customer 4%/80% 2 6 2 26h delete-autoscaler Use the delete-autoscaler command to delete a horizontal pod autoscaler for a microservice you have deployed.\noractl:\u0026gt;help delete-autoscaler NAME delete-autoscaler - Delete an autoscaler. SYNOPSIS delete-autoscaler --app-name String [--service-name String] --help OPTIONS --app-name String application/namespace [Optional, default = application] --service-name String Service Name [Mandatory] --help or -h help for delete-autoscaler [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;delete-autoscaler --app-name application --service-name creditscore obaas-cli [delete-autoscaler]: Autoscaler was successfully deleted. list Use the list command to show details of the microservice deployed in the previous step. For example:\noractl:\u0026gt;help list NAME list - list/show details of application services. SYNOPSIS list --app-name String --help OPTIONS --app-name String application/namespace [Optional, default = application] --help or -h help for list [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;list --app-name myapp name:myserv-c46688645-r6lhl status:class V1ContainerStatus { containerID: cri-o://6d10194c5058a8cf7ecbd5e745cebd5e44c5768c7df73053fa85f54af4b352b2 image: \u0026lt;region\u0026gt;.ocir.io/\u0026lt;tenancy\u0026gt;/obaas03/myapp-myserv:0.0.1 imageID: \u0026lt;region\u0026gt;.ocir.io/\u0026lt;tenancy\u0026gt;/obaas03/myapp-myserv@sha256:99d4bbe42ceef97497105218594ea19a9e9869c75f48bdfdc1a2f2aec33b503c lastState: class V1ContainerState { running: null terminated: null waiting: null } name: myserv ready: true restartCount: 0 started: true state: class V1ContainerState { running: class V1ContainerStateRunning { startedAt: 2023-04-13T01:00:51Z } terminated: null waiting: null } }name:myserv kind:null config Use the config command to view and update the configuration managed by the Spring Cloud Config server. More information about the configuration server can be found at this link: Spring Config Server\noractl:\u0026gt;help config NAME config - View and modify Service configuration. SYNOPSIS config [--action CommandConstants.ConfigActions] --service-name String --service-label String --service-profile String --property-key String --property-value String --artifact-path String --help OPTIONS --action CommandConstants.ConfigActions possible actions: add, list, update, or delete [Mandatory] --service-name String Service Name [Optional] --service-label String label for config [Optional] --service-profile String Service Profile [Optional] --property-key String the property key for the config [Optional] --property-value String the value for the config [Optional] --artifact-path String the context [Optional] --help or -h help for config [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com Use the config add command to add the application configuration to the Spring Cloud Config server using one of the two following options:\nAdd a specific configuration using the set of parameters --service-name, --service-label, --service-profile, --property-key, and --property-value. For example: oractl:\u0026gt;config add --service-name myserv --service-label 0.0.1 --service-profile default --property-key k1 --property-value value1 Property added successfully. Add a set of configurations based on a configuration file using these commands: { \u0026#34;application\u0026#34;: \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;0.0.1\u0026#34;, \u0026#34;properties\u0026#34;: { \u0026#34;spring.datasource.driver-class-name\u0026#34;: \u0026#34;oracle.jdbc.OracleDriver\u0026#34;, \u0026#34;spring.datasource.url\u0026#34;: \u0026#34;jdbc:oracle:thin:@$(db.service)?TNS_ADMIN=/oracle/tnsadmin\u0026#34; } } oractl:\u0026gt;config add --artifact-path /obaas/myserv-properties.json 2 property(s) added successfully. oractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.0.1 [ { \u0026#34;id\u0026#34; : 222, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;spring.datasource.driver-class-name\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;oracle.jdbc.OracleDriver\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-04-13T01:29:38.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; }, { \u0026#34;id\u0026#34; : 223, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;spring.datasource.url\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;jdbc:oracle:thin:@$(db.service)?TNS_ADMIN=/oracle/tnsadmin\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-04-13T01:29:38.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] Use the config list command, without any parameters, to list the services that have at least one configuration inserted in the Spring Cloud Config server. For example:\noractl:\u0026gt;config list [ { \u0026#34;name\u0026#34; : \u0026#34;apptest\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;\u0026#34; }, { \u0026#34;name\u0026#34; : \u0026#34;myapp\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;\u0026#34; }, […] Use the config list [parameters] command to list the parameters using parameters as filters. For example:\n--service-name : Lists all of the parameters from the specified service. --service-label : Filters by label. --service-profile : Filters by profile. --property-key : Lists a specific parameter filter by key. For example:\noractl:\u0026gt;config list --service-name myserv --service-profile default --service-label 0.0.1 [ { \u0026#34;id\u0026#34; : 221, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;default\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;k1\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;value1\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-04-13T01:10:16.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] Use the config update command to update a specific configuration using the set of parameters:\n--service-name --service-label --service-profile --property-key --property-value For example:\noractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.1 --property-key k1 [ { \u0026#34;id\u0026#34; : 30, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;k1\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;value1\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-03-23T18:02:29.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] oractl:\u0026gt;config update --service-name myserv --service-profile obaas --service-label 0.1 --property-key k1 --property-value value1Updated Property successful modified. oractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.1 --property-key k1 [ { \u0026#34;id\u0026#34; : 30, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;k1\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;value1Updated\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-03-23T18:02:29.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] Use the config delete command to delete the application configuration from the Spring Cloud Config server using one of the following two options:\nDelete all configurations from a specific service using the filters --service-name, --service-profile and --service-label. The CLI tracks how many configurations are present in the Spring Cloud Config server and confirms the completed deletion. For example:\noractl:\u0026gt;config delete --service-name myserv [obaas] 7 property(ies) found, delete all (y/n)?: Delete a specific configuration using the parameters --service-name, --service-label, --service-profile and --property-key. For example:\noractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.1 --property-key ktest2 [ { \u0026#34;id\u0026#34; : 224, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;ktest2\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;value2\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-04-13T01:52:11.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] oractl:\u0026gt;config delete --service-name myserv --service-profile obaas --service-label 0.1 --property-key ktest2 [obaas] property successfully deleted. oractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.1 --property-key ktest2 400 : \u0026#34;Couldn\u0026#39;t find any property for submitted query.\u0026#34; compile Use the GraalVM Compile Commands to:\nUpload a .jar file to the Oracle Backend for Spring Boot and microservices and its GraalVM compiler service. Start a compilation of your microservice to produce an executable native .exec file. Retrieve the last logs available regarding a compilation in progress or terminated. Download the .exec file to deploy on the backend. Purge the files remaining after a compilation on the remote GraalVM compiler service. The GraalVM Compile Commands are the following:\noractl:\u0026gt;help GraalVM Compile Commands compile-download: Download the compiled executable file. compile: Compile a service with GraalVM. compile-purge: Delete a launched job. compile-logs: Compilation progress. Use the compile command to upload and automatically start compilation using the following command:\noractl:\u0026gt;help compile NAME compile - Compile a service with GraalVM SYNOPSIS compile [--artifact-path String] --help OPTIONS --artifact-path String Service jar to compile location [Mandatory] --help or -h help for compile [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com Because the compilation of a .jar file using the tool native-image does not support cross-compilation, it must be on the same platform where the application will run. This service guarantees a compilation in the same operating system and CPU type where the service will be executed on the Kubernetes cluster.\nThe Spring Boot application pom.xml with the plugin:\n\u0026lt;plugin\u0026gt; \u0026lt;groupId\u0026gt;org.graalvm.buildtools\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;native-maven-plugin\u0026lt;/artifactId\u0026gt; \u0026lt;/plugin\u0026gt; The project should be compiled on the developer desktop with GraalVM version 22.3 or later using an mvn command. For example:\nmvn -Pnative native:compile -Dmaven.test.skip=true This pre-compilation on your desktop checks if there are any issues on the libraries used in your Spring Boot microservice. In addition, your executable .jar file must include ahead-of-time (AOT) generated assets such as generated classes and JSON hint files. For additional information, see Converting Spring Boot Executable Jar.\nThe following is an example of the command output:\noractl:\u0026gt;compile --artifact-path /Users/cdebari/demo-0.0.1-SNAPSHOT.jar uploading: /Users/cdebari/demo-0.0.1-SNAPSHOT.jar filename: demo-0.0.1-SNAPSHOT.jar return: demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b return: Shell script execution started on: demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b successfully start compilation of: demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b oractl:\u0026gt; The following example shows the generated batch ID that must be used to retrieve the log files, download the compiled file, and purge the service instance:\ndemo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b\nIf omitted, then the last batch is considered by default.\nUse the compile-logs command to retrieve the logs that show the compilation progress. For example:\noractl:\u0026gt;help compile-logs NAME compile-logs - Compilation progress. SYNOPSIS compile-logs --batch String --help OPTIONS --batch String File ID returned from the compile command. If not provided by default, then the last file compiled. [Optional] --help or -h help for compile-logs [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com As previously mentioned, if the batch ID is not provided, then the logs of the most recently executed compilation are returned. For example:\noractl:\u0026gt;compile-logs extracted: BOOT-INF/lib/spring-jcl-6.0.11.jar extracted: BOOT-INF/lib/spring-boot-jarmode-layertools-3.1.2.jar inflated: BOOT-INF/classpath.idx inflated: BOOT-INF/layers.idx ======================================================================================================================== GraalVM Native Image: Generating \u0026#39;demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b.exec\u0026#39; (executable)... ======================================================================================================================== For detailed information and explanations on the build output, visit: https://github.com/oracle/graal/blob/master/docs/reference-manual/native-image/BuildOutput.md ------------------------------------------------------------------------------------------------------------------------ If the compile-logs commands returns a Finished generating message, then download the .exec file. For example:\nCPU: Enable more CPU features with \u0026#39;-march=native\u0026#39; for improved performance. QBM: Use the quick build mode (\u0026#39;-Ob\u0026#39;) to speed up builds during development. ------------------------------------------------------------------------------------------------------------------------ 155.3s (8.2% of total time) in 169 GCs | Peak RSS: 5.34GB | CPU load: 0.70 ------------------------------------------------------------------------------------------------------------------------ Produced artifacts: /uploads/demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b.temp/demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b.exec (executable) ======================================================================================================================== Finished generating \u0026#39;demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b.exec\u0026#39; in 31m 30s. Compiling Complete. Use the compile-download command to download the generated .exec file. For example:\noractl:\u0026gt;help compile-download NAME compile-download - Download the compiled executable file. SYNOPSIS compile-download --batch String --help OPTIONS --batch String File ID to download as the executable file. If not provided by default, then the last file compiled. [Optional] --help or -h help for compile-download [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com You can choose to use the batch ID if you need the last file compiled. The following example specifies the batch ID:\noractl:\u0026gt;compile-download --batch demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b File downloaded successfully to: /Users/cdebari/demo-0.0.1-SNAPSHOT.jar.exec Use the compile-purge command to delete all of the artifacts generated on the GraalVM compiler service after downloading the .exec file:\noractl:\u0026gt;help compile-purge NAME compile-purge - Delete a launched job. SYNOPSIS compile-purge --batch String --help OPTIONS --batch String File ID returned from compile command. If not provided by default, then the last file compiled. [Optional] --help or -h help for compile-purge [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com User Management Manage users allows you to create the platform users and assign the roles that give access permission to operate with the platform.\nUser Roles\nROLE_USER: Users with this role can:\nConnect to the Admin Service. Create and list applications (namespaces). Create and update a database schema for the service. Deploy, list, and scale workloads (services). ROLE_ADMIN: Users with this role have the same access rights as a ROLE_USER and additionally:\nCreate and delete users. Search for users. Change password and roles for users. ROLE_CONFIG_EDITOR: Users with this role are allowed to edit the platform configurations. Reserved for future use.\nCreate users Use the user create command to add users to the platform. This command requires the name of the user username and the user roles in a comma-separated list.\noractl:\u0026gt;help user create NAME user create - Creates a new user in your platform. SYNOPSIS user create [--username String] --roles String --help OPTIONS --username String The name you assign to the user during creation. This is the user\u0026#39;s login for the CLI and for the SOC UI, also. The name must be unique across all users in the platform and cannot be changed. [Mandatory] --roles String The user\u0026#39;s role within the platform. A user must have up to three possible roles provided in a comma-separated list. [ROLE_ADMIN,ROLE_CONFIG_EDITOR,ROLE_USER]. [Optional, default = ROLE_USER] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to create a user called obaas-user-test1 with roles ROLE_USER,ROLE_CONFIG_EDITOR:\noractl:\u0026gt;user create --username obaas-user-test1 --roles ROLE_USER,ROLE_CONFIG_EDITOR ? password **************** obaas-cli [user create]: User [obaas-user-test1] as successfully created. Obtain User details Use the user get command to obtain the user details registered on the platform.\noractl:\u0026gt;help user get NAME user get - Gets the specified user’s information. SYNOPSIS user get [--username String] --help OPTIONS --username String The username of the user. [Mandatory] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to list the details from the user called obaas-admin:\noractl:\u0026gt;user get --username obaas-admin ╔══╤═══════════╤═══════════════════════════════════════╗ ║Id│Username │Roles ║ ╠══╪═══════════╪═══════════════════════════════════════╣ ║2 │obaas-admin│ROLE_ADMIN,ROLE_CONFIG_EDITOR,ROLE_USER║ ╚══╧═══════════╧═══════════════════════════════════════╝ Change User Roles Use the user change-roles command to change the roles from a specific user registered on the platform.\noractl:\u0026gt;help user change-roles NAME user change-roles - Change the roles from the specified user. SYNOPSIS user change-roles [--username String] --roles String --help OPTIONS --username String The name you assign to the user during creation. This is the user’s login for the CLI. [Mandatory] --roles String The user\u0026#39;s role within the platform. A user must have up to three possible roles provided in a comma-separated list. [ROLE_ADMIN,ROLE_CONFIG_EDITOR,ROLE_USER]. [Optional, default = ROLE_USER] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to change the roles from a user called obaas-user-test1 apply the role ROLE_USER:\noractl:\u0026gt;user change-roles --username obaas-user-test1 --roles ROLE_USER obaas-cli [user change-roles]: User [obaas-user-test1] roles were successfully updated. Change User Password Use the user change-password command to change the password from a specific user registered on the platform. A user is allowed to change its password only. Only users with ROLE_ADMIN can change passwords from other users.\noractl:\u0026gt;help user change-password NAME user change-password - Change password for the specified user. SYNOPSIS user change-password [--username String] --help OPTIONS --username String The username you want to change the password. [Mandatory] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to change the password from a user called obaas-user-test1:\noractl:\u0026gt;user change-password --username obaas-user-test1 ? password *********** obaas-cli [user change-password]: User [obaas-user-test1] password was successfully updated. List Users Use the user list command to obtain the list of users registered on the platform.\noractl:\u0026gt;help user list NAME user list - Lists the users in your platform. SYNOPSIS user list --help Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to list all registered users:\noractl:\u0026gt;user list ╔══╤════════════════╤═══════════════════════════════════════╗ ║Id│Username │Roles ║ ╠══╪════════════════╪═══════════════════════════════════════╣ ║1 │obaas-user │ROLE_USER ║ ╟──┼────────────────┼───────────────────────────────────────╢ ║2 │obaas-admin │ROLE_ADMIN,ROLE_CONFIG_EDITOR,ROLE_USER║ ╟──┼────────────────┼───────────────────────────────────────╢ ║3 │obaas-config │ROLE_CONFIG_EDITOR,ROLE_USER ║ ╟──┼────────────────┼───────────────────────────────────────╢ ║4 │obaas-user-test1│ROLE_USER ║ ╚══╧════════════════╧═══════════════════════════════════════╝ Delete User Use the user delete command to remove users from the platform.\nNOTE: User deletion is permanent and irreversible.\noractl:\u0026gt;help user delete NAME user delete - Delete a user in your platform. SYNOPSIS user delete [--username String] --id int --help OPTIONS --username String The username you want to delete. [Mandatory] --id int The user id from the user you want to delete. [Optional, default = 0] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to delete a user called obaas-user-test1:\noractl:\u0026gt;user delete --username obaas-user-test1 obaas-cli [user delete]: User [obaas-user-test1] as successfully deleted. Logging The log file for oractl on Mac or Unix machine is stored in the $HOME/config/orctl directory. The file name is oractl-cli-history.log\n","description":"The Oracle Backend for Spring Boot and Microservices offers a command-line interface (CLI), oractl. The CLI commands simplify the deployment of microservices applications as well as bindings with the resources that they use. Download the CLI here. The platform-specific binary can be renamed to oractl for convenience.\nTable of Contents:\nInstalling the CLI Using the CLI Available Commands Help Connect to the backend Create application namespace Delete application namespace Bind database schema/kubernetes secrets Deploy a service Create a horizontal pod autoscaler Delete a horizontal pod autoscaler List - show details about deployments Manage config server data GraalVM compile commands User Management Logging Information Installing the CLI The Oracle Backend for Spring Boot CLI is used to configure your backend and to deploy your Spring Boot applications to the backend."},{"id":22,"href":"/microservices-datadriven/spring/observability/","title":"Observability","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle Backend for Spring Boot and Microservices includes a number of common open source components to provide application observability including Prometheus, Grafana, Jaeger, and OpenTelemetry Collector.\nFor more details, read the following:\nMetrics Tracing ","description":"Oracle Backend for Spring Boot and Microservices includes a number of common open source components to provide application observability including Prometheus, Grafana, Jaeger, and OpenTelemetry Collector.\nFor more details, read the following:\nMetrics Tracing "},{"id":23,"href":"/microservices-datadriven/spring/","title":"Oracle Backend for Spring Boot and Microservices","parent":"","content":"Oracle Backend for Spring Boot and Microservices allows developers to build microservices in Spring Boot and provisions a \u0026ldquo;backend as a service\u0026rdquo; with Oracle Database and other infrastructure components that operate on multiple clouds. Oracle Backend for Spring Boot and Microservices vastly simplifies the task of building, testing, and operating microservices platforms for reliable, secure, and scalable enterprise applications.\nVersion 1.3.0 (production) released September, 2024 Oracle Backend for Spring Boot and Microservices Version 1.3.0 is now generally available and suitable for production use. This version supports and recommends Spring Boot 3.3.x, 3.2.x, Spring 6.1 and Spring Cloud 2023.0.x, with limited backwards compatibility for Spring Boot 2.7.x. To learn more, watch this short introductory video:\nIn addition to an Oracle Autonomous Database Serverless instance, the following software components are deployed in an Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes cluster (OKE cluster):\nApache APISIX API Gateway and Dashboard Apache Kafka Grafana HashiCorp Vault Jaeger Apache Kafka Loki Netflix Conductor OpenTelemetry Collector Oracle Autonomous Database Serverless Oracle Backend for Spring Boot Command Line Interface (CLI) Oracle Backend for Spring Boot Visual Studio Code Plugin Oracle Coherence Oracle Database Operator for Kubernetes (OraOperator or the operator) Oracle Database Observability Exporter Oracle Transaction Manager for Microservices (MicroTx) Prometheus Promtail Spring Boot Admin dashboard Spring Cloud Config server Spring Cloud Eureka service registry Spring Operations Center Strimzi Kafka Operator Developers also have access to development or build time services and libraries including:\nA command-line interface (CLI) to manage service deployment and configuration, including database schema management. Visual Studio Code (VS Code) plugin to manage service deployment and configuration. IntelliJ plugin to manage service deployment and configuration. Spring CLI support for project creation. Spring Data (Java Persistence API (JPA) and Oracle JDBC) to access Oracle Database. Oracle Java Database Connectivity (Oracle JDBC) drivers. Spring Cloud Config client. Spring Eureka service discovery client. Spring Cloud OpenFeign. OpenTelemetry Collector (including automatic instrumentation). Spring Starters for Oracle Universal Connection Pool (UCP), Oracle Wallet, Oracle Advanced Queuing (AQ), and Transactional Event Queues (TxEventQ). Learn more, try it out with CloudBank! To learn more about deploying and using Oracle Backend for Spring Boot and Microservices, we recommend our CloudBank self-paced, on-demand hands-on lab.\nIn the CloudBank hands-on lab, you can learn how to:\nInstall Oracle Backend for Spring Boot and Microservices. Set up a development environment for Spring Boot. Build Spring Boot microservices from scratch using Spring Web to create Representational State Transfer (REST) services. Use service discovery and client-side load balancing. Use Spring Actuator to allow monitoring of services. Create services that use asynchronous messaging with Java Message Service (JMS) instead of REST. Implement the Saga pattern to manage data consistency across microservices. Use the APISIX API Gateway to expose services to clients. Extend a provided Flutter client to add a new \u0026ldquo;cloud cash\u0026rdquo; feature that uses the services you have built. Need help? We\u0026rsquo;d love to hear from you! You can contact us in the #oracle-db-microservices channel in the Oracle Developers slack workspace, or open an issue in GitHub.\n","description":"Oracle Backend for Spring Boot and Microservices allows developers to build microservices in Spring Boot and provisions a \u0026ldquo;backend as a service\u0026rdquo; with Oracle Database and other infrastructure components that operate on multiple clouds. Oracle Backend for Spring Boot and Microservices vastly simplifies the task of building, testing, and operating microservices platforms for reliable, secure, and scalable enterprise applications.\nVersion 1.3.0 (production) released September, 2024 Oracle Backend for Spring Boot and Microservices Version 1."},{"id":24,"href":"/microservices-datadriven/spring/platform/intellij-plugin/","title":"Oracle Backend for Spring Boot and Microservices IntelliJ Plugin","parent":"Platform Services","content":" GA 1.3.0 - September, 2024 Oracle Backend for Spring Boot and Microservices (OBaaS) is an IntelliJ plugin to browse, deploy, and modify workloads on the Oracle Backend for Spring Boot and Microservices platform.This plug-in implements the functionalities available in the Oracle Backend for Spring Boot and Microservices CLI, simplifying access to Oracle Backend for Spring Boot and Microservices deployments from an IntelliJ IDE.\nThe plug-in allows access to the Oracle Backend for Spring Boot and Microservices platform services, including the Grafana, Spring, APISIX, Eureka and Jaeger web admin consoles. Additionally, you may create and bind workloads to your Oracle Backend for Spring Boot and Microservices database deployment. Users may inspect Oracle Backend for Spring Boot and Microservices deployment namespaces, workloads, and related configuration.\nSee the Oracle Free Use Terms and Conditions License\nPrerequisites An operational Oracle Backend for Spring Boot and Microservices deployment, as configured through platform setup. Access to a Kubernetes cluster where Oracle Backend for Spring Boot and Microservices is deployed from your IntelliJ IDE. Installation Download the IntelliJ plugin ZIP file from here.\nOn the IntelliJ Settings plugins page, click the \u0026ldquo;gear\u0026rdquo; icon and select Install Plugin from Disk\u0026hellip;. Browse your filesystem for the IntelliJ plugin ZIP file, and select it.\nClick OK, and restart your IDE to load the Oracle Backend for Spring Boot and Microservices plugin.\nIf you do not see the Oracle Backend for Spring Boot and Microservices icon on your IDE\u0026rsquo;s toolbar, navigate to View -\u0026gt; Tool Windows, and select \u0026ldquo;OBaaS\u0026rdquo; to add it to your IDE\u0026rsquo;s tool window bar.\nProxy Configuration If you are connecting to your Kubernetes cluster through a proxy server, configure your IntelliJ proxy settings from Settings -\u0026gt; Proxy. Th Oracle Backend for Spring Boot and Microservices will use your IntelliJ system proxy settings to connect to your Kubernetes cluster.\nConfiguring the Oracle Backend for Spring Boot and Microservices Connection Open the plugin tool window by clicking the \u0026ldquo;OBaaS\u0026rdquo; icon on the IntelliJ tool bar, and click the \u0026ldquo;wrench\u0026rdquo; icon to open the Oracle Backend for Spring Boot and Microservices connection settings.\nEnter the Oracle Backend for Spring Boot and Microservices username, password, kubeconfig for the Kubernetes cluster, and the local port the Oracle Backend for Spring Boot and Microservices admin tunnel will bind to. The default kubeconfig and context may already be selected.\nWhen you\u0026rsquo;re done, click \u0026ldquo;Test Connection\u0026rdquo; to verify the Oracle Backend for Spring Boot and Microservices connectivity. If you\u0026rsquo;ve configured your kubeconfig and Oracle Backend for Spring Boot and Microservices credentials correctly, you should see a connection successful message:\nKnown issue with Kubernetes authentication If you are using a Kubeconfig shell exec config to authenticate to your Kubernetes cluster from the Oracle Backend for Spring Boot and Microservices, you may need to provide the full path to the authenticating binary:\nusers: - name: my-user user: exec: apiVersion: client.authentication.k8s.io/v1beta1 # Provide the full path to the authenticating binary here command: /usr/local/bin/oci Managing Oracle Backend for Spring Boot and Microservices Connection States To refresh the Oracle Backend for Spring Boot and Microservices connection, click the \u0026ldquo;Refresh\u0026rdquo; button at the top of the Oracle Backend for Spring Boot and Microservices tool window.\nTo cancel all active connections, click the red \u0026ldquo;Close Connections\u0026rdquo; button at the top of the Oracle Backend for Spring Boot and Microservices tool window.\nExplore Oracle Backend for Spring Boot and Microservices Resources Once you are connected to Oracle Backend for Spring Boot and Microservices, click on the context node in the tool window tree to view Oracle Backend for Spring Boot and Microservices resources in your cluster.\nOracle Backend for Spring Boot and Microservices namespaces are shown in the \u0026ldquo;namespaces\u0026rdquo; section, each namespace containing a list of applications. Links to platform service dashboards are shown in the \u0026ldquo;platform services\u0026rdquo; section. Configuration properties are listed in the \u0026ldquo;configuration\u0026rdquo; section. Working with namespaces and workloads Create a new namespace To create a new namespace, right click on the namespace and select \u0026ldquo;Add Namespace\u0026rdquo;.\nAfter you click OK, the namespace will be created and appear in the namespace list in a few moments.\nYou can delete a namespace by right clicking on that namespace, and selecting \u0026ldquo;Delete Namespace\u0026rdquo;. When a namespace is deleted, all applications in the namespace will also be deleted.\nDeploying workloads into namespaces To deploy a workload into a namespace, right click that namespace and select \u0026ldquo;Add Workload -\u0026gt; Upload .jar\u0026rdquo; for JVM workloads or \u0026ldquo;Add Workload -\u0026gt; Upload .exec\u0026rdquo; for GraalVM native workloads.\nOn the Add Workload form, enter workload data.\nDatabase username will default to the workload name if not specified, and is used for Java Message Service Transactional Event Queue authentication. When you click OK, the JAR/exec file will be uploaded to Oracle Backend for Spring Boot and Microservices, an image is built, and the workload deployed to the cluster namespace. The task duration will vary depending on the size of the upload file and your network connection for upload.\nWorkload autoscalers To create an autoscaler for a workload, right-click the workload and select \u0026ldquo;Create Autoscaler\u0026rdquo;. Autoscalers are configured on workload CPU, and specify minimum and maximum scale replicas.\nYou may also deletea workload\u0026rsquo;s autoscaler from the workload context menu.\nPublishing workloads A workload can be published on an APISIX route by right-clicking the workload, providing the APISIX admin key and the desired route.\nAccessing Oracle Backend for Spring Boot and Microservices Platform Services To access the web console of an Oracle Backend for Spring Boot and Microservices platform service (Grafana, Spring Admin, APISIX, Eureka, or Jaeger), right-click on the service\u0026rsquo;s name under the \u0026ldquo;platform services\u0026rdquo; section and click \u0026ldquo;Connect\u0026rdquo;.\nOnce the connection is complete, click the \u0026ldquo;Open console\u0026rdquo; link on the completion message to navigate to the service\u0026rsquo;s web console.\nConfiguration Properties Workload configuration can be browsed and edited through the \u0026ldquo;configuration\u0026rdquo; section. To add a new configuration property, right-click either the top-level configuration section or a specific configuration node.\nA property is associated with a given configuration service, and may have a label, profile, key, and value.\n","description":"GA 1.3.0 - September, 2024 Oracle Backend for Spring Boot and Microservices (OBaaS) is an IntelliJ plugin to browse, deploy, and modify workloads on the Oracle Backend for Spring Boot and Microservices platform.This plug-in implements the functionalities available in the Oracle Backend for Spring Boot and Microservices CLI, simplifying access to Oracle Backend for Spring Boot and Microservices deployments from an IntelliJ IDE.\nThe plug-in allows access to the Oracle Backend for Spring Boot and Microservices platform services, including the Grafana, Spring, APISIX, Eureka and Jaeger web admin consoles."},{"id":25,"href":"/microservices-datadriven/spring/platform/vscode-plugin/","title":"Oracle Backend for Spring Boot and Microservices Visual Studio Code Extension","parent":"Platform Services","content":" GA 1.1.3 - March, 2024 \u0026ldquo;Oracle Backend for Spring Boot and Microservices\u0026rdquo; is a VS Code extension to browse and deploy applications on the Oracle Backend for Spring Boot and Microservices platform. This plugin allows to inspect the content of an Oracle Backend for Spring Boot deployment, in terms of applications, services and related configurations. It simplifies the access to the Platform Services installed, like Grafana, Spring, Apisix, Eureka and Jaeger creating ssh tunnels on-demand, and providing access to their respective web admin consoles. It allows to add credentials to access and bind services to the Oracle Autonomous DB included into Oracle Backend for Spring Boot and Microservices deployment. This plug-in replicates the functionalities available in OBaas CLI and simplify the access to Oracle Backend for Spring Boot and Microservices deployments from a development IDE like VS Code.\nSee the Oracle Free Use Terms and Conditions License\nPrerequisites You must have already installed and configured the following software which required for the Oracle Backend for Spring Boot and Microservices Setup:\nKubernetes command-line interface (kubectl) Oracle Cloud Infrastructure command-line interface OpenJDK Runtime Environment GraalVM 22.3 or above (optional). Installation Download the plug-in from here.\nOn the VS Code left menu bar, click on the Extensions symbol:\nFrom the upper right menu, select Install from VSIX\u0026hellip; and upload the plugin binaries that were previously downloaded:\nRestart VS Code to make the plugin fully operational.\nIf you do not see the plugin in the left menu bar, with the Oracle logo (as shown here), click on Additional Views to select the Oracle Backend for Spring Boot and Microservices:\nUsing VS Code Plugin After selecting the plugin from the left menu bar, the Oracle Backend for Spring Boot and Microservices VS Code plugin asks you to specify the full path for the Kubernetes configuration file. For example:\nBy default, it shows the path in the user\u0026rsquo;s Home directory .kube/config in which kubectl stores all of the information regarding the configured K8s clusters. You can set the full path of another Kubernetes configuration file. If the file is correctly loaded, the plugin shows the list of contexts available from which you can select one:\nIf successful, you should see a tree view with one node and the selected context. For example:\nIf the file path has not been correctly set, it returns an error message. For example:\nTo restart the plugin and proceed with setting the Kubernetes configuration file, execute a window reload in the command palette:\nHow to Access the Cluster Until you create a dedicated ssh tunnel to the Kubernetes cluster, and if you do not connect to Oracle Backend for Spring Boot and Microservices administrative services, you cannot browse resources included in the Oracle Backend for Spring Boot and Microservices deployment. To do this, follow these steps:\nSelect the cluster and right-click, choosing Set UID/PWD menu item to insert credentials related to your user account. For example:\nSpecify the OBSBM Admin ID for the Oracle Backend for Spring Boot and Microservices user for deployment. For example:\nOn the top menu, the Oracle Backend for Spring Boot and Microservices administrator OBSBM Admin password is required. For example:\nTwo dialog boxes confirm that the credentials have been set correctly. For example:\nNOTE: If you do not process these steps and try to expand the Kubernetes context, you receive this informational message:\nSelect the cluster again and right-click on Create Admin tunnel. VS Code opens two new terminal that tries to open two tunnels to the Kubernetes cluster on a local port, for the KubeProxy on port 7080 and to Backend starting from 8080. For example:\nBefore proceeding to the connection, wait until the tunnel are established and the terminals show a message similar to this:\nNOTE: If the K8s cluster is not related to an Oracle Backend for Spring Boot and Microservices deployment, the tunnel creation fails, because it will look for the services/obaas-admin in the namespace obaas-admin. In this case, execute a window reload to chose another cluster from the command palette. If you have any problem with the connection, start another tunnel. The plugin tries to connect to the cluster on another local port.\nSelect the cluster again and right-click Connect. This creates a session with the credentials set up in the first step.\nExplore Resources When the steps to create the tunnel are completed and you are connected to the backend, it is possible to expand and Refresh the tree related to the deployment. For example:\nYou see four top classes of resources that can be expanded in underlying items:\napplications : The list of applications deployed and the holding services. Oracle DB : In this release there is one Oracle Database in which the configurations and schemas related to deployed services are stored. platformServices : The list of Oracle Backend for Spring Boot and Microservices deployed services, like Grafana, Spring, Apache APISIX, Eureka and Jaeger. oBaasConf : The list of keys defined by the applications, stored in the Oracle Database, that are provisioned and available to share configurations information among services in each application. Applications Let\u0026rsquo;s look at the operations that you can do on Applications root item of the browse tree:\nOpen the list by clicking on the arrow to the left of applications:\nExpand the application you are interested to see the list of included services:\nApplications level commands At the root level, right-click on applications, you have the following list of commands available right-clicking on the line:\nAdd application Compilation progress Compile .jar in .exec Download compiled file in .exec Purge compilation files Add application With this option you can create a Kubernetes namespace will hold single Spring Boot microservice. It will be prompted the name of the application:\nWith this operation will be injected in the namespace a set of Secrets needed to run the microservices will be deployed.\nCompilation progress If it has been started a compilation with the command Compile .jar in .exec, you will see the tail of logs collected during the jar file compilation with GraalVM, in a single windows pane. You can re-submit the command to see the progress, as shown here:\nIf the compilation process is over successfully, you will see something like this:\nCompile .jar in .exec This option allows you to upload a .jar file to the Oracle Backend for Spring Boot and Microservices to a GraalVM compiler service. This service will start a compilation of your microservice in a native file, that it will be executed without JVM support. Since the compilation of a .jar file via the tool native-image does not support cross-compilation, so it must be on the same kind of platform where the application will run, this service guarantees a compilation in the same Operating System and CPU type where the service it will be executed on the Kubernetes cluster. The Spring Boot application pom.xml with the plugin:\n\u0026lt;plugin\u0026gt; \u0026lt;groupId\u0026gt;org.graalvm.buildtools\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;native-maven-plugin\u0026lt;/artifactId\u0026gt; \u0026lt;/plugin\u0026gt; it should be previously compiled on the developer desktop with GraalVM 22.3 or above through an mvn command like:\nmvn -Pnative native:compile -Dmaven.test.skip=true\nThis pre-compilation on your desktop needs not only to check if there are any issues on libraries used in your Spring Boot microservice but also, as you can read here, your executable jar file must include AOT generated assets such as generated classes and JSON hint files.\nAs soon as you upload the .jar file, the process will start showing these messages:\nDownload compiled file in .exec If the compilation progress report a \u0026ldquo;Finished generating \u0026lsquo;\u0026hellip;\u0026rdquo; message, you can download locally the .exec file to be used to deploy a new microservice under an application namespace. It will be only required to choose a directory in which to save the file.\nNOTE: if you\u0026rsquo;ll ask to download a file before the compilation is over, you will have a message like this:\nPurge compilation files After you have compiled and downloaded the executable file, it\u0026rsquo;s a good practice to purge files created on the compilation service before proceeding to other compilations. This command will delete the files related to the latest compilation.\nApplication level commands Expanding a single application, in which you are interested to see the list of included services, you will see a tree like in this picture:\nTo show the updated list, click on the Refresh button to the right of application.\nRight-clicking on each application, you can:\nAdd native service -\u0026gt; upload .exec Add service -\u0026gt; upload .jar Bind a service Delete application as shown here:\nAdd native service -\u0026gt; upload .exec The VS Code command palette prompts for the required parameters to upload an executable file coming from a compilation done with the service offered by Oracle Backend for Spring Boot and Microservices. At the end of compilation process, you can download the .exec file and use it to create a native executable Spring Boot microservices on the backend platform. Choosing this item menu, the parameters will be required are:\nA popup dialog box opens to select the local Spring Boot .exec file, that will be the only type that you can select:\nService Name\nBind [jms] (Default: ``)\nService Port (Default: 8080)\nService Profile (Default: obaas)\nImage Version (Default: 0.0.1)\nInitial Replicas (Default: 1)\nAdd Health probe? : [True]/[False] (Default: True)\nAt the end of the parameters collection, a process, that includes the .exec file upload, building image and deploying, starts. It generates a sequence of messages showing the status. These messages end with \u0026ldquo;Service deployed successfully!\u0026rdquo; or \u0026ldquo;Deploy failed\u0026rdquo;. The size and network constraints determine the amount of time for the process to terminate.\nAdd service -\u0026gt; upload .jar The Add -\u0026gt; upload .jar command uploads a Spring Boot Microservice to an application packaged as a .jar file. Choosing this item menu, selecting a single application, the parameters will be required are:\nA popup dialog box opens to select the local Spring Boot .jar file\nService Name\nBind [jms] (Default: ``)\nImage Version (Default: 0.0.1)\nJava image (Default: ghcr.io/graalvm/jdk:ol7-java17-22.2.0)\nAdd Health probe? : [True]/[False] (Default: True)\nService Port (Default: 8080)\nService Profile (Default: obaas)\nInitial Replicas (Default: 1)\nInform the database name for Liquibase: username for Liquibase.\nAt the end of the parameters collection, a process, that includes the .jar upload, building image and deploying, starts. It generates a sequence of messages showing the status. These messages end with \u0026ldquo;Service deployed successfully!\u0026rdquo; or \u0026ldquo;Deploy failed\u0026rdquo;. The size and network constraints determine the amount of time for the process to terminate.\nBind a service This command create/update a user on the Oracle DB according the service name typed, or optionally to a different user schema, to which bind a Spring Boot microservice that will store data into the DB. It also store secrets with the user credentials into the application namespace, in order to inject them into the related pods. If the schema exists, it impose to change the user password will be stored in the namespace. The parameters required are:\nService Name: DB User (optional): DB User Password: Spring Binding Prefix (optional): (Default: spring.datasource) Update? [True]/[False] (Default: True) Delete Application This command removes the application and all the services included. At the end of process, you see one of two messages: \u0026ldquo;Delete successful\u0026rdquo; or \u0026ldquo;Delete application failed!\u0026rdquo;. Refresh the tree at applications level to show the current application list. The termination of Pods and applications isn\u0026rsquo;t a synchronous operation. You may have to refresh more than one time for a clean view.\nService level commands With a right click on a single service you will have the following commands:\nCreate autoscaler Delete autoscaler Delete service Publish service as shown here:\nCreate autoscaler Create a Kubernetes autoscaler for the selected pod.\nminReplicas (Default: 1) maxReplicas (Default: 1) cpuPercent (Default: ``) cpuRequest (Default: 100m) Delete autoscaler Delete an existing autoscaler\nDelete service Selecting the service from the tree, under a specific application, you will remove the service deployment, and the active pods will be removed.\nPublish service This command creates a route in the APISix Gateway available in the Oracle Backend for Spring Boot and Microservices, in order to expose on Internet the selected service. To be performed, this command requires the APISix AdminKey, and a port-forward to the APISix engine.\nYou can get the AdminKey from the APISix configmap, using a kubectl command:\nkubectl -n apisix get configmap apisix -o yaml\nlooking for the -name: \u0026quot;admin\u0026quot; key.\nThe parameters you have to provide are:\nAPISix AdminKey: Url base path: (Default: /api/v1/). This path will be automatically appended by the service name to create the route accessible from an url like: http(s)://[LB_IP]/api/v1/[servicename]* A successful operation will return the Route ID recorded into the APISix, as shown in this example:\nThis is a shortcut with a standard registration: to customize the route, or start from scratch, is suggested the usage of APISix console.\nOracle DB For each Oracle Backend for Spring Boot and Microservices, an Oracle Autonomous Transaction Processing database is provisioned on OCI to hold the schema for the Spring Boot services and backend\u0026rsquo;s configuration details. The icon remembers the component deployed with the backend platform.\nplatformServices The platformServices option can be expanded to show the services available in the Oracle Backend for Spring Boot and Microservices platform. For each service, right-click on the symbol to open an ssh tunnel to the service, on a specific local port that is automatically chosen. A link opens in the default web browser for the administrator console of each platform service.\nFor example, by right-clicking on grafana monitor, a tunnel will be opened with a message holding a button to open a web browser on the administrator\u0026rsquo;s Grafana console. For example:\nThe apisix console shows one more command compared with the others, that allows you to open a tunnel to the engine, that is listening on a different port than the console. This enable the Publish service command available on each service.\nNOTE: If the port is already used or the connection times out, right clicking again it will automatically open on another port.\noBaasConf Configuration With Oracle Backend for Spring Boot and Microservices, developers can store the metadata and configurations to share among Pods in an application. The VS Code plugin can browse the content of this Key/Values store and add, update and delete keys as needed.\nExpand oBaasConf configuration to see the applications that are deployed and, expanding each of them, the Key/Value pair. For example:\nHover the mouse over each Key/Value pair to see the other metadata related to the key: profile and label, as shown here:\nYou can process the following operations:\nAdd key : By right-clicking oBaasConf configuration or one of the service-conf options in the VS Code command palette, you will set the following key parameters:\nservice name (mandatory) label profile propKey value Click on Refresh button to see the new key added.\nNOTE: You can add configuration properties for a service that is not yet deployed. In some cases, it is mandatory to prepare properties before deploying services in order to correctly start them.\nEdit key : Right-click on a selected key in the VS Code command palette to update the current content of Value.\nDelete key : Right-click on a selected key to delete it.\n","description":"GA 1.1.3 - March, 2024 \u0026ldquo;Oracle Backend for Spring Boot and Microservices\u0026rdquo; is a VS Code extension to browse and deploy applications on the Oracle Backend for Spring Boot and Microservices platform. This plugin allows to inspect the content of an Oracle Backend for Spring Boot deployment, in terms of applications, services and related configurations. It simplifies the access to the Platform Services installed, like Grafana, Spring, Apisix, Eureka and Jaeger creating ssh tunnels on-demand, and providing access to their respective web admin consoles."},{"id":26,"href":"/microservices-datadriven/spring/starters/aqjms/","title":"Oracle Spring Boot Starter for AQ/JMS","parent":"Oracle Spring Boot Starters","content":"This starter provides support for Oracle Transactional Event Queues (TxEventQ) and Oracle Advanced Queuing (AQ) as Java Message Service (JMS) providers. It depends on the Universal Connection Pool (UCP) starter.\nNote: By default, the data Source and JMS Connection Factory that the starter injects into your application share the same database transaction. This means that you can start a transaction, read from a queue, perform an update operation, and then commit or rollback that whole unit of work, including the message consumption.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-aqjms\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-aqjms:23.4.0\u0026#39; To configure your application to use Oracle Transactional Event Queues or Oracle Advanced Queuing, you must annotate you application with the @EnableJms annotation, and create the two following beans:\nA JmsListenerContainerFactory\u0026lt;?\u0026gt; bean, which can be created as shown in the following example. Note that you can override settings if you need to. Also, note that the name of the method defines the name of the factory, which you will use when creating JMS listeners. A MessageConverter bean to map objects of your class representing the payload into a text based format (like JSON) that can be used in the actual messages. Note: Any queues or topics that you want to use must be pre-created in the database. See Sample Code for examples.\npackage com.example.aqjms; import jakarta.jms.ConnectionFactory; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.jms.DefaultJmsListenerContainerFactoryConfigurer; import org.springframework.context.ConfigurableApplicationContext; import org.springframework.context.annotation.Bean; import org.springframework.jms.annotation.EnableJms; import org.springframework.jms.config.DefaultJmsListenerContainerFactory; import org.springframework.jms.config.JmsListenerContainerFactory; import org.springframework.jms.core.JmsTemplate; import org.springframework.jms.support.converter.MappingJackson2MessageConverter; import org.springframework.jms.support.converter.MessageConverter; import org.springframework.jms.support.converter.MessageType; @SpringBootApplication @EnableJms public class JmsSampleApplication { @Bean public JmsListenerContainerFactory\u0026lt;?\u0026gt; myFactory(ConnectionFactory connectionFactory, DefaultJmsListenerContainerFactoryConfigurer configurer) { DefaultJmsListenerContainerFactory factory = new DefaultJmsListenerContainerFactory(); // This provides all Boot\u0026#39;s defaults to this factory, including the message converter configurer.configure(factory, connectionFactory); // You could override some of Boot\u0026#39;s defaults here if necessary return factory; } @Bean public MessageConverter jacksonJmsMessageConverter() { MappingJackson2MessageConverter converter = new MappingJackson2MessageConverter(); converter.setTargetType(MessageType.TEXT); converter.setTypeIdPropertyName(\u0026#34;_type\u0026#34;); return converter; } public static void main(String[] args) { ConfigurableApplicationContext context = SpringApplication.run(JmsSampleApplication.class, args); } } To send a message to a JMS queue or topic, get an instance of the JmsTemplate from the Spring Application context, and call the convertAndSend() method specifying the name of the queue or topic, and providing the object to be converted and sent in the payload of the message, as shown in the following example:\nJmsTemplate jmsTemplate = context.getBean(JmsTemplate.class); jmsTemplate.convertAndSend(\u0026#34;mailbox\u0026#34;, new Email(-1, \u0026#34;info@example.com\u0026#34;, \u0026#34;Hello\u0026#34;)); To receive messages from a JMS queue or topic, create a method that takes your message class, for example Email, as input. Annotate the method with the @JmsListener annotation, specifying the destination, that is the name of the queue or topic, and the container factory name that you created earlier, as shown in the following example:\npackage com.example.aqjms; import org.springframework.jms.annotation.JmsListener; import org.springframework.stereotype.Component; @Component public class Receiver { @JmsListener(destination = \u0026#34;mailbox\u0026#34;, containerFactory = \u0026#34;myFactory\u0026#34;) public void receiveMessage(Email email) { System.out.println(\u0026#34;Received \u0026lt;\u0026#34; + email + \u0026#34;\u0026gt;\u0026#34;); } } Note that the starter uses the configuration for spring.datasource as the connection details for the Oracle Database hosting the queues and topics. If you wish to use a different configuration, you must use a named configuration, for example spring.datasource.txeventq and use Java configuration (as shown for the UCP starter) and annotate the configuration with the standard Spring @Qualifier annotation, specifying the correct name, for example txevevntq.\n","description":"This starter provides support for Oracle Transactional Event Queues (TxEventQ) and Oracle Advanced Queuing (AQ) as Java Message Service (JMS) providers. It depends on the Universal Connection Pool (UCP) starter.\nNote: By default, the data Source and JMS Connection Factory that the starter injects into your application share the same database transaction. This means that you can start a transaction, read from a queue, perform an update operation, and then commit or rollback that whole unit of work, including the message consumption."},{"id":27,"href":"/microservices-datadriven/spring/starters/ucp/","title":"Oracle Spring Boot Starter for Universal Connection Pool","parent":"Oracle Spring Boot Starters","content":"This starter provides a connection (data source) to an Oracle Database using Universal Connection Pool, which provides an efficient way to use database connections.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-ucp\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-ucp:23.4.0\u0026#39; An Oracle data source is injected into your application and can be used normally. You must configure the data source as shown below, and you should also add either Spring Data JDBC or Spring Data JPA to your project.\nTo configure the data source, provide a spring.datasource object in your Spring application.yaml, or equivalent, as shown in the following example. The oracleucp entry is optional, and can be used to fine tune the configuration of the connection pool, if desired. For details of available settings, refer to the JavaDoc.\nspring: jpa: hibernate: ddl-auto: validate properties: hibernate: dialect: org.hibernate.dialect.OracleDialect format_sql: true show-sql: true datasource: url: jdbc:oracle:thin:@//myhost:1521/pdb1 username: account password: account driver-class-name: oracle.jdbc.OracleDriver type: oracle.ucp.jdbc.PoolDataSource oracleucp: connection-factory-class-name: oracle.jdbc.pool.OracleDataSource connection-pool-name: AccountConnectionPool initial-pool-size: 15 min-pool-size: 10 max-pool-size: 30 The spring.datasource.url can be in the basic format (as previously shown), or in TNS format if your application uses Transparent Network Substrate (TNS).\nNote that the connections to the database use the DEDICATED server by default. If you wish to use SHARED or POOLED, you can append that to the basic URL, or add it to the TNS names entry. For example, to use database resident pooled connections, you would change the URL shown in the previous example to the following:\ndatasource: url: jdbc:oracle:thin:@//myhost:1521/pdb1:pooled If you are using TNS, add server=pooled to the connect_data. For example:\nmydb_tp = (description= (retry_count=20) (retry_delay=3) (address=(protocol=tcps)(port=1521)(host=myhost)) (connect_data=(service_name=pdb1)(server=pooled)) (security=(ssl_server_dn_match=yes))) If you prefer to use Java configuration, the data source can be configured as shown in the following example:\nimport oracle.jdbc.pool.OracleDataSource; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.sql.DataSource; import java.sql.SQLException; @Configuration public class DataSourceConfiguration { @Bean public DataSource dataSource() throws SQLException { OracleDataSource dataSource = new OracleDataSource(); dataSource.setUser(\u0026#34;account\u0026#34;); dataSource.setPassword(\u0026#34;account\u0026#34;); dataSource.setURL(\u0026#34;jdbc:oracle:thin:@//myhost:1521/pdb1\u0026#34;); dataSource.setDataSourceName(\u0026#34;AccountConnectionPool\u0026#34;); return dataSource; } } ","description":"This starter provides a connection (data source) to an Oracle Database using Universal Connection Pool, which provides an efficient way to use database connections.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-ucp\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-ucp:23.4.0\u0026#39; An Oracle data source is injected into your application and can be used normally. You must configure the data source as shown below, and you should also add either Spring Data JDBC or Spring Data JPA to your project."},{"id":28,"href":"/microservices-datadriven/spring/starters/wallet/","title":"Oracle Spring Boot Starter for Wallet","parent":"Oracle Spring Boot Starters","content":"This starter provides support for wallet-based authentication for Oracle Database connections. It depends on the UCP starter.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-wallet\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-wallet:23.4.0\u0026#39; You need to provide the wallet to your application. You can specify the location in the spring.datasource.url as shown in the following example.\njdbc:oracle:thin:@mydb_tp?TNS_ADMIN=/oracle/tnsadmin Note that the location specified in the sqlnet.ora must match the actual location of the file.\nIf your service is deployed in Kubernetes, then the wallet should be placed in a Kubernetes secret which is mounted into the pod at the location specified by the TNS_ADMIN parameter in the URL.\n","description":"This starter provides support for wallet-based authentication for Oracle Database connections. It depends on the UCP starter.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-wallet\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-wallet:23.4.0\u0026#39; You need to provide the wallet to your application. You can specify the location in the spring.datasource.url as shown in the following example.\njdbc:oracle:thin:@mydb_tp?TNS_ADMIN=/oracle/tnsadmin Note that the location specified in the sqlnet."},{"id":29,"href":"/microservices-datadriven/spring/starters/","title":"Oracle Spring Boot Starters","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle provides a number of Spring Boot Starters that make it easy to use various Oracle technologies in Spring Boot projects.\nThe Oracle Spring Boot Starters are available in Maven Central and include the following starters.\nNote: The versioning of starters was originally in line with the matching Spring Boot version, but starting in November, 2023, the version numbering scheme was changed to more closely align with Oracle Database version numbering. The 23.4.0 starter is supported for Spring Boot 3.0 and later (including 3.1, 3.2). For Spring Boot 2.7.x users, use the matching 2.7.x version of the starter.\nOracle Spring Boot Starter for Universal Connection Pool Oracle Spring Boot Starter for Wallet Oracle Spring Boot Starter for AQ/JMS ","description":"Oracle provides a number of Spring Boot Starters that make it easy to use various Oracle technologies in Spring Boot projects.\nThe Oracle Spring Boot Starters are available in Maven Central and include the following starters.\nNote: The versioning of starters was originally in line with the matching Spring Boot version, but starting in November, 2023, the version numbering scheme was changed to more closely align with Oracle Database version numbering."},{"id":30,"href":"/microservices-datadriven/spring/platform/","title":"Platform Services","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle Backend for Spring Boot and Microservices includes a number of Spring platform components that provide services to applications deployed to the platform.\nFor more details, read about:\nAPI Gateway Service Discovery Configuration Workflow Spring Admin Using the CLI MicroTx Vault VS Code Plugin IntelliJ Plugin ","description":"Oracle Backend for Spring Boot and Microservices includes a number of Spring platform components that provide services to applications deployed to the platform.\nFor more details, read about:\nAPI Gateway Service Discovery Configuration Workflow Spring Admin Using the CLI MicroTx Vault VS Code Plugin IntelliJ Plugin "},{"id":31,"href":"/microservices-datadriven/spring/development/envvars/","title":"Predefined Variables","parent":"Development","content":"When you deploy a Spring Boot application using the Oracle Backend for Spring Boot and Microservices CLI or Visual Code extension, a number of predefined environment variables will be injected into the pod definition. You may reference any of these variables in your application.\nThe predefined variables are as follows:\napp.container.port, for example 8080.\nThis sets the listen port for the pod and service. The Spring Boot application will listen on this port. The default is 8080. This can be set using the --port parameter on the deploy command in the CLI. spring.profiles.active, for example default.\nThis sets the Spring profiles that will be active in the application. The default value is default. This can be changed set the --service-profile parameter on the deploy command in the CLI. spring.config.label, for example 0.0.1.\nThis is a label that can be used with Spring Config to look up externalized configuration from Spring Config Server, along with the application name and the profile. eureka.instance.preferIpAddress, for example true.\nThis tells the Eureka discovery client to use the preferIpAddress setting. This is required in Kubernetes so that service discover will work correctly. eureka.instance.hostname, for example customer32.application.\nThis sets the hostname that Eureka will use for this application. MP_LRA_COORDINATOR_URL, for example http://otmm-tcs.otmm.svc.cluster.local:9000/api/v1/lra-coordinator.\nThis is the URL for the transaction manager which is required when using Eclipse Microprofile Long Running Actions in your application. MP_LRA_PARTICIPANT_URL, for example http://customer32.application.svc.cluster.local:8080.\nThis is the participant URL which is required when using Eclipse Microprofile Long Running Actions in your application. eureka.client.register-with-eureka, for example true.\nThis tells the Eureka discovery client to register with the Eureka server. eureka.client.fetch-registry, for example true.\nThis tells the Eureka discovery client to make a local copy of the registry by fetching it from the Eureka server. eureka.client.service-url.defaultZone, for example http://eureka.eureka:8761/eureka.\nThis is the default zone for the Eureka discovery client. zipkin.base-url, for example http://jaegertracing-collector.observability.svc.cluster.local:9411/api/v2/spans.\nThis is the URL of the Zipkin-compatible trace collector which can be used by your application to send trace data to the platform. otel.exporter.otlp.endpoint, for example http://open-telemetry-opentelemetry-collector.open-telemetry:4318/v1/traces.\nThis is the URL of the OpenTelemetry (OTLP protocol) trace collector which can be used by your application to send trace data to the platform. config.server.url, for example http://config-server.config-server.svc.cluster.local:8080.\nThis is the URL of the Spring Config Server provided by the platform. liquibase.datasource.username, for example set to the key db.username in secret admin-liquibasedb-secrets.\nThis sets the (admin) user that should be used to run Liquibase, if used in your service. liquibase.datasource.password, for example set to the key db.password in secret admin-liquibasedb-secrets.\nThis sets the (admin) user\u0026rsquo;s password that should be used to run Liquibase, if used in your service. spring.datasource.username, for example set to the key db.username in secret customer32-db-secrets.\nThis sets the (regular) user for your application to use to connect to the database (if you use JPA or JDBC in your application). spring.datasource.password:, for example set to the key db.password in secret customer32-db-secrets.\nThis sets the (regular) user\u0026rsquo;s password for your application to use to connect to the database (if you use JPA or JDBC in your application). DB_SERVICE, for example set to the key db.service in secret customer32-db-secrets.\nThis sets the database service name (the TNS name) for your application to use to connect to the database (if you use JPA or JDBC in your application). spring.datasource.url, for example jdbc:oracle:thin:@$(DB_SERVICE)?TNS_ADMIN=/oracle/tnsadmin.\nThis sets the data source URL for your application to use to connect to the database (if you use JPA or JDBC in your application). CONNECT_STRING, for example jdbc:oracle:thin:@$(DB_SERVICE)?TNS_ADMIN=/oracle/tnsadmin.\nThis sets the data source URL for your application to use to connect to the database (if you use JPA or JDBC in your application). ","description":"When you deploy a Spring Boot application using the Oracle Backend for Spring Boot and Microservices CLI or Visual Code extension, a number of predefined environment variables will be injected into the pod definition. You may reference any of these variables in your application.\nThe predefined variables are as follows:\napp.container.port, for example 8080.\nThis sets the listen port for the pod and service. The Spring Boot application will listen on this port."},{"id":32,"href":"/microservices-datadriven/spring/development/project/","title":"Project Structure","parent":"Development","content":"To take advantage of the built-in platform services, Oracle recommends using the following project structure.\nRecommended versions:\nSpring Boot 3.3.x Spring Cloud 2023.x.x Java 21 (or 17) Table of Contents:\nDependencies Spring Application Configuration Data Sources Liquibase Oracle Transaction Manager for Microservices Spring Config Server Tracing Dependencies Oracle recommends adding the following dependencies to your application so that it can take advantage of the built-in platform services. For example:\n\u0026lt;properties\u0026gt; \u0026lt;project.build.sourceEncoding\u0026gt;UTF-8\u0026lt;/project.build.sourceEncoding\u0026gt; \u0026lt;java.version\u0026gt;21\u0026lt;/java.version\u0026gt; \u0026lt;spring.boot.dependencies.version\u0026gt;3.3.1\u0026lt;/spring.boot.dependencies.version\u0026gt; \u0026lt;spring-cloud.version\u0026gt;2023.0.2\u0026lt;/spring-cloud.version\u0026gt; \u0026lt;/properties\u0026gt; \u0026lt;dependencies\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-starter-web\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-starter-actuator\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-registry-prometheus\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-starter-netflix-eureka-client\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;/dependencies\u0026gt; \u0026lt;dependencyManagement\u0026gt; \u0026lt;dependencies\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-dependencies\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;${spring.boot.dependencies.version}\u0026lt;/version\u0026gt; \u0026lt;type\u0026gt;pom\u0026lt;/type\u0026gt; \u0026lt;scope\u0026gt;import\u0026lt;/scope\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-dependencies\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;${spring-cloud.version}\u0026lt;/version\u0026gt; \u0026lt;type\u0026gt;pom\u0026lt;/type\u0026gt; \u0026lt;scope\u0026gt;import\u0026lt;/scope\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;/dependencies\u0026gt; \u0026lt;/dependencyManagement\u0026gt; Spring Application Configuration Oracle recommends the following configuration in order for the application to access the built-in services, including the Spring Boot Eureka Service Registry and the observability tools:\nspring: application: name: account eureka: instance: hostname: ${spring.application.name} preferIpAddress: true client: service-url: defaultZone: ${eureka.service-url} fetch-registry: true register-with-eureka: true enabled: true management: endpoint: health: show-details: always endpoints: web: exposure: include: \u0026#34;*\u0026#34; metrics: tags: application: ${spring.application.name} The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI to deploy your application.\nData Sources If your application uses an Oracle database as data source, then add the following to the \u0026lsquo;pom.xml\u0026rsquo;. For more information about the Oracle Spring Boot Starters.\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-ucp\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;type\u0026gt;pom\u0026lt;/type\u0026gt; \u0026lt;/dependency\u0026gt; If the database requires a Wallet to access the database you must add the following to the pom.xml file:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-wallet\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;type\u0026gt;pom\u0026lt;/type\u0026gt; \u0026lt;/dependency\u0026gt; Add the following to application configuration. Note that this example shows Java Persistence API (JPA). If you are using JDBC you should use the appropriate configuration. For example:\nspring: jpa: hibernate: ddl-auto: validate properties: hibernate: dialect: org.hibernate.dialect.OracleDialect format_sql: false show-sql: false datasource: url: ${spring.datasource.url} username: ${spring.datasource.username} password: ${spring.datasource.password} driver-class-name: oracle.jdbc.OracleDriver type: oracle.ucp.jdbc.PoolDataSource oracleucp: connection-factory-class-name: oracle.jdbc.pool.OracleDataSource connection-pool-name: AccountConnectionPool initial-pool-size: 15 min-pool-size: 10 max-pool-size: 30 The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI to deploy your application.\nLiquibase If you are using Liquibase to manage your database schema and data, then you should add the following dependency:\n\u0026lt;properties\u0026gt; \u0026lt;liquibase.version\u0026gt;4.28.0\u0026lt;/liquibase.version\u0026gt; \u0026lt;/properties\u0026gt; \u0026lt;dependencies\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.liquibase\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;liquibase-core\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;${liquibase.version}\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;/dependencies\u0026gt; Add the following configuration to your Spring application configuration:\nspring: liquibase: change-log: classpath:db/changelog/controller.yaml url: ${spring.datasource.url} user: ${liquibase.datasource.username} password: ${liquibase.datasource.password} enabled: ${LIQUIBASE_ENABLED:true} The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI to deploy your application. When you use the deploy command, you must specify the liquibase-db parameter and provide a user with sufficient privileges. Generally this will be permissions to create and alter users and to grant roles and privileges. If your service uses Java Messaging Service (JMS), this use may also need execute permission on dbms.aq_adm, dbms.aq_in and dbms.aq_jms.\nOracle Transaction Manager for Microservices If you are using Oracle Transaction Manager for Microservices (MicroTx) to manage data consistency across microservices data stores, then add the following dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.microtx.lra\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;microtx-lra-spring-boot-starter\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;24.2.1\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; Add the following configuration to your Spring application configuration. The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI or the Visual Studio Code Extension to deploy your application. For example:\nspring: microtx: lra: coordinator-url: ${MP_LRA_COORDINATOR_URL} propagation-active: true headers-propagation-prefix: \u0026#34;{x-b3-, oracle-tmm-, authorization, refresh-}\u0026#34; lra: coordinator: url: ${MP_LRA_COORDINATOR_URL} Spring Config Server If you are using Spring Config Server to manage configurations, then add the following dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-starter-config\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; Add the following configuration to your Spring application configuration. The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI or the Visual Studio Code Extension to deploy your application. For example:\nspring: application: name: \u0026lt;application name\u0026gt; config: import: optional:configserver:${config.server.url} cloud: config: label: \u0026lt;optional\u0026gt; profile: \u0026lt;optional\u0026gt; username: \u0026lt;A user with the role ROLE_USER\u0026gt; password: \u0026lt;password\u0026gt; Tracing Application Tracing To enable Open Telemetry (OTEL) tracing you need to add the following dependencies to the pom/xml file.\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-tracing-bridge-otel\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.opentelemetry\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;opentelemetry-exporter-otlp\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-tracing\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; In addition add the following to the application configuration. The variable in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI or the Visual Studio Code Extension to deploy your application. For example:\nmanagement: tracing: sampling: probability: 1.0 info: os: enabled: true env: enabled: true java: enabled: true otlp: tracing: endpoint: ${otel.exporter.otlp.endpoint} Database tracing To get tracing for the database calls you need to add the following dependency to the po.xml file:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;net.ttddyy.observation\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;datasource-micrometer-spring-boot\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;1.0.3\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; ","description":"To take advantage of the built-in platform services, Oracle recommends using the following project structure.\nRecommended versions:\nSpring Boot 3.3.x Spring Cloud 2023.x.x Java 21 (or 17) Table of Contents:\nDependencies Spring Application Configuration Data Sources Liquibase Oracle Transaction Manager for Microservices Spring Config Server Tracing Dependencies Oracle recommends adding the following dependencies to your application so that it can take advantage of the built-in platform services. For example:\n\u0026lt;properties\u0026gt; \u0026lt;project."},{"id":33,"href":"/microservices-datadriven/spring/blogs/","title":"Read our blogs!","parent":"Oracle Backend for Spring Boot and Microservices","content":"Our team members post blog articles and other content on various sites including Medium, LinkedIn (Corrado de Bari, Doug Drechsel), RedStack, DZone, Andy Tael and the Oracle Developers Blog. We\u0026rsquo;d love you to check them out. This page acts as an index/aggregator for some of our featured content.\nAnd be sure to subscribe to our YouTube channel \u0026ldquo;The Converged Database\u0026rdquo; for more great content!\nConnect to Oracle NoSQL database with Spring Data\nThe Spring Data for Oracle NoSQL Database module integrates Spring Boot applications and Oracle NoSQL Database, enabling developers to access their tables with the familiar Spring Data API. With support for repository-style data access layers and automatic query generation, Spring Data for Oracle NoSQL Database simplifies your development process and enhances productivity when working with Oracle NoSQL Databases from Spring Boot applications.\nAnders Swanson - 8/30/2024\nMicroservice messaging with Spring Cloud Stream Binder for Oracle Database TxEventQ\nSpring Cloud Stream is a Java framework designed for building event-driven microservices backed by a scalable, fault-tolerant messaging systems. The Oracle Database Transactional Event Queues (TxEventQ) stream binder implementation allows developers to leverage Oracle’s database messaging platform within the Spring Cloud Stream ecosystem, all while keeping your data within the converged database.\nAnders Swanson - 8/29/2024\nConnect Oracle Autonomous Database to Spring Boot\nIt\u0026#39;s easy to integrate Oracle Autonomous Database into your Spring Boot apps. In this article, concrete examples are provided for using Spring with Oracle Autonomous Database.\nAnders Swanson - 8/6/2024\nUse OCI Object Storage data as Spring Boot Resources\nSpring Resources are a great way to load data into our Spring Boot applications. In this article, Anders shows us how to use OCI Object Storage as a resource provider with Spring Cloud Oracle.\nAnders Swanson - 7/31/2024\nBuilding Spring Boot apps with Spring Cloud Oracle\nA fully worked example of how to build microservices with Spring Cloud Oracle, including using the OCI Generative AI service to build a simple chatbot, using OCI Queue service to implement asynchronous communication between services, and using the Spring Boot Starter for UCP to access the Oracle Database.\nMark Nelson - 7/30/2024\nConnect Spring Mail with OCI Email Delivery Service\nAnders shows us how to use Spring Cloud Oracle to use the OCI Email Delivery Service in our Spring Boot apps.\nAnders Swanson - 7/30/2024\nInject OCI Vault Secrets into Spring Apps\nDemonstrates how to easily use OCI Vault as a Spring property source with Spring Cloud Oracle.\nAnders Swanson - 7/30/2024\nBlowing Up Database Monoliths\nA deep dive into Data Recfactoring Advisor - an innovative method to refactor monolithic database schema for microservices.\nAniket Tiwari - 7/22/2024\nOracle Database Observabilty\nAn update on the Oracle Database metrics (Prometheus) exporter to coincide with the 1.2.1 release.\nMark Nelson - 4/17/2024\nFull Stack Development with Oracle 23c\nDoug gives an end to end demo of full stack development using the new Oracle 23c Database and the \u0026#39;OWEN\u0026#39; stack.\nDoug Drechsel - 4/8/2024\nOracle Autonomous DB ‘Select AI’ and Spring Boot to talk with your DB\nLearn about the new Select AI feature that allows Autonomous Database to use generative AI with Large Language Models (LLMs) to convert the user’s input text into Oracle SQL. Select AI processes the natural language prompt, supplements the prompt with metadata, and then generates and runs a SQL query.\nCorrado de Bari - 2/7/2024\nBoost your apps with GraalVM in the Oracle Backend for Spring Boot and Microservices\nHow to run your Spring Boot app in native way on the Oracle Backend for Spring Boot and Microservices and the benefits you\u0026#39;ll gain.\nCorrado de Bari - 12/06/2023\nSpring Boot: from Jar to production in 5 minutes\nStep-by-step how to deploy your Spring Boot app with Oracle Autonomous as DB, tested and running locally, to the Oracle Backend for Spring Boot and Microservices.\nCorrado de Bari - 11/27/2023\nTesting Spring Boot Applications with Testcontainers and Oracle\nIn this article, Mark shows us how to easily test your Spring Boot applications with a full Oracle 23c database, with only about a 10 second startup time, which is fast enough to use even in unit tests.\nMark Nelson - 11/21/2023\nIntroducing the Oracle Database Observability Exporter\nLearn about the new Oracle Database Observability Exporter which allows you to export metrics from the Oracle Database in the defacto standard Prometheus format, so that they can be ingested in Prometheus or a similar time series database and used to create dashboards in Grafana or a similar platform.\nMark Nelson - 11/13/2023\nDeveloping Mobile Apps with Oracle Free23c\nDoug shows how to develop mobile applications using Oracle\u0026#39;s MERN Stack locally.\nDoug Drechsel - 10/27/2023\nUsing Oracle\u0026#39;s MERN Stack to develop Mobile Applications\nIn this video, Doug introduces Oracle\u0026#39;s MERN Stack and then demonstrates how to build mobile applications using the Stack.\nDoug Drechsel - 10/2/2023\nUsing GraphQL with Oracle\u0026#39;s MERN Stack\nDoug introduces GraphQL and shows how to run simple queries using the GraphQL playground in the Parse dashboard.\nDoug Drechsel - 9/25/2023\nCoding for Observability in the Oracle Backend for Spring Boot and Microservices\nCorrado shows how to configure a Spring Boot application to allow Prometheus to collect metrics and show them in a Grafana dashboard.\nCorrado de Bari - 7/25/2023\nChat with the Oracle DB\nCorrado shows how to leverage OpenAI models to make text-to-SQL translation on Oracle DB.\nCorrado de Bari - 7/19/2023\nOracle Backend for Spring Boot and Microservices multi-cloud install on Azure\nJohn shows us how to install Oracle Backend for Spring Boot and Microservices on Azure.\nJohn Lathouwers - 6/15/2023\nHow to use ChatGPT/OpenAI APIs from Oracle Backend for Spring Boot and Microservices/Parse\nCorrado demonstrates how to use OpenAI APIs to provide AI application services to mobile clients through the Parse Platform.\nCorrado de Bari - 6/5/2023\nSpring Boot integration with Parse Platform\nCorrado and Doug show us how to use WebHooks in Parse Platform to expose Spring Boot microservices to mobile apps.\nCorrado de Bari - 6/1/2023\nExample: Use Liquibase with Spring Boot in Kubernetes\nJohn shows us how to use Liquibase with Spring Boot.\nJohn Lathouwers - 6/1/2023\nExample: Use SQLcl \u0026#43; Liquibase in Kubernetes initContainers\nJohn shows us how to use SQLcl and Liquibase in Kubernetes initContainers for effective Schema Change Management during deployments of microservices applications in Kubernetes that use Oracle Database.\nJohn Lathouwers - 5/26/2023\nKafka interoperability in Oracle Database 23c\nMark provides an overview of the Kafka compatibility features in Oracle Database 23c Free - Developer Release including the Java and REST APIs and the connectors.\nMark Nelson - 5/22/2023\nLearn how to build and deploy a Spring Boot application to Oracle Backend for Spring Boot and Microservices using Spring starters for UCP and Wallet\nAndy shows us how to build a Phonebook application using Spring Boot with the Oracle Spring Boot Starters for Universal Connection Pools and wallet, and deploys the applications to the Oracle Backend for Spring Boot and tests it.\nAndy Tael - 5/17/2023\nStart up an Oracle Database in Kubernetes with Oracle REST Data Services and Database Actions in no time at all!\nMark demonstrates how easy it is to get an instance of Oracle up and running in Kubernetes, with Oracle REST Data Services and Database Actions using the Oracle Database Operator for Kubernetes.\nMark Nelson - 5/1/2023\nNew 23c version of Kafka-compatible Java APIs for Transactional Event Queues published\nMark demonstrates how to use the new 23c version of the Kafka-compatible Java APIs for Transactional Event Queues, available in Maven Central, which allow you to use the standard Kafka Java API with Transactional Event Queues acting as the Kafka broker. The only things that you would need to change are the broker address, and you need to use the Oracle versions of KafkaProducer and KafkaConsumer – other than that, your existing Kafka Java code should just work!\nMark Nelson - 5/1/2023\nSpring Boot Starters for Oracle updated\nAn example of how to use the new Spring Boot Starter for UCP for Spring 3.0.x.\nMark Nelson - 4/24/2023\nI have deployed Oracle Backend for Spring Boot and Microservices (Developer preview). Now what?\nAndy shows us how easy it is to build a Spring Boot Phone Book application, deploy it to Oracle Backend for Spring Boot and Microservices using the CLI, and create a route in APISIX Gateway to expose the REST endpoints.\nAndy Tael - 4/20/2023\nOracle Backend for Spring and Parse Video\nThis video introduces the Oracle Backend for Spring Boot and Microservices (and Parse Platform) which makes it super easy to develop, run and manage Spring Boot microservices and mobile applications leveraging all the power of Oracle’s converged database.\nAndy Tael - 4/20/2023\nLong Running Actions\nPaul Parkinson demonstrates a Spring Boot microservices application that implements the Saga pattern with Long Running Actions using the Oracle Transaction Manager for Microservices to manage data consistency across microservices.\nPaul Parkinson - 4/18/2023\nOracle Mobile Backend As A Service\nMobile Backend As A Service (MBaaS) is a cloud service that an app developer can immediately start development against with just an endpoint. Doug finds out how far he can get developing a phone application without interacting with the server in any way other than the API endpoint.\nDoug Drechsel - 4/14/2023\nIntroducing Cloud Bank\nAnd introduction to the Cloud Bank sample application which showcases Spring Boot microservices, long running actions/sagas and a Flutter mobile application built with the Oracle Backend for Spring Boot and Microservices.\nMark Nelson - 4/6/2023\nDeveloping Saga Participant Code For Compensating Transactions\nA detailed comparison of the saga pattern with XA (2PC) comparing the pros and cons of each approach to provide data integrity between multiple services and for potentially long running transactions.\nPaul Parkinson - 3/27/2023\nOracle Backend for Spring Boot and Microservices is LIVE! (Developer Preview)\nAn introduction to the Oracle Backend for Spring Boot and Microservices.\nAndy Tael - 3/25/2023\nA First Spring Boot Service with Oracle\nA detailed guide to building a Spring Boot microservice from scratch that uses Spring Data JPA to manage data in the Oracle Database and exposes various endpoints to access the data.\nMark Nelson - 2/3/2023\nReact Native and Oracle MBaaS – a beginner’s tutorial\nA step-by-step guide to building a React Native mobile application using the Parse APIs and Oracle Backend for Parse Platform.\nCorrado de Bari - 1/5/2023\nOracle Mobile Backend as a Service (MBaaS)\nAn introduction and walk-through of the Oracle Backend for Parse Platform, including installation, using the dashboard, getting started with application development and integration with the Oracle Autonomous Database.\nDoug Drechsel - 12/23/2022\nReact.JS on Oracle MBaaS\nA step-by-step guide to implement a simple ReactJS app leveraging Oracle MBaaS.\nCorrado de Bari - 12/22/2022\nTwo new Backend as a Service offerings live now!\nA brief announcement and introduction to our Developer Preview releases of Oracle Backend for Spring Boot and Microservices and Parse Platform.\nMark Nelson - 12/21/2022\nDevelopment Environment Setup with Spring Boot For Oracle\nA detailed guide to setting up a development environment to build Spring Boot microservices with the Oracle Database.\nMark Nelson - 12/8/2022\nBackend-as-a-Service (BaaS) and Oracle Database (Video) OCW Teaser\nErin Dawson, DevRel Communications Manager talks with Mark about the Oracle CloudWorld 2022 presentations and hands-on labs for Oracle Backend for Spring Boot and Microservices and Parse Platform.\nMark Nelson - 10/12/2022\nOracle REST Data Services 22.3 bring new REST APIs for Transactional Event Queues\nAn announcement and several example that show how to use the new REST APIs for Transactional Event Queues.\nMark Nelson - 10/11/2022\nGetting Started with the New Observability Exporter for Oracle Database\nA simple step-by-step getting started example that shows you how to use the Observability Exporter for Oracle Database to expose data from the Oracle Database as Prometheus metrics.\nMark Nelson - 9/27/2022\nDevelop React \u0026#43; GraphQL \u0026#43; Spring Data JPA \u0026#43; UCP \u0026#43; Oracle\nA a succinct description and example of a modern full stack microservice app including a React frontend service that conducts GraphQL queries against a Spring Boot Data JPA backend service that in turn maps to an Oracle database.\nPaul Parkinson - 9/18/2022\nUnified Observability Exporters: Metrics, Logs, and Tracing\nA deep dive into metrics, logs and tracing exporters for the Oracle Database and how to configure them with Grafana to provide unified observability for microservices and the Oracle Database.\nPaul Parkinson - 8/11/2022\nLet the Oracle Database Operator for Kubernetes Do the Job\nAn introduction to and overview of the Oracle Database Operator for Kubernetes.\nPaulo Simoes - 1/6/2022\nHow to use Vaults and Wallets for Simple Secure Connectivity\nProvides details on how to secure connections in Java, JavaScript, Python, .NET, and Go as well as convenience integration features that are provided by microservice frameworks, specifically Helidon and Micronaut.\nPaul Parkinson - 12/18/2021\nDeveloping Event Driven Microservices in Java, Javascript, PL/SQL, Go, Python\nLearn about developing Event-Driven Microservices in Java, JavaScript, Python, .NET, and Go with AQ/TEQ in the Oracle Database.\nPaul Parkinson - 12/17/2021\nApache Kafka vs Oracle Transactional Event Queues for Event Driven Microservices\nComparing transactional and message delivery behavior, as it relates to microservice architectures (event mesh, event sourcing, etc.) Kafka and Oracle Transaction Event Queues.\nPaul Parkinson - 9/23/2021\n","description":"Our team members post blog articles and other content on various sites including Medium, LinkedIn (Corrado de Bari, Doug Drechsel), RedStack, DZone, Andy Tael and the Oracle Developers Blog. We\u0026rsquo;d love you to check them out. This page acts as an index/aggregator for some of our featured content.\nAnd be sure to subscribe to our YouTube channel \u0026ldquo;The Converged Database\u0026rdquo; for more great content!\nConnect to Oracle NoSQL database with Spring Data"},{"id":34,"href":"/microservices-datadriven/spring/release-notes/","title":"Release Notes","parent":"Oracle Backend for Spring Boot and Microservices","content":" Version 1.3.0, September 5th, 2024 This release include:\nIntelliJ Plugin Optional GPU node pool Local install for development purposes OCI Free Tier install for development purposes Spring Operations Center (SOC) UI updates Cloudbank version 4 Addition of Alertmanager Version upgrades of components, see documentation for details Bug fixes The following components were updated:\nComponent New Version Replaced Version Spring Boot Admin Server 3.3.3 3.3.1 Alertmanager v0.67.1 Coherence Operator 3.3.5 3.3.4 Spring Cloud Config server 4.1.3 4.1.2 Spring Authorization Server 3.3.3 3.3.0 Spring Eureka service registry 4.1.3 4.1.2 Grafana 11.1.4 10.4.1 Apache Kafka 3.8.0 3.7.0 OpenTelemetry Collector 0.107.0 0.101.0 Oracle Database Observability Exporter 1.3.1 1.2.1 Oracle Transaction Manager for Microservices 24.2.1 23.4.2 Hashicorp Vault 1.17.2 1.16.1 Version 1.2.0, June 14th, 2024 This release includes:\nAdditional functionality to Spring Operations Center UI (SOC UI). Spring Boot upgrade to 3.3.0 and Spring Cloud 2023.0.2 for internal components. Oracle Backend for Spring Boot and Microservices are running Java 21 with Virtual Threads enabled. oractl is compiled using Java 21 and Virtual Threads. Openshift support The following components were updated:\nComponent New Version Replaced Version Spring Boot Admin server 3.3.1 3.2.0 APISIX API Gateway 3.9.1 3.8.0 Spring Authorization Server 3.3.0 3.2.1 Coherence Operator 3.3.4 3.3.2 Spring Cloud Config server 4.1.2 2023.0.0 Spring Eureka service registry 4.1.2 2023.0.0 Grafana 10.4.1 9.2.5 iNGINX Ingress Controller 1.10.0 1.8.1 Apache Kafka 3.7.0 3.6.1 Metrics server 0.7.0 0.6.4 Jaeger Tracing 1.53.0 1.51.0 OpenTelemetry Collector 0.101.0 0.93.0 Oracle Database Observability Exporter 1.2.1 1.2.0 Oracle Transaction Manager for Microservices 23.4.2 23.4.1 Prometheus 2.52.0 2.47.1 Prometheus Operator 0.74.0 0.63.0 Spring Operations Center 1.2.0 1.1.3 HashiCorp Vault 1.16.1 1.15.2 Deprecation Notice The following components are deprecated and are removed from this release:\nOracle Database Storage Adapter for Parse Parse Server Parse Dashboard Version 1.1.3, March 8, 2024 This release includes small updates and/or bug fixes. No components were upgraded.\nThe following functionality was added:\nHashiCorp Vault Grafana dashboard. HashiCorp Vault audit logging capability. Version 1.1.2, March 1, 2024 This release includes small updates and/or bug fixes and some additional functionality to SOC UI. No components were added or upgraded.\nVersion 1.1.1, February 9, 2024 This release adds the \u0026ldquo;Spring Operations Center\u0026rdquo; feature, adds or updates some Grafana dashboards, and includes other small updates and/or bug fixes.\nThe following components were added:\nComponent Version Description Spring Operations Center 1.1.1 Provide operations capabilities for Spring applications. The following components were updated:\nComponent New Version Replaced Version OpenTelemetry Collector 0.93.0 0.91.0 Version 1.1.0, February 2, 2024 Notes:\nRecommended versions for user applications updated Spring Boot 3.2.x, Java 17 or 21, Spring 6.1 and Spring Cloud 2023.0.0, with limited backwards compatibility for Spring Boot 2.7.x. Platform components are updated to Spring Boot 3.2.1 versions and matching Spring Cloud versions. A preview of a new \u0026ldquo;Spring Operations Center\u0026rdquo; feature is added, including a web user interface and additional Grafana dashboards. User Management using the CLI and REST Endpoints. Added support for auto-scaling of Spring Boot applications deployed in the platform. Changes to the custom installation to allow using existing resources including database, network and Kubernetes. Various platform services updated to use Database Resident Connection Pooling to improve performance. Improvements to collection of trace data using Open Telemetry, including migration to agentless approach, uptake of Micrometer, and so on. Improvements for Spring Native/GraalVM native image compilation of Spring Boot services. Improvements to CLI to support scripting. Various components updated to newer releases. Bug fixes. The following components were added:\nComponent Version Description Oracle Database Observability Exporter 1.1.2 Provides observability for the Oracle Database. Metrics server 0.64 Source of container resource metrics for Kubernetes built-in autoscaling pipeline Kube State Metrics 2.10.1 Collects metrics for the Kubernetes cluster The following components were updated:\nComponent New Version Replaced Version APISIX API Gateway 3.8.0 3.4.0 Apache Kafka 3.6.1 3.5.1 Coherence Operator 3.3.2 3.2.11 Conductor Server 3.13.8 3.13.2 HashiCorp Vault 1.15.2 1.14.0 Netflix Conductor 3.13.8 3.13.2 OpenTelemetry Collector 0.91.0 0.86.0 Oracle Backend for Spring Boot and Microservices CLI 1.1.0 1.0.1 Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 1.1.0 1.0.1 Oracle Transaction Manager for Microservices (MicroTx) 23.4.1 22.3.2 Spring Authorization Server 3.2.1 2.7.5 Spring Boot Admin dashboard 3.2.0 3.1.3 Spring Cloud Config server 2023.0.0 2022.0.4 Spring Cloud Eureka service registry 2023.0.0 4.0.3 Strimzi-Apache Kafka operator 0.39.0 0.36.1 Version 1.0.1, November 2, 2023 Notes:\nBug fixes The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 1.0.1 1.0.0 Oracle Backend for Spring Boot and Microservices CLI 1.0.1 1.0.0 Version 1.0.0, October 15, 2023 This is the first production release.\nNotes:\nAll Spring platform components upgraded to Spring Boot 3.x, Spring 6.x and Spring Cloud 2022.0.4 versions. Spring Native (with GraalVM native image ahead of time compilation) is the default/recommended deployment option for microservices. JVM continues to be available as an option. Loki and Promtail added for logging, Spring Boot dashboard updated to show metrics and logs on the same dashboard. Spring Authorization Server added, and preconfigured with default users (you supply passwords during installation, or they are generated). Various platform services and the CLI updated for authentication and authorization using Spring Authorization Server. Various platform services reconfigured for increased availability. Various components updated. The following components were added:\nComponent Version Description Loki 2.6.1 Provides log aggregation and search. Promtail 2.8.2 Collects logs. Spring Authorization Server 2022.0.4 Provides authentication and authorization for applications. The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 1.0.0 0.3.9 Oracle Backend for Spring Boot and Microservices CLI 1.0.0 0.3.1 Grafana 9.5.2 9.2.5 Spring Eureka Service Registry 2022.0.4 2021.0.3 Spring Config Server 2022.0.4 2021.0.3 Spring Boot Admin 3.1.3 2.7.5 cert-manager 1.12.3 1.11.0 NGINX Ingress Controller 1.8.1 1.6.4 Prometheus 2.40.2 2.34.0 Open Telemetry Collector 0.86.0 0.66.0 Jaeger Tracing 1.45.0 1.39.0 APISIX API Gateway 3.4.0 3.2.0 Strimzi-Apache Kafka operator 0.36.1 0.33.1 Apache Kafka 3.4.0 - 3.5.1 3.2.0 - 3.3.2 Oracle Database storage adapter for Parse (optional) 1.0.0 0.2.0 There were no component deprecations or removals.\nDeveloper Preview 0.7.0, July 24, 2023 Notes:\nContinued incremental improvements to Oracle Database Adapter for Parse Server. The following components were added:\nComponent Version Description Coherence 3.2.11 Provides in-memory data grid. The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 0.3.9 0.3.8 HashiCorp Vault 1.14.0 v1.11.3 Oracle Database Operator for Kubernetes 1.0 0.6.1 Parse Server 6.2.0 5.2.7 Parse Dashboard 5.1.0 5.0.0 Oracle Transaction Manager for Microservices 22.3.2 22.3.1 There were no component deprecations or removals.\nDeveloper Preview 0.3.1, June 14, 2023 Notes:\nImprovements to Oracle Cloud Infrastructure (OCI) installation process. Continued incremental improvements to Oracle Database Adapter for Parse Server. No components were added.\nThe following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices CLI 0.3.1 0.3.0 Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 0.3.8 0.3.7 There were no component deprecations or removals.\nDeveloper Preview 0.3.0, April 17, 2023 Notes:\nOracle Backend for Spring Boot and Microservices now includes the option to install in a Multicloud (OCI/Azure) environment. The Oracle Database Operator for Kubernetes is bound to the existing Oracle Autonomous Database (ADB) created by infrastructure as code (IaC) in an all-OCI installation and provisions the ADB in the Multicloud installation. Improvements to On-Premises and desktop installation processes. The following components were added:\nComponent New Version Description Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 0.3.7 Allows Visual Studio Code users to manage the platform, deployments and configuration. The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices CLI 0.3.0 0.1.0 There were no component deprecations or removals.\nDeveloper Preview 0.2.3, March 8, 2023 Notes:\nOracle Backend for Spring Boot and Microservices now includes the option to also install Parse Platform in the same deployment. Oracle Backend for Spring Boot and Microservices CLI 0.2.3 includes a number of bug fixes and adds support for custom listening ports for services. Apache APISIX is now pre-configured for both Eureka and Kubernetes service discovery. The following components were added:\nComponent Version Description Oracle Database Operator for Kubernetes 0.6.1 Helps reduce the time and complexity of deploying and managing Oracle databases. Parse Server 5.2.7 Provides backend services for mobile and web applications. Parse Dashboard 5.0.0 Uses a web user interface for managing Parse Server. Oracle Database Adapter for Parse Server 0.2.0 Enables the Parse Server to store data in an Oracle database. The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices CLI 0.2.3 0.1.0 cert-manager 1.11.0 1.10.1 NGINX Ingress Controller 1.6.4 1.5.1 Jaeger Tracing 1.39.0 1.37.0 Apache APISIX 3.1.1 2.15.1 Spring Boot Eureka service registry 2.0.1 2021.0.3 Oracle Transaction Manager for Microservices 22.3.2 22.3.1 Parse Server (optional) 6.3.0 6.2.0 Parse Dashboard (optional) 5.2.0 5.1.0 There were no deprecations or removals.\nDeveloper Preview 0.2.0, February 27, 2023 The following components were added:\nComponent Version Description Oracle Transaction Manager for Microservices 22.3.1 Manages distributed transactions to ensure consistency across Microservices. Strimzi-Apache Kafka Operator 0.33.1 Manages Apache Kafka clusters. Apacha Kafka 3.2.0 - 3.3.2 Allows distributed event streaming. There were no deprecations or removals.\nDeveloper Preview 0.1.0, January 30, 2023 The following components were added:\nComponent Version Description HashiCorp Vault v1.11.3 Provides a way to store and tightly control access to sensitive data. Oracle Backend for Spring Boot and Microservices CLI 0.1.0 Provides a command-line interface to manage application deployment and configuration. Netflix Conductor OSS 3.13.2 Provides workflow orchestration for Microservices. On-premises installer 0.1.0 Allows installation of a self-hosted stack. There were no deprecations or removals.\nDeveloper Preview 0.0.1, December 20, 2022 This release includes the following components:\nComponent Version Description cert-manager 1.10.1 Automates the management of certificates. NGINX Ingress Controller 1.5.1 Provides a traffic management solution for cloud native applications in Kubernetes. Prometheus 2.40.2 Provides event monitoring and alerting. Prometheus operator 0.60.1 Provides management for Prometheus monitoring tools. OpenTelemetry Collector 0.66.0 Collects process and export telemetry data. Grafana 9.2.5 Examines, analyzes, and monitors metrics. Jaeger Tracing 1.37.0 Provides a distributed tracing system for monitoring and troubleshooting distributed systems. Apache APISIX 2.15.1 Provides full lifecycle API management. Spring Cloud Admin server 2.7.5 Manages and monitors Spring Boot applications. Spring Cloud Config server 2.7.5 Provides server-side support for externalized configuration. Spring Boot Eureka service registry 2021.0.3 Provides service discovery capabilities. ","description":"Version 1.3.0, September 5th, 2024 This release include:\nIntelliJ Plugin Optional GPU node pool Local install for development purposes OCI Free Tier install for development purposes Spring Operations Center (SOC) UI updates Cloudbank version 4 Addition of Alertmanager Version upgrades of components, see documentation for details Bug fixes The following components were updated:\nComponent New Version Replaced Version Spring Boot Admin Server 3.3.3 3.3.1 Alertmanager v0.67.1 Coherence Operator 3.3.5 3."},{"id":35,"href":"/microservices-datadriven/spring/sampleapp/","title":"Sample Application - CloudBank","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle recommends that you use the CloudBank LiveLab to learn how to use Oracle Backed for Spring Boot and Microservices. The LiveLab has the following Outline:\nProvision an Instance Setup your Development Environment Build the Account Microservice Build Check Processing Microservice that uses JMS and TXEventQ Manage Saga Transactions across Microservices Deploy the full CloudBank Application using the CLI Deploy the full CloudBank Application using the VS Code Extension Explore the Backend Platform Extend the Mobile Application Cleanup The CloudBank source code is provided here, this repository also contains more services.\n","description":"Oracle recommends that you use the CloudBank LiveLab to learn how to use Oracle Backed for Spring Boot and Microservices. The LiveLab has the following Outline:\nProvision an Instance Setup your Development Environment Build the Account Microservice Build Check Processing Microservice that uses JMS and TXEventQ Manage Saga Transactions across Microservices Deploy the full CloudBank Application using the CLI Deploy the full CloudBank Application using the VS Code Extension Explore the Backend Platform Extend the Mobile Application Cleanup The CloudBank source code is provided here, this repository also contains more services."},{"id":36,"href":"/microservices-datadriven/spring/security/","title":"Security","parent":"Oracle Backend for Spring Boot and Microservices","content":"The Oracle Backend for Spring Boot and Microservices has the following security characteristics:\nAll access to the database is done using the Mutual Transport Layer Security (mTLS) database wallet. The user name, password, and URL are stored in Kubernetes secrets.\nAccessing most dashboards can only be done using port-forwarding, the exceptions are the Spring Operations Center and Grafana, which can be accessed through the load balancer using TLS and appropriate authentication. The passwords for the dashboards are provided by the installer or autogenerated and stored in Kubernetes secrets.\nThe only \u0026ldquo;public\u0026rdquo; exposure is the Apache APISIX Gateway (note that the dashboard is not exposed publicly), the Spring Operations Center and Grafana.\nServices deployed to the platform are not exposed through the Apache APISIX Gateway automatically. If you want to expose the service through the gateway, you must define a route in the Apache APISIX dashboard. APISIX Gateway Documentation\nThe deployed platform services are using using self-signed certificates.\nA customer application can only access services running in the platform using the Apache APISIX Gateway. APISIX Gateway Documentation\nThe customer application can be secured using Spring Security (for example, Spring OAuth 2.0 Resource Server). An external authorization server is recommended (for example Okta or Auth0).\nOracle Backend for Spring Boot and Microservices provides an authorization server which is an engine to authenticate and authorize requests to various components in Oracle Backend for Spring Boot and Microservices. The end user can manage users using REST Endpoints. AuthZ Server Documentation\nOracle Backend for Spring Boot and Microservices contains HashiCorp Vault to secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets, and other sensitive data. HashiCorp Vault Documentation\nTransport Layer Security The Oracle Backend for Spring Boot and Microservices is deployed with a sample self-signed certificate for Transport Layer Security (TLS). This results in an \u0026ldquo;Accept Risk\u0026rdquo; message when accessing the Spring Operations Center or Grafana web user interfaces and the sample TLS certificate should not be used for production deployments.\nUpdating the TLS Certificate Ensure your Domain Name System (DNS) entry points to the IP address for the public load balancer. You can check this address with this command, the address in the EXTERNAL-IP field is the public load balancer address:\nkubectl -n ingress-nginx get svc ingress-nginx-controller Obtain a new TLS certificate. In a production environment, the most common scenario is to use a public certificate that has been signed by a certificate authority.\nCreate a new Kubernetes secret in the ingress-nginx namespace. For example:\nkubectl -n ingress-nginx create secret tls my-tls-cert --key new-tls.key --cert new-tls.crt Modify the service definition to reference the new Kubernetes secret by changing the service.beta.kubernetes.io/oci-load-balancer-tls-secret annotation in the service configuration. For example:\nkubectl patch service ingress-nginx-controller -n ingress-nginx \\ -p \u0026#39;{\u0026#34;metadata\u0026#34;:{\u0026#34;annotations\u0026#34;:{\u0026#34;service.beta.kubernetes.io/oci-load-balancer-tls-secret\u0026#34;:\u0026#34;my-tls-cert\u0026#34;}}}\u0026#39; \\ --type=merge ","description":"The Oracle Backend for Spring Boot and Microservices has the following security characteristics:\nAll access to the database is done using the Mutual Transport Layer Security (mTLS) database wallet. The user name, password, and URL are stored in Kubernetes secrets.\nAccessing most dashboards can only be done using port-forwarding, the exceptions are the Spring Operations Center and Grafana, which can be accessed through the load balancer using TLS and appropriate authentication."},{"id":37,"href":"/microservices-datadriven/spring/setup/","title":"Setup","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle Backend for Spring Boot and Microservices is available in the OCI Marketplace.\nPrerequisites Summary of Components Overview of the Setup Process Set Up the OCI Environment Set Up the Local Machine Access information and passwords from the OCI Console Prerequisites You must meet the following prerequisites to use Oracle Backend for Spring Boot and Microservices. You need:\nAn Oracle Cloud Infrastructure (OCI) account in a tenancy with sufficient quota to create the following:\nAn OCI Container Engine for Kubernetes cluster (OKE cluster), plus a node pool with three worker nodes. A virtual cloud network (VCN) with at least two public IP\u0026rsquo;s available. A public load balancer. An Oracle Autonomous Database Serverless instance. At least one free OCI auth token (note that the maximum is two per user).\nOn a local machine, you need:\nThe Kubernetes command-line interface (kubectl). Installing kubectl documentation Oracle Cloud Infrastructure command-line interface (CLI). Quickstart - Installing the CLI. Oracle Backend for Spring Boot and Microservices command-line interface (oractl). Download oractl. [OPTIONAL]Oracle Backend for Spring Boot and Microservices VS Code Extension. Download VS Code Extension. OCI policies The following policies needs to be in place to be able to install Oracle Backend for Spring Boot and Microservices. Top level and their dependencies listed.\nOracle Container Engine for Kubernetes Allow group `\u0026lt;group-name\u0026gt;` to manage cluster-family in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to inspect compartments in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to read virtual-network-family in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to use network-security-groups in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to use private-ips in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to use subnets in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to use vnics in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage cluster-node-pools in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage instance-family in `\u0026lt;location\u0026gt;` └── Allow group `\u0026lt;group-name\u0026gt;` to manage public-ips in `\u0026lt;location\u0026gt;` VCN Allow group `\u0026lt;group-name\u0026gt;` to manage vcns in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage route-tables in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage-security-lists in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage-dhcp-options in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage vcns in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage route-tables in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage security-lists in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage dhcp-options in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage nat-gateways in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage service-gateways in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage network-security-groups in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage subnets in `\u0026lt;location\u0026gt;` Container Registry Allow group `\u0026lt;group-name\u0026gt;` to manage repos in `\u0026lt;location\u0026gt;` Object Storage Allow group `\u0026lt;group-name\u0026gt;` to read objectstorage-namespaces in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage objects in `\u0026lt;location\u0026gt;` └── Allow group `\u0026lt;group-name\u0026gt;` to manage buckets in `\u0026lt;location\u0026gt;` Autonomous Database Allow group `\u0026lt;group-name\u0026gt;` to manage autonomous-database-family in `\u0026lt;location\u0026gt;` Vault If you deploy Oracle Backend for Spring Boot and Microservices STANDARD edition you need the following policies.\nAllow group `\u0026lt;group-name\u0026gt;` to manage vaults in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage keys in `\u0026lt;location\u0026gt;` Additional Vault To allow Container Engine for Kubernetes to access Vault via Groups:\nAllow group `\u0026lt;group-name\u0026gt;` to manage policies in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage tag-namespaces in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage dynamic-groups in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage secret-family in `\u0026lt;location\u0026gt;` Oracle Resource Manager Allow group `\u0026lt;group-name\u0026gt;` to read orm-template in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to use orm-stacks in `\u0026lt;location\u0026gt;` └── Allow group `\u0026lt;group-name\u0026gt;` to manage orm-jobs in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage orm-private-endpoints in `\u0026lt;location\u0026gt;` Summary of Components Oracle Backend for Spring Boot and Microservices setup installs the following components:\nComponent Version Description Apache APISIX 3.9.1 Provides full lifecycle API management. Apache Kafka 3.7.0 Provides distributed event streaming. cert-manager 1.12.3 Automates the management of certificates. Coherence Operator 3.3.4 Provides in-memory data grid. Conductor Server 3.13.8 Provides a Microservice orchestration platform. Grafana 10.4.1 Provides the tool to examine, analyze, and monitor metrics. HashiCorp Vault 1.16.1 Provides a way to store and tightly control access to sensitive data. Jaeger Tracing 1.53.0 Provides distributed tracing system for monitoring and troubleshooting distributed systems. Kube State Metrics 2.10.1 Collects metrics for the Kubernetes cluster Loki 2.6.1 Provides log aggregation and search. Metrics server 0.7.0 Source of container resource metrics for Kubernetes built-in autoscaling pipeline NGINX Ingress Controller 1.10.1 Provides traffic management solution for cloud‑native applications in Kubernetes. OpenTelemetry Collector 0.101.0 Collects process and export telemetry data. Oracle Database Observability Exporter 1.2.1 Exposes Oracle Database metrics in standard Prometheus format. Oracle Database Operator 1.0 Helps reduce the time and complexity of deploying and managing Oracle databases. Oracle Transaction Manager for Microservices 23.4.2 Manages distributed transactions to ensure consistency across Microservices. Prometheus 2.52.0 Provides event monitoring and alerts. Prometheus Operator 0.74.0 Provides management for Prometheus monitoring tools. Promtail 2.8.2 Collects logs. Spring Authorization Server 3.3.0 Provides authentication and authorization for applications. Spring Boot Admin server 3.3.1 Manages and monitors Spring Cloud applications. Spring Cloud Config server 4.1.2 Provides server-side support for an externalized configuration. Spring Eureka service registry 4.1.2 Provides service discovery capabilities. Strimzi-Apache Kafka operator 0.36.1 Manages Apache Kafka clusters. Overview of the Setup Process This video provides a quick overview of the setup process.\nInstalling Oracle Backend for Spring Boot and Microservice takes approximately one hour to complete. The following steps are involved:\nSetup the OCI environment Setup of the Local Environment Access environment variables from the OCI Console Set Up the OCI Environment To set up the OCI environment, process these steps:\nGo to the OCI Marketplace listing for Oracle Backend for Spring Boot and Microservices.\nMarketplace Listing Choose the target compartment, agree to the terms, and click Launch Stack. This starts the wizard and creates the new stack. On the first page, choose a compartment to host your stack and select Next and Configure the variables for the infrastructure resources that this stack will create when you run the apply job for this execution plan.\nCreate Stack In the Backend as A Service Section, fill in the following configuration variables as needed and select Next:\nCompartment : Select the compartment where you want to install Oracle Backend for Spring Boot and Microservices.\nApplication Name (optional) : A random pet name that will be used as the application name if left empty.\nEdition : Select between COMMUNITY and STANDARD Edition.\nCOMMUNITY - for developers for quick start to testing Spring Boot Microservices with an integrated backend. Teams can start with the deployment and scale up as processing demand grows. Community support only. STANDARD - focused for pre-prod and production environments with an emphasis on deployment, scaling, and high availability. Oracle support is included with a Oracle Database support agreement. All features for developers are the same so start here if you’re porting an existing Spring Boot application stack and expect to get into production soon. This edition allows for additional Bring Your Own (BYO) capabilities. Existing Authorization Token (optional) - Enter an existing Authorization token. The token is used by the cluster to pull images from the Oracle Container Registry. If left empty the token will be created.\nWARNING: Deletion or expiration of the token will result in the failure to pull images later. Also you must have one free OCI auth token (note that the maximum is two per user). You can NOT use someone elses token.\nEdition BYO Network BYO Database Production Vault Registry Scanning Community Standard x x x x Compartment, Application and Edition If you check the checkbox Set Administrator Passwords in the Administrator Passwords section you have the option to fill in the following passwords (if not they are autogenerated):\nAPISIX Administrator Password (optional) : Leave blank to auto-generate.\nGrafana Administrator Password (optional) : Leave blank to auto-generate.\nORACTL Administrator Password optional) : Leave blank to auto-generate. This is the password for the obaas-admin user.\nORACTL User Password (optional) : Leave blank to auto-generate. This is the password for the obaas-user user.\nAdministrator Passwords (Standard Edition Only) If you check the checkbox Bring Your Own Virtual Cloud Network in the Network Options section you can use an existing Virtual Cloud Network. This is required to Bring Your Own Database (Standard Edition Only).\nNetwork Options - Standard Edition For more information on the network requirements and topology of the Oracle Backend for Spring Boot and Microservices including the options for Bring Your Own Virtual Cloud Network, please see the Networking documentation.\nIn the Kubernetes Cluster Options section, fill in the following for the OKE Cluster Options:\nPublic API Endpoint? : This option allows access to the OKE Control Plane API Endpoint from the internet (public IP). If not selected, access can only be from a private virtual cloud network (VCN). API Endpoint Access Control : Enter the CIDR block you want to give access to the Control Plane API. Default (and not recommended) is 0.0.0.0/0. Node Pool Workers : The number of Kubernetes worker nodes (virtual machines) attached to the OKE cluster. Node Pool Worker Shape : The shape of the node pool workers. Node Workers OCPU : The initial number of Oracle Compute Units (OCPUs) for the node pool workers. NOTE: Oracle recommends that you set API Endpoint Access Control to be as restrictive as possible\nCreate Stack OKE Options In the Load Balancers Options section, fill in the following for the Load Balancers options:\nEnable Public Load Balancer : This option allows access to the load balancer from the internet (public IP). If not selected, access can only be from a private VCN. Public Load Balancer Access Control : Enter the CIDR block you want to give access to the Load Balancer. Default (and not recommended) is 0.0.0.0/0. Public Load Balancer Ports Exposed : The ports exposed from the load balancer. Minimum bandwidth : The minimum bandwidth that the load balancer can achieve. Maximum bandwidth : The maximum bandwidth that the load balancer can achieve. NOTE: Oracle recommends that you set Public Load Balancer Access Control to be as restrictive as possible.\nLoad Balancer Options In the Database Options section, you can modify the following Database options.\nAutonomous Database Compute Model : Choose either ECPU (default) or OCPU compute model for the ADB. Autonomous Database Network Access : Choose the Autonomous Database network access. Choose between SECURE_ACCESS and PRIVATE_ENDPOINT_ACCESS. NOTE: This option currently cannot be changed later. SECURE_ACCESS - Accessible from outside the Kubernetes Cluster. Requires mTLS and can be restricted by IP or CIDR addresses. PRIVATE_ENDPOINT_ACCESS - Accessible only from inside the Kubernetes Cluster or via a Bastion service. Requires mTLS. ADB Access Control : Comma separated list of CIDR blocks from which the ADB can be accessed. This only applies if SECURE_ACCESS was chosen. Default (and not recommended) is 0.0.0.0/0. Autonomous Database CPU Core Count : Choose how many CPU cores will be elastically allocated. Allow Autonomous Database CPU Auto Scaling : Enable auto scaling for the ADB CPU core count (x3 ADB CPU). Autonomous Database Data Storage Size : Choose ADB Database Data Storage Size in gigabytes (ECPU) or terabytes (OCPU). Allow Autonomous Database Storage Auto Scaling : Allow the ADB storage to automatically scale. Autonomous Database License Model : The Autonomous Database license model. Create an Object Storage Bucket for ADB : Create a Object Storage bucket, with the appropriate access policies, for the ADB. NOTE: Oracle recommends that you restrict by IP or CIDR addresses to be as restrictive as possible.\nDatabase Options (Standard Edition Only) If Bring Your Own Virtual Cloud Network has been selected in the Network Options section, then you have the option to Bring Your Own Database in the section Database Options.\nBring your Own Database Options - Standard Edition For more information on the Bring Your Own Database option for the Oracle Backend for Spring Boot and Microservices including the required values, please review the Database documentation.\n(Standard Edition Only) If you check the checkbox Enable Vault in Production Mode in the section Vault Options you will be installing HashiCorp in Production mode otherwise the HashiCorp Vault be installed in Development mode.\nFill in the following Vault options. You have the option of creating a new OCI Vault or using an existing OCI Vault. The OCI Vault is only used in Production mode to auto-unseal the HashiCorp Vault (see documentation \u0026hellip;) Fill in the following information if you want to use an existing OCI Vault:\nVault Compartment (Optional) : Select a compartment for the OCI Vault.\nExisting Vault (Optional) : Select an existing OCI Vault. If not selected a new OCI Vault be created.\nExisting Vault Key (Optional) : Select an existing OCI Vault key. If not selected a new OCI Vault Key will be created.\nHashiCorp Vault Options - Standard Edition Warning Never run a Development mode HashiCorp Vault Server in a production environment. It is insecure and will lose data on every restart (since it stores data in-memory). It is only intended for development or experimentation. (Standard Edition Only) If you check the checkbox Enable Container Registry Vulnerability Scanning in the section Additional Options you will enable the automatic Vulnerability Scanning on images stored in the Oracle Container Registry.\nCreate Stack Additional Options - Standard Edition Now you can review the stack configuration and save the changes. Oracle recommends that you do not check the Run apply option. This gives you the opportunity to run the \u0026ldquo;plan\u0026rdquo; first and check for issues. Click Create\nCreate Stack Wizard Config Review Apply the stack.\nAfter you create the stack, you can test the plan, edit the stack, and apply or destroy the stack.\nOracle recommends that you test the plan before applying the stack in order to identify any issues before you start creating resources. Testing a plan does not create any actual resources. It is just an exercise to tell you what would happen if you did apply the stack.\nYou can test the plan by clicking on Plan and reviewing the output. You can fix any issues (for example, you may find that you do not have enough quota for some resources) before proceeding.\nCreate Stack Plan When you are happy with the results of the test, you can apply the stack by clicking on Apply. This creates your Oracle Backend as a Service and Microservices for a Spring Cloud environment. This takes about 20 minutes to complete. Much of this time is spent provisioning the Kubernetes cluster, worker nodes, database and all the included services. You can watch the logs to follow the progress of the operation.\nCreate Stack Apply The OCI Resource Manager applies your stack and generates the execution logs. The apply job takes approximately 45 minutes.\nCreate Stack Apply Logs When the Apply job finishes you can collect the OKE access information by clicking on Outputs.\nCreate Stack Outputs Click on Copy for the variable named kubeconfig_cmd. Save this information because it is needed to access the OKE cluster.\nGet Kube Config Cmd Set Up the Local Machine To set up the local machine, process these steps:\nSet up cluster access.\nTo access a cluster, use the kubectl command-line interface that is installed (see the Kubernetes access) locally. If you have not already done so, do the following:\nInstall the kubectl command-line interface (see the kubectl documentation).\nGenerate an API signing key pair. If you already have an API signing key pair, go to the next step. If not:\na. Use OpenSSL commands to generate the key pair in the required P-Early-Media (PEM) format. If you are using Windows, you need to install Git Bash for Windows in order to run the commands. See How to Generate an API Signing Key.\nb. Copy the contents of the public key to the clipboard to paste the value into the Console later.\nAdd the public key value of the API signing key pair to the User Settings for your user name. For example:\na. In the upper right corner of the OCI Console, open the Profile menu (User menu symbol) and click User Settings to view the details.\nb. Click Add Public Key.\nc. Paste the value of the public key into the window and click Add.\nThe key is uploaded and its fingerprint is displayed (for example, d1:b2:32:53:d3:5f:cf:68:2d:6f:8b:5f:77:8f:07:13).\nInstall and configure the Oracle Cloud Infrastructure CLI. For example:\na. Install the Oracle Cloud Infrastructure CLI version 2.6.4 (or later). See Quickstart.\nb. Configure the Oracle Cloud Infrastructure CLI. See Configuring the CLI.\nInstall the Oracle Backend for Spring Boot and Microservices command-line.\nThe Oracle Backend for Spring Boot and Microservices command-line interface, oractl, is available for Linux and Mac systems. Download the binary that you want from the Releases page and add it to your PATH environment variable. You can rename the binary to remove the suffix.\nIf your environment is a Linux or Mac machine, run chmod +x on the downloaded binary. Also, if your environment is a Mac, run the following command. Otherwise, you get a security warning and the CLI does not work:\nsudo xattr -r -d com.apple.quarantine \u0026lt;downloaded-file\u0026gt;\nAccess information and passwords from the OCI Console You can get the necessary access information from the OCI COnsole:\nOKE Cluster Access information e.g. how to generate the kubeconfig information. Oracle Backend for Spring Boot and Microservices Passwords. The assigned passwords (either auto generated or provided by the installer) can be viewed in the OCI Console (ORM homepage). Click on Application Information in the OCI ORM Stack.\nAccess Information You will presented with a screen with the access information and passwords. NOTE: The passwords can also be accessed from the k8s secrets.\nDetailed Access Information ","description":"Oracle Backend for Spring Boot and Microservices is available in the OCI Marketplace.\nPrerequisites Summary of Components Overview of the Setup Process Set Up the OCI Environment Set Up the Local Machine Access information and passwords from the OCI Console Prerequisites You must meet the following prerequisites to use Oracle Backend for Spring Boot and Microservices. You need:\nAn Oracle Cloud Infrastructure (OCI) account in a tenancy with sufficient quota to create the following:"},{"id":38,"href":"/microservices-datadriven/spring/platform/spring-admin/","title":"Spring Boot Admin","parent":"Platform Services","content":" View Application Details Using the Spring Boot Admin Dashboard Spring Boot Admin is a web application used for managing and monitoring Spring Boot applications. Applications are discovered from the service registry. Most of the information displayed in the web user interface comes from the Spring Boot Actuator endpoints exposed by the applications:\nExpose the Spring Boot Admin dashboard using this command:\nkubectl -n admin-server port-forward svc/admin-server 8989 Open the Spring Boot Admin dashboard URL: http://localhost:8989\nSpring Admin DashboardI On the dashboard you will see all the internal services registered with Eureka. If you have deployed the sample application CloudBank or done the LiveLab for Oracle Backend for Spring Boot and Microservices you will see those services.\nIf you click (expand) an application and click on the instance of service you will details about the service instance, metrics, configuration, and so on,\nSpring Admin Service Details ","description":"View Application Details Using the Spring Boot Admin Dashboard Spring Boot Admin is a web application used for managing and monitoring Spring Boot applications. Applications are discovered from the service registry. Most of the information displayed in the web user interface comes from the Spring Boot Actuator endpoints exposed by the applications:\nExpose the Spring Boot Admin dashboard using this command:\nkubectl -n admin-server port-forward svc/admin-server 8989 Open the Spring Boot Admin dashboard URL: http://localhost:8989"},{"id":39,"href":"/microservices-datadriven/spring/platform/config/","title":"Spring Config Server","parent":"Platform Services","content":"Oracle Backend for Spring Boot and Microservices includes Spring Cloud Config which provides server- and client-side support for externalized configurations in a distributed system. The Spring Cloud Config server provides a central place to manage external properties for applications across all environments.\nThe Spring Cloud Config server is pre-configured to work with the Spring Boot Eureka service registry, configured to store the Configuration in the Oracle Autonomous Database to support labeled versions of configuration environments as well as being accessible to a wide range of tools for managing the content. More details can be found here: (Spring Cloud Config Documentation).\nManaging Config Server Data Config Server REST API endpoints overview Config Server REST API endpoints examples Re-create test data Overview When building applications using Spring Config Server, the Spring Cloud Config client\u0026rsquo;s application.yaml configuration file must include access information to the deployed Spring Config Server:\nspring: application: name: \u0026lt;application name\u0026gt; config: import: optional:configserver:${config.server.url} cloud: config: label: \u0026lt;optional\u0026gt; profile: \u0026lt;optional\u0026gt; username: \u0026lt;A user with the role ROLE_USER\u0026gt; password: \u0026lt;password\u0026gt; You also need to add the following dependency to your Spring Boot application pom.xml:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-starter-config\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; The configuration is stored in the CONFIGSERVER schema in the PROPERTIES table. Managing the data for the Spring Cloud Config server should be done using the CLI or the REST API endpoints. If you prefer, you can also work directly with the CONFIGSERVER.PROPERTIES table in the database. How to access the database is documented here, (Accessing the database).\nDuring setup of Oracle Backend for Spring Boot and Microservices, the following data is loaded into CONFIGSERVER.PROPERTIES. This data can be deleted.\n| APPLICATION | PROFILE | LABEL | PROP_KEY | VALUE |-----------------|----------------|----------|---------------------|-----------------------------------| | atael | dev | latest | test-property | This is the test-property value | | atael | dev | latest | test-property-2 | This is the test-property-2 value | | application-a | production | 12c | db-name | databasename-a-prod | | application-a | production | 12c | db-connection | connectionstring-a-prod | | application-a | development | 23cbeta | db-dev-name | databasename-a-dev | | application-a | development | 23cbeta | db-dev-connection | connectionstring-a-dev | | application-b | production | 19c | db-name | databasename-b-prod | | application-b | production | 19c | db-connection | connectionstring-b-prod | | application-b | development | 23cbeta | db-dev-name | databasename-b-dev | | application-b | development | 23cbeta | db-dev-connection | connectionstring-b-dev | | application-c | secret | 23.4 | json-db | 23c-json-db | | application-c | secret | 23.4 | json-sdb-conn | 23c-mongo-conn | | application-c | secret | 23.4 | txeventq | 23c-conn-string | | application-c | secret | 23.4 | txeventq | 23c-kafka-name | Managing Config Server Data Maintaining the Config Servers information can be done using the following methods:\nOracle Backend for Microservices CLI, oractl. REST API endpoints exposed via obaas-admin and config-server services. Config Server REST API endpoints overview The following REST API endpoints are available to the Config Server entries. The table lists which minimum required role is needed to perform the operation. \u0026lsquo;N/A\u0026rsquo; in the following table indicates that the endpoint does not require authentication to be accessed.\nEnd point Method Description Minimum Required Role /srv/config/all GET Get all distinct properties for a service (application) N/A /srv/config/properties GET Get all distinct properties with filters (see examples) N/A /srv/config/properties/add POST Create properties from a file ROLE_USER /srv/config/property/add POST Create a property ROLE_USER /srv/config/property/update PUT Update a property ROLE_USER /srv/config/properties/delete DELETE Delete properties with filters (see examples) ROLE_ADMIN Config Server REST API endpoints examples In all of the following examples, replace \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; with your username and password when necessary. (Getting User information). The examples are using curl to interact with the REST API endpoints. This also requires an open tunnel on port 8080 to either the config-server or obaas-admin service. Use the following command to start a tunnel to the config-server service:\nkubectl port-forward -n config-server svc/config-server 8080 The output will be slightly different when using a tunnel to obaas-admin. The data will be included in the \u0026quot;body\u0026quot; section.\n/srv/config/all Get all distinct application services:\ncurl -s http://localhost:8080/srv/config/all Example of data returned:\n[ { \u0026#34;name\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;\u0026#34; }, { \u0026#34;name\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;\u0026#34; }, { \u0026#34;name\u0026#34;: \u0026#34;application-c\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;\u0026#34; }, { \u0026#34;name\u0026#34;: \u0026#34;atael\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;\u0026#34; } ] /srv/config/all?service-profile=\u0026lt;profile-name\u0026gt; Get all distinct services filtered on profile (service-profile):\ncurl -s http://localhost:8080/srv/config/all\\?service-profile\\=dev Example of data returned:\n[ { \u0026#34;name\u0026#34;: \u0026#34;atael\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;latest\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;dev\u0026#34; } ] /srv/config/properties?service-name=\u0026lt;service-name\u0026gt; Get all properties for a service-name (application):\ncurl -s http://localhost:8080/srv/config/properties\\?service-name\\=application-a Example of data returned:\n[ { \u0026#34;id\u0026#34;: 3, \u0026#34;application\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;12c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-name\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;databasename-a-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 4, \u0026#34;application\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;12c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-connection\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;connectionstring-a-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 5, \u0026#34;application\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;development\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;23cbeta\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-dev-name\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;databasename-a-dev\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 6, \u0026#34;application\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;development\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;23cbeta\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-dev-connection\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;connectionstring-a-dev\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; } ] /srv/config/properties?service-name=\u0026lt;service-name\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt; Get all properties for a service-name (application) filtered on service-label (label):\ncurl -s http://localhost:8080/srv/config/properties\\?service-name\\=application-b\\\u0026amp;service-label\\=19c Example of data returned:\n[ { \u0026#34;id\u0026#34;: 7, \u0026#34;application\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;19c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-name\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;databasename-b-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 8, \u0026#34;application\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;19c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-connection\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;connectionstring-b-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; } ] /srv/config/properties?service-name=\u0026lt;service-name\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt; Get all properties for a service-name (application) filtered on service-label (label) and service-profile (profile):\ncurl -s http://localhost:8080/srv/config/properties\\?service-name\\=application-b\\\u0026amp;service-label\\=19c\\\u0026amp;service-profile\\=production Example of data returned:\n[ { \u0026#34;id\u0026#34;: 7, \u0026#34;application\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;19c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-name\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;databasename-b-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 8, \u0026#34;application\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;19c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-connection\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;connectionstring-b-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; } ] /srv/config/properties?service-name=\u0026lt;service-name\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt;\u0026amp;property-key=\u0026lt;property-key\u0026gt; Get all properties for a service-name (application) filtered on service-label (label), service-profile (profile) and property-key (prop_key):\ncurl -s http://localhost:8080/srv/config/properties\\?service-name\\=application-c\\\u0026amp;service-label\\=23.4\\\u0026amp;service-profile\\=secret\\\u0026amp;property-key\\=txeventq Example of data returned:\n[ { \u0026#34;id\u0026#34;: 14, \u0026#34;application\u0026#34;: \u0026#34;application-c\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;secret\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;23.4\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;txeventq\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;23c-kafka-name\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; } ] /srv/config/property/add Create a property:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X POST \\ -d \u0026#34;service-name=application-d\u0026amp;service-label=1.0\u0026amp;service-profile=AI\u0026amp;property-key=url-to-host\u0026amp;property-value=hostname\u0026#34; \\ http://localhost:8080/srv/config/property/add Successful creation of a property returns:\nProperty added successfully. /srv/config/property/update Update a property:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X PUT \\ -d \u0026#34;service-name=application-d\u0026amp;service-label=1.0\u0026amp;service-profile=AI\u0026amp;property-key=url-to-host\u0026amp;property-value=new-hostname\u0026#34; \\ http://localhost:8080/srv/config/property/update Successful update of a property returns:\nProperty successfully modified. /srv/config/properties/delete?service-name\u0026lt;service-name\u0026gt; Delete all properties from a service (application):\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X DELETE http://localhost:8080/srv/config/properties/delete\\?service-name\\=atael Successful deletion of properties returns:\nProperties successfully deleted. /srv/config/delete?service-profile=\u0026lt;profile-name\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt; Delete all properties with a service profile:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X DELETE http://localhost:8080/srv/config/properties/delete\\?service-name\\=application-d\\\u0026amp;service-profile\\=AI Successful deletion of properties returns:\nProperties successfully deleted. /srv/config/delete?service-profile=\u0026lt;profile-name\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt; Delete all properties from a service with a profile and a label:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X DELETE http://localhost:8080/srv/config/properties/delete\\?service-name\\=application-a\\\u0026amp;service-profile\\=development\\\u0026amp;service-label\\=12c Successful deletion of properties returns:\nProperties successfully deleted. /srv/config/delete?service-profile=\u0026lt;profile-name\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt;\u0026amp;property-key=\u0026lt;property-key\u0026gt; Delete all properties from a service with a profile and a label:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X DELETE http://localhost:8080/srv/config/properties/delete\\?service-name\\=application-b\\\u0026amp;service-profile\\=development\\\u0026amp;service-label\\=23cbeta\\\u0026amp;property-key\\=db-dev-name Successful deletion of properties returns:\nProperties successfully deleted. Re-create test data The Config Server data can be created using the following SQL statements:\nINSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;atael\u0026#39;,\u0026#39;dev\u0026#39;,\u0026#39;latest\u0026#39;,\u0026#39;test-property\u0026#39;,\u0026#39;This is the test-property value\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;atael\u0026#39;,\u0026#39;dev\u0026#39;,\u0026#39;latest\u0026#39;,\u0026#39;test-property-2\u0026#39;,\u0026#39;This is the test-property-2 value\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-a\u0026#39;,\u0026#39;production\u0026#39;,\u0026#39;12c\u0026#39;,\u0026#39;db-name\u0026#39;,\u0026#39;databasename-a-prod\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-a\u0026#39;,\u0026#39;production\u0026#39;,\u0026#39;12c\u0026#39;,\u0026#39;db-connection\u0026#39;,\u0026#39;connectionstring-a-prod\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-a\u0026#39;,\u0026#39;development\u0026#39;,\u0026#39;23cbeta\u0026#39;,\u0026#39;db-dev-name\u0026#39;,\u0026#39;databasename-a-dev\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-a\u0026#39;,\u0026#39;development\u0026#39;,\u0026#39;23cbeta\u0026#39;,\u0026#39;db-dev-connection\u0026#39;,\u0026#39;connectionstring-a-dev\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-b\u0026#39;,\u0026#39;production\u0026#39;,\u0026#39;19c\u0026#39;,\u0026#39;db-name\u0026#39;,\u0026#39;databasename-b-prod\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-b\u0026#39;,\u0026#39;production\u0026#39;,\u0026#39;19c\u0026#39;,\u0026#39;db-connection\u0026#39;,\u0026#39;connectionstring-b-prod\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-b\u0026#39;,\u0026#39;development\u0026#39;,\u0026#39;23cbeta\u0026#39;,\u0026#39;db-dev-name\u0026#39;,\u0026#39;databasename-b-dev\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-b\u0026#39;,\u0026#39;development\u0026#39;,\u0026#39;23cbeta\u0026#39;,\u0026#39;db-dev-connection\u0026#39;,\u0026#39;connectionstring-b-dev\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-c\u0026#39;,\u0026#39;secret\u0026#39;,\u0026#39;23.4\u0026#39;,\u0026#39;json-db\u0026#39;,\u0026#39;23c-json-db\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-c\u0026#39;,\u0026#39;secret\u0026#39;,\u0026#39;23.4\u0026#39;,\u0026#39;json-sdb-conn\u0026#39;,\u0026#39;23c-mongo-conn\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-c\u0026#39;,\u0026#39;secret\u0026#39;,\u0026#39;23.4\u0026#39;,\u0026#39;txeventq\u0026#39;,\u0026#39;23c-conn-string\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-c\u0026#39;,\u0026#39;secret\u0026#39;,\u0026#39;23.4\u0026#39;,\u0026#39;txeventq\u0026#39;,\u0026#39;23c-kafka-name\u0026#39;); ","description":"Oracle Backend for Spring Boot and Microservices includes Spring Cloud Config which provides server- and client-side support for externalized configurations in a distributed system. The Spring Cloud Config server provides a central place to manage external properties for applications across all environments.\nThe Spring Cloud Config server is pre-configured to work with the Spring Boot Eureka service registry, configured to store the Configuration in the Oracle Autonomous Database to support labeled versions of configuration environments as well as being accessible to a wide range of tools for managing the content."},{"id":40,"href":"/microservices-datadriven/spring/platform/soc/","title":"Spring Operations Center","parent":"Platform Services","content":"Oracle Backend for Spring Boot and Microservices version includes \u0026ldquo;Spring Operations Center\u0026rdquo;. More capabilities will be added to this feature in future releases.\nThe Spring Operations Center provides a web user interface to manage the Oracle Backend for Spring Boot and Microservices. This release includes the following capabilities:\nView details about the configuration and health of the environment Manage and deploy workloads (Spring Boot applications) deployed in the environment Easy one-click access to Grafana dashboards for applications Manage users and roles defined in the Spring Authorization Server included in the environment Easy one-click access to Grafana dashboards for the Kubernetes cluster, the applications and the Oracle Database Collect diagnostic data for support Note: More capabilities will be added to this feature in future releases.\nAccessing Spring Operations Center The Dashboard Manage Namespaces Manage Workloads Manage Identity Accessing Spring Operations Center To access the Spring Operations Center, obtain the public IP address for your environment using this command:\nkubectl -n ingress-nginx get service ingress-nginx-controller The output will be similar to this:\nNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx-controller LoadBalancer 10.96.172.148 xxx.xxx.xxx.xxx 80:31393/TCP,443:30506/TCP 158m Use the EXTERNAL-IP from the results and open a browser to https://xxx.xxx.xxx.xxx/soc to access the login page.\nNote: If you installed with self-signed certificates, which is the default, you will see a browser warning message and will have to click on \u0026ldquo;Accept risk\u0026rdquo; or similar. For information about replacing the self-signed certificate with a production certificate, refer to Transport Layer Security\nSOC Login Page Login using the obaas-admin user (or another user if you have created one) and the password that you set during installation. If you did not set a password, one was auto-generated for you and can be obtained with this command:\nkubectl get secret -n azn-server oractl-passwords -o jsonpath=\u0026#39;{.data.admin}\u0026#39; | base64 -d; echo After logging in, you will see the SOC Dashboard.\nThe Dashboard The Spring Operations Center Dashboard provides information about the overall state of the environment including:\nThe version and platform the environment is running on The configuration and sizing of the Kubernetes cluster The configuration and sizing of the Database instance Easy one-click access to Grafana dashboards to see detailed status of the Kubernetes cluster and Database instance The overall system health status How many applications are deployed in the environment SOC Dashboard Manage Namespaces The Manage Namespaces screen is accessible from the Workloads menu, and allows you to view and manage the namespaces that are configured for Spring Boot application deployments. Note that this does not show you all namespaces in the Kubernetes cluster, just those that have be specifically configured for Spring Boot workloads, meaning they have the necessary secrets for pulling images, accessing the database, and so on.\nSOC Manage Namespaces screen Clicking on a namespace will allow you to drill down into that namespace and see the workloads (Spring Boot applications) deployed there.\nManage Workloads The Manage Workloads screen shows the workloads (Spring Boot applications) deployed in a specific namespace, including the status of each workload, and how many replicas are currently running and desired.\nSOC Manage Workloads screen You can click on the \u0026ldquo;open\u0026rdquo; link in the Dashboard column to open the Spring Boot Statistics Grafana dashboard for any workload listed in the table. Note that you may need to authenticate to Grafana the first time.\nGrafana Dashboard for Workload More details of this dashboard can be found here.\nManage Identity The Manage Identity screen is accessible from the Security menu and allows you to view information about the users and roles defined in the Spring Authorization Server included in the platform.\nSOC Manage Identity screen Collect Diagnostic Data The Collect Diagnostic Data is accessible from the Settings Menu and allows you to collect and download diagnostic data about your installation and platform. Verify its contents for any sensitive information before submitting with any support request.\nDiagnostic Data ","description":"Oracle Backend for Spring Boot and Microservices version includes \u0026ldquo;Spring Operations Center\u0026rdquo;. More capabilities will be added to this feature in future releases.\nThe Spring Operations Center provides a web user interface to manage the Oracle Backend for Spring Boot and Microservices. This release includes the following capabilities:\nView details about the configuration and health of the environment Manage and deploy workloads (Spring Boot applications) deployed in the environment Easy one-click access to Grafana dashboards for applications Manage users and roles defined in the Spring Authorization Server included in the environment Easy one-click access to Grafana dashboards for the Kubernetes cluster, the applications and the Oracle Database Collect diagnostic data for support Note: More capabilities will be added to this feature in future releases."},{"id":41,"href":"/microservices-datadriven/spring/tags/","title":"Tags","parent":"Oracle Backend for Spring Boot and Microservices","content":"","description":""},{"id":42,"href":"/microservices-datadriven/spring/get-help/troubleshooting/","title":"Troubleshooting","parent":"Get Help","content":"If experiencing issues with the Oracle Backend for Spring Boot and Microservices; check here for known issues and resolutions.\nORA-28000: The account is locked Access the database and determine which account has been locked by running the following SQL:\nSELECT USERNAME, LOCK_DATE, PROFILE FROM DBA_USERS WHERE ACCOUNT_STATUS=\u0026#39;LOCKED\u0026#39; AND AUTHENTICATION_TYPE=\u0026#39;PASSWORD\u0026#39; AND ORACLE_MAINTAINED\u0026lt;\u0026gt;\u0026#39;Y\u0026#39;; Unlock the account by running: ALTER USER \u0026lt;USERNAME\u0026gt; ACCOUNT UNLOCK;\nIf the account continues to be locked, evaluate the password being used by the service and changes appropriately.\n","description":"If experiencing issues with the Oracle Backend for Spring Boot and Microservices; check here for known issues and resolutions.\nORA-28000: The account is locked Access the database and determine which account has been locked by running the following SQL:\nSELECT USERNAME, LOCK_DATE, PROFILE FROM DBA_USERS WHERE ACCOUNT_STATUS=\u0026#39;LOCKED\u0026#39; AND AUTHENTICATION_TYPE=\u0026#39;PASSWORD\u0026#39; AND ORACLE_MAINTAINED\u0026lt;\u0026gt;\u0026#39;Y\u0026#39;; Unlock the account by running: ALTER USER \u0026lt;USERNAME\u0026gt; ACCOUNT UNLOCK;\nIf the account continues to be locked, evaluate the password being used by the service and changes appropriately."},{"id":43,"href":"/microservices-datadriven/spring/uninstall/","title":"Uninstall","parent":"Oracle Backend for Spring Boot and Microservices","content":"To remove Oracle Backend for Spring Boot and Microservices, navigate to Developer Services then Resource Manager - Stacks in the Oracle Cloud Infrastructure Console (OCI Console) main menu. Ensure that you are in the correct region and compartment where you installed the Oracle Backend as a Service (OBaaS).\nClick on the link to open the detailed view for the Oracle Backend for Spring Boot and Microservices instance and click Destroy to clean up resources. For example:\nOCI Stack Destroy The OCI Resource Manager uses the stack definition to destroy all resources. For example:\nOCI Stack Destroy Logs The destroy job takes about 20 minutes to complete. Review the logs when the job is done to ensure that it completed successfully. If there are any errors, run the Destroy job again.\n","description":"To remove Oracle Backend for Spring Boot and Microservices, navigate to Developer Services then Resource Manager - Stacks in the Oracle Cloud Infrastructure Console (OCI Console) main menu. Ensure that you are in the correct region and compartment where you installed the Oracle Backend as a Service (OBaaS).\nClick on the link to open the detailed view for the Oracle Backend for Spring Boot and Microservices instance and click Destroy to clean up resources."},{"id":44,"href":"/microservices-datadriven/spring/upgrade/","title":"Upgrade","parent":"Oracle Backend for Spring Boot and Microservices","content":"The world of Microservices moves fast. In order to keep up with new software versions and provide additional features, regular updates and patches are provided for the Oracle Backend for Spring Boot and Microservices.\nDepending on the original installation method and the state of your infrastructure, these patches and upgrades can either be preformed in-place or out-of-place. Oracle recommends, despite which option you choose, to have a backup of your applications and database in order to recover from any unintentional loss.\nThere are various methods to perform an upgrade including:\nIn-Place Marketplace Upgrade Out-of-Place Marketplace Upgrade In-Place Custom Upgrade Out-of-Place Custom Upgrade In-Place Marketplace Upgrade The in-place Marketplace upgrade can be performed when there has been no external modifications of the infrastructure after the original installation of the Marketplace stack; or you wish to reconcile the infrastructure back to the delivered Marketplace infrastructure.\nThe in-place method will both modify the infrastructure and patch/upgrade the delivered Oracle Backend for Spring Boot and Microservices applications.\nThis method is recommended for development deployments, or after testing the upgrade using the Out-of-Place Upgrade for production deployments.\nWarning: to ensure no unintentional outage or infrastructure destruction; do not directly apply the upgrade stack. Plan and review the actions that will be performed prior to its application. If in doubt about the potential loss of data or infrastructure, opt for the Out-of-Place method.\nDownload the Marketplace Upgrade Stack Visit the Release page and download the marketplace_upgrade.zip file for the version you are upgrading to.\nUpdate the Current Stack In Oracle Cloud Infrastructure, navigate to Developer Services -\u0026gt; Stacks. Ensure the region and compartment is set to the location where the Marketplace stack was first installed, and select the stack.\nEdit the Stack, and upload the marketplace_upgrade.zip file.\nClick through the wizard and ensure the \u0026ldquo;Apply\u0026rdquo; checkbox is not ticked. Save Changes.\nPlan the Upgrade Run the plan Job and review the proposed actions.\nGenerally, any proposed destruction of the Database or Kubernetes cluster should be avoided unless you are confident that you can recover both your applications and data. If the plan shows the destruction of these resources, the Out-of-Place Upgrade should be used as an alternative.\nApply the Upgrade Out-of-Place Marketplace Upgrade The out-of-place Marketplace upgrade can be used when manual changes to the original infrastructure have been made after the initial installation of the Oracle Backend for Spring Boot and Microservices. It is the recommended Marketplace method for production installations as it allows you to test the upgrade prior to go live, while leaving the old infrastructure in place for rollbacks.\nThe out-of-place method deliver new infrastructure and Oracle Backend for Spring Boot and Microservices applications. You will need to migrate your applications to the new platform.\nFollow the instructions to install the latest Marketplace version.\nClone Database Depending on the Oracle Database that was used during the initial installation, the method of cloning the database will vary. For example:\nOracle Autonomous Database Oracle BaseDB On-Premises options include: PDB Clone RMAN Duplicate Datapump Load Custom Applications Once the database has been cloned, re-load your applications into the new Kubernetes environment.\nClean Up Old Installation Follow the uninstall guide to clean up the old Marketplace installation.\nCustom In-Place Upgrade The Custom In-Place upgrade can be applied to any existing installation of the Oracle Backend for Spring Boot and Microservices. It will not modify any infrastructure and only apply changes to existing and install new Oracle Backend for Spring Boot and Microservices applications.\nDownload the Latest Installation Visit the Release page and download the custom-ebaas_latest.zip file for the version you are upgrading to.\nUnzip the custom-ebaas_latest.zip file.\nDefine the Infrastructure From the original installation source, copy the following infrastructure definitions, where they exist, to the new release source:\nansible/roles/common/vars/main.yaml ansible/roles/registry/vars/main.yaml ansible/roles/database/vars/main.yaml ansible/roles/oci/vars/main.yaml ansible/roles/azure/vars/main.yaml Perform the Upgrade From the unzipped source, run the following commands:\n./setup_ansible.sh source activate.env ansible-playbook ansible/k8s_apply.yaml -t full Custom Out-of-Place Upgrade The custom out-of-place upgrade assumes you have out-of-place infrastructure to install into. The existing Oracle Database should be cloned for use with the new version.\nDownload the Latest Installation Visit the Release page and download the custom-ebaas_latest.zip file for the version you are upgrading to.\nUnzip the custom-ebaas_latest.zip file.\nClone Database Depending on the Oracle Database that was used during the initial installation, the method of cloning the database will vary. For example:\nOracle Autonomous Database Oracle BaseDB On-Premises options include: PDB Clone RMAN Duplicate Datapump Update the Infrastructure From the original installation source, copy the following infrastructure definitions, where they exist, to the new release source:\nansible/roles/common/vars/main.yaml ansible/roles/registry/vars/main.yaml ansible/roles/database/vars/main.yaml ansible/roles/oci/vars/main.yaml ansible/roles/azure/vars/main.yaml Update the files to point to the new out-of-place infrastructure.\nPerform the Upgrade From the unzipped source, run the following commands:\n./setup_ansible.sh source activate.env ansible-playbook ansible/k8s_apply.yaml -t full Load Custom Applications Once the upgrade is complete, re-load your applications into the new Kubernetes environment.\n","description":"The world of Microservices moves fast. In order to keep up with new software versions and provide additional features, regular updates and patches are provided for the Oracle Backend for Spring Boot and Microservices.\nDepending on the original installation method and the state of your infrastructure, these patches and upgrades can either be preformed in-place or out-of-place. Oracle recommends, despite which option you choose, to have a backup of your applications and database in order to recover from any unintentional loss."},{"id":45,"href":"/microservices-datadriven/spring/platform/conductor/","title":"Workflow","parent":"Platform Services","content":"Oracle Backend for Spring Boot and Microservices includes the Netflix Conductor Server. Conductor is a popular workflow solution that works with Spring Boot Microservices and Oracle Database.\nDocumentation on Conductor can be found here:\nConductor OSS Documentation Accessing the Server User Interface (UI) Expose the Oracle Spring Cloud Admin server that the CLI calls by using this command:\nkubectl port-forward services/conductor-server -n conductor-server 8080:8080 Access the Conductor server UI at this URL:\nhttp://localhost:8080 Access the Swagger documentation at this URL:\nhttp://localhost:8080/swagger-ui/index.html API Specification The API Specification can be found here:\nAPI Specification ","description":"Oracle Backend for Spring Boot and Microservices includes the Netflix Conductor Server. Conductor is a popular workflow solution that works with Spring Boot Microservices and Oracle Database.\nDocumentation on Conductor can be found here:\nConductor OSS Documentation Accessing the Server User Interface (UI) Expose the Oracle Spring Cloud Admin server that the CLI calls by using this command:\nkubectl port-forward services/conductor-server -n conductor-server 8080:8080 Access the Conductor server UI at this URL:"}] \ No newline at end of file +[{"id":0,"href":"/microservices-datadriven/spring/observability/tracing/","title":"Tracing","parent":"Observability","content":" Overview In a distributed system, it’s expected that occasional errors are bound to happen when serving requests. A central observability platform helps by capturing application traces/logs and provides an interface to query for a specific request. OpenTelemetry helps in standardizing the process of capturing and exporting telemetry data.\nOpenTelemetry (OTEL) is a collection of standardized vendor-agnostic tools, APIs, and SDKs. It’s a CNCF incubating project and is a merger of the OpenTracing and OpenCensus projects.\nOpenTracing is a vendor-neutral API for sending telemetry data over to an observability backend. The OpenCensus project provides a set of language-specific libraries that developers can use to instrument their code and send it to any supported backends. OTEL uses the same concept of trace and span to represent the request flow across microservices as used by its predecessor projects.\nOTEL allows us to instrument, generate, and collect telemetry data, which helps in analyzing application behavior or performance. Telemetry data can include logs, metrics, and traces. We can either automatically or manually instrument the code for HTTP, DB calls, and more.\nOverview How to enable tracing for your applications To enable tracing for your application you must include the following dependencies to your Maven POM or equivalent.\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-starter-actuator\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-registry-prometheus\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-tracing-bridge-otel\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.opentelemetry\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;opentelemetry-exporter-otlp\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-tracing\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; If you want to enable tracing for your database calls (Micrometer observability instrumentation for JDBC DataSource) you must include the following dependency too. You can find the latest version here.\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;net.ttddyy.observation\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;datasource-micrometer-spring-boot\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;1.0.3\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; You must also add the following to your applications application.yaml file.\nspring: application: name: customer management: endpoint: health: show-details: always endpoints: web: exposure: include: \u0026#34;*\u0026#34; metrics: tags: application: ${spring.application.name} tracing: sampling: probability: 1.0 info: os: enabled: true env: enabled: true java: enabled: true otlp: tracing: endpoint: ${otel.exporter.otlp.endpoint} How to enable tracing in APISIX routes The OpenTelemetry plugin is enabled by default in APISIX. To enable tracing for your routes add the following to the route configuration:\n\u0026#34;plugins\u0026#34;: { \u0026#34;opentelemetry\u0026#34;: { \u0026#34;sampler\u0026#34;: { \u0026#34;name\u0026#34;: \u0026#34;always_on\u0026#34; } } } For more configuration option for the OpenTelemetry plugin; APISIX Documentation\nView Application Traces in Jaeger Web User Interface Jaeger is a distributed tracing system used for monitoring and troubleshooting Microservices. For more information on Jaeger, see the Jaeger website.\nExpose the Jaeger web user interface using this command:\nkubectl -n observability port-forward svc/jaegertracing-query 16686:16686 Open the Jaeger web user interface URL: http://localhost:16686\nJaeger UI In the Jaeger web user interface, click the Search tab to find tracings using various search criteria. For example, to find traces for the customer Microservice included in the Sample Application:\na. If you deployed the Sample Applications and have accessed the REST endpoints you can find traces for it in Jaeger. For example:\nb. Select the Service customer32 and the Operation /api/v2/customers .\nc. Click on Find Traces. Several traces appear (one for each time that you invoked the service). Jaeger Customer Tracing d. Click on any one of them to view the trace that includes multiple services and extends into Oracle Database. For example: Jaeger Customer Tracing Details ","description":"Overview In a distributed system, it’s expected that occasional errors are bound to happen when serving requests. A central observability platform helps by capturing application traces/logs and provides an interface to query for a specific request. OpenTelemetry helps in standardizing the process of capturing and exporting telemetry data.\nOpenTelemetry (OTEL) is a collection of standardized vendor-agnostic tools, APIs, and SDKs. It’s a CNCF incubating project and is a merger of the OpenTracing and OpenCensus projects."},{"id":1,"href":"/microservices-datadriven/spring/platform/apigw/","title":"Apache APISIX Gateway","parent":"Platform Services","content":"Apache APISIX is an open source cloud native API platform that supports the full lifecycle of API management including publishing, traffic management, deployment strategies, and circuit breakers.\nAccessing Apache APISIX dashboard Oracle Backend for Spring Boot and Microservices deploys Apache APISIX Gateway and Dashboard in the apisix namespace. The gateway is exposed through the external load balancer and ingress controller. To access the Apache APISIX Dashboard, you must use the kubectl port-forward command to create a secure channel to service/apisix-dashboard. Process the following steps:\nTo expose the Apache APISIX Dashboard using this command:\nkubectl port-forward -n apisix svc/apisix-dashboard 8080:80 Open the Apache APISIX Dashboard URL: http://localhost:8080\nusername: admin Password is retrieved using the following command: kubectl get secret -n apisix apisix-dashboard -o jsonpath=\u0026#39;{.data.conf\\.yaml}\u0026#39; | base64 -d | grep \u0026#39;password:\u0026#39;; echo NOTE: Oracle recommends that you change the default password when you log in the first time. Even though the dashboard is not accessible externally, Oracle still recommends using strong passwords to maximize security.\nAPISIX Login Enable tracing in APISIX routes The OpenTelemetry plugin is enabled by default in APISIX. To enable tracing for your routes add the following to the route configuration:\n\u0026#34;plugins\u0026#34;: { \u0026#34;opentelemetry\u0026#34;: { \u0026#34;sampler\u0026#34;: { \u0026#34;name\u0026#34;: \u0026#34;always_on\u0026#34; } } } For more configuration option for the OpenTelemetry plugin; APISIX Documentation\nExposing a Spring Application Through the API Gateway and Load Balancer Once you have your application deployed and running, you may want to expose it to the outside world. Some applications may not need to be exposed if they are only called by other applications in the platform. To expose your application, create a \u0026ldquo;route\u0026rdquo; in the Apache APISIX API Gateway by processing these steps:\nCreate a route to the service. For example:\nIn the Apache APISIX Dashboard, click Routes in the menu on the left side. APISIX Routes Click Create to create a new route.\nFill out the necessary details (anything not mentioned here can be left at the default value). For example, for the \u0026ldquo;slow service\u0026rdquo; to be included in the Sample Applications, provide these details:\nname = slow\npath = /fruit*\nmethod = get, options\nupstream type = service discovery\ndiscovery type = eureka\nservice name = SLOW (note that this is case sensitive, this is the key from the Eureka dashboard)\nNOTE: The API Gateway is pre-configured with both \u0026ldquo;Eureka\u0026rdquo; and \u0026ldquo;Kubernetes\u0026rdquo; discovery types. For Eureka, the service name is the key used to deploy the service in Eureka, which is normally the value from spring.application.name in the Spring Boot configuration file (src/main/resources/application.yaml), in uppercase characters. For Kubernetes, the service name is in the format namespace/service:port where namespace is the Kubernetes namespace in which the Spring Boot application is deployed, service is the name of the Kubernetes service for that application, and port is the name of the port in that service. If you deployed your Spring Boot application with the Oracle Backend for Spring Boot and Microservices CLI, the port name will be spring. For example, an application called slow-service deployed in the my-apps namespace would be my-apps/slow-service:spring.\nAPISIX Routes Step1 APISIX Routes Step2 APISIX Routes Step3 Save the route that you created. APISIX Routes Step4 APISIX Routes Step5 Test a route to the service. For example:\nGet the Apache APISIX Gateway external IP using this command: kubectl -n ingress-nginx get svc ingress-nginx-controller The result of the command should look similar to this:\nNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx-controller LoadBalancer 10.96.172.148 146.235.207.230 80:31393/TCP,443:30506/TCP 25h Call the API using the Apache APISIX Gateway address plus path. For example: curl http://APISIX_IP/fruit You should get \u0026ldquo;banana\u0026rdquo; or \u0026ldquo;fallback fruit is apple\u0026rdquo; back as the response.\n","description":"Apache APISIX is an open source cloud native API platform that supports the full lifecycle of API management including publishing, traffic management, deployment strategies, and circuit breakers.\nAccessing Apache APISIX dashboard Oracle Backend for Spring Boot and Microservices deploys Apache APISIX Gateway and Dashboard in the apisix namespace. The gateway is exposed through the external load balancer and ingress controller. To access the Apache APISIX Dashboard, you must use the kubectl port-forward command to create a secure channel to service/apisix-dashboard."},{"id":2,"href":"/microservices-datadriven/spring/security/azn-server/","title":"Authentication and Authorization Server","parent":"Security","content":"The Authorization Server is an engine to authenticate and authorize requests to various components in Oracle Backend for Spring Boot and Microservices. The end user can manage users using REST Endpoints.\nNOTE: Oracle recommends that you change the default passwords for the default created users.\nUsers \u0026amp; Roles User Management REST endpoints overview User Management REST Endpoints Architecture Users \u0026amp; Roles When deploying Oracle Backend for Spring Boot and Microservices, two users are created with the following roles:\nUser Name Assigned Roles obaas-admin ROLE_ADMIN, ROLE_USER obaas-user ROLE_USER All users are stored in the database are deployed when installing Oracle Backend for Spring Boot and Microservices. The roles determine what the user is allowed to do in the environment. The allowed roles are ROLE_ADMIN and ROLE_USER.\nNOTE: See each components documentation about the roles and authorities.\nThe assigned passwords (either auto generated or provided by the installer) can be viewed in the OCI Console (ORM homepage). Click on Application Information.\nApplication Information If you click on Unlock, the password for the obaas-admin and obaas-user can be displayed.\nAZN User passwords The passwords can also be obtained from k8s secrets using the kubectl command.\nFor obaas-admin:\nkubectl get secret -n azn-server oractl-passwords -o jsonpath=\u0026#39;{.data.admin}\u0026#39; | base64 -d; echo For obaas-user:\nkubectl get secret -n azn-server oractl-passwords -o jsonpath=\u0026#39;{.data.user}\u0026#39; | base64 -d; echo User Management REST endpoints overview The following REST Endpoints are available to manage users. The table lists which minimum required role that is needed to perform the operation.\nEnd point Method Description Minimum required Role /user/api/v1/connect GET Authorize All Roles /user/api/v1/findUser GET Find all users ROLE_ADMIN /user/api/v1/findUser?username=\u0026lt;username\u0026gt; GET Find a user with the username \u0026lt;username\u0026gt; ROLE_ADMIN /user/api/v1/createUser POST Create a user ROLE_ADMIN /user/api/v1/updatePassword PUT Update a password for a user. A user with Role ROLE_ADMIN can update any users password ROLE_USER /user/api/v1/changeRole PUT Change role(s) for a user ROLE_ADMIN /user/api/v1/deleteUsername?username=\u0026lt;username\u0026gt; DELETE Delete a user with username \u0026lt;username\u0026gt; ROLE_ADMIN /user/api/v1/deleteId?id=\u0026lt;id\u0026gt; DELETE Delete a user with the id \u0026lt;id\u0026gt; ROLE_ADMIN User Management REST Endpoints In all examples below you need to replace \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; with your username and password. The examples are using curl to interact with the REST endpoints. They also requires that you have opened a tunnel on port 8080 to either the azn-server or obaas-admin service. For example, this command opens a tunnel to the obaas-admin service.\nkubectl port-forward -n obaas-admin svc/obaas-admin 8080 /user/api/v1/findUser curl -i -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; http://localhost:8080/user/api/v1/findUser /user/api/v1/findUser?username=\u0026lt;username\u0026gt; curl -i -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; \u0026#39;http://localhost:8080/user/api/v1/findUser?username=obaas-admin\u0026#39; /user/api/v1/createUser When creating a user the following Roles are allowed: ROLE_ADMIN and ROLE_USER.\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -i -X POST \\ -H \u0026#39;Content-Type: application/json\u0026#39; \\ -d \u0026#39;{\u0026#34;username\u0026#34;: \u0026#34;a-new-user\u0026#34;, \u0026#34;password\u0026#34;: \u0026#34;top-secret-password\u0026#34;, \u0026#34;roles\u0026#34; : \u0026#34;ROLE_ADMIN,ROLE_USER\u0026#34;}\u0026#39; \\ http://localhost:8080/user/api/v1/createUser /user/api/v1/updatePassword curl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -i -X PUT \\ -H \u0026#39;Content-Type: application/json\u0026#39; \\ -d \u0026#39;{\u0026#34;username\u0026#34;: \u0026#34;current-user\u0026#34;, \u0026#34;password\u0026#34;: \u0026#34;more-top-secret-password\u0026#34;}\u0026#39; \\ http://localhost:8080/user/api/v1/updatePassword /user/api/v1/changeRole curl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -i -X PUT \\ -H \u0026#39;Content-Type: application/json\u0026#39; \\ -d \u0026#39;{\u0026#34;username\u0026#34;: \u0026#34;current-user\u0026#34;, \u0026#34;roles\u0026#34;: \u0026#34;changed-roles\u0026#34;}\u0026#39; \\ http://localhost:8080/user/api/v1/changeRole /user/api/v1/deleteUsername?username=\u0026lt;username\u0026gt; curl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -i -X DELETE \\ http://localhost:8080/user/api/v1/deleteUsername?username=\u0026lt;username_to_be_deleted\u0026gt; /user/api/v1/deleteId?id=\u0026lt;id\u0026gt; curl -u obaas-admin:password -i -X DELETE \\ http://localhost:8080/user/api/v1/deleteId?id=\u0026lt;userid_to_be_deleted\u0026gt; Architecture The following picture shows how the Authentication Server is used for AuthZ for the following modules:\nOBaaS Admin (OBaaS CLI server module) Config Server (Manages Config Server Entries) AZN Server (AUthentication Server User Management) GraalVM Compiler (GraalVM Native Compiler module) Authorization Server Architecture ","description":"The Authorization Server is an engine to authenticate and authorize requests to various components in Oracle Backend for Spring Boot and Microservices. The end user can manage users using REST Endpoints.\nNOTE: Oracle recommends that you change the default passwords for the default created users.\nUsers \u0026amp; Roles User Management REST endpoints overview User Management REST Endpoints Architecture Users \u0026amp; Roles When deploying Oracle Backend for Spring Boot and Microservices, two users are created with the following roles:"},{"id":3,"href":"/microservices-datadriven/spring/azure/","title":"Azure/OCI Multicloud Installation","parent":"Oracle Backend for Spring Boot and Microservices","content":"The Oracle Backend for Spring Boot and Microservices is available to install in Multicloud (Microsoft Azure (Azure) and Oracle Cloud Infrastructure (OCI)). This installation deploys the Oracle Backend for Spring Boot and Microservices in Azure with an Oracle Autonomous Database running in OCI.\nPrerequisites You must meet the following prerequisites to use the Oracle Backend for Spring Boot Multicloud (Azure and OCI). You need:\nAn account on Azure. An account on OCI. Overview of the Setup Process Watch this video for a quick overview of the setup process.\nDownload Download Oracle Backend for Spring Boot and Microservices.\nSetup A few setup steps are required in both OCI and Azure to deploy the Oracle Backend for Spring Boot and Microservices application.\nOCI The Multicloud installation provisions an Oracle Autonomous Database in OCI using the Oracle Database Operator for Kubernetes (OraOperator).\nTo allow the OraOperator access to OCI, an API Key must be generated using these steps:\nLog in to OCI. Open the Profile menu and click User settings. In the Resources section at the lower left, click API Keys. Click Download Private Key and save the key as private_key.pem. You do not need to download the public key. Click Add. The key is added and the Configuration File Preview is displayed. The file snippet includes the required parameters and values. Copy and paste the configuration file snippet from the text box and save for later steps.\nAzure The Multicloud installation is done using the Azure Cloud Shell. The following steps are required in Azure to prepare for the installation:\nLog in to Azure.\nOpen the Azure Cloud Shell. For example:\nUpload the Oracle Backend for Spring Boot and Microservices stack. For example:\nUpload the API Private Key (private_key.pem).\nUnzip the stack to a directory called obaas. For example:\nunzip azure-ebaas_latest.zip -d ~/obaas\nMove the private_key.pem file to the obaas directory. For example:\nmv private_key.pem ~/obaas/\nRun the configuration Helper script using the values from the API Key. For example:\ncd ~/obaas ./obaas_configure.py Install Ansible Install Ansible to run the Configuration Management Playbook. The Helper script creates a Python virtual environment and installs Ansible and some additional modules. For example:\ncd ~/obaas/ansible ./setup_ansible.sh /tmp source ./activate.env /tmp Deploy the Infrastructure From the Azure Cloud Shell, run these commands to deploy the infrastructure:\ncd ~/obaas terraform init terraform plan -out=multicloud.plan terraform apply \u0026#34;multicloud.plan\u0026#34; ","description":"The Oracle Backend for Spring Boot and Microservices is available to install in Multicloud (Microsoft Azure (Azure) and Oracle Cloud Infrastructure (OCI)). This installation deploys the Oracle Backend for Spring Boot and Microservices in Azure with an Oracle Autonomous Database running in OCI.\nPrerequisites You must meet the following prerequisites to use the Oracle Backend for Spring Boot Multicloud (Azure and OCI). You need:\nAn account on Azure. An account on OCI."},{"id":4,"href":"/microservices-datadriven/spring/on-premises/","title":"Custom Installations","parent":"Oracle Backend for Spring Boot and Microservices","content":"The Oracle Backend for Spring Boot and Microservices is available to install in your own \u0026ldquo;custom\u0026rdquo; environment, which may be an on-premises data center environment, a different cloud provider, or a developer\u0026rsquo;s desktop.\nPrerequisites You must meet the following prerequisites to use the Oracle Backend for Spring Boot and Microservices On-Premises. You need:\nAccess to Oracle Database Enterprise Edition 19.3.0.0 Access to a Container Repository Access to a Kubernetes cluster Python 3+ When installing in a desktop environment, for example a developer\u0026rsquo;s desktop, the previously mentioned pre-requisites may be met through an additional setup task, but there are additional desktop system or software requirements. For example:\n2 CPUs or more 8 GB of free memory 60 GB of free disk space (40 GB minikube and container images, 20 GB database) Internet connection Minikube or similar Podman1 or similar Oracle Single Sign-On (SSO) account to download the database image Download Download the latest release of Oracle Backend for Spring Boot and Microservices.\nSetup A custom installation consists of defining the infrastructure followed by running the Configuration Management Playbook to build images and deploy the Microservices.\nFor a custom installation, you need to have a Kubernetes cluster and the kubectl command-line interface must be configured to communicate with your cluster.\nA Helper Playbook has been provided for desktop installations to assist in defining a specific infrastructure consisting of podman and minikube as outlined in the example documentation:\nmacOS Ventura (x86) Oracle Linux 8 (x86) If your infrastructure does not match that defined in the above examples, do not run the Helper Playbook.\nDownload the Database or Oracle REST Data Services (ORDS) Images (Desktop Installation) The desktop installation provisions an Oracle database to the Kubernetes cluster. The images must be downloaded from Oracle\u0026rsquo;s Container Registry before continuing.\nAfter installing Podman, process these steps:\nLog in to Oracle Cloud Infrastructure Registry (Container Registry). For example:\npodman login container-registry.oracle.com\nPull the database image. For example:\npodman pull container-registry.oracle.com/database/enterprise:19.3.0.0\nPull the ORDS image. For example:\npodman pull container-registry.oracle.com/database/ords:21.4.2-gh\nDefining the Application The application is defined in ansible/vars/ebaas.yaml. For example:\n--- ebaas_edition: \u0026#34;COMMUNITY\u0026#34; vault: \u0026#34;\u0026#34; vault_key: \u0026#34;\u0026#34; vault_crypto_endpoint: \u0026#34;\u0026#34; vault_management_endpoint: \u0026#34;\u0026#34; vault_storage_account_name: \u0026#34;N/A\u0026#34; vault_storage_account_key: \u0026#34;N/A\u0026#34; vault_storage: \u0026#34;\u0026#34; vault_storage_lock: \u0026#34;\u0026#34; apisix_admin_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; grafana_admin_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; oractl_admin_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; oractl_user_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; ... Create the ansible/vars/ebaas.yaml file, setting values as required. If this is a desktop installation, this file will be created for you by the Desktop Helper playbook.\nDefining the Database The database is defined in ansible/roles/database/vars/main.yaml. For example:\n--- database_oracle_dbs: [\u0026#34;BAASPDB\u0026#34;] database_default_db: BAASPDB BAASPDB: # noqa: var-naming[pattern] username: \u0026#34;PDBADMIN\u0026#34; password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; type: \u0026#34;EXTERNAL\u0026#34; service: \u0026#34;(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=BAASPDB)))\u0026#34; ocid: \u0026#34;\u0026#34; ... Create the ansible/roles/database/vars/main.yaml file, setting values as required. If this is a desktop installation, this file will be created for you by the Desktop Helper playbook.\nThe database_oracle_dbs and database_default_db key values should be the name of your Pluggable Database (PDB). These are followed by the PDB name and Key/Values defining how to access the PDB.\nThe type can be either:\nEXTERNAL: A Pre-existing Oracle Database. Define service and leave ocid blank. ADB-S: A Pre-Existing Oracle Autonomous Serverless (ADB-S) database; provide the ocid for the ADB-S. Leave service blank. SIDB_CONTAINER: This will create a 19c containerized database inside the Kubernetes Cluster as part of the deployment. Leave ocid and service blank. Defining the Container Repository The Container Repository is defined in ansible/roles/registry/vars/main.yaml. For example:\n--- registry_username: \u0026#34;oracle\u0026#34; registry_password: \u0026#34;Correct-horse-Battery-staple-35\u0026#34; registry_push_url: \u0026#34;docker.io/myorg\u0026#34; registry_push_auth: auths: docker.io/myorg: auth: \u0026#34;b3JhY2xlOjdaUVgxLXhhbFR0NTJsS0VITlA0\u0026#34; registry_pull_url: \u0026#34;docker.io/myorg\u0026#34; registry_pull_auth: auths: docker.io/myorg: auth: \u0026#34;b3JhY2xlOjdaUVgxLXhhbFR0NTJsS0VITlA0\u0026#34; ... Create the ansible/roles/registry/vars/main.yaml file, setting values as required. If this is a desktop installation, this file will be created for you by the Desktop Helper playbook.\nSpecify the URL or authentication credentials for your Container Repository in registry_pull_url, registry_push_url, registry_username, and registry_password.\nFor the registry_pull_auth and registry_push_auth sections, manually log into your repository and copy the values found in the created file, located in $HOME/.config/containers/auth.json\nThere may be duplication between the push and pull URL\u0026rsquo;s. The pull URL is used inside the Pods while the push URL is used from the deployment machine. If you have a private registry inside the Kubernetes cluster, these URL\u0026rsquo;s could be different. This is the case for the Desktop installation. For example, the push URL is localhost:5000, while the pull URL is \u0026lt;Registry Pod ClusterIP\u0026gt;:5000.\nConfiguration Management Playbook From the source package, run the Configuration Management Playbook.\nInstall Ansible Using Python, install Ansible to run the Configuration Management Playbook. The Helper script creates a Python virtual environment and installs Ansible along with other additional modules. For example:\n./setup_ansible.sh source ./activate.env Desktop Helper Playbook If this is a desktop installation, then a Helper Playbook can be used to help define the infrastructure. Note that this playbook should only be run if following the desktop installation examples:\nmacOS Ventura (x86) Oracle Linux 8 (x86) Run the Desktop Helper Playbook to define the infrastructure. For example:\nansible-playbook ansible/desktop-apply.yaml Copy kubeconfig For the desktop installation, this step will have been performed by the Desktop Helper playbook.\nCopy the kubeconfig file to ansible/roles/kubernetes/files\nBuild and Push Images to the Container Repository For the desktop installation, start a new terminal and tunnel or port-forward to the Minikube cluster. Refer to the specific platform details for more information.\nFor both installations, run the Images Playbook on the original terminal. For example:\nansible-playbook ansible/images_build.yaml Install the Microservices Install the Microservices by running this command:\nansible-playbook ansible/k8s_apply.yaml -t full Footnotes Certification has been performed against Podman. However, other container or virtual machine managers are available and may be substituted.\u0026#160;\u0026#x21a9;\u0026#xfe0e;\n","description":"The Oracle Backend for Spring Boot and Microservices is available to install in your own \u0026ldquo;custom\u0026rdquo; environment, which may be an on-premises data center environment, a different cloud provider, or a developer\u0026rsquo;s desktop.\nPrerequisites You must meet the following prerequisites to use the Oracle Backend for Spring Boot and Microservices On-Premises. You need:\nAccess to Oracle Database Enterprise Edition 19.3.0.0 Access to a Container Repository Access to a Kubernetes cluster Python 3+ When installing in a desktop environment, for example a developer\u0026rsquo;s desktop, the previously mentioned pre-requisites may be met through an additional setup task, but there are additional desktop system or software requirements."},{"id":5,"href":"/microservices-datadriven/spring/infrastructure/database/","title":"Database","parent":"Infrastructure","content":"The Oracle Backend for Spring Boot and Microservices uses the Oracle Database as a persistent data store for metadata and the Spring Cloud Config Server. This documentation will refer to this database as the Metadata Database.\nNOTE: Oracle recommends that you install an addition Container Database (CDB) and Pluggable Databases (PDBs) for your production applications inline with the Database-Per-Service pattern. This document will refer to these databases as the Application Database.\nBy default, the Oracle Autonomous Database - Serverless (ADB-S) is used for the Metadata Database, however, there are other options including Bring Your Own (BYO).\nThe following chart presents the options for the Metadata Database, based on the installation type:\nInstallation ADB-S BYO ADB-S BYO BaseDB BYO Containerized BYO External OCI Community x OCI Standard x x x x Custom x x x x x For custom installations, including on-premises, it is the responsibility of the user to ensure network access controls to provide both operational access and security. The Oracle Cloud Infrastructure (OCI) Networking setup can be used as a general template.\nBring Your Own Database - Standard Edition If you select the Standard Edition during installation, you can use a pre-created Oracle Database for the Oracle Backend for Spring Boot and Microservices Metadata Database.\nThe following are the minimum requirements for a BYO Oracle Database:\nVersion: 19c+ Bring Your Own Network with access to the Database Listener Database User with appropriate privileges (see below) Database User Privileges The database user for the the Oracle Backend for Spring Boot and Microservices Metadata Database is used to create other users and allow them to proxy through this user for database access. While the SYSTEM or ADMIN (for ADB-S) will work, they are over-privileged and should not be used in production environments.\nIt is recommended to create a user, in this example, named OBAAS with a default tablespace of DATA:\nCREATE USER OBAAS IDENTIFIED BY \u0026#34;Welcome_12345\u0026#34;; ALTER USER OBAAS QUOTA UNLIMITED ON DATA; GRANT ALTER USER TO OBAAS; GRANT CREATE USER TO OBAAS; GRANT CONNECT TO OBAAS WITH ADMIN OPTION; GRANT CREATE SESSION TO OBAAS WITH ADMIN OPTION; GRANT RESOURCE TO OBAAS WITH ADMIN OPTION; GRANT SELECT ON DBA_USERS TO OBAAS; GRANT CREATE ANY INDEX TO OBAAS; GRANT ALTER ANY TABLE TO OBAAS; GRANT COMMENT ANY TABLE TO OBAAS; GRANT CREATE ANY TABLE TO OBAAS; GRANT INSERT ANY TABLE TO OBAAS; GRANT SELECT ANY TABLE TO OBAAS; GRANT UPDATE ANY TABLE TO OBAAS; GRANT CREATE ANY SEQUENCE TO OBAAS; GRANT SELECT ANY SEQUENCE TO OBAAS; GRANT CREATE ANY TRIGGER TO OBAAS; -- Additional AQ perms GRANT AQ_USER_ROLE TO OBAAS WITH ADMIN OPTION; GRANT EXECUTE ON DBMS_AQ TO OBAAS WITH GRANT OPTION; GRANT EXECUTE ON DBMS_AQADM TO OBAAS WITH GRANT OPTION; GRANT EXECUTE ON DBMS_AQIN TO OBAAS WITH GRANT OPTION; GRANT EXECUTE ON DBMS_AQJMS TO OBAAS WITH GRANT OPTION; GRANT EXECUTE ON DBMS_AQJMS_INTERNAL TO OBAAS WITH GRANT OPTION; -- Additional for PARSE GRANT SODA_APP TO OBAAS WITH ADMIN OPTION; GRANT CREATE TABLE TO OBAAS WITH ADMIN OPTION; Configuration During the configuration of the Oracle Backend for Spring Boot and Microservices, ensure that the Edition is set to Standard:\nEnable and Configure Bring Your Own Virtual Network\nTick the \u0026ldquo;Bring Your Own Database\u0026rdquo; checkbox and, depending on the Bring Your Own Database - Type, provide the appropriate values.\nAutonomous Database - Serverless (ADB-S) BYO ADB-S Compartment : The compartment of the existing ADB-S.\nBring Your Own Database - Autonomous Database : The ADB-S name (this will automatically translate the name to an OCID).\nBring Your Own Database - Username : The existing database user with the appropriate privileges.\nBring Your Own Database - Password : The password for the existing database user.\nOther Bring Your Own Database - Connect String : The connect string for the database (PDB) in Long Format.\nBring Your Own Database - Username : The existing database user with the appropriate privileges.\nBring Your Own Database - Password : The password for the existing database user.\nThe Connect String should be in Long Format, for example:\n(DESCRIPTION=(ADDRESS=(host=oracle://somedb.example.com)(protocol=TCP)(port=1521)) (CONNECT_DATA=(SERVICE_NAME=orclpdb))) Application Databases Oracle recommends that additional pluggable databases are used for your applications, following the database-per-service microservice pattern. However, the Metadata Database can be used, especially for development purposes, with a schema-per-service model.\nThe Oracle Database Operator for Kubernetes is provided with the Oracle Backend for Spring Boot and Microservices and can be used:\nBind to additional ADB-S Bind to an OCI BaseDB and create PDBs Create a Single Instance Container Database in the Kubernetes Cluster ","description":"The Oracle Backend for Spring Boot and Microservices uses the Oracle Database as a persistent data store for metadata and the Spring Cloud Config Server. This documentation will refer to this database as the Metadata Database.\nNOTE: Oracle recommends that you install an addition Container Database (CDB) and Pluggable Databases (PDBs) for your production applications inline with the Database-Per-Service pattern. This document will refer to these databases as the Application Database."},{"id":6,"href":"/microservices-datadriven/spring/infrastructure/databaseaccess/","title":"Database Access","parent":"Infrastructure","content":"The Oracle Backend for Spring Boot and Microservices includes an Oracle database. An instance of Oracle Autonomous Database Serverless (ADB-S) is created during installation. The ADB-S is used for Oracle Backend for SPring Boot and Microservices metadata and Spring Cloud Config Server.\nIf you selected the PRIVATE_ENDPOINT_ACCESS option, you need to use a Bastion to access the database.\nNOTE: Oracle recommends that you install your own database and PDBs for your production applications. The database provisioned is used for Oracle Backend for Spring Boot metadata and can be used for development.\nAccessing the Database NOTE: Oracle recommends that you install SQLcl to access the database from a local machine. SQLcl installation guide. Other tools can be used but is not documented here.\nUsing Database Actions from the OCI Console Local access using Database Wallet and SQLcl (SECURE_ACCESS installation) Local access using Wallet and SQLcl using a Bastion (PRIVATE_ENDPOINT_ACCESS installation) Access the Oracle ADB-S using Database Actions You can use the Database Actions web user interface, which can be accessed from the Oracle Cloud Infrastructure Console (OCI Console) to access the database. The Oracle database is created in the compartment specified during installation of Oracle Backend for Spring Boot and Microservices.\nIn the OCI Console, navigate to Oracle Autonomous Database (ADB) in the main menu.\nOracle Autonomous DB Cloud Portal Click on the link Autonomous Transaction Processing, and then select the database with the application name that you configured during installation with the suffix DB. In this example the Database name is CALFDB (make sure that you have selected the correct Compartment).\nSelect ADB Database Click on Database Actions. This opens the Database Actions page where you have access to many database functions, including the ability to work with data stored by Oracle Backend for Spring Boot and Microservices.\nOracle Autonomous DB Details Accessing the ADB-S From a Local Machine using Database Wallet and SQLcl If SECURE_ACCESS was selected during installation you can access the database using the following steps.\nDownload the ADB-S Wallet If you chose the SECURE_ACCESS option for database access during installation (or accepted this default), then you have to download the wallet to access the database from your local machine.\nThe wallet can be downloaded from the OCI Console, by clicking Database Connection, followed by Download Wallet. Store the wallet in a safe place.\nDownload ADB client credential You have to enter a password for the Wallet.\nWallet Password Connect to the ADB-S using SQLcl Get the ADMIN user password from k8s secret. in the exa,ple below calfdb needs to be replaced with the name of database in the installation.\nkubectl -n application get secret calfdb-db-secrets -o jsonpath=\u0026#39;{.data.db\\.password}\u0026#39; | base64 -d; echo Open a terminal Window and start SQLcl with the /nolog option.\nsql /nolog Load the Wallet using the command set cloudconfig.... In this example the wallet name is Wallet_CALFDB.zip.\nLoad the Wallet Get the TNS name connection names from the wallet by executing this command:\nshow tns Load the Wallet Connect as the ADMIN user to the database using the password you obtained from the k8s secret previously using the command connect followed by ADMIN, password collected and the TNS Name.\nLoad the Wallet You are now connected to the database that is provided when installing Oracle Backend for Spring Boot and Microservices on OCI.\nNOTE: Oracle recommends that you install your own databases, PDBs for your production applications. The database provisioned is used for Oracle Backend for Spring Boot metadata and can be used for development.\nAccessing the ADB-S From a Local Machine using Database Wallet and SQLcl using a Bastion If PRIVATE_ENDPOINT_ACCESS was selected during installation you can access the database using the following steps. You are going to need a Private Key pair to be able to use the Bastion Service to access the ADB-S.\nDownload and modify the Wallet the ADB-S Wallet using Private Access If you chose the PRIVATE_ENDPOINT_ACCESS option for database access during installation (or accepted this default), then you have to download the wallet to access the database from your local machine.\nThe wallet can be downloaded from the OCI Console, by clicking Database Connection, followed by Download Wallet. Store the wallet in a safe place.\nDownload ADB client credential You have to enter a password for the Wallet.\nWallet Password Go to the directory where you stored the Wallet and execute the following command. Replace \u0026lt;Wallet-File\u0026gt; with the name of your Wallet file including .zip:\nzip -oq \u0026lt;Wallet-File\u0026gt; tnsnames.ora \u0026amp;\u0026amp; \\ sed -i \u0026#39;\u0026#39; \u0026#39;s/host=[^)]*/host=localhost/\u0026#39; tnsnames.ora \u0026amp;\u0026amp; \\ zip -uq \u0026lt;Wallet-File\u0026gt; tnsnames.ora NOTE: On certain platforms you may need to use unzip instead of zip as the command.\nConnect to the ADB-S using SQLcl via a Bastion Get the IP address of the deployed Autonomous Database. T=You can find the IP address in the OCI Console:\nADB-S Private IP Address Create a SSH Port Forwarding Session using the Bastion service.\nA Bastion service is deployed when selecting PRIVATE_ENDPOINT_ACCESS during installation. To access the Oracle Autonomous Database you need to create a session between your local machine and the Oracle Autonomous Database using the Bastion Service. Create a Dynamic Port Forwarding (SOCKS5) Session.\nSelect the Bastion Service in the Identity \u0026amp; Security Menu:\nLoad the Wallet Select the Bastion service for your deployment and click Create Session. This will bring up a dialog box where you need to fill in the values for your installation.\nSession Type : Select SSH port forwarding session. Session Name : Enter a name for the session. IP Address : Enter the Private IP Address for the ADB-S. Port : Enter 1522 as the port number SSH Key : Add a Public SSH Key that will be used for the session. Download ADB client credential After the session is created, establish a SSH tunnel your your ADB instance by issuing an ssh command in a terminal window. The SSH is obtained obtain by clicking on the three dots symbol on right side of the created session in the OCI COnsole. The session will run until you close the terminal window.\nReplace \u0026lt;privateKey\u0026gt; with path to your Private Key and \u0026lt;localPort\u0026gt; with the local port you want to use. For example:\nssh -i \u0026lt;privateKey\u0026gt; -N -L \u0026lt;localPort\u0026gt;:10.113.0.28:1522 -p 22 ocid1.bastionsession.oc1.....@host.bastion...... Get the ADMIN user password from k8s secret. in the exa,ple below bluegilldb needs to be replaced with the name of database in the installation.\nkubectl -n application get secret bluegilldb-db-secrets -o jsonpath=\u0026#39;{.data.db\\.password}\u0026#39; | base64 -d; echo Open a terminal Window and start SQLcl with the /nolog option.\nsql /nolog Load the Wallet using the command set cloudconfig.... In this example the wallet name is Wallet_CALFDB.zip.\nLoad the Wallet Get the TNS name connection names from the wallet by executing this command:\nshow tns Load the Wallet Connect as the ADMIN user to the database using the password you obtained from the k8s secret previously using the command connect followed by ADMIN, password collected and the TNS Name.\nLoad the Wallet You are now connected to the database that is provided when installing Oracle Backend for Spring Boot and Microservices on OCI.\nNOTE: Oracle recommends that you install your own databases, PDBs for your production applications. The database provisioned is used for Oracle Backend for Spring Boot metadata and can be used for development.\n","description":"The Oracle Backend for Spring Boot and Microservices includes an Oracle database. An instance of Oracle Autonomous Database Serverless (ADB-S) is created during installation. The ADB-S is used for Oracle Backend for SPring Boot and Microservices metadata and Spring Cloud Config Server.\nIf you selected the PRIVATE_ENDPOINT_ACCESS option, you need to use a Bastion to access the database.\nNOTE: Oracle recommends that you install your own database and PDBs for your production applications."},{"id":7,"href":"/microservices-datadriven/spring/on-premises/macos_ventura/","title":"Developer Installation - macOS Ventura (x86)","parent":"Custom Installations","content":"This is a discussion of a non-production (developer desktop) installation on a macOS Ventura desktop.\nRead the On-Premises documentation and ensure that your desktop meets the minimum system requirements.\nInstall Podman To install Podman, process these commands:\nbrew install podman PODMAN_VERSION=$(podman -v |awk \u0026#39;{print $NF}\u0026#39;) sudo /usr/local/Cellar/podman/${PODMAN_VERSION}/bin/podman-mac-helper install podman machine init --cpus 4 --disk-size 60 --memory 8192 --rootful --now podman system connection default podman-machine-default-root Download the Database or Oracle REST Data Services (ORDS) Images The non-production installation provisions an Oracle database into the Kubernetes cluster. The images must be downloaded from Oracle Cloud Infrastructure Registry (Container Registry) before continuing.\nLog in to the Container Registry. For example:\npodman login container-registry.oracle.com\nPull the database image. For example:\npodman pull container-registry.oracle.com/database/enterprise:21.3.0.0\nPull the ORDS image. For example:\npodman pull container-registry.oracle.com/database/ords:21.4.2-gh\nMinikube To install Minikube, process these commands:\nbrew install minikube minikube config set driver podman minikube start --cpus 4 --memory max --container-runtime=containerd minikube addons enable ingress If Minikube fails to start and returns this Failed kubeconfig update: could not read config error, process this command and retry:\nmv ~/.kube ~/.kube.bak\nDownload Oracle Backend for Spring Boot and Microservices Download the latest version of Oracle Backend for Spring Boot and Microservices and unzip into a new directory.\nInstall Ansible To install Ansible, process these commands:\n./setup_ansible.sh source ./activate.env Define the Infrastructure Use the Helper Playbook to define the infrastructure. This Playbook also:\nCreates additional namespaces for the Container Registry and the database. Creates a private Container Registry in the Kubernetes cluster. Modifies the Microservices application to be desktop compatible. Run this command:\nansible-playbook ansible/desktop_apply.yaml\nOpen a Tunnel In order to push the images to the Container Registry in the Kubernetes cluster, open a new terminal and start a tunnel by running this command:\nminikube tunnel\nTo test access to the registry, process this command:\ncurl -X GET -k https://localhost:5000/v2/_catalog\nThis curl command should result in the following:\n{\u0026#34;errors\u0026#34;:[{\u0026#34;code\u0026#34;:\u0026#34;UNAUTHORIZED\u0026#34;,\u0026#34;message\u0026#34;:\u0026#34;authentication required\u0026#34;,\u0026#34;detail\u0026#34;:[{\u0026#34;Type\u0026#34;:\u0026#34;registry\u0026#34;,\u0026#34;Class\u0026#34;:\u0026#34;\u0026#34;,\u0026#34;Name\u0026#34;:\u0026#34;catalog\u0026#34;,\u0026#34;Action\u0026#34;:\u0026#34;*\u0026#34;}]}]} Build the Images Build and push the images to the Container Registry in the Kubernetes cluster by running this command:\nansible-playbook ansible/images_build.yaml\nAfter the images are built and pushed, the tunnel is no longer required and can be stopped.\nDeploy Oracle Backend for Spring Boot and Microservices Deploy the database and Microservices by running this command:\nansible-playbook ansible/k8s_apply.yaml -t full\nNotes VPN and Proxies If you are behind a virtual private network (VPN) or proxy, see minikube VPN or Proxy for more details on additional tasks.\n","description":"This is a discussion of a non-production (developer desktop) installation on a macOS Ventura desktop.\nRead the On-Premises documentation and ensure that your desktop meets the minimum system requirements.\nInstall Podman To install Podman, process these commands:\nbrew install podman PODMAN_VERSION=$(podman -v |awk \u0026#39;{print $NF}\u0026#39;) sudo /usr/local/Cellar/podman/${PODMAN_VERSION}/bin/podman-mac-helper install podman machine init --cpus 4 --disk-size 60 --memory 8192 --rootful --now podman system connection default podman-machine-default-root Download the Database or Oracle REST Data Services (ORDS) Images The non-production installation provisions an Oracle database into the Kubernetes cluster."},{"id":8,"href":"/microservices-datadriven/spring/on-premises/ol8/","title":"Developer Installation - Oracle Linux 8 (x86)","parent":"Custom Installations","content":"This is an description of installing on a Oracle Linux 8 desktop.\nRead the On-Premises documentation and ensure that your desktop meets the minimum system requirements.\nSetup Create a Non-Root User Create a new user. While any user name can be created, the rest of this documentation refers to the non-root user as obaas:\nAs root, process the following:\nuseradd obaas Download Oracle Backend for Spring Boot and Microservices Download the latest version of Oracle Backend for Spring Boot and unzip into a new directory.\nAs the obaas user, run this command:\nunzip onprem-ebaas_latest.zip -d ~/obaas Setup SSH-Key Access for obaas user Future access to the obaas user requires a direct login (not sudo or su). To setup ssh-key access as obaas, run the following commands:\nmkdir ~/.ssh vi ~/.ssh/authorized_keys Paste the public key of your client machines into the ~/.ssh/authorized_keys file, and change the permissions as follows:\nchmod 700 .ssh chmod 600 .ssh/authorized_keys Update the operating system Assuming the source was unzipped to ~obaas/obaas, as the root user, update the operating system by running the ol8_onprem.sh script from the unzipped package:\n~obaas/obaas/ol8_onprem.sh This script performs the following actions:\nInstall required operating system Packages Install Minikube Set Python3 as the default python Enable cgroup v2 Enable IP Tables Update the container runtime configuration (Optional) OCI Host Filesystem If this is being installed on an OCI Compute instance, grow the filesystem:\nAs root:\n/usr/libexec/oci-growfs Reboot IMPORTANT After the operating system has been updated, reboot the host.\nInstall The remaining steps require direct login as the obaas user without using sudo or su.\nDownload the Database or Oracle REST Data Services (ORDS) Images The non-production installation provisions an Oracle database into the Kubernetes cluster. The images must be downloaded from Oracle Cloud Infrastructure Registry (Container Registry) before continuing.\nWhile directly logged into the obaas user, process these steps:\nLog in to the Container Registry. For example:\npodman login container-registry.oracle.com\nPull the database image. For example:\npodman pull container-registry.oracle.com/database/enterprise:19.3.0.0\nPull the ORDS image. For example:\npodman pull container-registry.oracle.com/database/ords:21.4.2-gh\nTroubleshooting If the podman pull command fails, navigate in a web browser to Oracle container registry, click the \u0026ldquo;database\u0026rdquo; tile and select \u0026ldquo;enterprise\u0026rdquo;. On the right hand side of the page, if prompted, sign-in. Select \u0026ldquo;Language\u0026rdquo; and accept the Terms. Try the podman pull command again.\nStart MiniKube While directly logged into the obaas user, run these commands:\nminikube config set rootless true minikube config set driver podman minikube start --cpus max --memory 16G --disk-size=\u0026#39;40g\u0026#39; --container-runtime=containerd minikube addons enable ingress echo \u0026#34;KUBECONFIG=~/.kube/config\u0026#34; \u0026gt;\u0026gt; ~/.bashrc Install Ansible While directly logged into the obaas user, change to the source directory and install Ansible by running these commands:\ncd ~/obaas ./setup_ansible.sh source ./activate.env Define the Infrastructure Use the Helper Playbook to define the infrastructure. This Playbook also:\nCreates additional namespaces for the Container Registry and database. Creates a private Container Registry in the Kubernetes cluster. Modifies the Microservices application to be desktop compatible. Assuming the source was unzipped to ~/obaas, run the following command as the obaas user:\nansible-playbook ~/obaas/ansible/desktop_apply.yaml\nOpen a Tunnel In order to push the images to the Container Registry in the Kubernetes cluster, open a new terminal and process this command while being directly logged into the obaas user:\ncd ~/obaas source ./activate.env kubectl port-forward service/private -n container-registry 5000:5000 \u0026gt; /dev/null 2\u0026gt;\u0026amp;1 \u0026amp; Build the Images Build and push the images to the Container Registry in the Kubernetes cluster.\nAssuming the source was unzipped to ~/obaas, run the following command as the obaas user:\ncd ~/obaas source ./activate.env ansible-playbook ~/obaas/ansible/images_build.yaml After the images are built and pushed, the port-forward is no longer required and can be stopped.\nDeploy Microservices Assuming the source was unzipped to ~/obaas, run this command as the obaas user:\ncd ~/obaas source ./activate.env ansible-playbook ~/obaas/ansible/k8s_apply.yaml -t full Notes config-server and obaas-admin Pod Failures The Pods in the azn-server, config-server, and obaas-admin namespaces rely on the database that is created in the oracle-database-operator-system. During the initial provisioning, these Pods start well before the database is available resulting in initial failures. They resolve themselves once the database becomes available.\nYou can check on the status of the database by running this command:\nkubectl get singleinstancedatabase baas -n oracle-database-operator-system -o \u0026quot;jsonpath={.status.status}\u0026quot;\nVPN and Proxies If you are behind a Virtual Private Network (VPN) or proxy, see Minikube Proxies and VPNs for more details on additional tasks.\nNext, go to the Getting Started page to learn more.\n","description":"This is an description of installing on a Oracle Linux 8 desktop.\nRead the On-Premises documentation and ensure that your desktop meets the minimum system requirements.\nSetup Create a Non-Root User Create a new user. While any user name can be created, the rest of this documentation refers to the non-root user as obaas:\nAs root, process the following:\nuseradd obaas Download Oracle Backend for Spring Boot and Microservices Download the latest version of Oracle Backend for Spring Boot and unzip into a new directory."},{"id":9,"href":"/microservices-datadriven/spring/development/","title":"Development","parent":"Oracle Backend for Spring Boot and Microservices","content":"This section provides information about how to develop and deploy Spring Boot applications with the Oracle Backend for Spring Boot and Microservices.\nSpring Boot applications can be developed with no special requirements and be deployed into Oracle Backend for Spring Boot and Microservices. However, if you do opt-in to the platform services provided and the CLI, you can shorten your development time and avoid unnecessary work.\nOracle Backend for Spring Boot provides the following services that applications can use:\nAn Oracle Autonomous Database instance in which applications can manage relational, document, spatial, graph and other types of data, can use Transactional Event Queues for messaging and events using Java Message Service (JMS), Apache Kafka or Representational State Transfer (REST) interfaces, and even run machine learning (ML) models. A Kubernetes cluster in which applications can run with namespaces pre-configured with Kubernetes Secrets and ConfigMaps for access to the Oracle Autonomous Database instance associated with the backend. An Apache APISIX API Gateway that can be used to expose service endpoints outside the Kubernetes cluster, to the public internet. All standard Apache APISIX features like traffic management, monitoring, authentication, and so on, are available for use. Spring Boot Eureka Service Registry for service discovery. The API Gateway and monitoring services are pre-configured to use this registry for service discovery. Spring Cloud Config Server to serve externalized configuration information to applications. This stores the configuration data in the Oracle Autonomous Database instance associated with the backend. Netflix Conductor OSS for running workflows to orchestrate your services. Hashicorp Vault for storing sensitive information. Spring Admin for monitoring your services. Prometheus and Grafana for collecting and visualizing metrics and for alerting. Jaeger and Open Telemetry (OTEL) for distributed tracing. Applications deployed to the Oracle Backend for Spring Boot may use Jaeger or OTEL for distributed tracing. See the Environment Variables page for variables that can be used. An integrated development environment is recommended for developing applications. Oracle recommends Visual Studio Code or IntelliJ.\nJava, Maven or Gradle, a version control system (Oracle recommends git), and other tools may be required during development.\n","description":"This section provides information about how to develop and deploy Spring Boot applications with the Oracle Backend for Spring Boot and Microservices.\nSpring Boot applications can be developed with no special requirements and be deployed into Oracle Backend for Spring Boot and Microservices. However, if you do opt-in to the platform services provided and the CLI, you can shorten your development time and avoid unnecessary work.\nOracle Backend for Spring Boot provides the following services that applications can use:"},{"id":10,"href":"/microservices-datadriven/spring/development/setup/","title":"Development Environment Setup","parent":"Development","content":"This page provides details on how to set up your development environment to work with Oracle Backend for Spring Boot and Microservices.\nThe following platforms are recommended for a development environment:\nMicrosoft Windows 10 or 11, preferably with Windows Subsystem for Linux 2 macOS (11 or later recommended) on Intel or Apple silicon Linux, for example Oracle Linux, Ubuntu, and so on. The following tools are recommended for a development environment:\nIntegrated Development Environment, for example Visual Studio Code Java Development Kit, for example Oracle, OpenJDK, or GraalVM Maven or Gradle for build and testing automation Spring CLI (optional) for project creation If you wish to test locally or offline, then the following additional tools are recommended:\nA container platform, for example Rancher Desktop An Oracle database (in a container) Integrated Development Environment Oracle recommends Visual Studio Code, which you can download here, and the following extensions to make it easier to write and build your code:\nSpring Boot Extension Pack Extension Pack for Java Oracle Developer Tools You can install these by opening the extensions tab (Ctrl-Shift-X or equivalent) and using the search bar at the top to find and install them.\nJava Development Kit Oracle recommends the Java SE Development Kit or GraalVM. Java 17 or 21 are recommended, note that Spring Boot 3.0 requires at least Java 17. If you want to use JVM Virtual Threads, then Java 21 is required.\nNote: If you are using Spring Boot 2.x, then Oracle encourages you to use at least Java 17, unless you have a specific reason to stay on Java 11. Refer to the Spring Boot Support page for information on support dates for Spring Boot 2.x.\nYou can download the latest x64 Java 17 Development Kit from this permalink.\nDecompress the archive in your chosen location (for example your home directory) and then add it to your path:\nexport JAVA_HOME=$HOME/jdk-17.0.3 export PATH=$JAVA_HOME/bin:$PATH Use the following command to verify it is installed:\n$ java -version java version \u0026#34;17.0.3\u0026#34; 2022-04-19 LTS Java(TM) SE Runtime Environment (build 17.0.3+8-LTS-111) Java HotSpot(TM) 64-Bit Server VM (build 17.0.3+8-LTS-111, mixed mode, sharing) Note: Native Images: If you want to compile your Spring Boot microservices into native images (which was officially supported from Spring Boot 3.0), then you must use GraalVM, which can be downloaded from here.\nMaven You can use either Maven or Gradle to build your Spring Boot applications. If you prefer Maven, then follow the steps in this section. If you prefer Gradle, then refer to the next section.\nDownload Maven from the Apache Maven website.\nDecompress the archive in your chosen location (for example your home directory) and then add it to your path:\n$ export PATH=$HOME/apache-maven-3.8.6/bin:$PATH Use the following command to verify it is installed (note that your version may give slightly different output):\n$ mvn -v Apache Maven 3.8.6 (84538c9988a25aec085021c365c560670ad80f63) Maven home: /home/mark/apache-maven-3.8.6 Java version: 17.0.3, vendor: Oracle Corporation, runtime: /home/mark/jdk-17.0.3 Default locale: en, platform encoding: UTF-8 OS name: \u0026#34;linux\u0026#34;, version: \u0026#34;5.10.102.1-microsoft-standard-wsl2\u0026#34;, arch: \u0026#34;amd64\u0026#34;, family: \u0026#34;unix\u0026#34; Gradle Download Gradle using the instructions on the Gradle website. Spring Boot is compatible with Gradle version 7.5 or later.\nRun the following command to verify that Gradle is installed correctly\n$ gradle -v ------------------------------------------------------------ Gradle 7.6 ------------------------------------------------------------ Build time: 2022-11-25 13:35:10 UTC Revision: daece9dbc5b79370cc8e4fd6fe4b2cd400e150a8 Kotlin: 1.7.10 Groovy: 3.0.13 Ant: Apache Ant(TM) version 1.10.11 compiled on July 10 2021 JVM: 17.0.3 (Oracle Corporation 17.0.3+8-LTS-111) OS: Linux 5.10.102.1-microsoft-standard-WSL2 amd64 Spring CLI for project creation You can create projects with Spring CLI. To use this feature, install Spring CLI following the instructions provided in that repository, and then import the Oracle Project Catalog as follows:\nspring project catalog add --name oracle --url https://github.com/oracle/spring-cloud-oci/tree/main/database/spring-cli/catalog To create a new project, for example called test2 with specific Maven group and artifact IDs, use a command similar to this, substituting your desired coordinates:\nspring boot new --name test2 --from obaas --group-id com.example --artifact-id test2 --version 0.0.1 Review the README file in the created project for details of next steps.\nOracle Database in a container for local testing If you want to run an instance of Oracle Database locally for development and testing, then Oracle recommends Oracle Database 23ai Free. You can start the database in a container with this command specifying a secure password:\ndocker run --name free23ai -d \\ -p 1521:1521 \\ -e ORACLE_PWD=Welcome12345 \\ container-registry.oracle.com/database/free:latest Note: If you are using testcontainers, then add the following dependency to your application:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.testcontainers\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-free\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;1.20.0\u0026lt;/version\u0026gt; \u0026lt;scope\u0026gt;test\u0026lt;/scope\u0026gt; \u0026lt;/dependency\u0026gt; ","description":"This page provides details on how to set up your development environment to work with Oracle Backend for Spring Boot and Microservices.\nThe following platforms are recommended for a development environment:\nMicrosoft Windows 10 or 11, preferably with Windows Subsystem for Linux 2 macOS (11 or later recommended) on Intel or Apple silicon Linux, for example Oracle Linux, Ubuntu, and so on. The following tools are recommended for a development environment:"},{"id":11,"href":"/microservices-datadriven/spring/platform/eureka/","title":"Eureka Service Discovery","parent":"Platform Services","content":"Oracle Backend for Spring Boot and Microservices includes the Spring Boot Eureka service registry, which is an application that stores information about client services or applications. Typically, each Microservice registers with the Eureka server at startup and the Eureka server maintains a list of all active instances of the service, including their ports and IP addresses. This information can be accessed by other services using a well-known key. This allows services to interact with each other without needing to know the other addresses at development or deployment time.\nAccess the Eureka Web User Interface To access the Eureka web user interface, process these steps:\nExpose the Eureka web user interface using this command:\nkubectl port-forward -n eureka svc/eureka 8761 Open the Eureka web user interface URL http://localhost:8761\nEureka web user interface On the dashboard you will see all the internal services registered with Eureka. If you have deployed the sample application CloudBank or done the LiveLab for Oracle Backend for Spring Boot and Microservices you will see those services.\n","description":"Oracle Backend for Spring Boot and Microservices includes the Spring Boot Eureka service registry, which is an application that stores information about client services or applications. Typically, each Microservice registers with the Eureka server at startup and the Eureka server maintains a list of all active instances of the service, including their ports and IP addresses. This information can be accessed by other services using a well-known key. This allows services to interact with each other without needing to know the other addresses at development or deployment time."},{"id":12,"href":"/microservices-datadriven/spring/get-help/","title":"Get Help","parent":"Oracle Backend for Spring Boot and Microservices","content":"If you need help with Oracle Backend for Spring Boot and Microservices you can seek help at the following channels:\nE-mail: obaas_ww@oracle.com Slack: https://oracledevs.slack.com/archives/C06L9CDGR6Z GitHub Issue: https://github.com/oracle/microservices-datadriven/issues When asking for help please provide the following:\nWhich version of Oracle Backend for Spring Boot and Microservices are you using? Which component(s) do you have an issue with? If possible, provide a testcase that shows the issue. Diagnostics Collection Two utilities will help Oracle diagnose and fix issues you may experience.\nBaseline The baseline command (Linux only) will collect non-sensitive information about your cluster and can be used to compare the current cluster state with a baseline state. This will help to quickly identify any discrepancies between a stable deployment and the current deployments.\nThe baseline utility can be run in one of three modes:\nGather baseline\nThis will write out a file \u0026lt;VERSION\u0026gt;.json by connecting to a kubernetes cluster and evaluating the current configuration. Use the gather option to establish a baseline of a working deployment.\nGather and Compare baseline --compare\nThis will look for a file called \u0026lt;OBAAS_VERSION\u0026gt;.json and write out a new file \u0026lt;OBAAS_VERSION\u0026gt;_current.json of the current configuration. The two files will be compared for differences.\nCompare baseline --compare \u0026lt;baselineFile\u0026gt; \u0026lt;currentFile\u0026gt;\nThis will compare two existing files, generated by the utility.\nCluster Dump A script is provided which can help to collect information about the configuration of your environment, logs of platform services, and various other information that may be helpful to diagnose and fix issues. Usage of this script is optional, and you should be aware that it is possible, and likely, that the output of this script may contain private or sensitive information. If you choose to run the script, you must review the contents of the output before providing that output to Oracle or anyone else.\n","description":"If you need help with Oracle Backend for Spring Boot and Microservices you can seek help at the following channels:\nE-mail: obaas_ww@oracle.com Slack: https://oracledevs.slack.com/archives/C06L9CDGR6Z GitHub Issue: https://github.com/oracle/microservices-datadriven/issues When asking for help please provide the following:\nWhich version of Oracle Backend for Spring Boot and Microservices are you using? Which component(s) do you have an issue with? If possible, provide a testcase that shows the issue. Diagnostics Collection Two utilities will help Oracle diagnose and fix issues you may experience."},{"id":13,"href":"/microservices-datadriven/spring/getting-started/","title":"Getting Started","parent":"Oracle Backend for Spring Boot and Microservices","content":"There are a number of demonstrations (videos) and hands-on labs (Live Lab) that show how to use Oracle Backend for Spring Boot and Microservices (Spring Boot).\nPrerequisites Deployed Oracle Backend for Spring Boot and Microservices. Introduction Video Watch this video for more information.\nBuild a Spring Boot Application With the Oracle Spring Boot Starters for UCP and Wallet In this video (18 minutes), Andy shows you how to:\nBuild a Phonebook application using Spring Boot with the Oracle Spring Boot Starters for Universal Connection Pools (UCP) and wallet. Deploy the applications to the Oracle Backend for Spring Boot and Microservices. Run tests. CloudBank - Building an Application with Spring Boot and Mobile APIs with Oracle Database and Kubernetes In this workshop (~ 2 hours), you learn how to build Microservices using Spring Boot and deploy them to the Oracle Backend for Spring Boot and Microservices. You learn about accessing the database using the Java Persistence API (JPA), service discovery, exposing services with the API Gateway, managing transactions across Microservices, workflow, and using observability tools to monitor your services and diagnose issues.\nIf you have already deployed Oracle Backend for Spring Boot and Microservices, you can skip Lab 1 (Provision an Instance).\nMore Learning There are more channels to learn about Oracle Backend for Spring Boot and Microservices:\nCheck out our blogs Join our Youtube Channel Next, go to the Platform Services page to learn more.\n","description":"There are a number of demonstrations (videos) and hands-on labs (Live Lab) that show how to use Oracle Backend for Spring Boot and Microservices (Spring Boot).\nPrerequisites Deployed Oracle Backend for Spring Boot and Microservices. Introduction Video Watch this video for more information.\nBuild a Spring Boot Application With the Oracle Spring Boot Starters for UCP and Wallet In this video (18 minutes), Andy shows you how to:\nBuild a Phonebook application using Spring Boot with the Oracle Spring Boot Starters for Universal Connection Pools (UCP) and wallet."},{"id":14,"href":"/microservices-datadriven/spring/infrastructure/gpu/","title":"GPUs for AI","parent":"Infrastructure","content":"Oracle Backend for Spring Boot and Microservices provides an option during installation to provision a set of Kubernetes nodes with NVIDIA A10 GPUs that are suitable for running AI workloads. If you choose that option during installation, you may also specify how many nodes are provisioned. The GPU nodes will be in a separate Node Pool to the normal CPU nodes, which allows you to scale it independently of the CPU nodes. They are also labeled so that you can target appropriate workloads to them using node selectors and/or affinity rules.\nTo view a list of nodes in your cluster with a GPU, you can use this command:\n$ kubectl get nodes -l \u0026#39;node.kubernetes.io/instance-type=VM.GPU.A10.1\u0026#39; NAME STATUS ROLES AGE VERSION 10.22.33.45 Ready node 2m44s v1.30.1 Running a Large Language Model on your GPU nodes One very common use for GPU nodes is to run a self-hosted Large Language Model (LLM) such as llama3 for inferencing or nomic-embed-text for embedding.\nCompanies often want to self-host an LLM to avoid sending private or sensitive data outside of their organization to a third-party provider, or to have more control over the costs of running the LLM and assocatied infrastructure.\nOne excellent way to self-host LLMs is to use Ollama.\nTo install Ollama on your GPU nodes, you can use the following commands:\nAdd the Ollama helm repository:\nhelm repo add ollama-helm https://otwld.github.io/ollama-helm/ Update your helm repositories:\nhelm repo update Create a values.yaml file to configure how Ollama should be installed, including which node(s) to run it on. Here is an example that will run Ollama on a GPU node and will pull the llama3 model.\nollama: gpu: enabled: true type: \u0026#39;nvidia\u0026#39; number: 1 models: - llama3 nodeSelector: node.kubernetes.io/instance-type: VM.GPU.A10.1 For more information on how to configure Ollama using the helm chart, refer to its documentation.\nCreate a namespace to deploy Ollama in:\nkubectl create ns ollama Deploy Ollama using the helm chart:\nhelm install ollama ollama-helm/ollama --namespace ollama --values ollama-values.yaml Interacting with Ollama You can interact with Ollama using the provided command line tool, called ollama. For example, to list the available models, use the ollama ls command:\nkubectl -n ollama exec svc/ollama -- ollama ls NAME ID SIZE MODIFIED llama3:latest 365c0bd3c000 4.7 GB 2 minutes ago To ask the LLM a question, you can use the ollama run command:\n$ kubectl -n ollama exec svc/ollama -- ollama run llama3 \u0026#34;what is spring boot?\u0026#34; Spring Boot is an open-source Java-based framework that simplifies the development of web applications and microservices. It\u0026#39;s a subset of the larger Spring ecosystem, which provides a comprehensive platform for building enterprise-level applications. ... Using LLMs hosted by Ollama in your Spring application Our self-paced hands-on example CloudBank AI includes an example of how to build a simple chatbot using Spring AI and Ollama.\n","description":"Oracle Backend for Spring Boot and Microservices provides an option during installation to provision a set of Kubernetes nodes with NVIDIA A10 GPUs that are suitable for running AI workloads. If you choose that option during installation, you may also specify how many nodes are provisioned. The GPU nodes will be in a separate Node Pool to the normal CPU nodes, which allows you to scale it independently of the CPU nodes."},{"id":15,"href":"/microservices-datadriven/spring/platform/vault/","title":"HashiCorp Vault","parent":"Platform Services","content":"Oracle Backend as a Service for Spring Cloud and Microservices includes HashiCorp Vault to secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets, and other sensitive data using a user interface (UI), command-line interface (CLI), or Hypertext Transfer Protocol (HTTP) API.\nTip For more information about working with the HashiCorp Vault, see the HashiCorp Vault Documentation and Tutorials Library. Setup Information Accessing the root Token Production Mode Accessing the root Token Development Mode Accessing Vault Recovery Keys Production Mode Accessing Vault Using kubectl Accessing the Vault Using the Web User Interface Audit Logs Grafana dashboard for HashiCorp Vault Setup Information The Vault can be deployed in two different ways. See the Setup:\nDevelopment mode Production mode Warning Never run a Development mode server in production. It is insecure and will lose data on every restart (since it stores data in-memory). It is only intended for development or experimentation. Vault uses the following Oracle Cloud Infrastructure (OCI) services when running in Production mode. When running in Development mode, only the OCI Container Engine for Kubernetes (OKE) is used.\nObject storage for storing Vault data. OCI Vault to automatically unseal the Vault. OCI Container Engine for Kubernetes for running the Vault server. When running in Production mode, the Vault is unsealed using the OCI Key Management Service (KMS) key. The root token can be accessed using the kubectl command-line interface. The root token in Development mode is root.\nThe following Vault services are enabled during deployment. Other services can be enabled using the vault command and the web user interface:\nToken Authentication Method. The token authentication method is built-in and automatically available. It allows users to authenticate using a token, as well as create new tokens, revoke secrets by token, and more. AppRole Authentication Method. The approle authentication method allows machines or applications to authenticate with Vault-defined roles. Kubernetes Authentication Method. The kubernetes authentication method can be used to authenticate with Vault using a Kubernetes service account token. This method of authentication makes it easy to introduce a Vault token into a Kubernetes Pod. Userpass Authentication Method. The userpass authentication method allows users to authenticate with Vault with a user name and password combination. Key/Value Secrets Engine. The non-versioned Key/Value secrets engine is a generic Key/Value store used to store arbitrary secrets. Key/Value Secrets Engine Version 2. The Key/Value secrets engine is a generic Key/Value store used to store arbitrary secrets. Accessing the root Token Production Mode root tokens have the root policy attached to them. root tokens can do anything in Vault and are useful in Development mode but should be restricted in Production mode. In fact, the Vault team recommends that root tokens only be used for the initial setup. Be sure to save the initial root token in a secure way. For example:\nkubectl get secret vault-root-token -n vault --template=\u0026#34;{{index .data \\\u0026#34;root.token\\\u0026#34; | base64decode}}\u0026#34;; echo Warning It is very important that the token is saved in multiple places. Losing the token can result in loss of access to the Vault. Accessing the root Token Development Mode The root token is set to root in Development mode. There are no recovery keys when running in Development mode.\nAccessing Vault Recovery Keys Production Mode Vault is configured to automatically unseal (auto unseal) using OCI Vault. Initializing with auto unseal creates five recovery keys that are stored in K8s Secrets. They MUST be retrieved and stored in a second location.\nWarning It is very important that recovery keys are saved in multiple places. Losing the recovery keys can result in loss of Vault. To extract the five recovery keys, use the following commands:\n% kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.1\\\u0026#34; }}\u0026#34;; echo % kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.2\\\u0026#34; }}\u0026#34;; echo % kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.3\\\u0026#34; }}\u0026#34;; echo % kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.4\\\u0026#34; }}\u0026#34;; echo % kubectl get secret vault-recovery-keys -n vault --template=\u0026#34;{{index .data \\\u0026#34;recovery.key.5\\\u0026#34; }}\u0026#34;; echo Accessing Vault Using kubectl To access the Vault using the kubectl command-line interface, you need to set up Access Kubernetes Cluster.\nTest access to the Vault.\nVault Documentation contains all of the commands that you can use with the Vault CLI. For example, this command returns the current status of Vault on one of the pods:\nkubectl exec pod/vault-0 -n vault -it -- vault status The output looks similar to this:\nKey Value --- ----- Recovery Seal Type shamir Initialized true Sealed false Total Recovery Shares 5 Threshold 3 Version 1.11.3 Build Date 2022-08-26T10:27:10Z Storage Type oci Cluster Name vault-cluster-28535f69 Cluster ID 993662ee-b3ee-2a13-3354-97adae01e1ca HA Enabled true HA Cluster https://vault-0.vault-internal:8201 HA Mode active Active Since 2023-01-26T16:14:32.628291153Z Get the token and log in to the Vault.\nTo interact with the Vault in Production mode, you need to log in using a token that is stored in a K8s Secret. Get the token by running the following command. The output is the root token. It is very important that the token is saved in multiple places. Losing the token can result in loss of access to the Vault. In Development mode, the root token is root.\nGet the token with this command:\nkubectl get secret vault-root-token -n vault --template=\u0026#34;{{index .data \\\u0026#34;root.token\\\u0026#34; | base64decode}}\u0026#34;; echo Log in to the Vault and provide the token with this command:\nkubectl exec pod/vault-0 -n vault -it -- vault login The following is sample output from logging in as the root user which should only be done during the initial set up. As an administrator, you must generate separate tokens and access control lists (ACLs) for the users that need access to the Vault. See Vault Documentation. For example:\nKey Value --- ----- token hvs....... token_accessor Hcx....... token_duration ∞ token_renewable false token_policies [\u0026#34;root\u0026#34;] identity_policies [] policies [\u0026#34;root\u0026#34;] To display the enabled secret engines, process this command:\nkubectl exec pod/vault-0 -n vault -it -- vault secrets list The output looks similar to this:\nPath Type Accessor Description ---- ---- -------- ----------- cubbyhole/ cubbyhole cubbyhole_a07a59ec per-token private secret storage identity/ identity identity_8b1e1a80 identity store kv-v2/ kv kv_06acc397 n/a sys/ system system_df5c39a8 system endpoints used for control, policy and debugging To display the enabled authentication methods, process this command:\nkubectl exec pod/vault-0 -n vault -it -- vault auth list The output looks similar to this:\nPath Type Accessor Description ---- ---- -------- ----------- approle/ approle auth_approle_00ffb93b n/a kubernetes/ kubernetes auth_kubernetes_c9bb0698 n/a token/ token auth_token_68b0beb2 token based credentials userpass/ userpass auth_userpass_afb2fb02 n/a Create a secret at path kv-v2/customer/acme with a customer_name and a customer_email. For example:\nkubectl exec pod/vault-0 -n vault -it -- vault kv put -mount=kv-v2 \\ customer/acme customer_name=\u0026#34;ACME Inc.\u0026#34; contact_email=\u0026#34;john.smith@acme.com\u0026#34; The output looks similar to this:\n====== Secret Path ====== kv-v2/data/customer/acme ======= Metadata ======= Key Value --- ----- created_time 2023-01-30T15:53:41.85529383Z custom_metadata \u0026lt;nil\u0026gt; deletion_time n/a destroyed false version 1 Retrieve the created secret:\nkubectl exec pod/vault-0 -n vault -it -- vault kv get -mount=kv-v2 customer/acme The output looks similar to this:\n====== Secret Path ====== kv-v2/data/customer/acme ======= Metadata ======= Key Value --- ----- created_time 2023-01-30T15:53:41.85529383Z custom_metadata \u0026lt;nil\u0026gt; deletion_time n/a destroyed false version 1 ======== Data ======== Key Value --- ----- contact_email john.smith@acme.com customer_name ACME Inc. For more information about the Key/Value secrets engine, see the Key/Value Documentation and Versioned Key/Value Secrets Engine Tutorial.\nAccessing the Vault Using the Web User Interface To access the Vault, process these steps:\nExpose the Vault web user interface (UI) using this command:\nkubectl port-forward -n vault svc/vault 8200 Get the root token.\nTo interact with the Vault in Production mode, you need to log in using a token that is stored in a K8s Secret. Get the token by running the following command. The output is the root token. It is very important that the token is saved in multiple places. Losing the token can result in loss of access to the Vault. In Development mode, the root token is root. For example:\nkubectl get secret vault-root-token -n vault --template=\u0026#34;{{index .data \\\u0026#34;root.token\\\u0026#34; | base64decode}}\u0026#34;; echo Open the Vault web user interface URL: https://localhost:8200\nVault Web User Interface Log in using the root token. As an administrator, you must generate separate tokens and access control lists (ACLs) for the users that need access to the Vault. See Vault Documentation.\nYou are presented with the Home screen:\nVault Home Page Audit logs Important Audit logging is blocking, if the file is bigger than allowed space HashiCorp Vault will stop taking requests. If you deployed Oracle Backend for Spring Boot and Microservices using STANDARD edition, HashiCorp Vault will be deployed in production mode and you have the option of turing on audit logs. Note, you must be authenticated to turn on audit logs.\nTo turn on audit logs execute the following command:\nkubectl exec pod/vault-0 -n vault -it -- vault audit enable file file_path=/vault/audit/vault-audit.log You can to list enabled audit devices using the following command. The file_path is pointing to a directory on the pods where Vault is running.\nkubectl exec pod/vault-0 -n vault -it -- vault audit list -detailed If audit is enabled the output should look like this:\nPath Type Description Replication Options ---- ---- ----------- ----------- ------- file/ file n/a replicated file_path=/vault/audit/vault-audit.log To disable audit execute the following command:\nkubectl exec pod/vault-0 -n vault -it -- vault audit disable file Learn how to query audit logs here.\nGrafana dashboard for HashiCorp Vault Oracle Backend for Spring Boot and Microservices includes a Grafana dashboard for HashiCorp Vault.\nVault Grafana Dashboard ","description":"Oracle Backend as a Service for Spring Cloud and Microservices includes HashiCorp Vault to secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets, and other sensitive data using a user interface (UI), command-line interface (CLI), or Hypertext Transfer Protocol (HTTP) API.\nTip For more information about working with the HashiCorp Vault, see the HashiCorp Vault Documentation and Tutorials Library. Setup Information Accessing the root Token Production Mode Accessing the root Token Development Mode Accessing Vault Recovery Keys Production Mode Accessing Vault Using kubectl Accessing the Vault Using the Web User Interface Audit Logs Grafana dashboard for HashiCorp Vault Setup Information The Vault can be deployed in two different ways."},{"id":16,"href":"/microservices-datadriven/spring/infrastructure/","title":"Infrastructure","parent":"Oracle Backend for Spring Boot and Microservices","content":" Infrastructure Architecture Considerations The following points are considered when designing the infrastructure:\nPerformance The ability to scale both vertically on all tiers and horizontally on the web tier. Resources should be able automatically scale vertically based unpredictable, changing workloads.\nSecurity The database should not be accessible directly from the internet. Data should be encrypted at rest and, when traversing networks, in motion. The Kubernetes control plane and worker nodes should not be accessible directly from the internet.\nA Bastion Service should be use for directly accessing the Database and Kubernetes when required.\nAvailability Remove a single point of failure by introducing redundancy via Availability and Fault Domains and native ADB solutions.\nExtensibility and Flexibility Designed to seamlessly cater for the addition or removal of resources, capabilities and/or functionality.\nComponents The infrastructure has the following components:\nRegion An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centres, called availability domains.\nAvailability domains Availability domains are stand-alone, independent data centres within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance.\nFault domains A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. Applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.\nVirtual cloud network (VCN), Public and Private Subnets A VCN is a customizable, software-defined network. Like traditional data centre networks, VCNs give complete control over the network environment. A VCN can have multiple non-overlapping CIDR blocks which can be segmented into subnets. A subnet can be public or private.\nService gateway The service gateway provides access from a VCN to other services, such as Oracle Cloud Infrastructure Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.\nSecurity List/Network Security Group (NSG) For each subnet, Security Lists and/or Network Security Groups are used to specify the source, destination, and type of traffic that must be allowed in and out of the subnet.\nLoad Balancer The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to one or multiple servers in the back end.\nBastion Services The Bastion as a Service provides restricted and time-limited secure access to the ORDS Server(s) and the Autonomous Data Warehouse. These resources do not have public endpoints and require strict resource access controls.\nAutonomous Transaction Processing Database (ATP) By default, Autonomous Databases are highly available, incorporating a multi-node configuration to protect against localized hardware failures that do not require fast disaster recovery.\nContainer Engine for Kubernetes Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. You specify the compute resources that your applications require, and Container Engine for Kubernetes provisions them on Oracle Cloud Infrastructure in an existing tenancy. Container Engine for Kubernetes uses Kubernetes to automate the deployment, scaling, and management of containerized applications across clusters of hosts.\nControl Plane Services \u0026amp; Pods The Control Plane manages the worker nodes and the Pods in the Kubernetes cluster. The worker nodes run the containerized applications. Every cluster has at least one worker node. The worker node(s) host the Pods that are the components of the application workload.\nObject Storage Object Storage offers reliable and cost-efficient data durability, it provides quick access to large amounts of structured and unstructured data of any content type, including database data, analytic data, images, videos and more. We recommend using standard storage to ingest data from external sources because applications and users can access it quickly. You can build a lifecycle policy to move the data from standard storage to archive storage when it’s no longer required to be accessed frequently.\nRegistry Oracle Cloud Infrastructure Registry is an Oracle-managed registry that enables you to simplify your development-to-production workflow. Registry makes it easy for you to store, share, and manage development artifacts, like Docker images. The highly available and scalable architecture of Oracle Cloud Infrastructure ensures that you can deploy and manage your applications reliably.\nRecommendations Requirements might differ or change from the architecture proposed. Use the following recommendations as a starting point to adjusting the architecture; changes may impact pricing:\nDedicated Networking (Chargeable) Access to/from an On-Premise data centre will require additional networking configuration including but not limited to FastConnect and Dynamic Routing Gateways.\nSecurity Zones (Free) For resources that require maximum security, Oracle recommends to use security zones. A security zone is a compartment associated with an Oracle-defined recipe of security policies that are based on best practices. For example, the resources in a security zone must not be accessible from the public internet and they must be encrypted using customer-managed keys. When creating or updating resources in a security zone, OCI validates the operations against the policies in the security-zone recipe, and denies operations that violate any of the policies.\nWeb Application Firewall (Chargeable) Web Application Firewall (WAF) protects applications from malicious and unwanted internet traffic. WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer\u0026rsquo;s applications. WAF provides the ability to create and manage rules for internet threats including Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwanted bots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit based on geography or the signature of the request.\nATP CPU Auto-Scaling (Chargeable) It is recommend to leave auto-scaling enabled; this will allow the increase and decrease of the databases CPU and I/O resources. Use Apache JMeter to load test functional behavior and measure the performance.\nAutonomous Data Guard (Chargeable) Autonomous Data Guard monitors the primary database and if the Autonomous Database instance goes down, then the standby instance assumes the role of the primary instance adding additional fault tolerance.\nData Catalog (Chargeable) OCI Data Catalog is a fully managed, self-service data discovery and governance solution for your enterprise data. Data Catalog provides a single collaborative environment to manage technical, business, and operational metadata\n","description":"Infrastructure Architecture Considerations The following points are considered when designing the infrastructure:\nPerformance The ability to scale both vertically on all tiers and horizontally on the web tier. Resources should be able automatically scale vertically based unpredictable, changing workloads.\nSecurity The database should not be accessible directly from the internet. Data should be encrypted at rest and, when traversing networks, in motion. The Kubernetes control plane and worker nodes should not be accessible directly from the internet."},{"id":17,"href":"/microservices-datadriven/spring/infrastructure/kubernetes/","title":"Kubernetes Access","parent":"Infrastructure","content":"The Oracle Backend for Spring Boot and Microservices requires a Kubernetes cluster where the components are deployed. You can bring your own cluster or, in OCI, have a Oracle Kubernetes Engine (OKE) deployed for you.\nOKE Access At the end of setup, you are provided with a command in the log of the apply job to create a Kubernetes configuration file to access that cluster:\nTip For more information about working with the Kubernetes cluster, see Setting Up Cluster Access in the Oracle Cloud Infrastructure documentation. kubeconfig_cmd = \u0026#34;oci ce cluster create-kubeconfig --cluster-id ocid1.cluster.oc1.iad.xxx --file $HOME/.kube/config --region us-ashburn-1 --token-version 2.0.0 --kube-endpoint PUBLIC_ENDPOINT\u0026#34; NOTE: The generated kubeconfig file works if you are using the DEFAULT profile in your Oracle Cloud Infrastructure (OCI) CLI configuration file. If you are using a different OCI CLI profile, you must add --profile \u0026lt;PROFILE-NAME\u0026gt; to the command. For example:\nkubeconfig_cmd = \u0026#34;oci ce cluster create-kubeconfig --cluster-id ocid1.cluster.oc1.iad.xxx --file $HOME/.kube/config --region us-ashburn-1 --token-version 2.0.0 --kube-endpoint PUBLIC_ENDPOINT\u0026#34; --profile \u0026lt;PROFILE-NAME\u0026gt; You must also edit the the generated Kubernetes configuration file and add the following lines:\n- name: user-xxxx user: exec: apiVersion: client.authentication.k8s.io/v1beta1 args: - ce - cluster - generate-token - --cluster-id - ocid1.cluster....xxxx - --region - us-ashburn-1 - --profile - \u0026lt;PROFILE-NAME\u0026gt; command: oci Using OCI Cloud Shell A simple alternative is to use the OCI Cloud Shell, which is provided in the OCI Console. You can open the OCI Cloud Shell by clicking Developer Tools in the upper right corner of the OCI Console. For example:\nOCI Cloud Shell icon Run the provided command to create your Kubernetes configuration file after which you can access the Kubernetes cluster. For example, you can list the Pods in your cluster:\nWelcome to Oracle Cloud Shell. Update: Cloud Shell will now use Oracle JDK 11 by default. To change this, see Managing Language Runtimes in the Cloud Shell documentation. Your Cloud Shell machine comes with 5GB of storage for your home directory. Your Cloud Shell (machine and home directory) are located in: US East (Ashburn). You are using Cloud Shell in tenancy xxxx as an OCI user xxxx Type `help` for more info. user@cloudshell:~ (us-ashburn-1)$ oci ce cluster create-kubeconfig --cluster-id ocid1.cluster.oc1.iad.xxx --file $HOME/.kube/config --region us-ashburn-1 --token-version 2.0.0 --kube-endpoint PUBLIC_ENDPOINT Existing Kubeconfig file found at /home/user/.kube/config and new config merged into it user@cloudshell:~ (us-ashburn-1)$ kubectl get pods -A NAMESPACE NAME READY STATUS RESTARTS AGE ingress-nginx ingress-nginx-controller-7d45557d5c-bqwwp 1/1 Running 0 4h18m ingress-nginx ingress-nginx-controller-7d45557d5c-klgnb 1/1 Running 0 4h18m ingress-nginx ingress-nginx-controller-7d45557d5c-l4d2m 1/1 Running 0 4h18m kube-system coredns-746957c9c6-hwnm8 1/1 Running 0 4h27m kube-system csi-oci-node-kqf5x 1/1 Running 0 4h23m kube-system kube-dns-autoscaler-6f789cfb88-7mptd 1/1 Running 0 4h27m kube-system kube-flannel-ds-hb6ld 1/1 Running 1 (4h22m ago) 4h23m kube-system kube-proxy-v5qwm 1/1 Running 0 4h23m kube-system proxymux-client-vpnh7 1/1 Running 0 4h23m ......... user@cloudshell:~ (us-ashburn-1)$ Manually Scaling OKE To add additional nodes to the OKE cluster, the Marketplace installation stack can be re-applied after increasing the number of worker nodes.\nNOTE: If changes to the infrastructure were made outside the stack, re-applying the stack may revert those changes back to their original values. It is important to PLAN and review the proposed changes before running APPLY. This will ensure there are no unintentional modifications to the infrastructure.\nIn the OCI Console, navigate to Developer Services -\u0026gt; Resource Manager -\u0026gt; Stacks Ensure the compartment is set to where the Marketplace Stack was deployed, and Select the stack. Edit the Stack and Click Next Increase the Node Pool Workers Click Next and Save Changes Run Plan Carefully review the proposed changes Run Apply after reviewing the proposed changes ","description":"The Oracle Backend for Spring Boot and Microservices requires a Kubernetes cluster where the components are deployed. You can bring your own cluster or, in OCI, have a Oracle Kubernetes Engine (OKE) deployed for you.\nOKE Access At the end of setup, you are provided with a command in the log of the apply job to create a Kubernetes configuration file to access that cluster:\nTip For more information about working with the Kubernetes cluster, see Setting Up Cluster Access in the Oracle Cloud Infrastructure documentation."},{"id":18,"href":"/microservices-datadriven/spring/observability/metrics/","title":"Metrics","parent":"Observability","content":"Oracle Backend for Spring Boot and Microservices provides built-in platform services to collect metrics from system and application workloads and pre-built Grafana dashboards to view and explore those metrics.\nOn this page, you will find the following topics:\nOverview Pre-installed dashboards Spring Boot Observability Spring Boot Statistics Oracle Database Dashboard Kube State Metrics Dashboard Apache APISIX DashBoard HashiCorp Vault Dashboard How to have metrics collected for your applications How to access Prometheus How to access Grafana Overview Oracle Backend for Spring Boot and Microservices includes a number of pre-installed and pre-configured components to provide metrics for the platform itself and for your applications.\nThe diagram below provides an overview of the components that play a role in metrics:\nObservability Overview In the diagram above:\nYou may deploy applications into the platform and to have metrics collected these must either register with the Spring Eureka Service Registry or you must create Service Monitor resources for your applications. Prometheus is configured to auto-discover services that register with the service registry and collect metrics for them. Prometheus is configured to collect metrics from application described by a Service Monitor. The Oracle Database Exporter and Kube State Metrics are pre-installed and Prometheus is configured to collect metrics from them. Grafana is pre-installed and populated with a set of dashboards (see below). A Prometheus data source is pre-configured. Pre-installed dashboards The following dashboards are pre-installed in Grafana:\nSpring Boot Observability This dashboard provides details of one or more Spring Boot applications including the following:\nThe number of HTTP requests received by the application A breakdown of which URL paths requests were received for The average duration of requests by path The number of exceptions encountered by the application Details of 2xx (that is, successful) and 5xx (that is, exceptions) requests The request rate per second over time, by path Log messages from the service You may adjust the time period and to drill down into issues, and search the logs for particular messages. This dashboard is designed for Spring Boot 3.x applications. Some features may work for Spring Boot 2.x applications.\nHere is an example of this dashboard displaying data for a simple application:\nSpring Boot Observability Dashboard Spring Boot Statistics This dashboard provides more in-depth information about services including the following:\nJVM statistic like heap and non-heap memory usage, and details of garbage collection Load average and open files Database connection pool statistics (for HikariCP) HTTP request statistics Logging (logback) statistics You may adjust the time period and to drill down into issues, and search the logs for particular messages. This dashboard is designed for Spring Boot 3.x applications. Some features may work for Spring Boot 2.x applications.\nHere is an example of this dashboard displaying data for a simple application:\nSpring Boot Statistics Dashboard Oracle Database Dashboard This dashboard provides details about the Oracle Database including:\nSGA and PGA size Active sessions User commits Execute count CPU count and platform Top SQL Wait time statistics by class Here is an example of this dashboard:\nOracle Database Dashboard Kube State Metrics Dashboard This dashboard provides details of the Kubernetes cluster including:\nPod capacity and requests for CPU and memory Node availability Deployment, Stateful Set, Pod, Job and Container statistics Details of horizontal pod autoscalers Details of persistent volume claims Here is an example of this dashboard:\nKube State Metrics Dashboard Apache APISIX Dashboard This dashboard provides details of the APISIX API Gateway including:\nTotal Requests NGINX Connection State Etcd modifications Here is an example of this dashboard:\nApache APISIX Observability Dashboard HashiCorp Vault Dashboard This dashboard provides details of the HashiCorp Vault including:\nHealth and seal status Number of secrets Number of operations Here is an example of this dashboard:\nApache APISIX Observability Dashboard How to have metrics collected for your applications When you deploy an application with Oracle Backend for Spring Boot and Microservices CLI or Visual Code Extension, provided you included the Eureka Discovery Client and Actuator in your application, Prometheus will automatically find your application (using the service registry) and start collecting metrics. These metrics will be included in both the Spring Boot Observability dashboard and the Spring Boot Statistic dashboard automatically.\nTo include the Eureka Discovery client in your application, add the following dependencies to your Maven POM or equivalent:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-starter-netflix-eureka-client\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-starter-actuator\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; You must also add the following configuration to your Spring application.yaml:\nspring: application: name: my-app eureka: instance: hostname: ${spring.application.name} preferIpAddress: true client: service-url: defaultZone: ${eureka.service-url} fetch-registry: true register-with-eureka: true enabled: true management: endpoint: health: show-details: always endpoints: web: exposure: include: \u0026#34;*\u0026#34; metrics: tags: application: ${spring.application.name} Alternatively, if you do not want to include the Eureka client, you can instead create a ServiceMonitor resource for your service. This must be created in the namespace where your application is deployed, and you must specify the correct port and the path for Spring Boot Actuator. Your application must have Actuator and the prometheus endpoint enabled, as described above.\nHere is an example of a ServiceMonitor for an application:\napiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: labels: app: my-app name: my-app namespace: application spec: endpoints: - interval: 20s path: /actuator/prometheus port: 8080 selector: matchLabels: app: my-app How to access Prometheus Prometheus is an open source monitoring and alerting system. Prometheus collects and stores metrics as time series data with the timestamp of the time that they are recorded, and optional Key/Value pairs called labels.\nExpose the Prometheus user interface (UI) using this command:\nkubectl port-forward -n prometheus svc/prometheus 9090:9090 Open the Prometheus web user interface URL: http://localhost:9090\nPrometheus UI In the Prometheus web user interface, search for metrics:\nIn the search bar, search for application_ready_time_seconds and click on Execute. You should see metrics for the Sample Applications. For example:\nPrometheus Metrics In the Prometheus web user interface, Status allows you to view the targets being monitored by Prometheus:\nIn the top menu, choose Status and then Targets. Notice that the targets \u0026ldquo;slow\u0026rdquo;, \u0026ldquo;customer\u0026rdquo; and others are in UP status and others are in DOWN status. Prometheus Targets How to access Grafana Grafana open source software enables you to query, visualize, alert, and explore your metrics, logs, and traces wherever they are stored. Grafana open source software provides tools that turn your time series database (TSDB) data into insightful graphs and visualizations. Take the following steps:\nExpose Grafana using this command:\nkubectl -n grafana port-forward svc/grafana 8080:80 Open the Grafana web user interface URL: http://localhost:8080\nusername: admin\nTo get the password, run this command:\nkubectl -n grafana get secret grafana-dashboard-authn -o jsonpath=\u0026#39;{.data.password}\u0026#39; | base64 -d; echo NOTE: If you do not have base64, leave off the last part (| base64 -d) in the command, then copy the output, and use this website to decode it: https://www.base64decode.org/.\nIf you did not set your own password during installation, then the auto-generated password will be a long string of characters that might be similar to 210BAqNzYkrcWjd58RKC2Xzerx9c0WkZi9LNsG4c. For example:\nGrafana Login ","description":"Oracle Backend for Spring Boot and Microservices provides built-in platform services to collect metrics from system and application workloads and pre-built Grafana dashboards to view and explore those metrics.\nOn this page, you will find the following topics:\nOverview Pre-installed dashboards Spring Boot Observability Spring Boot Statistics Oracle Database Dashboard Kube State Metrics Dashboard Apache APISIX DashBoard HashiCorp Vault Dashboard How to have metrics collected for your applications How to access Prometheus How to access Grafana Overview Oracle Backend for Spring Boot and Microservices includes a number of pre-installed and pre-configured components to provide metrics for the platform itself and for your applications."},{"id":19,"href":"/microservices-datadriven/spring/platform/microtx/","title":"MicroTx","parent":"Platform Services","content":"Oracle Transaction Manager for Microservices, also known as \u0026ldquo;MicroTx\u0026rdquo;, simplifies application development and operations by enabling distributed transactions to ensure consistency across microservices deployed in Kubernetes.\nOracle Backend for Spring Boot and Microservices includes the free version of MicroTx, which has all of the functionality of the commercial version, but limits the number of transactions and only persists data in memory. It is recommended for evaluations and application development purposes.\nMicroTx supports the following consistency models:\nExtended Architecture (XA) Long Running Actions (LRA) Try-Confirm/Cancel (TCC) The CloudBank sample application includes a \u0026ldquo;Transfer\u0026rdquo; service which demonstrates how to use MicroTx to implement the Saga pattern using the Eclipse Microprofile Long Running Actions specification.\nTo use MicroTx in your Spring Boot applications, include the following dependency in your pom.xml or equivalent:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.microtx.lra\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;microtx-lra-spring-boot-starter-3x\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.1\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; Add the following configuration to your Spring application configuration. The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI or the Visual Studio Code Extension to deploy your application. For example:\nspring: microtx: lra: coordinator-url: ${MP_LRA_COORDINATOR_URL} propagation-active: true headers-propagation-prefix: \u0026#34;{x-b3-, oracle-tmm-, authorization, refresh-}\u0026#34; lra: coordinator: url: ${MP_LRA_COORDINATOR_URL} Upgrading to the commercial version If you have licensed Oracle Transaction Manager for Microservices Enterprise Edition, please see the documentation for details of how to install and configure MicroTx. Oracle recommends that you perform a new installation rather than attempting to upgrade the provided MicroTx Free installation to the commercial version.\n","description":"Oracle Transaction Manager for Microservices, also known as \u0026ldquo;MicroTx\u0026rdquo;, simplifies application development and operations by enabling distributed transactions to ensure consistency across microservices deployed in Kubernetes.\nOracle Backend for Spring Boot and Microservices includes the free version of MicroTx, which has all of the functionality of the commercial version, but limits the number of transactions and only persists data in memory. It is recommended for evaluations and application development purposes."},{"id":20,"href":"/microservices-datadriven/spring/infrastructure/networking/","title":"Networking","parent":"Infrastructure","content":"The Oracle Backend for Spring Boot and Microservices has specific networking requirements to ensure resource communication while providing security through isolation and networking rules.\nThe standard installation will provision a new Virtual Cloud Network (VCN) with the required subnets and all networking rules to get you started using the Oracle Backend for Spring Boot and Microservices quickly. To use an existing VCN, please follow the Bring Your Own VCN instructions.\nFor custom installations, including On-Premises, it is the responsibility of the customer to ensure network access controls to provide both operational access and security. The Oracle Cloud Infrastructure (OCI) standard installation setup can be used as a general template.\nNetwork Infrastructure Overview OCI Network Infrastructure All infrastructure resources are split between two subnets: one public and one private subnet with access restricted by Network Security Groups (Firewalls). All access is blocked by default with specific IP and port opened, as documented below, for proper operation.\nNote minimum CIDRs are based on an Oracle Cloud Infrastructure (OCI) deployments. Other cloud vendors reserve usable IPs within a CIDR reducing the usable IPs that can be used by the infrastructure.\nPublic Subnet The public subnet allows external access to the Oracle Backend for Spring Boot and Microservices resources. Ingress/Egress to the public subnet and from the Internet is provided by an Internet Gateway.\nAt a minimum, the public subnet requires two usable IP Addresses. In OCI this equates to a 30-bit network identifier (/30).\nICMP traffic is allowed between the public and private Subnets for resource discovery.\nNOTE: Resources within the public subnet are not inherently accessible from the internet. The public subnet allows the resources in it to obtain a public IP address, however assigning a public IP is not required. When a public IP is not assigned to the resource, it is only accessible from within the subnet itself. All access to resources in the public subnet are restricted by configurable Network Security Groups (Firewalls).\nLoad Balancer An external Load Balancer is used in conjunction with Ingress resources to expose Services to the internet. Ingress to the Load Balancer should be restricted by CIDR and ports (default: 0.0.0.0/0; 80,443). All TLS communications terminate at the LoadBalancer. For more information on the certificate for TLS, please see OCI Load Balancer TLS Certificate Setup.\nKubernetes API Endpoint The Kubernetes API Endpoint, within the Control Plane, is used to manage the Kubernetes Cluster as well as providing access to Kubernetes services that are not exposed to the Load Balancer via Port Forwarding. Ingress to the Endpoint is restricted to port 6443 and should be further restricted by CIDR (default: 0.0.0.0/0).\nIn Oracle Cloud Infrastructure (OCI), the Oracle Kubernetes Engine (OKE) Control Plane is allowed egress to OCI services via port 443. Access to these services are required for the OKE Managed Control Plane.\nPrivate Subnet The private subnet isolates its resources from direct external access by prohibiting the allocation of public IP address to those resources. Ingress to resources in the private subnet is restricted to the Load Balancer and Kubernetes API Endpoint via specific Network Security Group (Firewall) rules. Optionally, a Bastion Service, within the Private subnet, can provide additional non-restricted access to the resources in the private subnet.\nEgress to the Internet is provided by a NAT Gateway, while Egress to other Cloud Services (such as a Container Repository) is provided by a Service Gateway.\nThe CIDR of the Private Subnet is dependent on the number of Kubernetes Work Nodes and other resources, such as databases. It is recommended to specify a CIDR providing at least six usable IP Addresses. In OCI, this equates to a 29-bit network identifier (/29).\nICMP traffic is allowed between the public and private subnets for resource discovery.\nKubernetes Worker Nodes The worker nodes are allowed to communicate with other worker nodes on all ports.\nWorker Nodes and Load Balancer The Worker Nodes and Load Balancer are allowed to communicate on port 10256 for Health Check/Availability purposes and ports 30000-32767 for forwarding external internet access to exposed services.\nWorker Nodes and Kubernetes API Endpoint Worker Nodes are allowed to communicate with the API Endpoint on port 6443.\nWorker Nodes and Control Plane The Kubernetes Control Plane is allowed to communicate to Worker Nodes on all ports. The Worker Nodes are allowed to communicate with the Control Plane on port 12250.\nOracle Database It is recommended to place the Oracle Databases inside the Private Subnet. Worker Nodes and the Oracle Database will be allowed to communicate freely within the Private Subnet.\nWhen using the Oracle Autonomous Database (ADB), it can either be placed in the Private Subnet with a Private Endpoint, or outside the Virtual Cloud Network with Secured Access. When the ADB is configured for Secured Access, access is allowed from the Virtual Cloud Network and additional, configurable IPs.\nBring Your Own OCI VCN Using the Standard Edition you can use a pre-created VCN for the Oracle Backend for Spring Boot and Microservices resources.\nThe following are minimum requirements for a BYO VCN:\nPublic Subnet Minimum CIDR: /30 Route Table: Internet Gateway to 0.0.0.0/0 Private Subnet Minimum CIDR: /29 Route Table: Service Gateway to \u0026ldquo;All \u0026lt;Region\u0026gt; Services in the Oracle Services Network\u0026rdquo; NAT Gateway to 0.0.0.0/0 Configuration During the configuration of the Oracle Backend for Spring Boot and Microservices, ensure that the Edition is set to Standard:\nTick the \u0026ldquo;Bring Your Own Virtual Network\u0026rdquo; checkbox and fill in the appropriate values for the VCN Compartment/Name, Public Subnet Compartment/Name, and Private Subnet Compartment/Name:\nVirtual Cloud Network Compartment : The compartment of the existing VCN. Virtual Cloud Network (VCN) : The VCN name. Private Subnet Compartment : The compartment of the existing Private Subnet in the VCN. Private Subnet : The Private Subnet name (this will automatically translate the name to an OCID). Public Subnet Compartment : The compartment of the existing Public Subnet in the VCN. Public Subnet : The Public Subnet name (this will automatically translate the name to an OCID). OCI LoadBalancer TLS Certificate Setup In OCI, example self-signed certificates are used for TLS communication to the Load Balancer. The self-signed certificates should be replaced with certificates signed by a publicly trusted certificate authority (CA).\nSetup Ensure your Domain Name System (DNS) entry points to the public IP address associated with the service/ingress-nginx-controller in the ingress-nginx namespace:\nObtain a new TLS certificate. In a production environment, the most common scenario is to use a public certificate that has been signed by a certificate authority.\nCreate a new Kubernetes secret in the ingress-nginx namespace. For example:\nkubectl -n ingress-nginx create secret tls my-tls-cert --key new-tls.key --cert new-tls.crt Modify the service definition to reference the new Kubernetes secret by changing the service.beta.kubernetes.io/oci-load-balancer-tls-secret annotation in the service configuration. For example:\nkubectl patch service ingress-nginx-controller -n ingress-nginx \\ -p \u0026#39;{\u0026#34;metadata\u0026#34;:{\u0026#34;annotations\u0026#34;:{\u0026#34;service.beta.kubernetes.io/oci-load-balancer-tls-secret\u0026#34;:\u0026#34;my-tls-cert\u0026#34;}}}\u0026#39; \\ --type=merge ","description":"The Oracle Backend for Spring Boot and Microservices has specific networking requirements to ensure resource communication while providing security through isolation and networking rules.\nThe standard installation will provision a new Virtual Cloud Network (VCN) with the required subnets and all networking rules to get you started using the Oracle Backend for Spring Boot and Microservices quickly. To use an existing VCN, please follow the Bring Your Own VCN instructions."},{"id":21,"href":"/microservices-datadriven/spring/development/cli/","title":"OBaaS CLI","parent":"Development","content":"The Oracle Backend for Spring Boot and Microservices offers a command-line interface (CLI), oractl. The CLI commands simplify the deployment of microservices applications as well as bindings with the resources that they use. Download the CLI here. The platform-specific binary can be renamed to oractl for convenience.\nTable of Contents:\nInstalling the CLI Using the CLI Available Commands Help Connect to the backend Create application namespace Delete application namespace Bind database schema/kubernetes secrets Deploy a service Create a horizontal pod autoscaler Delete a horizontal pod autoscaler List - show details about deployments Manage config server data GraalVM compile commands User Management Logging Information Installing the CLI The Oracle Backend for Spring Boot CLI is used to configure your backend and to deploy your Spring Boot applications to the backend.\nDownload the Oracle Backend for Spring Boot and Microservices CLI oractl\nDownload the CLI from here\nRename the downloaded file to oractl\nAdd oractl to PATH variable\nYou need to make sure it is executable and add it to your PATH environment variable.\n\u0026lt;copy\u0026gt; chmod +x oractl export PATH=/path/to/oractl:$PATH\u0026lt;/copy\u0026gt; NOTE: If environment is a Mac you need run the following command sudo xattr -r -d com.apple.quarantine \u0026lt;downloaded-file\u0026gt; otherwise will you get a security warning and the CLI will not work.\nUsing the CLI Expose the Oracle Backend for Spring Boot and Microservices Admin server that the CLI calls using this command:\nkubectl port-forward services/obaas-admin -n obaas-admin 8080 Start the CLI in interactive mode by running oractl from your terminal window. For example:\noractl As a result, the oractl prompt is displayed as follows:\n_ _ __ _ ___ / \\ |_) _. _. (_ / | | \\_/ |_) (_| (_| __) \\_ |_ _|_ ======================================================================================== Application Name: Oracle Backend Platform :: Command Line Interface Application Version: (1.1.3) :: Spring Boot (v3.2.1) :: Ask for help: - Slack: https://oracledevs.slack.com/archives/C03ALDSV272 - email: obaas_ww@oracle.com oractl:\u0026gt; Available Commands help Short descriptions for the available commands can be viewed by issuing the help command and detailed help for any individual commands can be viewed by issuing help [command-name]. For example:\noractl:\u0026gt;help AVAILABLE COMMANDS Application/Namespace Commands create: Create an application/namespace. Autoscaler Commands create-autoscaler: Create an autoscaler. delete-autoscaler: Delete an autoscaler. Built-In Commands help: Display help about available commands stacktrace: Display the full stacktrace of the last error. clear: Clear the shell screen. quit, exit: Exit the shell. history: Display or save the history of previously run commands version: Show version info script: Read and execute commands from a file. GraalVM Compile Commands compile-download: Download executable file compiled compile: Compile a service with GraalVM compile-purge: Delete a job launched compile-logs: Compilation progress Identity and Access Management Service user list: Lists the users in your platform. user create: Creates a new user in your platform. user get: Gets the specified user’s information. user delete: Delete a user in your platform. user change-roles: Change the roles from the specified user. connect: Connect to the OBaaS Admin Service. user change-password: Change password for the specified user. Informational Commands list: list/show details of application services. Service Commands bind: Create or Update a schema/user and bind it to service deployment. delete: Delete a service or entire application/namespace. config: View and modify Service configuration. deploy: Deploy a service. Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com An application is a namespace encompassing related microservices. For example, a \u0026ldquo;cloudbank\u0026rdquo; application may have \u0026ldquo;banktransfer\u0026rdquo; and \u0026ldquo;frauddetection\u0026rdquo; microservices deployed within it.\nThe create command results in the creation of an application namespace (Kubernetes namespace). The application namespace provides a mechanism for isolating groups of resources, especially the microservices.\nThe delete command results in the complete deletion of an application namespace (Kubernetes namespace) or for a specific microservice. Ensure that you want to completely delete the application namespace. You cannot rollback the components once deleted.\nThe bind command results in the automatic creation of a database schema for a given service or user and binds the information for that schema or database in the environment of the microservice. The option of a prefix for the bound environment properties is also returned. For example, most Spring Boot microservices use spring.datasource.\nThe deploy command takes service-name, app-name, and artifact-path as the main arguments (image-version and java-version options are also provided). When the deploy command is issued, the microservice JAR file is uploaded to the backend and a container image is created for the JAR or microservice, and various Kubernetes resources such as Deployment and Service are also created. This is all done automatically to simplify the development process and the management of the microservices by the backend.\nThe create-autoscaler and delete-autoscaler commands allow you to create and delete horizontal pod autoscalers for specific microservices.\nThe list command shows the details of the deployed microservices.\nThe config command can also be used to add, view, update, and delete configurations managed by the Spring Cloud Config server.\nA common development workflow pattern is to connect, change-password (only if necessary), create (once per application or namespace), config, bind (only if necessary), deploy, and list.\nFurther development and redeployment of the service can then be repeated issuing the deploy and list commands.\nThe following is a description of the CLI commands:\nconnect Use the connect command to connect your oractl CLI to the Oracle Backend Administration service:\noractl:\u0026gt;help connect NAME connect - Connect to the OBaaS Spring Cloud admin console. SYNOPSIS connect --url String --help OPTIONS --url String admin server URL [Optional, default = http://localhost:8080] --help or -h help for connect [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;connect ? username obaas-admin ? password **************** Credentials successfully authenticated! obaas-admin -\u0026gt; welcome to OBaaS CLI. create Use the create command to create an application namespace (Kubernetes namespace). The application namespace provides a mechanism for isolating groups of resources, especially the microservices. Names of resources need to be unique within an application namespace, but not across application namespaces.\noractl:\u0026gt;help create NAME create - Create an application/namespace. SYNOPSIS create --app-name String --help OPTIONS --app-name String application/namespace [Optional] --help or -h help for create [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;create --app-name myapp application/namespace created successfully and image pull secret (registry-auth) created successfully and database TNSAdmin/wallet secret created successfully delete Use the delete command to delete an application namespace (Kubernetes namespace) completely or a specific microservice inside an application namespace.\nATTENTION: Ensure that you want to completely delete the application namespace. You cannot rollback the components once deleted.\nNAME delete - Delete a service or entire application/namespace. SYNOPSIS delete --app-name String --service-name String --image-version String --help OPTIONS --app-name String application/namespace [Optional] --service-name String Service Name [Optional] --image-version String Image Version [Optional] --help or -h help for delete [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;delete --app-name myapp obaas-cli [delete]: The Application/Namespace [myapp] will be removed, including all Services deployed. Do you confirm the complete deletion (y/n)?: y obaas-cli [delete]: Application/Namespace [myapp] as successfully deleted bind Use the bind command to create and update a database schema or user for the service. These commands also create or update the Kubernetes secret and binding environment entries for the schema. These are set in the Kubernetes deployment created with the deploy command. For example:\noractl:\u0026gt;help bind NAME bind - Create or Update a schema/user and bind it to service deployment. SYNOPSIS bind --action CommandConstants.BindActions --app-name String --service-name String --username String --binding-prefix String --help OPTIONS --action CommandConstants.BindActions possible actions: create or update. create is default. [Optional, default = create] --app-name String application/namespace [Optional, default = application] --service-name String Service Name (Default for database user if username is not provided) [Optional] --username String Database User [Optional] --binding-prefix String spring binding prefix [Optional, default = spring.datasource] --help or -h help for bind [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com ATTENTION: The service-name is mandatory and used as the name for the schema or user to be created. If you want to use a different schema or user from the service-name, you must also submit the username.\nUse the bind or bind create command to create a database schema or user for the service. For Example:\noractl:\u0026gt;bind create --app-name myapp --service-name myserv Database/Service Password: ************ Schema {myserv} was successfully created and Kubernetes Secret {myapp/myserv} was successfully created. Use the bind update command to update an already created database schema or user for the service. For example:\noractl:\u0026gt;bind update --app-name myapp --service-name myserv Database/Service Password: ************ Schema {myserv} was successfully updated and Kubernetes Secret {myapp/myserv} was successfully updated. deploy Use the deploy command to create, build, and push an image for the microservice and create the necessary deployment, service, and secret Kubernetes resources for the microservice.\noractl:\u0026gt;help deploy NAME deploy - Deploy a service. SYNOPSIS deploy --bind String --app-name String [--service-name String] [--image-version String] --service-profile String --port String --java-version String --add-health-probe boolean --liquibase-db String [--artifact-path String] --initial-replicas int --graalvm-native boolean --apigw boolean --route String --apikey String --help OPTIONS --bind String automatically create and bind resources. possible values are [jms] [Optional] --app-name String application/namespace [Optional, default = application] --service-name String Service Name [Mandatory] --image-version String Image Version [Mandatory] --service-profile String Service Profile [Optional] --port String Service Port [Optional, default = 8080] --java-version String Java Base Image [ghcr.io/graalvm/jdk:ol9-java17-22.3.1] [Optional] --add-health-probe boolean Inject or not Health probes to service. [Optional, default = false] --liquibase-db String Inform the database name for Liquibase. [Optional] --artifact-path String Service jar/exe location [Mandatory] --initial-replicas int The initial number of replicas [Optional, default = 1] --graalvm-native boolean Artifact is a graalvm native compiled by Oracle Backend [Optional, default = false] --apigw boolean open routing through APISIX [Optional, default = false] --route String set an APISIX route path [Optional, default = /api/v1/] --apikey String set APISIX API_KEY [Optional] --help or -h help for deploy [Optional] CURRENTLY UNAVAILABLE you are not signedIn. Please sign in to be able to use this command! Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;deploy --app-name myapp --service-name myserv --image-version 0.0.1 --port 8081 --bind jms --add-health-probe true --artifact-path obaas/myserv/target/demo-0.0.1-SNAPSHOT.jar uploading: obaas/myserv/target/demo-0.0.1-SNAPSHOT.jar building and pushing image... binding resources... successful creating deployment and service... successfully deployed or, for native compiled microservices, add \u0026ndash;java-version container-registry.oracle.com/os/oraclelinux:7-slim to have a compact image and \u0026ndash;graalvm-native to specify the file provided is an executable .exec:\noractl:\u0026gt;deploy --app-name myapp --service-name account --artifact-path obaas/myserv/target/accounts-0.0.1-SNAPSHOT.jar.exec --image-version 0.0.1 --graalvm-native --java-version container-registry.oracle.com/os/oraclelinux:7-slim create-autoscaler Use the create-autoscaler command to create a horizontal pod autoscaler for a microservice you have deployed. You can specify the target scaling threshold using CPU percentage. Note that your microservice must have its CPU request set in order to use the autoscaler. It is set to 500m (that is, half a core) by the deploy command if you did not override the default.\noractl:\u0026gt;help create-autoscaler NAME create-autoscaler - Create an autoscaler. SYNOPSIS create-autoscaler --app-name String [--service-name String] --min-replicas int --max-replicas int --cpu-request String --cpu-percent int --help OPTIONS --app-name String application/namespace [Optional, default = application] --service-name String Service Name [Mandatory] --min-replicas int The minimium number of replicas [Optional, default = 1] --max-replicas int The maximum number of replicas [Optional, default = 4] --cpu-request String The amount of CPU to request [Optional, default = 100m] --cpu-percent int The CPU percent at which to scale [Optional, default = 80] --help or -h help for create-autoscaler [Optional] CURRENTLY UNAVAILABLE you are not signedIn. Please sign in to be able to use this command! Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;create-autoscaler --app-name application --service-name creditscore --cpu-percent 80 --cpu-request 200m --min-replicas 2 --max-replicas 6 obaas-cli [create-autoscaler]: Autoscaler was successfully created. You can view the details of the autoscaler using kubectl, for example:\n$ kubectl -n application get hpa NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE creditscore Deployment/creditscore 0%/80% 2 6 2 26s customer Deployment/customer 4%/80% 2 6 2 26h delete-autoscaler Use the delete-autoscaler command to delete a horizontal pod autoscaler for a microservice you have deployed.\noractl:\u0026gt;help delete-autoscaler NAME delete-autoscaler - Delete an autoscaler. SYNOPSIS delete-autoscaler --app-name String [--service-name String] --help OPTIONS --app-name String application/namespace [Optional, default = application] --service-name String Service Name [Mandatory] --help or -h help for delete-autoscaler [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;delete-autoscaler --app-name application --service-name creditscore obaas-cli [delete-autoscaler]: Autoscaler was successfully deleted. list Use the list command to show details of the microservice deployed in the previous step. For example:\noractl:\u0026gt;help list NAME list - list/show details of application services. SYNOPSIS list --app-name String --help OPTIONS --app-name String application/namespace [Optional, default = application] --help or -h help for list [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example:\noractl:\u0026gt;list --app-name myapp name:myserv-c46688645-r6lhl status:class V1ContainerStatus { containerID: cri-o://6d10194c5058a8cf7ecbd5e745cebd5e44c5768c7df73053fa85f54af4b352b2 image: \u0026lt;region\u0026gt;.ocir.io/\u0026lt;tenancy\u0026gt;/obaas03/myapp-myserv:0.0.1 imageID: \u0026lt;region\u0026gt;.ocir.io/\u0026lt;tenancy\u0026gt;/obaas03/myapp-myserv@sha256:99d4bbe42ceef97497105218594ea19a9e9869c75f48bdfdc1a2f2aec33b503c lastState: class V1ContainerState { running: null terminated: null waiting: null } name: myserv ready: true restartCount: 0 started: true state: class V1ContainerState { running: class V1ContainerStateRunning { startedAt: 2023-04-13T01:00:51Z } terminated: null waiting: null } }name:myserv kind:null config Use the config command to view and update the configuration managed by the Spring Cloud Config server. More information about the configuration server can be found at this link: Spring Config Server\noractl:\u0026gt;help config NAME config - View and modify Service configuration. SYNOPSIS config [--action CommandConstants.ConfigActions] --service-name String --service-label String --service-profile String --property-key String --property-value String --artifact-path String --help OPTIONS --action CommandConstants.ConfigActions possible actions: add, list, update, or delete [Mandatory] --service-name String Service Name [Optional] --service-label String label for config [Optional] --service-profile String Service Profile [Optional] --property-key String the property key for the config [Optional] --property-value String the value for the config [Optional] --artifact-path String the context [Optional] --help or -h help for config [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com Use the config add command to add the application configuration to the Spring Cloud Config server using one of the two following options:\nAdd a specific configuration using the set of parameters --service-name, --service-label, --service-profile, --property-key, and --property-value. For example: oractl:\u0026gt;config add --service-name myserv --service-label 0.0.1 --service-profile default --property-key k1 --property-value value1 Property added successfully. Add a set of configurations based on a configuration file using these commands: { \u0026#34;application\u0026#34;: \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;0.0.1\u0026#34;, \u0026#34;properties\u0026#34;: { \u0026#34;spring.datasource.driver-class-name\u0026#34;: \u0026#34;oracle.jdbc.OracleDriver\u0026#34;, \u0026#34;spring.datasource.url\u0026#34;: \u0026#34;jdbc:oracle:thin:@$(db.service)?TNS_ADMIN=/oracle/tnsadmin\u0026#34; } } oractl:\u0026gt;config add --artifact-path /obaas/myserv-properties.json 2 property(s) added successfully. oractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.0.1 [ { \u0026#34;id\u0026#34; : 222, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;spring.datasource.driver-class-name\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;oracle.jdbc.OracleDriver\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-04-13T01:29:38.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; }, { \u0026#34;id\u0026#34; : 223, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;spring.datasource.url\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;jdbc:oracle:thin:@$(db.service)?TNS_ADMIN=/oracle/tnsadmin\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-04-13T01:29:38.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] Use the config list command, without any parameters, to list the services that have at least one configuration inserted in the Spring Cloud Config server. For example:\noractl:\u0026gt;config list [ { \u0026#34;name\u0026#34; : \u0026#34;apptest\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;\u0026#34; }, { \u0026#34;name\u0026#34; : \u0026#34;myapp\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;\u0026#34; }, […] Use the config list [parameters] command to list the parameters using parameters as filters. For example:\n--service-name : Lists all of the parameters from the specified service. --service-label : Filters by label. --service-profile : Filters by profile. --property-key : Lists a specific parameter filter by key. For example:\noractl:\u0026gt;config list --service-name myserv --service-profile default --service-label 0.0.1 [ { \u0026#34;id\u0026#34; : 221, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;default\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;k1\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;value1\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-04-13T01:10:16.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] Use the config update command to update a specific configuration using the set of parameters:\n--service-name --service-label --service-profile --property-key --property-value For example:\noractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.1 --property-key k1 [ { \u0026#34;id\u0026#34; : 30, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;k1\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;value1\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-03-23T18:02:29.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] oractl:\u0026gt;config update --service-name myserv --service-profile obaas --service-label 0.1 --property-key k1 --property-value value1Updated Property successful modified. oractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.1 --property-key k1 [ { \u0026#34;id\u0026#34; : 30, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;k1\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;value1Updated\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-03-23T18:02:29.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] Use the config delete command to delete the application configuration from the Spring Cloud Config server using one of the following two options:\nDelete all configurations from a specific service using the filters --service-name, --service-profile and --service-label. The CLI tracks how many configurations are present in the Spring Cloud Config server and confirms the completed deletion. For example:\noractl:\u0026gt;config delete --service-name myserv [obaas] 7 property(ies) found, delete all (y/n)?: Delete a specific configuration using the parameters --service-name, --service-label, --service-profile and --property-key. For example:\noractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.1 --property-key ktest2 [ { \u0026#34;id\u0026#34; : 224, \u0026#34;application\u0026#34; : \u0026#34;myserv\u0026#34;, \u0026#34;profile\u0026#34; : \u0026#34;obaas\u0026#34;, \u0026#34;label\u0026#34; : \u0026#34;0.1\u0026#34;, \u0026#34;propKey\u0026#34; : \u0026#34;ktest2\u0026#34;, \u0026#34;value\u0026#34; : \u0026#34;value2\u0026#34;, \u0026#34;createdOn\u0026#34; : \u0026#34;2023-04-13T01:52:11.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34; : \u0026#34;CONFIGSERVER\u0026#34; } ] oractl:\u0026gt;config delete --service-name myserv --service-profile obaas --service-label 0.1 --property-key ktest2 [obaas] property successfully deleted. oractl:\u0026gt;config list --service-name myserv --service-profile obaas --service-label 0.1 --property-key ktest2 400 : \u0026#34;Couldn\u0026#39;t find any property for submitted query.\u0026#34; compile Use the GraalVM Compile Commands to:\nUpload a .jar file to the Oracle Backend for Spring Boot and microservices and its GraalVM compiler service. Start a compilation of your microservice to produce an executable native .exec file. Retrieve the last logs available regarding a compilation in progress or terminated. Download the .exec file to deploy on the backend. Purge the files remaining after a compilation on the remote GraalVM compiler service. The GraalVM Compile Commands are the following:\noractl:\u0026gt;help GraalVM Compile Commands compile-download: Download the compiled executable file. compile: Compile a service with GraalVM. compile-purge: Delete a launched job. compile-logs: Compilation progress. Use the compile command to upload and automatically start compilation using the following command:\noractl:\u0026gt;help compile NAME compile - Compile a service with GraalVM SYNOPSIS compile [--artifact-path String] --help OPTIONS --artifact-path String Service jar to compile location [Mandatory] --help or -h help for compile [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com Because the compilation of a .jar file using the tool native-image does not support cross-compilation, it must be on the same platform where the application will run. This service guarantees a compilation in the same operating system and CPU type where the service will be executed on the Kubernetes cluster.\nThe Spring Boot application pom.xml with the plugin:\n\u0026lt;plugin\u0026gt; \u0026lt;groupId\u0026gt;org.graalvm.buildtools\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;native-maven-plugin\u0026lt;/artifactId\u0026gt; \u0026lt;/plugin\u0026gt; The project should be compiled on the developer desktop with GraalVM version 22.3 or later using an mvn command. For example:\nmvn -Pnative native:compile -Dmaven.test.skip=true This pre-compilation on your desktop checks if there are any issues on the libraries used in your Spring Boot microservice. In addition, your executable .jar file must include ahead-of-time (AOT) generated assets such as generated classes and JSON hint files. For additional information, see Converting Spring Boot Executable Jar.\nThe following is an example of the command output:\noractl:\u0026gt;compile --artifact-path /Users/cdebari/demo-0.0.1-SNAPSHOT.jar uploading: /Users/cdebari/demo-0.0.1-SNAPSHOT.jar filename: demo-0.0.1-SNAPSHOT.jar return: demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b return: Shell script execution started on: demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b successfully start compilation of: demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b oractl:\u0026gt; The following example shows the generated batch ID that must be used to retrieve the log files, download the compiled file, and purge the service instance:\ndemo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b\nIf omitted, then the last batch is considered by default.\nUse the compile-logs command to retrieve the logs that show the compilation progress. For example:\noractl:\u0026gt;help compile-logs NAME compile-logs - Compilation progress. SYNOPSIS compile-logs --batch String --help OPTIONS --batch String File ID returned from the compile command. If not provided by default, then the last file compiled. [Optional] --help or -h help for compile-logs [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com As previously mentioned, if the batch ID is not provided, then the logs of the most recently executed compilation are returned. For example:\noractl:\u0026gt;compile-logs extracted: BOOT-INF/lib/spring-jcl-6.0.11.jar extracted: BOOT-INF/lib/spring-boot-jarmode-layertools-3.1.2.jar inflated: BOOT-INF/classpath.idx inflated: BOOT-INF/layers.idx ======================================================================================================================== GraalVM Native Image: Generating \u0026#39;demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b.exec\u0026#39; (executable)... ======================================================================================================================== For detailed information and explanations on the build output, visit: https://github.com/oracle/graal/blob/master/docs/reference-manual/native-image/BuildOutput.md ------------------------------------------------------------------------------------------------------------------------ If the compile-logs commands returns a Finished generating message, then download the .exec file. For example:\nCPU: Enable more CPU features with \u0026#39;-march=native\u0026#39; for improved performance. QBM: Use the quick build mode (\u0026#39;-Ob\u0026#39;) to speed up builds during development. ------------------------------------------------------------------------------------------------------------------------ 155.3s (8.2% of total time) in 169 GCs | Peak RSS: 5.34GB | CPU load: 0.70 ------------------------------------------------------------------------------------------------------------------------ Produced artifacts: /uploads/demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b.temp/demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b.exec (executable) ======================================================================================================================== Finished generating \u0026#39;demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b.exec\u0026#39; in 31m 30s. Compiling Complete. Use the compile-download command to download the generated .exec file. For example:\noractl:\u0026gt;help compile-download NAME compile-download - Download the compiled executable file. SYNOPSIS compile-download --batch String --help OPTIONS --batch String File ID to download as the executable file. If not provided by default, then the last file compiled. [Optional] --help or -h help for compile-download [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com You can choose to use the batch ID if you need the last file compiled. The following example specifies the batch ID:\noractl:\u0026gt;compile-download --batch demo-0.0.1-SNAPSHOT.jar_24428206-7d71-423f-8ef5-7d779977535b File downloaded successfully to: /Users/cdebari/demo-0.0.1-SNAPSHOT.jar.exec Use the compile-purge command to delete all of the artifacts generated on the GraalVM compiler service after downloading the .exec file:\noractl:\u0026gt;help compile-purge NAME compile-purge - Delete a launched job. SYNOPSIS compile-purge --batch String --help OPTIONS --batch String File ID returned from compile command. If not provided by default, then the last file compiled. [Optional] --help or -h help for compile-purge [Optional] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com User Management Manage users allows you to create the platform users and assign the roles that give access permission to operate with the platform.\nUser Roles\nROLE_USER: Users with this role can:\nConnect to the Admin Service. Create and list applications (namespaces). Create and update a database schema for the service. Deploy, list, and scale workloads (services). ROLE_ADMIN: Users with this role have the same access rights as a ROLE_USER and additionally:\nCreate and delete users. Search for users. Change password and roles for users. ROLE_CONFIG_EDITOR: Users with this role are allowed to edit the platform configurations. Reserved for future use.\nCreate users Use the user create command to add users to the platform. This command requires the name of the user username and the user roles in a comma-separated list.\noractl:\u0026gt;help user create NAME user create - Creates a new user in your platform. SYNOPSIS user create [--username String] --roles String --help OPTIONS --username String The name you assign to the user during creation. This is the user\u0026#39;s login for the CLI and for the SOC UI, also. The name must be unique across all users in the platform and cannot be changed. [Mandatory] --roles String The user\u0026#39;s role within the platform. A user must have up to three possible roles provided in a comma-separated list. [ROLE_ADMIN,ROLE_CONFIG_EDITOR,ROLE_USER]. [Optional, default = ROLE_USER] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to create a user called obaas-user-test1 with roles ROLE_USER,ROLE_CONFIG_EDITOR:\noractl:\u0026gt;user create --username obaas-user-test1 --roles ROLE_USER,ROLE_CONFIG_EDITOR ? password **************** obaas-cli [user create]: User [obaas-user-test1] as successfully created. Obtain User details Use the user get command to obtain the user details registered on the platform.\noractl:\u0026gt;help user get NAME user get - Gets the specified user’s information. SYNOPSIS user get [--username String] --help OPTIONS --username String The username of the user. [Mandatory] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to list the details from the user called obaas-admin:\noractl:\u0026gt;user get --username obaas-admin ╔══╤═══════════╤═══════════════════════════════════════╗ ║Id│Username │Roles ║ ╠══╪═══════════╪═══════════════════════════════════════╣ ║2 │obaas-admin│ROLE_ADMIN,ROLE_CONFIG_EDITOR,ROLE_USER║ ╚══╧═══════════╧═══════════════════════════════════════╝ Change User Roles Use the user change-roles command to change the roles from a specific user registered on the platform.\noractl:\u0026gt;help user change-roles NAME user change-roles - Change the roles from the specified user. SYNOPSIS user change-roles [--username String] --roles String --help OPTIONS --username String The name you assign to the user during creation. This is the user’s login for the CLI. [Mandatory] --roles String The user\u0026#39;s role within the platform. A user must have up to three possible roles provided in a comma-separated list. [ROLE_ADMIN,ROLE_CONFIG_EDITOR,ROLE_USER]. [Optional, default = ROLE_USER] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to change the roles from a user called obaas-user-test1 apply the role ROLE_USER:\noractl:\u0026gt;user change-roles --username obaas-user-test1 --roles ROLE_USER obaas-cli [user change-roles]: User [obaas-user-test1] roles were successfully updated. Change User Password Use the user change-password command to change the password from a specific user registered on the platform. A user is allowed to change its password only. Only users with ROLE_ADMIN can change passwords from other users.\noractl:\u0026gt;help user change-password NAME user change-password - Change password for the specified user. SYNOPSIS user change-password [--username String] --help OPTIONS --username String The username you want to change the password. [Mandatory] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to change the password from a user called obaas-user-test1:\noractl:\u0026gt;user change-password --username obaas-user-test1 ? password *********** obaas-cli [user change-password]: User [obaas-user-test1] password was successfully updated. List Users Use the user list command to obtain the list of users registered on the platform.\noractl:\u0026gt;help user list NAME user list - Lists the users in your platform. SYNOPSIS user list --help Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to list all registered users:\noractl:\u0026gt;user list ╔══╤════════════════╤═══════════════════════════════════════╗ ║Id│Username │Roles ║ ╠══╪════════════════╪═══════════════════════════════════════╣ ║1 │obaas-user │ROLE_USER ║ ╟──┼────────────────┼───────────────────────────────────────╢ ║2 │obaas-admin │ROLE_ADMIN,ROLE_CONFIG_EDITOR,ROLE_USER║ ╟──┼────────────────┼───────────────────────────────────────╢ ║3 │obaas-config │ROLE_CONFIG_EDITOR,ROLE_USER ║ ╟──┼────────────────┼───────────────────────────────────────╢ ║4 │obaas-user-test1│ROLE_USER ║ ╚══╧════════════════╧═══════════════════════════════════════╝ Delete User Use the user delete command to remove users from the platform.\nNOTE: User deletion is permanent and irreversible.\noractl:\u0026gt;help user delete NAME user delete - Delete a user in your platform. SYNOPSIS user delete [--username String] --id int --help OPTIONS --username String The username you want to delete. [Mandatory] --id int The user id from the user you want to delete. [Optional, default = 0] Ask for Help Slack: https://oracledevs.slack.com/archives/C03ALDSV272 E-mail: obaas_ww@oracle.com For example, to delete a user called obaas-user-test1:\noractl:\u0026gt;user delete --username obaas-user-test1 obaas-cli [user delete]: User [obaas-user-test1] as successfully deleted. Logging The log file for oractl on Mac or Unix machine is stored in the $HOME/config/orctl directory. The file name is oractl-cli-history.log\n","description":"The Oracle Backend for Spring Boot and Microservices offers a command-line interface (CLI), oractl. The CLI commands simplify the deployment of microservices applications as well as bindings with the resources that they use. Download the CLI here. The platform-specific binary can be renamed to oractl for convenience.\nTable of Contents:\nInstalling the CLI Using the CLI Available Commands Help Connect to the backend Create application namespace Delete application namespace Bind database schema/kubernetes secrets Deploy a service Create a horizontal pod autoscaler Delete a horizontal pod autoscaler List - show details about deployments Manage config server data GraalVM compile commands User Management Logging Information Installing the CLI The Oracle Backend for Spring Boot CLI is used to configure your backend and to deploy your Spring Boot applications to the backend."},{"id":22,"href":"/microservices-datadriven/spring/observability/","title":"Observability","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle Backend for Spring Boot and Microservices includes a number of common open source components to provide application observability including Prometheus, Grafana, Jaeger, and OpenTelemetry Collector.\nFor more details, read the following:\nMetrics Tracing ","description":"Oracle Backend for Spring Boot and Microservices includes a number of common open source components to provide application observability including Prometheus, Grafana, Jaeger, and OpenTelemetry Collector.\nFor more details, read the following:\nMetrics Tracing "},{"id":23,"href":"/microservices-datadriven/spring/","title":"Oracle Backend for Spring Boot and Microservices","parent":"","content":"Oracle Backend for Spring Boot and Microservices allows developers to build microservices in Spring Boot and provisions a \u0026ldquo;backend as a service\u0026rdquo; with Oracle Database and other infrastructure components that operate on multiple clouds. Oracle Backend for Spring Boot and Microservices vastly simplifies the task of building, testing, and operating microservices platforms for reliable, secure, and scalable enterprise applications.\nVersion 1.3.0 (production) released September, 2024 Oracle Backend for Spring Boot and Microservices Version 1.3.0 is now generally available and suitable for production use. This version supports and recommends Spring Boot 3.3.x, 3.2.x, Spring 6.1 and Spring Cloud 2023.0.x, with limited backwards compatibility for Spring Boot 2.7.x. If you are building Spring Boot applications with Oracle Database, you should also check out Spring Cloud Oracle which is the home of a number of the components used in Oracle Backend for Spring Boot and Microservices, and which you can also use in your own applications!\nTry it out with CloudBank AI To learn more about deploying and using Oracle Backend for Spring Boot and Microservices, we recommend our CloudBank AI self-paced, on-demand hands-on lab.\nIn the CloudBank AI hands-on lab, you can learn how to:\nInstall Oracle Backend for Spring Boot and Microservices. Set up a development environment for Spring Boot. Build Spring Boot microservices from scratch using Spring Web to create Representational State Transfer (REST) services. Use service discovery and client-side load balancing. Use Spring Actuator to allow monitoring of services. Create services that use asynchronous messaging with Java Message Service (JMS) instead of REST. Implement the Saga pattern to manage data consistency across microservices. Use the APISIX API Gateway to expose services to clients. Build a conversational chatbot using Spring AI and self-host LLMs with Ollama. Learn more To learn more, watch this short introductory video:\nIn addition to an Oracle Autonomous Database Serverless instance, the following software components are deployed in an Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes cluster (OKE cluster):\nApache APISIX API Gateway and Dashboard Apache Kafka Grafana HashiCorp Vault Jaeger Apache Kafka Loki Netflix Conductor OpenTelemetry Collector Oracle Autonomous Database Serverless Oracle Backend for Spring Boot Command Line Interface (CLI) Oracle Backend for Spring Boot Visual Studio Code Plugin Oracle Coherence Oracle Database Operator for Kubernetes (OraOperator or the operator) Oracle Database Observability Exporter Oracle Transaction Manager for Microservices (MicroTx) Prometheus Promtail Spring Boot Admin dashboard Spring Cloud Config server Spring Cloud Eureka service registry Spring Operations Center Strimzi Kafka Operator Developers also have access to development or build time services and libraries including:\nA command-line interface (CLI) to manage service deployment and configuration, including database schema management. Visual Studio Code (VS Code) plugin to manage service deployment and configuration. IntelliJ plugin to manage service deployment and configuration. Spring CLI support for project creation. Spring Data (Java Persistence API (JPA) and Oracle JDBC) to access Oracle Database. Oracle Java Database Connectivity (Oracle JDBC) drivers. Spring Cloud Config client. Spring Eureka service discovery client. Spring Cloud OpenFeign. OpenTelemetry Collector (including automatic instrumentation). Spring Starters for Oracle Universal Connection Pool (UCP), Oracle Wallet, Oracle Advanced Queuing (AQ), and Transactional Event Queues (TxEventQ). Need help? We\u0026rsquo;d love to hear from you! You can contact us in the #oracle-db-microservices channel in the Oracle Developers slack workspace, or open an issue in GitHub.\n","description":"Oracle Backend for Spring Boot and Microservices allows developers to build microservices in Spring Boot and provisions a \u0026ldquo;backend as a service\u0026rdquo; with Oracle Database and other infrastructure components that operate on multiple clouds. Oracle Backend for Spring Boot and Microservices vastly simplifies the task of building, testing, and operating microservices platforms for reliable, secure, and scalable enterprise applications.\nVersion 1.3.0 (production) released September, 2024 Oracle Backend for Spring Boot and Microservices Version 1."},{"id":24,"href":"/microservices-datadriven/spring/platform/intellij-plugin/","title":"Oracle Backend for Spring Boot and Microservices IntelliJ Plugin","parent":"Platform Services","content":" GA 1.3.0 - September, 2024 Oracle Backend for Spring Boot and Microservices (OBaaS) is an IntelliJ plugin to browse, deploy, and modify workloads on the Oracle Backend for Spring Boot and Microservices platform.This plug-in implements the functionalities available in the Oracle Backend for Spring Boot and Microservices CLI, simplifying access to Oracle Backend for Spring Boot and Microservices deployments from an IntelliJ IDE.\nThe plug-in allows access to the Oracle Backend for Spring Boot and Microservices platform services, including the Grafana, Spring, APISIX, Eureka and Jaeger web admin consoles. Additionally, you may create and bind workloads to your Oracle Backend for Spring Boot and Microservices database deployment. Users may inspect Oracle Backend for Spring Boot and Microservices deployment namespaces, workloads, and related configuration.\nSee the Oracle Free Use Terms and Conditions License\nPrerequisites An operational Oracle Backend for Spring Boot and Microservices deployment, as configured through platform setup. Access to a Kubernetes cluster where Oracle Backend for Spring Boot and Microservices is deployed from your IntelliJ IDE. Installation Download the IntelliJ plugin ZIP file from here.\nOn the IntelliJ Settings plugins page, click the \u0026ldquo;gear\u0026rdquo; icon and select Install Plugin from Disk\u0026hellip;. Browse your filesystem for the IntelliJ plugin ZIP file, and select it.\nClick OK, and restart your IDE to load the Oracle Backend for Spring Boot and Microservices plugin.\nIf you do not see the Oracle Backend for Spring Boot and Microservices icon on your IDE\u0026rsquo;s toolbar, navigate to View -\u0026gt; Tool Windows, and select \u0026ldquo;OBaaS\u0026rdquo; to add it to your IDE\u0026rsquo;s tool window bar.\nProxy Configuration If you are connecting to your Kubernetes cluster through a proxy server, configure your IntelliJ proxy settings from Settings -\u0026gt; Proxy. Th Oracle Backend for Spring Boot and Microservices will use your IntelliJ system proxy settings to connect to your Kubernetes cluster.\nConfiguring the Oracle Backend for Spring Boot and Microservices Connection Open the plugin tool window by clicking the \u0026ldquo;OBaaS\u0026rdquo; icon on the IntelliJ tool bar, and click the \u0026ldquo;wrench\u0026rdquo; icon to open the Oracle Backend for Spring Boot and Microservices connection settings.\nEnter the Oracle Backend for Spring Boot and Microservices username, password, kubeconfig for the Kubernetes cluster, and the local port the Oracle Backend for Spring Boot and Microservices admin tunnel will bind to. The default kubeconfig and context may already be selected.\nWhen you\u0026rsquo;re done, click \u0026ldquo;Test Connection\u0026rdquo; to verify the Oracle Backend for Spring Boot and Microservices connectivity. If you\u0026rsquo;ve configured your kubeconfig and Oracle Backend for Spring Boot and Microservices credentials correctly, you should see a connection successful message:\nKnown issue with Kubernetes authentication If you are using a Kubeconfig shell exec config to authenticate to your Kubernetes cluster from the Oracle Backend for Spring Boot and Microservices, you may need to provide the full path to the authenticating binary:\nusers: - name: my-user user: exec: apiVersion: client.authentication.k8s.io/v1beta1 # Provide the full path to the authenticating binary here command: /usr/local/bin/oci Managing Oracle Backend for Spring Boot and Microservices Connection States To refresh the Oracle Backend for Spring Boot and Microservices connection, click the \u0026ldquo;Refresh\u0026rdquo; button at the top of the Oracle Backend for Spring Boot and Microservices tool window.\nTo cancel all active connections, click the red \u0026ldquo;Close Connections\u0026rdquo; button at the top of the Oracle Backend for Spring Boot and Microservices tool window.\nExplore Oracle Backend for Spring Boot and Microservices Resources Once you are connected to Oracle Backend for Spring Boot and Microservices, click on the context node in the tool window tree to view Oracle Backend for Spring Boot and Microservices resources in your cluster.\nOracle Backend for Spring Boot and Microservices namespaces are shown in the \u0026ldquo;namespaces\u0026rdquo; section, each namespace containing a list of applications. Links to platform service dashboards are shown in the \u0026ldquo;platform services\u0026rdquo; section. Configuration properties are listed in the \u0026ldquo;configuration\u0026rdquo; section. Working with namespaces and workloads Create a new namespace To create a new namespace, right click on the namespace and select \u0026ldquo;Add Namespace\u0026rdquo;.\nAfter you click OK, the namespace will be created and appear in the namespace list in a few moments.\nYou can delete a namespace by right clicking on that namespace, and selecting \u0026ldquo;Delete Namespace\u0026rdquo;. When a namespace is deleted, all applications in the namespace will also be deleted.\nDeploying workloads into namespaces To deploy a workload into a namespace, right click that namespace and select \u0026ldquo;Add Workload -\u0026gt; Upload .jar\u0026rdquo; for JVM workloads or \u0026ldquo;Add Workload -\u0026gt; Upload .exec\u0026rdquo; for GraalVM native workloads.\nOn the Add Workload form, enter workload data.\nDatabase username will default to the workload name if not specified, and is used for Java Message Service Transactional Event Queue authentication. When you click OK, the JAR/exec file will be uploaded to Oracle Backend for Spring Boot and Microservices, an image is built, and the workload deployed to the cluster namespace. The task duration will vary depending on the size of the upload file and your network connection for upload.\nWorkload autoscalers To create an autoscaler for a workload, right-click the workload and select \u0026ldquo;Create Autoscaler\u0026rdquo;. Autoscalers are configured on workload CPU, and specify minimum and maximum scale replicas.\nYou may also deletea workload\u0026rsquo;s autoscaler from the workload context menu.\nPublishing workloads A workload can be published on an APISIX route by right-clicking the workload, providing the APISIX admin key and the desired route.\nAccessing Oracle Backend for Spring Boot and Microservices Platform Services To access the web console of an Oracle Backend for Spring Boot and Microservices platform service (Grafana, Spring Admin, APISIX, Eureka, or Jaeger), right-click on the service\u0026rsquo;s name under the \u0026ldquo;platform services\u0026rdquo; section and click \u0026ldquo;Connect\u0026rdquo;.\nOnce the connection is complete, click the \u0026ldquo;Open console\u0026rdquo; link on the completion message to navigate to the service\u0026rsquo;s web console.\nConfiguration Properties Workload configuration can be browsed and edited through the \u0026ldquo;configuration\u0026rdquo; section. To add a new configuration property, right-click either the top-level configuration section or a specific configuration node.\nA property is associated with a given configuration service, and may have a label, profile, key, and value.\n","description":"GA 1.3.0 - September, 2024 Oracle Backend for Spring Boot and Microservices (OBaaS) is an IntelliJ plugin to browse, deploy, and modify workloads on the Oracle Backend for Spring Boot and Microservices platform.This plug-in implements the functionalities available in the Oracle Backend for Spring Boot and Microservices CLI, simplifying access to Oracle Backend for Spring Boot and Microservices deployments from an IntelliJ IDE.\nThe plug-in allows access to the Oracle Backend for Spring Boot and Microservices platform services, including the Grafana, Spring, APISIX, Eureka and Jaeger web admin consoles."},{"id":25,"href":"/microservices-datadriven/spring/platform/vscode-plugin/","title":"Oracle Backend for Spring Boot and Microservices Visual Studio Code Extension","parent":"Platform Services","content":" GA 1.1.3 - March, 2024 \u0026ldquo;Oracle Backend for Spring Boot and Microservices\u0026rdquo; is a VS Code extension to browse and deploy applications on the Oracle Backend for Spring Boot and Microservices platform. This plugin allows to inspect the content of an Oracle Backend for Spring Boot deployment, in terms of applications, services and related configurations. It simplifies the access to the Platform Services installed, like Grafana, Spring, Apisix, Eureka and Jaeger creating ssh tunnels on-demand, and providing access to their respective web admin consoles. It allows to add credentials to access and bind services to the Oracle Autonomous DB included into Oracle Backend for Spring Boot and Microservices deployment. This plug-in replicates the functionalities available in OBaas CLI and simplify the access to Oracle Backend for Spring Boot and Microservices deployments from a development IDE like VS Code.\nSee the Oracle Free Use Terms and Conditions License\nPrerequisites You must have already installed and configured the following software which required for the Oracle Backend for Spring Boot and Microservices Setup:\nKubernetes command-line interface (kubectl) Oracle Cloud Infrastructure command-line interface OpenJDK Runtime Environment GraalVM 22.3 or above (optional). Installation Download the plug-in from here.\nOn the VS Code left menu bar, click on the Extensions symbol:\nFrom the upper right menu, select Install from VSIX\u0026hellip; and upload the plugin binaries that were previously downloaded:\nRestart VS Code to make the plugin fully operational.\nIf you do not see the plugin in the left menu bar, with the Oracle logo (as shown here), click on Additional Views to select the Oracle Backend for Spring Boot and Microservices:\nUsing VS Code Plugin After selecting the plugin from the left menu bar, the Oracle Backend for Spring Boot and Microservices VS Code plugin asks you to specify the full path for the Kubernetes configuration file. For example:\nBy default, it shows the path in the user\u0026rsquo;s Home directory .kube/config in which kubectl stores all of the information regarding the configured K8s clusters. You can set the full path of another Kubernetes configuration file. If the file is correctly loaded, the plugin shows the list of contexts available from which you can select one:\nIf successful, you should see a tree view with one node and the selected context. For example:\nIf the file path has not been correctly set, it returns an error message. For example:\nTo restart the plugin and proceed with setting the Kubernetes configuration file, execute a window reload in the command palette:\nHow to Access the Cluster Until you create a dedicated ssh tunnel to the Kubernetes cluster, and if you do not connect to Oracle Backend for Spring Boot and Microservices administrative services, you cannot browse resources included in the Oracle Backend for Spring Boot and Microservices deployment. To do this, follow these steps:\nSelect the cluster and right-click, choosing Set UID/PWD menu item to insert credentials related to your user account. For example:\nSpecify the OBSBM Admin ID for the Oracle Backend for Spring Boot and Microservices user for deployment. For example:\nOn the top menu, the Oracle Backend for Spring Boot and Microservices administrator OBSBM Admin password is required. For example:\nTwo dialog boxes confirm that the credentials have been set correctly. For example:\nNOTE: If you do not process these steps and try to expand the Kubernetes context, you receive this informational message:\nSelect the cluster again and right-click on Create Admin tunnel. VS Code opens two new terminal that tries to open two tunnels to the Kubernetes cluster on a local port, for the KubeProxy on port 7080 and to Backend starting from 8080. For example:\nBefore proceeding to the connection, wait until the tunnel are established and the terminals show a message similar to this:\nNOTE: If the K8s cluster is not related to an Oracle Backend for Spring Boot and Microservices deployment, the tunnel creation fails, because it will look for the services/obaas-admin in the namespace obaas-admin. In this case, execute a window reload to chose another cluster from the command palette. If you have any problem with the connection, start another tunnel. The plugin tries to connect to the cluster on another local port.\nSelect the cluster again and right-click Connect. This creates a session with the credentials set up in the first step.\nExplore Resources When the steps to create the tunnel are completed and you are connected to the backend, it is possible to expand and Refresh the tree related to the deployment. For example:\nYou see four top classes of resources that can be expanded in underlying items:\napplications : The list of applications deployed and the holding services. Oracle DB : In this release there is one Oracle Database in which the configurations and schemas related to deployed services are stored. platformServices : The list of Oracle Backend for Spring Boot and Microservices deployed services, like Grafana, Spring, Apache APISIX, Eureka and Jaeger. oBaasConf : The list of keys defined by the applications, stored in the Oracle Database, that are provisioned and available to share configurations information among services in each application. Applications Let\u0026rsquo;s look at the operations that you can do on Applications root item of the browse tree:\nOpen the list by clicking on the arrow to the left of applications:\nExpand the application you are interested to see the list of included services:\nApplications level commands At the root level, right-click on applications, you have the following list of commands available right-clicking on the line:\nAdd application Compilation progress Compile .jar in .exec Download compiled file in .exec Purge compilation files Add application With this option you can create a Kubernetes namespace will hold single Spring Boot microservice. It will be prompted the name of the application:\nWith this operation will be injected in the namespace a set of Secrets needed to run the microservices will be deployed.\nCompilation progress If it has been started a compilation with the command Compile .jar in .exec, you will see the tail of logs collected during the jar file compilation with GraalVM, in a single windows pane. You can re-submit the command to see the progress, as shown here:\nIf the compilation process is over successfully, you will see something like this:\nCompile .jar in .exec This option allows you to upload a .jar file to the Oracle Backend for Spring Boot and Microservices to a GraalVM compiler service. This service will start a compilation of your microservice in a native file, that it will be executed without JVM support. Since the compilation of a .jar file via the tool native-image does not support cross-compilation, so it must be on the same kind of platform where the application will run, this service guarantees a compilation in the same Operating System and CPU type where the service it will be executed on the Kubernetes cluster. The Spring Boot application pom.xml with the plugin:\n\u0026lt;plugin\u0026gt; \u0026lt;groupId\u0026gt;org.graalvm.buildtools\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;native-maven-plugin\u0026lt;/artifactId\u0026gt; \u0026lt;/plugin\u0026gt; it should be previously compiled on the developer desktop with GraalVM 22.3 or above through an mvn command like:\nmvn -Pnative native:compile -Dmaven.test.skip=true\nThis pre-compilation on your desktop needs not only to check if there are any issues on libraries used in your Spring Boot microservice but also, as you can read here, your executable jar file must include AOT generated assets such as generated classes and JSON hint files.\nAs soon as you upload the .jar file, the process will start showing these messages:\nDownload compiled file in .exec If the compilation progress report a \u0026ldquo;Finished generating \u0026lsquo;\u0026hellip;\u0026rdquo; message, you can download locally the .exec file to be used to deploy a new microservice under an application namespace. It will be only required to choose a directory in which to save the file.\nNOTE: if you\u0026rsquo;ll ask to download a file before the compilation is over, you will have a message like this:\nPurge compilation files After you have compiled and downloaded the executable file, it\u0026rsquo;s a good practice to purge files created on the compilation service before proceeding to other compilations. This command will delete the files related to the latest compilation.\nApplication level commands Expanding a single application, in which you are interested to see the list of included services, you will see a tree like in this picture:\nTo show the updated list, click on the Refresh button to the right of application.\nRight-clicking on each application, you can:\nAdd native service -\u0026gt; upload .exec Add service -\u0026gt; upload .jar Bind a service Delete application as shown here:\nAdd native service -\u0026gt; upload .exec The VS Code command palette prompts for the required parameters to upload an executable file coming from a compilation done with the service offered by Oracle Backend for Spring Boot and Microservices. At the end of compilation process, you can download the .exec file and use it to create a native executable Spring Boot microservices on the backend platform. Choosing this item menu, the parameters will be required are:\nA popup dialog box opens to select the local Spring Boot .exec file, that will be the only type that you can select:\nService Name\nBind [jms] (Default: ``)\nService Port (Default: 8080)\nService Profile (Default: obaas)\nImage Version (Default: 0.0.1)\nInitial Replicas (Default: 1)\nAdd Health probe? : [True]/[False] (Default: True)\nAt the end of the parameters collection, a process, that includes the .exec file upload, building image and deploying, starts. It generates a sequence of messages showing the status. These messages end with \u0026ldquo;Service deployed successfully!\u0026rdquo; or \u0026ldquo;Deploy failed\u0026rdquo;. The size and network constraints determine the amount of time for the process to terminate.\nAdd service -\u0026gt; upload .jar The Add -\u0026gt; upload .jar command uploads a Spring Boot Microservice to an application packaged as a .jar file. Choosing this item menu, selecting a single application, the parameters will be required are:\nA popup dialog box opens to select the local Spring Boot .jar file\nService Name\nBind [jms] (Default: ``)\nImage Version (Default: 0.0.1)\nJava image (Default: ghcr.io/graalvm/jdk:ol7-java17-22.2.0)\nAdd Health probe? : [True]/[False] (Default: True)\nService Port (Default: 8080)\nService Profile (Default: obaas)\nInitial Replicas (Default: 1)\nInform the database name for Liquibase: username for Liquibase.\nAt the end of the parameters collection, a process, that includes the .jar upload, building image and deploying, starts. It generates a sequence of messages showing the status. These messages end with \u0026ldquo;Service deployed successfully!\u0026rdquo; or \u0026ldquo;Deploy failed\u0026rdquo;. The size and network constraints determine the amount of time for the process to terminate.\nBind a service This command create/update a user on the Oracle DB according the service name typed, or optionally to a different user schema, to which bind a Spring Boot microservice that will store data into the DB. It also store secrets with the user credentials into the application namespace, in order to inject them into the related pods. If the schema exists, it impose to change the user password will be stored in the namespace. The parameters required are:\nService Name: DB User (optional): DB User Password: Spring Binding Prefix (optional): (Default: spring.datasource) Update? [True]/[False] (Default: True) Delete Application This command removes the application and all the services included. At the end of process, you see one of two messages: \u0026ldquo;Delete successful\u0026rdquo; or \u0026ldquo;Delete application failed!\u0026rdquo;. Refresh the tree at applications level to show the current application list. The termination of Pods and applications isn\u0026rsquo;t a synchronous operation. You may have to refresh more than one time for a clean view.\nService level commands With a right click on a single service you will have the following commands:\nCreate autoscaler Delete autoscaler Delete service Publish service as shown here:\nCreate autoscaler Create a Kubernetes autoscaler for the selected pod.\nminReplicas (Default: 1) maxReplicas (Default: 1) cpuPercent (Default: ``) cpuRequest (Default: 100m) Delete autoscaler Delete an existing autoscaler\nDelete service Selecting the service from the tree, under a specific application, you will remove the service deployment, and the active pods will be removed.\nPublish service This command creates a route in the APISix Gateway available in the Oracle Backend for Spring Boot and Microservices, in order to expose on Internet the selected service. To be performed, this command requires the APISix AdminKey, and a port-forward to the APISix engine.\nYou can get the AdminKey from the APISix configmap, using a kubectl command:\nkubectl -n apisix get configmap apisix -o yaml\nlooking for the -name: \u0026quot;admin\u0026quot; key.\nThe parameters you have to provide are:\nAPISix AdminKey: Url base path: (Default: /api/v1/). This path will be automatically appended by the service name to create the route accessible from an url like: http(s)://[LB_IP]/api/v1/[servicename]* A successful operation will return the Route ID recorded into the APISix, as shown in this example:\nThis is a shortcut with a standard registration: to customize the route, or start from scratch, is suggested the usage of APISix console.\nOracle DB For each Oracle Backend for Spring Boot and Microservices, an Oracle Autonomous Transaction Processing database is provisioned on OCI to hold the schema for the Spring Boot services and backend\u0026rsquo;s configuration details. The icon remembers the component deployed with the backend platform.\nplatformServices The platformServices option can be expanded to show the services available in the Oracle Backend for Spring Boot and Microservices platform. For each service, right-click on the symbol to open an ssh tunnel to the service, on a specific local port that is automatically chosen. A link opens in the default web browser for the administrator console of each platform service.\nFor example, by right-clicking on grafana monitor, a tunnel will be opened with a message holding a button to open a web browser on the administrator\u0026rsquo;s Grafana console. For example:\nThe apisix console shows one more command compared with the others, that allows you to open a tunnel to the engine, that is listening on a different port than the console. This enable the Publish service command available on each service.\nNOTE: If the port is already used or the connection times out, right clicking again it will automatically open on another port.\noBaasConf Configuration With Oracle Backend for Spring Boot and Microservices, developers can store the metadata and configurations to share among Pods in an application. The VS Code plugin can browse the content of this Key/Values store and add, update and delete keys as needed.\nExpand oBaasConf configuration to see the applications that are deployed and, expanding each of them, the Key/Value pair. For example:\nHover the mouse over each Key/Value pair to see the other metadata related to the key: profile and label, as shown here:\nYou can process the following operations:\nAdd key : By right-clicking oBaasConf configuration or one of the service-conf options in the VS Code command palette, you will set the following key parameters:\nservice name (mandatory) label profile propKey value Click on Refresh button to see the new key added.\nNOTE: You can add configuration properties for a service that is not yet deployed. In some cases, it is mandatory to prepare properties before deploying services in order to correctly start them.\nEdit key : Right-click on a selected key in the VS Code command palette to update the current content of Value.\nDelete key : Right-click on a selected key to delete it.\n","description":"GA 1.1.3 - March, 2024 \u0026ldquo;Oracle Backend for Spring Boot and Microservices\u0026rdquo; is a VS Code extension to browse and deploy applications on the Oracle Backend for Spring Boot and Microservices platform. This plugin allows to inspect the content of an Oracle Backend for Spring Boot deployment, in terms of applications, services and related configurations. It simplifies the access to the Platform Services installed, like Grafana, Spring, Apisix, Eureka and Jaeger creating ssh tunnels on-demand, and providing access to their respective web admin consoles."},{"id":26,"href":"/microservices-datadriven/spring/starters/aqjms/","title":"Oracle Spring Boot Starter for AQ/JMS","parent":"Oracle Spring Boot Starters","content":"This starter provides support for Oracle Transactional Event Queues (TxEventQ) and Oracle Advanced Queuing (AQ) as Java Message Service (JMS) providers. It depends on the Universal Connection Pool (UCP) starter.\nNote: By default, the data Source and JMS Connection Factory that the starter injects into your application share the same database transaction. This means that you can start a transaction, read from a queue, perform an update operation, and then commit or rollback that whole unit of work, including the message consumption.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-aqjms\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-aqjms:23.4.0\u0026#39; To configure your application to use Oracle Transactional Event Queues or Oracle Advanced Queuing, you must annotate you application with the @EnableJms annotation, and create the two following beans:\nA JmsListenerContainerFactory\u0026lt;?\u0026gt; bean, which can be created as shown in the following example. Note that you can override settings if you need to. Also, note that the name of the method defines the name of the factory, which you will use when creating JMS listeners. A MessageConverter bean to map objects of your class representing the payload into a text based format (like JSON) that can be used in the actual messages. Note: Any queues or topics that you want to use must be pre-created in the database. See Sample Code for examples.\npackage com.example.aqjms; import jakarta.jms.ConnectionFactory; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.jms.DefaultJmsListenerContainerFactoryConfigurer; import org.springframework.context.ConfigurableApplicationContext; import org.springframework.context.annotation.Bean; import org.springframework.jms.annotation.EnableJms; import org.springframework.jms.config.DefaultJmsListenerContainerFactory; import org.springframework.jms.config.JmsListenerContainerFactory; import org.springframework.jms.core.JmsTemplate; import org.springframework.jms.support.converter.MappingJackson2MessageConverter; import org.springframework.jms.support.converter.MessageConverter; import org.springframework.jms.support.converter.MessageType; @SpringBootApplication @EnableJms public class JmsSampleApplication { @Bean public JmsListenerContainerFactory\u0026lt;?\u0026gt; myFactory(ConnectionFactory connectionFactory, DefaultJmsListenerContainerFactoryConfigurer configurer) { DefaultJmsListenerContainerFactory factory = new DefaultJmsListenerContainerFactory(); // This provides all Boot\u0026#39;s defaults to this factory, including the message converter configurer.configure(factory, connectionFactory); // You could override some of Boot\u0026#39;s defaults here if necessary return factory; } @Bean public MessageConverter jacksonJmsMessageConverter() { MappingJackson2MessageConverter converter = new MappingJackson2MessageConverter(); converter.setTargetType(MessageType.TEXT); converter.setTypeIdPropertyName(\u0026#34;_type\u0026#34;); return converter; } public static void main(String[] args) { ConfigurableApplicationContext context = SpringApplication.run(JmsSampleApplication.class, args); } } To send a message to a JMS queue or topic, get an instance of the JmsTemplate from the Spring Application context, and call the convertAndSend() method specifying the name of the queue or topic, and providing the object to be converted and sent in the payload of the message, as shown in the following example:\nJmsTemplate jmsTemplate = context.getBean(JmsTemplate.class); jmsTemplate.convertAndSend(\u0026#34;mailbox\u0026#34;, new Email(-1, \u0026#34;info@example.com\u0026#34;, \u0026#34;Hello\u0026#34;)); To receive messages from a JMS queue or topic, create a method that takes your message class, for example Email, as input. Annotate the method with the @JmsListener annotation, specifying the destination, that is the name of the queue or topic, and the container factory name that you created earlier, as shown in the following example:\npackage com.example.aqjms; import org.springframework.jms.annotation.JmsListener; import org.springframework.stereotype.Component; @Component public class Receiver { @JmsListener(destination = \u0026#34;mailbox\u0026#34;, containerFactory = \u0026#34;myFactory\u0026#34;) public void receiveMessage(Email email) { System.out.println(\u0026#34;Received \u0026lt;\u0026#34; + email + \u0026#34;\u0026gt;\u0026#34;); } } Note that the starter uses the configuration for spring.datasource as the connection details for the Oracle Database hosting the queues and topics. If you wish to use a different configuration, you must use a named configuration, for example spring.datasource.txeventq and use Java configuration (as shown for the UCP starter) and annotate the configuration with the standard Spring @Qualifier annotation, specifying the correct name, for example txevevntq.\n","description":"This starter provides support for Oracle Transactional Event Queues (TxEventQ) and Oracle Advanced Queuing (AQ) as Java Message Service (JMS) providers. It depends on the Universal Connection Pool (UCP) starter.\nNote: By default, the data Source and JMS Connection Factory that the starter injects into your application share the same database transaction. This means that you can start a transaction, read from a queue, perform an update operation, and then commit or rollback that whole unit of work, including the message consumption."},{"id":27,"href":"/microservices-datadriven/spring/starters/ucp/","title":"Oracle Spring Boot Starter for Universal Connection Pool","parent":"Oracle Spring Boot Starters","content":"This starter provides a connection (data source) to an Oracle Database using Universal Connection Pool, which provides an efficient way to use database connections.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-ucp\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-ucp:23.4.0\u0026#39; An Oracle data source is injected into your application and can be used normally. You must configure the data source as shown below, and you should also add either Spring Data JDBC or Spring Data JPA to your project.\nTo configure the data source, provide a spring.datasource object in your Spring application.yaml, or equivalent, as shown in the following example. The oracleucp entry is optional, and can be used to fine tune the configuration of the connection pool, if desired. For details of available settings, refer to the JavaDoc.\nspring: jpa: hibernate: ddl-auto: validate properties: hibernate: dialect: org.hibernate.dialect.OracleDialect format_sql: true show-sql: true datasource: url: jdbc:oracle:thin:@//myhost:1521/pdb1 username: account password: account driver-class-name: oracle.jdbc.OracleDriver type: oracle.ucp.jdbc.PoolDataSource oracleucp: connection-factory-class-name: oracle.jdbc.pool.OracleDataSource connection-pool-name: AccountConnectionPool initial-pool-size: 15 min-pool-size: 10 max-pool-size: 30 The spring.datasource.url can be in the basic format (as previously shown), or in TNS format if your application uses Transparent Network Substrate (TNS).\nNote that the connections to the database use the DEDICATED server by default. If you wish to use SHARED or POOLED, you can append that to the basic URL, or add it to the TNS names entry. For example, to use database resident pooled connections, you would change the URL shown in the previous example to the following:\ndatasource: url: jdbc:oracle:thin:@//myhost:1521/pdb1:pooled If you are using TNS, add server=pooled to the connect_data. For example:\nmydb_tp = (description= (retry_count=20) (retry_delay=3) (address=(protocol=tcps)(port=1521)(host=myhost)) (connect_data=(service_name=pdb1)(server=pooled)) (security=(ssl_server_dn_match=yes))) If you prefer to use Java configuration, the data source can be configured as shown in the following example:\nimport oracle.jdbc.pool.OracleDataSource; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.sql.DataSource; import java.sql.SQLException; @Configuration public class DataSourceConfiguration { @Bean public DataSource dataSource() throws SQLException { OracleDataSource dataSource = new OracleDataSource(); dataSource.setUser(\u0026#34;account\u0026#34;); dataSource.setPassword(\u0026#34;account\u0026#34;); dataSource.setURL(\u0026#34;jdbc:oracle:thin:@//myhost:1521/pdb1\u0026#34;); dataSource.setDataSourceName(\u0026#34;AccountConnectionPool\u0026#34;); return dataSource; } } ","description":"This starter provides a connection (data source) to an Oracle Database using Universal Connection Pool, which provides an efficient way to use database connections.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-ucp\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-ucp:23.4.0\u0026#39; An Oracle data source is injected into your application and can be used normally. You must configure the data source as shown below, and you should also add either Spring Data JDBC or Spring Data JPA to your project."},{"id":28,"href":"/microservices-datadriven/spring/starters/wallet/","title":"Oracle Spring Boot Starter for Wallet","parent":"Oracle Spring Boot Starters","content":"This starter provides support for wallet-based authentication for Oracle Database connections. It depends on the UCP starter.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-wallet\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-wallet:23.4.0\u0026#39; You need to provide the wallet to your application. You can specify the location in the spring.datasource.url as shown in the following example.\njdbc:oracle:thin:@mydb_tp?TNS_ADMIN=/oracle/tnsadmin Note that the location specified in the sqlnet.ora must match the actual location of the file.\nIf your service is deployed in Kubernetes, then the wallet should be placed in a Kubernetes secret which is mounted into the pod at the location specified by the TNS_ADMIN parameter in the URL.\n","description":"This starter provides support for wallet-based authentication for Oracle Database connections. It depends on the UCP starter.\nTo add this starter to your project, add this Maven dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-wallet\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; For Gradle projects, add this dependency:\nimplementation \u0026#39;com.oracle.database.spring:oracle-spring-boot-starter-wallet:23.4.0\u0026#39; You need to provide the wallet to your application. You can specify the location in the spring.datasource.url as shown in the following example.\njdbc:oracle:thin:@mydb_tp?TNS_ADMIN=/oracle/tnsadmin Note that the location specified in the sqlnet."},{"id":29,"href":"/microservices-datadriven/spring/starters/","title":"Oracle Spring Boot Starters","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle provides a number of Spring Boot Starters that make it easy to use various Oracle technologies in Spring Boot projects.\nThe Oracle Spring Boot Starters are available in Maven Central and include the following starters.\nNote: The versioning of starters was originally in line with the matching Spring Boot version, but starting in November, 2023, the version numbering scheme was changed to more closely align with Oracle Database version numbering. The 23.4.0 starter is supported for Spring Boot 3.0 and later (including 3.1, 3.2). For Spring Boot 2.7.x users, use the matching 2.7.x version of the starter.\nOracle Spring Boot Starter for Universal Connection Pool Oracle Spring Boot Starter for Wallet Oracle Spring Boot Starter for AQ/JMS ","description":"Oracle provides a number of Spring Boot Starters that make it easy to use various Oracle technologies in Spring Boot projects.\nThe Oracle Spring Boot Starters are available in Maven Central and include the following starters.\nNote: The versioning of starters was originally in line with the matching Spring Boot version, but starting in November, 2023, the version numbering scheme was changed to more closely align with Oracle Database version numbering."},{"id":30,"href":"/microservices-datadriven/spring/platform/","title":"Platform Services","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle Backend for Spring Boot and Microservices includes a number of Spring platform components that provide services to applications deployed to the platform.\nFor more details, read about:\nAPI Gateway Service Discovery Configuration Workflow Spring Admin Using the CLI MicroTx Vault VS Code Plugin IntelliJ Plugin ","description":"Oracle Backend for Spring Boot and Microservices includes a number of Spring platform components that provide services to applications deployed to the platform.\nFor more details, read about:\nAPI Gateway Service Discovery Configuration Workflow Spring Admin Using the CLI MicroTx Vault VS Code Plugin IntelliJ Plugin "},{"id":31,"href":"/microservices-datadriven/spring/development/envvars/","title":"Predefined Variables","parent":"Development","content":"When you deploy a Spring Boot application using the Oracle Backend for Spring Boot and Microservices CLI or Visual Code extension, a number of predefined environment variables will be injected into the pod definition. You may reference any of these variables in your application.\nThe predefined variables are as follows:\napp.container.port, for example 8080.\nThis sets the listen port for the pod and service. The Spring Boot application will listen on this port. The default is 8080. This can be set using the --port parameter on the deploy command in the CLI. spring.profiles.active, for example default.\nThis sets the Spring profiles that will be active in the application. The default value is default. This can be changed set the --service-profile parameter on the deploy command in the CLI. spring.config.label, for example 0.0.1.\nThis is a label that can be used with Spring Config to look up externalized configuration from Spring Config Server, along with the application name and the profile. eureka.instance.preferIpAddress, for example true.\nThis tells the Eureka discovery client to use the preferIpAddress setting. This is required in Kubernetes so that service discover will work correctly. eureka.instance.hostname, for example customer32.application.\nThis sets the hostname that Eureka will use for this application. MP_LRA_COORDINATOR_URL, for example http://otmm-tcs.otmm.svc.cluster.local:9000/api/v1/lra-coordinator.\nThis is the URL for the transaction manager which is required when using Eclipse Microprofile Long Running Actions in your application. MP_LRA_PARTICIPANT_URL, for example http://customer32.application.svc.cluster.local:8080.\nThis is the participant URL which is required when using Eclipse Microprofile Long Running Actions in your application. eureka.client.register-with-eureka, for example true.\nThis tells the Eureka discovery client to register with the Eureka server. eureka.client.fetch-registry, for example true.\nThis tells the Eureka discovery client to make a local copy of the registry by fetching it from the Eureka server. eureka.client.service-url.defaultZone, for example http://eureka.eureka:8761/eureka.\nThis is the default zone for the Eureka discovery client. zipkin.base-url, for example http://jaegertracing-collector.observability.svc.cluster.local:9411/api/v2/spans.\nThis is the URL of the Zipkin-compatible trace collector which can be used by your application to send trace data to the platform. otel.exporter.otlp.endpoint, for example http://open-telemetry-opentelemetry-collector.open-telemetry:4318/v1/traces.\nThis is the URL of the OpenTelemetry (OTLP protocol) trace collector which can be used by your application to send trace data to the platform. config.server.url, for example http://config-server.config-server.svc.cluster.local:8080.\nThis is the URL of the Spring Config Server provided by the platform. liquibase.datasource.username, for example set to the key db.username in secret admin-liquibasedb-secrets.\nThis sets the (admin) user that should be used to run Liquibase, if used in your service. liquibase.datasource.password, for example set to the key db.password in secret admin-liquibasedb-secrets.\nThis sets the (admin) user\u0026rsquo;s password that should be used to run Liquibase, if used in your service. spring.datasource.username, for example set to the key db.username in secret customer32-db-secrets.\nThis sets the (regular) user for your application to use to connect to the database (if you use JPA or JDBC in your application). spring.datasource.password:, for example set to the key db.password in secret customer32-db-secrets.\nThis sets the (regular) user\u0026rsquo;s password for your application to use to connect to the database (if you use JPA or JDBC in your application). DB_SERVICE, for example set to the key db.service in secret customer32-db-secrets.\nThis sets the database service name (the TNS name) for your application to use to connect to the database (if you use JPA or JDBC in your application). spring.datasource.url, for example jdbc:oracle:thin:@$(DB_SERVICE)?TNS_ADMIN=/oracle/tnsadmin.\nThis sets the data source URL for your application to use to connect to the database (if you use JPA or JDBC in your application). CONNECT_STRING, for example jdbc:oracle:thin:@$(DB_SERVICE)?TNS_ADMIN=/oracle/tnsadmin.\nThis sets the data source URL for your application to use to connect to the database (if you use JPA or JDBC in your application). ","description":"When you deploy a Spring Boot application using the Oracle Backend for Spring Boot and Microservices CLI or Visual Code extension, a number of predefined environment variables will be injected into the pod definition. You may reference any of these variables in your application.\nThe predefined variables are as follows:\napp.container.port, for example 8080.\nThis sets the listen port for the pod and service. The Spring Boot application will listen on this port."},{"id":32,"href":"/microservices-datadriven/spring/development/project/","title":"Project Structure","parent":"Development","content":"To take advantage of the built-in platform services, Oracle recommends using the following project structure.\nRecommended versions:\nSpring Boot 3.3.x Spring Cloud 2023.x.x Java 21 (or 17) Table of Contents:\nDependencies Spring Application Configuration Data Sources Liquibase Oracle Transaction Manager for Microservices Spring Config Server Tracing Dependencies Oracle recommends adding the following dependencies to your application so that it can take advantage of the built-in platform services. For example:\n\u0026lt;properties\u0026gt; \u0026lt;project.build.sourceEncoding\u0026gt;UTF-8\u0026lt;/project.build.sourceEncoding\u0026gt; \u0026lt;java.version\u0026gt;21\u0026lt;/java.version\u0026gt; \u0026lt;spring.boot.dependencies.version\u0026gt;3.3.1\u0026lt;/spring.boot.dependencies.version\u0026gt; \u0026lt;spring-cloud.version\u0026gt;2023.0.2\u0026lt;/spring-cloud.version\u0026gt; \u0026lt;/properties\u0026gt; \u0026lt;dependencies\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-starter-web\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-starter-actuator\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-registry-prometheus\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-starter-netflix-eureka-client\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;/dependencies\u0026gt; \u0026lt;dependencyManagement\u0026gt; \u0026lt;dependencies\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.boot\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-boot-dependencies\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;${spring.boot.dependencies.version}\u0026lt;/version\u0026gt; \u0026lt;type\u0026gt;pom\u0026lt;/type\u0026gt; \u0026lt;scope\u0026gt;import\u0026lt;/scope\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-dependencies\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;${spring-cloud.version}\u0026lt;/version\u0026gt; \u0026lt;type\u0026gt;pom\u0026lt;/type\u0026gt; \u0026lt;scope\u0026gt;import\u0026lt;/scope\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;/dependencies\u0026gt; \u0026lt;/dependencyManagement\u0026gt; Spring Application Configuration Oracle recommends the following configuration in order for the application to access the built-in services, including the Spring Boot Eureka Service Registry and the observability tools:\nspring: application: name: account eureka: instance: hostname: ${spring.application.name} preferIpAddress: true client: service-url: defaultZone: ${eureka.service-url} fetch-registry: true register-with-eureka: true enabled: true management: endpoint: health: show-details: always endpoints: web: exposure: include: \u0026#34;*\u0026#34; metrics: tags: application: ${spring.application.name} The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI to deploy your application.\nData Sources If your application uses an Oracle database as data source, then add the following to the \u0026lsquo;pom.xml\u0026rsquo;. For more information about the Oracle Spring Boot Starters.\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-ucp\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;type\u0026gt;pom\u0026lt;/type\u0026gt; \u0026lt;/dependency\u0026gt; If the database requires a Wallet to access the database you must add the following to the pom.xml file:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.database.spring\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;oracle-spring-boot-starter-wallet\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;23.4.0\u0026lt;/version\u0026gt; \u0026lt;type\u0026gt;pom\u0026lt;/type\u0026gt; \u0026lt;/dependency\u0026gt; Add the following to application configuration. Note that this example shows Java Persistence API (JPA). If you are using JDBC you should use the appropriate configuration. For example:\nspring: jpa: hibernate: ddl-auto: validate properties: hibernate: dialect: org.hibernate.dialect.OracleDialect format_sql: false show-sql: false datasource: url: ${spring.datasource.url} username: ${spring.datasource.username} password: ${spring.datasource.password} driver-class-name: oracle.jdbc.OracleDriver type: oracle.ucp.jdbc.PoolDataSource oracleucp: connection-factory-class-name: oracle.jdbc.pool.OracleDataSource connection-pool-name: AccountConnectionPool initial-pool-size: 15 min-pool-size: 10 max-pool-size: 30 The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI to deploy your application.\nLiquibase If you are using Liquibase to manage your database schema and data, then you should add the following dependency:\n\u0026lt;properties\u0026gt; \u0026lt;liquibase.version\u0026gt;4.28.0\u0026lt;/liquibase.version\u0026gt; \u0026lt;/properties\u0026gt; \u0026lt;dependencies\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.liquibase\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;liquibase-core\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;${liquibase.version}\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;/dependencies\u0026gt; Add the following configuration to your Spring application configuration:\nspring: liquibase: change-log: classpath:db/changelog/controller.yaml url: ${spring.datasource.url} user: ${liquibase.datasource.username} password: ${liquibase.datasource.password} enabled: ${LIQUIBASE_ENABLED:true} The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI to deploy your application. When you use the deploy command, you must specify the liquibase-db parameter and provide a user with sufficient privileges. Generally this will be permissions to create and alter users and to grant roles and privileges. If your service uses Java Messaging Service (JMS), this use may also need execute permission on dbms.aq_adm, dbms.aq_in and dbms.aq_jms.\nOracle Transaction Manager for Microservices If you are using Oracle Transaction Manager for Microservices (MicroTx) to manage data consistency across microservices data stores, then add the following dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;com.oracle.microtx.lra\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;microtx-lra-spring-boot-starter\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;24.2.1\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; Add the following configuration to your Spring application configuration. The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI or the Visual Studio Code Extension to deploy your application. For example:\nspring: microtx: lra: coordinator-url: ${MP_LRA_COORDINATOR_URL} propagation-active: true headers-propagation-prefix: \u0026#34;{x-b3-, oracle-tmm-, authorization, refresh-}\u0026#34; lra: coordinator: url: ${MP_LRA_COORDINATOR_URL} Spring Config Server If you are using Spring Config Server to manage configurations, then add the following dependency:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-starter-config\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; Add the following configuration to your Spring application configuration. The variables in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI or the Visual Studio Code Extension to deploy your application. For example:\nspring: application: name: \u0026lt;application name\u0026gt; config: import: optional:configserver:${config.server.url} cloud: config: label: \u0026lt;optional\u0026gt; profile: \u0026lt;optional\u0026gt; username: \u0026lt;A user with the role ROLE_USER\u0026gt; password: \u0026lt;password\u0026gt; Tracing Application Tracing To enable Open Telemetry (OTEL) tracing you need to add the following dependencies to the pom/xml file.\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-tracing-bridge-otel\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.opentelemetry\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;opentelemetry-exporter-otlp\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; \u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;io.micrometer\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;micrometer-tracing\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; In addition add the following to the application configuration. The variable in this configuration are automatically injected to your deployment and pods when you use the Oracle Backend for Spring Boot and Microservices CLI or the Visual Studio Code Extension to deploy your application. For example:\nmanagement: tracing: sampling: probability: 1.0 info: os: enabled: true env: enabled: true java: enabled: true otlp: tracing: endpoint: ${otel.exporter.otlp.endpoint} Database tracing To get tracing for the database calls you need to add the following dependency to the po.xml file:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;net.ttddyy.observation\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;datasource-micrometer-spring-boot\u0026lt;/artifactId\u0026gt; \u0026lt;version\u0026gt;1.0.3\u0026lt;/version\u0026gt; \u0026lt;/dependency\u0026gt; ","description":"To take advantage of the built-in platform services, Oracle recommends using the following project structure.\nRecommended versions:\nSpring Boot 3.3.x Spring Cloud 2023.x.x Java 21 (or 17) Table of Contents:\nDependencies Spring Application Configuration Data Sources Liquibase Oracle Transaction Manager for Microservices Spring Config Server Tracing Dependencies Oracle recommends adding the following dependencies to your application so that it can take advantage of the built-in platform services. For example:\n\u0026lt;properties\u0026gt; \u0026lt;project."},{"id":33,"href":"/microservices-datadriven/spring/blogs/","title":"Read our blogs!","parent":"Oracle Backend for Spring Boot and Microservices","content":"Our team members post blog articles and other content on various sites including Medium, LinkedIn (Corrado de Bari, Doug Drechsel), RedStack, DZone, Andy Tael and the Oracle Developers Blog. We\u0026rsquo;d love you to check them out. This page acts as an index/aggregator for some of our featured content.\nAnd be sure to subscribe to our YouTube channel \u0026ldquo;The Converged Database\u0026rdquo; for more great content!\nConnect to Oracle NoSQL database with Spring Data\nThe Spring Data for Oracle NoSQL Database module integrates Spring Boot applications and Oracle NoSQL Database, enabling developers to access their tables with the familiar Spring Data API. With support for repository-style data access layers and automatic query generation, Spring Data for Oracle NoSQL Database simplifies your development process and enhances productivity when working with Oracle NoSQL Databases from Spring Boot applications.\nAnders Swanson - 8/30/2024\nMicroservice messaging with Spring Cloud Stream Binder for Oracle Database TxEventQ\nSpring Cloud Stream is a Java framework designed for building event-driven microservices backed by a scalable, fault-tolerant messaging systems. The Oracle Database Transactional Event Queues (TxEventQ) stream binder implementation allows developers to leverage Oracle’s database messaging platform within the Spring Cloud Stream ecosystem, all while keeping your data within the converged database.\nAnders Swanson - 8/29/2024\nConnect Oracle Autonomous Database to Spring Boot\nIt\u0026#39;s easy to integrate Oracle Autonomous Database into your Spring Boot apps. In this article, concrete examples are provided for using Spring with Oracle Autonomous Database.\nAnders Swanson - 8/6/2024\nUse OCI Object Storage data as Spring Boot Resources\nSpring Resources are a great way to load data into our Spring Boot applications. In this article, Anders shows us how to use OCI Object Storage as a resource provider with Spring Cloud Oracle.\nAnders Swanson - 7/31/2024\nBuilding Spring Boot apps with Spring Cloud Oracle\nA fully worked example of how to build microservices with Spring Cloud Oracle, including using the OCI Generative AI service to build a simple chatbot, using OCI Queue service to implement asynchronous communication between services, and using the Spring Boot Starter for UCP to access the Oracle Database.\nMark Nelson - 7/30/2024\nConnect Spring Mail with OCI Email Delivery Service\nAnders shows us how to use Spring Cloud Oracle to use the OCI Email Delivery Service in our Spring Boot apps.\nAnders Swanson - 7/30/2024\nInject OCI Vault Secrets into Spring Apps\nDemonstrates how to easily use OCI Vault as a Spring property source with Spring Cloud Oracle.\nAnders Swanson - 7/30/2024\nBlowing Up Database Monoliths\nA deep dive into Data Recfactoring Advisor - an innovative method to refactor monolithic database schema for microservices.\nAniket Tiwari - 7/22/2024\nOracle Database Observabilty\nAn update on the Oracle Database metrics (Prometheus) exporter to coincide with the 1.2.1 release.\nMark Nelson - 4/17/2024\nFull Stack Development with Oracle 23c\nDoug gives an end to end demo of full stack development using the new Oracle 23c Database and the \u0026#39;OWEN\u0026#39; stack.\nDoug Drechsel - 4/8/2024\nOracle Autonomous DB ‘Select AI’ and Spring Boot to talk with your DB\nLearn about the new Select AI feature that allows Autonomous Database to use generative AI with Large Language Models (LLMs) to convert the user’s input text into Oracle SQL. Select AI processes the natural language prompt, supplements the prompt with metadata, and then generates and runs a SQL query.\nCorrado de Bari - 2/7/2024\nBoost your apps with GraalVM in the Oracle Backend for Spring Boot and Microservices\nHow to run your Spring Boot app in native way on the Oracle Backend for Spring Boot and Microservices and the benefits you\u0026#39;ll gain.\nCorrado de Bari - 12/06/2023\nSpring Boot: from Jar to production in 5 minutes\nStep-by-step how to deploy your Spring Boot app with Oracle Autonomous as DB, tested and running locally, to the Oracle Backend for Spring Boot and Microservices.\nCorrado de Bari - 11/27/2023\nTesting Spring Boot Applications with Testcontainers and Oracle\nIn this article, Mark shows us how to easily test your Spring Boot applications with a full Oracle 23c database, with only about a 10 second startup time, which is fast enough to use even in unit tests.\nMark Nelson - 11/21/2023\nIntroducing the Oracle Database Observability Exporter\nLearn about the new Oracle Database Observability Exporter which allows you to export metrics from the Oracle Database in the defacto standard Prometheus format, so that they can be ingested in Prometheus or a similar time series database and used to create dashboards in Grafana or a similar platform.\nMark Nelson - 11/13/2023\nDeveloping Mobile Apps with Oracle Free23c\nDoug shows how to develop mobile applications using Oracle\u0026#39;s MERN Stack locally.\nDoug Drechsel - 10/27/2023\nUsing Oracle\u0026#39;s MERN Stack to develop Mobile Applications\nIn this video, Doug introduces Oracle\u0026#39;s MERN Stack and then demonstrates how to build mobile applications using the Stack.\nDoug Drechsel - 10/2/2023\nUsing GraphQL with Oracle\u0026#39;s MERN Stack\nDoug introduces GraphQL and shows how to run simple queries using the GraphQL playground in the Parse dashboard.\nDoug Drechsel - 9/25/2023\nCoding for Observability in the Oracle Backend for Spring Boot and Microservices\nCorrado shows how to configure a Spring Boot application to allow Prometheus to collect metrics and show them in a Grafana dashboard.\nCorrado de Bari - 7/25/2023\nChat with the Oracle DB\nCorrado shows how to leverage OpenAI models to make text-to-SQL translation on Oracle DB.\nCorrado de Bari - 7/19/2023\nOracle Backend for Spring Boot and Microservices multi-cloud install on Azure\nJohn shows us how to install Oracle Backend for Spring Boot and Microservices on Azure.\nJohn Lathouwers - 6/15/2023\nHow to use ChatGPT/OpenAI APIs from Oracle Backend for Spring Boot and Microservices/Parse\nCorrado demonstrates how to use OpenAI APIs to provide AI application services to mobile clients through the Parse Platform.\nCorrado de Bari - 6/5/2023\nSpring Boot integration with Parse Platform\nCorrado and Doug show us how to use WebHooks in Parse Platform to expose Spring Boot microservices to mobile apps.\nCorrado de Bari - 6/1/2023\nExample: Use Liquibase with Spring Boot in Kubernetes\nJohn shows us how to use Liquibase with Spring Boot.\nJohn Lathouwers - 6/1/2023\nExample: Use SQLcl \u0026#43; Liquibase in Kubernetes initContainers\nJohn shows us how to use SQLcl and Liquibase in Kubernetes initContainers for effective Schema Change Management during deployments of microservices applications in Kubernetes that use Oracle Database.\nJohn Lathouwers - 5/26/2023\nKafka interoperability in Oracle Database 23c\nMark provides an overview of the Kafka compatibility features in Oracle Database 23c Free - Developer Release including the Java and REST APIs and the connectors.\nMark Nelson - 5/22/2023\nLearn how to build and deploy a Spring Boot application to Oracle Backend for Spring Boot and Microservices using Spring starters for UCP and Wallet\nAndy shows us how to build a Phonebook application using Spring Boot with the Oracle Spring Boot Starters for Universal Connection Pools and wallet, and deploys the applications to the Oracle Backend for Spring Boot and tests it.\nAndy Tael - 5/17/2023\nStart up an Oracle Database in Kubernetes with Oracle REST Data Services and Database Actions in no time at all!\nMark demonstrates how easy it is to get an instance of Oracle up and running in Kubernetes, with Oracle REST Data Services and Database Actions using the Oracle Database Operator for Kubernetes.\nMark Nelson - 5/1/2023\nNew 23c version of Kafka-compatible Java APIs for Transactional Event Queues published\nMark demonstrates how to use the new 23c version of the Kafka-compatible Java APIs for Transactional Event Queues, available in Maven Central, which allow you to use the standard Kafka Java API with Transactional Event Queues acting as the Kafka broker. The only things that you would need to change are the broker address, and you need to use the Oracle versions of KafkaProducer and KafkaConsumer – other than that, your existing Kafka Java code should just work!\nMark Nelson - 5/1/2023\nSpring Boot Starters for Oracle updated\nAn example of how to use the new Spring Boot Starter for UCP for Spring 3.0.x.\nMark Nelson - 4/24/2023\nI have deployed Oracle Backend for Spring Boot and Microservices (Developer preview). Now what?\nAndy shows us how easy it is to build a Spring Boot Phone Book application, deploy it to Oracle Backend for Spring Boot and Microservices using the CLI, and create a route in APISIX Gateway to expose the REST endpoints.\nAndy Tael - 4/20/2023\nOracle Backend for Spring and Parse Video\nThis video introduces the Oracle Backend for Spring Boot and Microservices (and Parse Platform) which makes it super easy to develop, run and manage Spring Boot microservices and mobile applications leveraging all the power of Oracle’s converged database.\nAndy Tael - 4/20/2023\nLong Running Actions\nPaul Parkinson demonstrates a Spring Boot microservices application that implements the Saga pattern with Long Running Actions using the Oracle Transaction Manager for Microservices to manage data consistency across microservices.\nPaul Parkinson - 4/18/2023\nOracle Mobile Backend As A Service\nMobile Backend As A Service (MBaaS) is a cloud service that an app developer can immediately start development against with just an endpoint. Doug finds out how far he can get developing a phone application without interacting with the server in any way other than the API endpoint.\nDoug Drechsel - 4/14/2023\nIntroducing Cloud Bank\nAnd introduction to the Cloud Bank sample application which showcases Spring Boot microservices, long running actions/sagas and a Flutter mobile application built with the Oracle Backend for Spring Boot and Microservices.\nMark Nelson - 4/6/2023\nDeveloping Saga Participant Code For Compensating Transactions\nA detailed comparison of the saga pattern with XA (2PC) comparing the pros and cons of each approach to provide data integrity between multiple services and for potentially long running transactions.\nPaul Parkinson - 3/27/2023\nOracle Backend for Spring Boot and Microservices is LIVE! (Developer Preview)\nAn introduction to the Oracle Backend for Spring Boot and Microservices.\nAndy Tael - 3/25/2023\nA First Spring Boot Service with Oracle\nA detailed guide to building a Spring Boot microservice from scratch that uses Spring Data JPA to manage data in the Oracle Database and exposes various endpoints to access the data.\nMark Nelson - 2/3/2023\nReact Native and Oracle MBaaS – a beginner’s tutorial\nA step-by-step guide to building a React Native mobile application using the Parse APIs and Oracle Backend for Parse Platform.\nCorrado de Bari - 1/5/2023\nOracle Mobile Backend as a Service (MBaaS)\nAn introduction and walk-through of the Oracle Backend for Parse Platform, including installation, using the dashboard, getting started with application development and integration with the Oracle Autonomous Database.\nDoug Drechsel - 12/23/2022\nReact.JS on Oracle MBaaS\nA step-by-step guide to implement a simple ReactJS app leveraging Oracle MBaaS.\nCorrado de Bari - 12/22/2022\nTwo new Backend as a Service offerings live now!\nA brief announcement and introduction to our Developer Preview releases of Oracle Backend for Spring Boot and Microservices and Parse Platform.\nMark Nelson - 12/21/2022\nDevelopment Environment Setup with Spring Boot For Oracle\nA detailed guide to setting up a development environment to build Spring Boot microservices with the Oracle Database.\nMark Nelson - 12/8/2022\nBackend-as-a-Service (BaaS) and Oracle Database (Video) OCW Teaser\nErin Dawson, DevRel Communications Manager talks with Mark about the Oracle CloudWorld 2022 presentations and hands-on labs for Oracle Backend for Spring Boot and Microservices and Parse Platform.\nMark Nelson - 10/12/2022\nOracle REST Data Services 22.3 bring new REST APIs for Transactional Event Queues\nAn announcement and several example that show how to use the new REST APIs for Transactional Event Queues.\nMark Nelson - 10/11/2022\nGetting Started with the New Observability Exporter for Oracle Database\nA simple step-by-step getting started example that shows you how to use the Observability Exporter for Oracle Database to expose data from the Oracle Database as Prometheus metrics.\nMark Nelson - 9/27/2022\nDevelop React \u0026#43; GraphQL \u0026#43; Spring Data JPA \u0026#43; UCP \u0026#43; Oracle\nA a succinct description and example of a modern full stack microservice app including a React frontend service that conducts GraphQL queries against a Spring Boot Data JPA backend service that in turn maps to an Oracle database.\nPaul Parkinson - 9/18/2022\nUnified Observability Exporters: Metrics, Logs, and Tracing\nA deep dive into metrics, logs and tracing exporters for the Oracle Database and how to configure them with Grafana to provide unified observability for microservices and the Oracle Database.\nPaul Parkinson - 8/11/2022\nLet the Oracle Database Operator for Kubernetes Do the Job\nAn introduction to and overview of the Oracle Database Operator for Kubernetes.\nPaulo Simoes - 1/6/2022\nHow to use Vaults and Wallets for Simple Secure Connectivity\nProvides details on how to secure connections in Java, JavaScript, Python, .NET, and Go as well as convenience integration features that are provided by microservice frameworks, specifically Helidon and Micronaut.\nPaul Parkinson - 12/18/2021\nDeveloping Event Driven Microservices in Java, Javascript, PL/SQL, Go, Python\nLearn about developing Event-Driven Microservices in Java, JavaScript, Python, .NET, and Go with AQ/TEQ in the Oracle Database.\nPaul Parkinson - 12/17/2021\nApache Kafka vs Oracle Transactional Event Queues for Event Driven Microservices\nComparing transactional and message delivery behavior, as it relates to microservice architectures (event mesh, event sourcing, etc.) Kafka and Oracle Transaction Event Queues.\nPaul Parkinson - 9/23/2021\n","description":"Our team members post blog articles and other content on various sites including Medium, LinkedIn (Corrado de Bari, Doug Drechsel), RedStack, DZone, Andy Tael and the Oracle Developers Blog. We\u0026rsquo;d love you to check them out. This page acts as an index/aggregator for some of our featured content.\nAnd be sure to subscribe to our YouTube channel \u0026ldquo;The Converged Database\u0026rdquo; for more great content!\nConnect to Oracle NoSQL database with Spring Data"},{"id":34,"href":"/microservices-datadriven/spring/release-notes/","title":"Release Notes","parent":"Oracle Backend for Spring Boot and Microservices","content":" Version 1.3.0, September 5th, 2024 This release include:\nIntelliJ Plugin Optional GPU node pool Local install for development purposes OCI Free Tier install for development purposes Spring Operations Center (SOC) UI updates Cloudbank version 4 Addition of Alertmanager Version upgrades of components, see documentation for details Bug fixes The following components were updated:\nComponent New Version Replaced Version Spring Boot Admin Server 3.3.3 3.3.1 Alertmanager v0.67.1 Coherence Operator 3.3.5 3.3.4 Spring Cloud Config server 4.1.3 4.1.2 Spring Authorization Server 3.3.3 3.3.0 Spring Eureka service registry 4.1.3 4.1.2 Grafana 11.1.4 10.4.1 Apache Kafka 3.8.0 3.7.0 OpenTelemetry Collector 0.107.0 0.101.0 Oracle Database Observability Exporter 1.3.1 1.2.1 Oracle Transaction Manager for Microservices 24.2.1 23.4.2 Hashicorp Vault 1.17.2 1.16.1 Version 1.2.0, June 14th, 2024 This release includes:\nAdditional functionality to Spring Operations Center UI (SOC UI). Spring Boot upgrade to 3.3.0 and Spring Cloud 2023.0.2 for internal components. Oracle Backend for Spring Boot and Microservices are running Java 21 with Virtual Threads enabled. oractl is compiled using Java 21 and Virtual Threads. Openshift support The following components were updated:\nComponent New Version Replaced Version Spring Boot Admin server 3.3.1 3.2.0 APISIX API Gateway 3.9.1 3.8.0 Spring Authorization Server 3.3.0 3.2.1 Coherence Operator 3.3.4 3.3.2 Spring Cloud Config server 4.1.2 2023.0.0 Spring Eureka service registry 4.1.2 2023.0.0 Grafana 10.4.1 9.2.5 iNGINX Ingress Controller 1.10.0 1.8.1 Apache Kafka 3.7.0 3.6.1 Metrics server 0.7.0 0.6.4 Jaeger Tracing 1.53.0 1.51.0 OpenTelemetry Collector 0.101.0 0.93.0 Oracle Database Observability Exporter 1.2.1 1.2.0 Oracle Transaction Manager for Microservices 23.4.2 23.4.1 Prometheus 2.52.0 2.47.1 Prometheus Operator 0.74.0 0.63.0 Spring Operations Center 1.2.0 1.1.3 HashiCorp Vault 1.16.1 1.15.2 Deprecation Notice The following components are deprecated and are removed from this release:\nOracle Database Storage Adapter for Parse Parse Server Parse Dashboard Version 1.1.3, March 8, 2024 This release includes small updates and/or bug fixes. No components were upgraded.\nThe following functionality was added:\nHashiCorp Vault Grafana dashboard. HashiCorp Vault audit logging capability. Version 1.1.2, March 1, 2024 This release includes small updates and/or bug fixes and some additional functionality to SOC UI. No components were added or upgraded.\nVersion 1.1.1, February 9, 2024 This release adds the \u0026ldquo;Spring Operations Center\u0026rdquo; feature, adds or updates some Grafana dashboards, and includes other small updates and/or bug fixes.\nThe following components were added:\nComponent Version Description Spring Operations Center 1.1.1 Provide operations capabilities for Spring applications. The following components were updated:\nComponent New Version Replaced Version OpenTelemetry Collector 0.93.0 0.91.0 Version 1.1.0, February 2, 2024 Notes:\nRecommended versions for user applications updated Spring Boot 3.2.x, Java 17 or 21, Spring 6.1 and Spring Cloud 2023.0.0, with limited backwards compatibility for Spring Boot 2.7.x. Platform components are updated to Spring Boot 3.2.1 versions and matching Spring Cloud versions. A preview of a new \u0026ldquo;Spring Operations Center\u0026rdquo; feature is added, including a web user interface and additional Grafana dashboards. User Management using the CLI and REST Endpoints. Added support for auto-scaling of Spring Boot applications deployed in the platform. Changes to the custom installation to allow using existing resources including database, network and Kubernetes. Various platform services updated to use Database Resident Connection Pooling to improve performance. Improvements to collection of trace data using Open Telemetry, including migration to agentless approach, uptake of Micrometer, and so on. Improvements for Spring Native/GraalVM native image compilation of Spring Boot services. Improvements to CLI to support scripting. Various components updated to newer releases. Bug fixes. The following components were added:\nComponent Version Description Oracle Database Observability Exporter 1.1.2 Provides observability for the Oracle Database. Metrics server 0.64 Source of container resource metrics for Kubernetes built-in autoscaling pipeline Kube State Metrics 2.10.1 Collects metrics for the Kubernetes cluster The following components were updated:\nComponent New Version Replaced Version APISIX API Gateway 3.8.0 3.4.0 Apache Kafka 3.6.1 3.5.1 Coherence Operator 3.3.2 3.2.11 Conductor Server 3.13.8 3.13.2 HashiCorp Vault 1.15.2 1.14.0 Netflix Conductor 3.13.8 3.13.2 OpenTelemetry Collector 0.91.0 0.86.0 Oracle Backend for Spring Boot and Microservices CLI 1.1.0 1.0.1 Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 1.1.0 1.0.1 Oracle Transaction Manager for Microservices (MicroTx) 23.4.1 22.3.2 Spring Authorization Server 3.2.1 2.7.5 Spring Boot Admin dashboard 3.2.0 3.1.3 Spring Cloud Config server 2023.0.0 2022.0.4 Spring Cloud Eureka service registry 2023.0.0 4.0.3 Strimzi-Apache Kafka operator 0.39.0 0.36.1 Version 1.0.1, November 2, 2023 Notes:\nBug fixes The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 1.0.1 1.0.0 Oracle Backend for Spring Boot and Microservices CLI 1.0.1 1.0.0 Version 1.0.0, October 15, 2023 This is the first production release.\nNotes:\nAll Spring platform components upgraded to Spring Boot 3.x, Spring 6.x and Spring Cloud 2022.0.4 versions. Spring Native (with GraalVM native image ahead of time compilation) is the default/recommended deployment option for microservices. JVM continues to be available as an option. Loki and Promtail added for logging, Spring Boot dashboard updated to show metrics and logs on the same dashboard. Spring Authorization Server added, and preconfigured with default users (you supply passwords during installation, or they are generated). Various platform services and the CLI updated for authentication and authorization using Spring Authorization Server. Various platform services reconfigured for increased availability. Various components updated. The following components were added:\nComponent Version Description Loki 2.6.1 Provides log aggregation and search. Promtail 2.8.2 Collects logs. Spring Authorization Server 2022.0.4 Provides authentication and authorization for applications. The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 1.0.0 0.3.9 Oracle Backend for Spring Boot and Microservices CLI 1.0.0 0.3.1 Grafana 9.5.2 9.2.5 Spring Eureka Service Registry 2022.0.4 2021.0.3 Spring Config Server 2022.0.4 2021.0.3 Spring Boot Admin 3.1.3 2.7.5 cert-manager 1.12.3 1.11.0 NGINX Ingress Controller 1.8.1 1.6.4 Prometheus 2.40.2 2.34.0 Open Telemetry Collector 0.86.0 0.66.0 Jaeger Tracing 1.45.0 1.39.0 APISIX API Gateway 3.4.0 3.2.0 Strimzi-Apache Kafka operator 0.36.1 0.33.1 Apache Kafka 3.4.0 - 3.5.1 3.2.0 - 3.3.2 Oracle Database storage adapter for Parse (optional) 1.0.0 0.2.0 There were no component deprecations or removals.\nDeveloper Preview 0.7.0, July 24, 2023 Notes:\nContinued incremental improvements to Oracle Database Adapter for Parse Server. The following components were added:\nComponent Version Description Coherence 3.2.11 Provides in-memory data grid. The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 0.3.9 0.3.8 HashiCorp Vault 1.14.0 v1.11.3 Oracle Database Operator for Kubernetes 1.0 0.6.1 Parse Server 6.2.0 5.2.7 Parse Dashboard 5.1.0 5.0.0 Oracle Transaction Manager for Microservices 22.3.2 22.3.1 There were no component deprecations or removals.\nDeveloper Preview 0.3.1, June 14, 2023 Notes:\nImprovements to Oracle Cloud Infrastructure (OCI) installation process. Continued incremental improvements to Oracle Database Adapter for Parse Server. No components were added.\nThe following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices CLI 0.3.1 0.3.0 Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 0.3.8 0.3.7 There were no component deprecations or removals.\nDeveloper Preview 0.3.0, April 17, 2023 Notes:\nOracle Backend for Spring Boot and Microservices now includes the option to install in a Multicloud (OCI/Azure) environment. The Oracle Database Operator for Kubernetes is bound to the existing Oracle Autonomous Database (ADB) created by infrastructure as code (IaC) in an all-OCI installation and provisions the ADB in the Multicloud installation. Improvements to On-Premises and desktop installation processes. The following components were added:\nComponent New Version Description Oracle Backend for Spring Boot and Microservices Visual Studio Code extension 0.3.7 Allows Visual Studio Code users to manage the platform, deployments and configuration. The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices CLI 0.3.0 0.1.0 There were no component deprecations or removals.\nDeveloper Preview 0.2.3, March 8, 2023 Notes:\nOracle Backend for Spring Boot and Microservices now includes the option to also install Parse Platform in the same deployment. Oracle Backend for Spring Boot and Microservices CLI 0.2.3 includes a number of bug fixes and adds support for custom listening ports for services. Apache APISIX is now pre-configured for both Eureka and Kubernetes service discovery. The following components were added:\nComponent Version Description Oracle Database Operator for Kubernetes 0.6.1 Helps reduce the time and complexity of deploying and managing Oracle databases. Parse Server 5.2.7 Provides backend services for mobile and web applications. Parse Dashboard 5.0.0 Uses a web user interface for managing Parse Server. Oracle Database Adapter for Parse Server 0.2.0 Enables the Parse Server to store data in an Oracle database. The following components were updated:\nComponent New Version Replaced Version Oracle Backend for Spring Boot and Microservices CLI 0.2.3 0.1.0 cert-manager 1.11.0 1.10.1 NGINX Ingress Controller 1.6.4 1.5.1 Jaeger Tracing 1.39.0 1.37.0 Apache APISIX 3.1.1 2.15.1 Spring Boot Eureka service registry 2.0.1 2021.0.3 Oracle Transaction Manager for Microservices 22.3.2 22.3.1 Parse Server (optional) 6.3.0 6.2.0 Parse Dashboard (optional) 5.2.0 5.1.0 There were no deprecations or removals.\nDeveloper Preview 0.2.0, February 27, 2023 The following components were added:\nComponent Version Description Oracle Transaction Manager for Microservices 22.3.1 Manages distributed transactions to ensure consistency across Microservices. Strimzi-Apache Kafka Operator 0.33.1 Manages Apache Kafka clusters. Apacha Kafka 3.2.0 - 3.3.2 Allows distributed event streaming. There were no deprecations or removals.\nDeveloper Preview 0.1.0, January 30, 2023 The following components were added:\nComponent Version Description HashiCorp Vault v1.11.3 Provides a way to store and tightly control access to sensitive data. Oracle Backend for Spring Boot and Microservices CLI 0.1.0 Provides a command-line interface to manage application deployment and configuration. Netflix Conductor OSS 3.13.2 Provides workflow orchestration for Microservices. On-premises installer 0.1.0 Allows installation of a self-hosted stack. There were no deprecations or removals.\nDeveloper Preview 0.0.1, December 20, 2022 This release includes the following components:\nComponent Version Description cert-manager 1.10.1 Automates the management of certificates. NGINX Ingress Controller 1.5.1 Provides a traffic management solution for cloud native applications in Kubernetes. Prometheus 2.40.2 Provides event monitoring and alerting. Prometheus operator 0.60.1 Provides management for Prometheus monitoring tools. OpenTelemetry Collector 0.66.0 Collects process and export telemetry data. Grafana 9.2.5 Examines, analyzes, and monitors metrics. Jaeger Tracing 1.37.0 Provides a distributed tracing system for monitoring and troubleshooting distributed systems. Apache APISIX 2.15.1 Provides full lifecycle API management. Spring Cloud Admin server 2.7.5 Manages and monitors Spring Boot applications. Spring Cloud Config server 2.7.5 Provides server-side support for externalized configuration. Spring Boot Eureka service registry 2021.0.3 Provides service discovery capabilities. ","description":"Version 1.3.0, September 5th, 2024 This release include:\nIntelliJ Plugin Optional GPU node pool Local install for development purposes OCI Free Tier install for development purposes Spring Operations Center (SOC) UI updates Cloudbank version 4 Addition of Alertmanager Version upgrades of components, see documentation for details Bug fixes The following components were updated:\nComponent New Version Replaced Version Spring Boot Admin Server 3.3.3 3.3.1 Alertmanager v0.67.1 Coherence Operator 3.3.5 3."},{"id":35,"href":"/microservices-datadriven/spring/sampleapp/","title":"Sample Application - CloudBank","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle recommends that you use the CloudBank LiveLab to learn how to use Oracle Backed for Spring Boot and Microservices. The LiveLab has the following Outline:\nProvision an Instance Setup your Development Environment Build the Account Microservice Build Check Processing Microservice that uses JMS and TXEventQ Manage Saga Transactions across Microservices Deploy the full CloudBank Application using the CLI Deploy the full CloudBank Application using the VS Code Extension Explore the Backend Platform Extend the Mobile Application Cleanup The CloudBank source code is provided here, this repository also contains more services.\n","description":"Oracle recommends that you use the CloudBank LiveLab to learn how to use Oracle Backed for Spring Boot and Microservices. The LiveLab has the following Outline:\nProvision an Instance Setup your Development Environment Build the Account Microservice Build Check Processing Microservice that uses JMS and TXEventQ Manage Saga Transactions across Microservices Deploy the full CloudBank Application using the CLI Deploy the full CloudBank Application using the VS Code Extension Explore the Backend Platform Extend the Mobile Application Cleanup The CloudBank source code is provided here, this repository also contains more services."},{"id":36,"href":"/microservices-datadriven/spring/security/","title":"Security","parent":"Oracle Backend for Spring Boot and Microservices","content":"The Oracle Backend for Spring Boot and Microservices has the following security characteristics:\nAll access to the database is done using the Mutual Transport Layer Security (mTLS) database wallet. The user name, password, and URL are stored in Kubernetes secrets.\nAccessing most dashboards can only be done using port-forwarding, the exceptions are the Spring Operations Center and Grafana, which can be accessed through the load balancer using TLS and appropriate authentication. The passwords for the dashboards are provided by the installer or autogenerated and stored in Kubernetes secrets.\nThe only \u0026ldquo;public\u0026rdquo; exposure is the Apache APISIX Gateway (note that the dashboard is not exposed publicly), the Spring Operations Center and Grafana.\nServices deployed to the platform are not exposed through the Apache APISIX Gateway automatically. If you want to expose the service through the gateway, you must define a route in the Apache APISIX dashboard. APISIX Gateway Documentation\nThe deployed platform services are using using self-signed certificates.\nA customer application can only access services running in the platform using the Apache APISIX Gateway. APISIX Gateway Documentation\nThe customer application can be secured using Spring Security (for example, Spring OAuth 2.0 Resource Server). An external authorization server is recommended (for example Okta or Auth0).\nOracle Backend for Spring Boot and Microservices provides an authorization server which is an engine to authenticate and authorize requests to various components in Oracle Backend for Spring Boot and Microservices. The end user can manage users using REST Endpoints. AuthZ Server Documentation\nOracle Backend for Spring Boot and Microservices contains HashiCorp Vault to secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets, and other sensitive data. HashiCorp Vault Documentation\nTransport Layer Security The Oracle Backend for Spring Boot and Microservices is deployed with a sample self-signed certificate for Transport Layer Security (TLS). This results in an \u0026ldquo;Accept Risk\u0026rdquo; message when accessing the Spring Operations Center or Grafana web user interfaces and the sample TLS certificate should not be used for production deployments.\nUpdating the TLS Certificate Ensure your Domain Name System (DNS) entry points to the IP address for the public load balancer. You can check this address with this command, the address in the EXTERNAL-IP field is the public load balancer address:\nkubectl -n ingress-nginx get svc ingress-nginx-controller Obtain a new TLS certificate. In a production environment, the most common scenario is to use a public certificate that has been signed by a certificate authority.\nCreate a new Kubernetes secret in the ingress-nginx namespace. For example:\nkubectl -n ingress-nginx create secret tls my-tls-cert --key new-tls.key --cert new-tls.crt Modify the service definition to reference the new Kubernetes secret by changing the service.beta.kubernetes.io/oci-load-balancer-tls-secret annotation in the service configuration. For example:\nkubectl patch service ingress-nginx-controller -n ingress-nginx \\ -p \u0026#39;{\u0026#34;metadata\u0026#34;:{\u0026#34;annotations\u0026#34;:{\u0026#34;service.beta.kubernetes.io/oci-load-balancer-tls-secret\u0026#34;:\u0026#34;my-tls-cert\u0026#34;}}}\u0026#39; \\ --type=merge ","description":"The Oracle Backend for Spring Boot and Microservices has the following security characteristics:\nAll access to the database is done using the Mutual Transport Layer Security (mTLS) database wallet. The user name, password, and URL are stored in Kubernetes secrets.\nAccessing most dashboards can only be done using port-forwarding, the exceptions are the Spring Operations Center and Grafana, which can be accessed through the load balancer using TLS and appropriate authentication."},{"id":37,"href":"/microservices-datadriven/spring/setup/","title":"Setup","parent":"Oracle Backend for Spring Boot and Microservices","content":"Oracle Backend for Spring Boot and Microservices is available in the OCI Marketplace.\nPrerequisites Summary of Components Overview of the Setup Process Set Up the OCI Environment Set Up the Local Machine Access information and passwords from the OCI Console Prerequisites You must meet the following prerequisites to use Oracle Backend for Spring Boot and Microservices. You need:\nAn Oracle Cloud Infrastructure (OCI) account in a tenancy with sufficient quota to create the following:\nAn OCI Container Engine for Kubernetes cluster (OKE cluster), plus a node pool with three worker nodes. A virtual cloud network (VCN) with at least two public IP\u0026rsquo;s available. A public load balancer. An Oracle Autonomous Database Serverless instance. At least one free OCI auth token (note that the maximum is two per user).\nOn a local machine, you need:\nThe Kubernetes command-line interface (kubectl). Installing kubectl documentation Oracle Cloud Infrastructure command-line interface (CLI). Quickstart - Installing the CLI. Oracle Backend for Spring Boot and Microservices command-line interface (oractl). Download oractl. [OPTIONAL]Oracle Backend for Spring Boot and Microservices VS Code Extension. Download VS Code Extension. OCI policies The following policies needs to be in place to be able to install Oracle Backend for Spring Boot and Microservices. Top level and their dependencies listed.\nOracle Container Engine for Kubernetes Allow group `\u0026lt;group-name\u0026gt;` to manage cluster-family in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to inspect compartments in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to read virtual-network-family in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to use network-security-groups in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to use private-ips in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to use subnets in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to use vnics in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage cluster-node-pools in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage instance-family in `\u0026lt;location\u0026gt;` └── Allow group `\u0026lt;group-name\u0026gt;` to manage public-ips in `\u0026lt;location\u0026gt;` VCN Allow group `\u0026lt;group-name\u0026gt;` to manage vcns in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage route-tables in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage-security-lists in `\u0026lt;location\u0026gt;` ├── Allow group `\u0026lt;group-name\u0026gt;` to manage-dhcp-options in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage vcns in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage route-tables in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage security-lists in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage dhcp-options in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage nat-gateways in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage service-gateways in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage network-security-groups in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage subnets in `\u0026lt;location\u0026gt;` Container Registry Allow group `\u0026lt;group-name\u0026gt;` to manage repos in `\u0026lt;location\u0026gt;` Object Storage Allow group `\u0026lt;group-name\u0026gt;` to read objectstorage-namespaces in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage objects in `\u0026lt;location\u0026gt;` └── Allow group `\u0026lt;group-name\u0026gt;` to manage buckets in `\u0026lt;location\u0026gt;` Autonomous Database Allow group `\u0026lt;group-name\u0026gt;` to manage autonomous-database-family in `\u0026lt;location\u0026gt;` Vault If you deploy Oracle Backend for Spring Boot and Microservices STANDARD edition you need the following policies.\nAllow group `\u0026lt;group-name\u0026gt;` to manage vaults in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage keys in `\u0026lt;location\u0026gt;` Additional Vault To allow Container Engine for Kubernetes to access Vault via Groups:\nAllow group `\u0026lt;group-name\u0026gt;` to manage policies in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage tag-namespaces in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage dynamic-groups in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage secret-family in `\u0026lt;location\u0026gt;` Oracle Resource Manager Allow group `\u0026lt;group-name\u0026gt;` to read orm-template in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to use orm-stacks in `\u0026lt;location\u0026gt;` └── Allow group `\u0026lt;group-name\u0026gt;` to manage orm-jobs in `\u0026lt;location\u0026gt;` Allow group `\u0026lt;group-name\u0026gt;` to manage orm-private-endpoints in `\u0026lt;location\u0026gt;` Summary of Components Oracle Backend for Spring Boot and Microservices setup installs the following components:\nComponent Version Description Apache APISIX 3.9.1 Provides full lifecycle API management. Apache Kafka 3.7.0 Provides distributed event streaming. cert-manager 1.12.3 Automates the management of certificates. Coherence Operator 3.3.4 Provides in-memory data grid. Conductor Server 3.13.8 Provides a Microservice orchestration platform. Grafana 10.4.1 Provides the tool to examine, analyze, and monitor metrics. HashiCorp Vault 1.16.1 Provides a way to store and tightly control access to sensitive data. Jaeger Tracing 1.53.0 Provides distributed tracing system for monitoring and troubleshooting distributed systems. Kube State Metrics 2.10.1 Collects metrics for the Kubernetes cluster Loki 2.6.1 Provides log aggregation and search. Metrics server 0.7.0 Source of container resource metrics for Kubernetes built-in autoscaling pipeline NGINX Ingress Controller 1.10.1 Provides traffic management solution for cloud‑native applications in Kubernetes. OpenTelemetry Collector 0.101.0 Collects process and export telemetry data. Oracle Database Observability Exporter 1.2.1 Exposes Oracle Database metrics in standard Prometheus format. Oracle Database Operator 1.0 Helps reduce the time and complexity of deploying and managing Oracle databases. Oracle Transaction Manager for Microservices 23.4.2 Manages distributed transactions to ensure consistency across Microservices. Prometheus 2.52.0 Provides event monitoring and alerts. Prometheus Operator 0.74.0 Provides management for Prometheus monitoring tools. Promtail 2.8.2 Collects logs. Spring Authorization Server 3.3.0 Provides authentication and authorization for applications. Spring Boot Admin server 3.3.1 Manages and monitors Spring Cloud applications. Spring Cloud Config server 4.1.2 Provides server-side support for an externalized configuration. Spring Eureka service registry 4.1.2 Provides service discovery capabilities. Strimzi-Apache Kafka operator 0.36.1 Manages Apache Kafka clusters. Overview of the Setup Process This video provides a quick overview of the setup process.\nInstalling Oracle Backend for Spring Boot and Microservice takes approximately one hour to complete. The following steps are involved:\nSetup the OCI environment Setup of the Local Environment Access environment variables from the OCI Console Set Up the OCI Environment To set up the OCI environment, process these steps:\nGo to the OCI Marketplace listing for Oracle Backend for Spring Boot and Microservices.\nMarketplace Listing Choose the target compartment, agree to the terms, and click Launch Stack. This starts the wizard and creates the new stack. On the first page, choose a compartment to host your stack and select Next and Configure the variables for the infrastructure resources that this stack will create when you run the apply job for this execution plan.\nCreate Stack In the Backend as A Service Section, fill in the following configuration variables as needed and select Next:\nCompartment : Select the compartment where you want to install Oracle Backend for Spring Boot and Microservices.\nApplication Name (optional) : A random pet name that will be used as the application name if left empty.\nEdition : Select between COMMUNITY and STANDARD Edition.\nCOMMUNITY - for developers for quick start to testing Spring Boot Microservices with an integrated backend. Teams can start with the deployment and scale up as processing demand grows. Community support only. STANDARD - focused for pre-prod and production environments with an emphasis on deployment, scaling, and high availability. Oracle support is included with a Oracle Database support agreement. All features for developers are the same so start here if you’re porting an existing Spring Boot application stack and expect to get into production soon. This edition allows for additional Bring Your Own (BYO) capabilities. Existing Authorization Token (optional) - Enter an existing Authorization token. The token is used by the cluster to pull images from the Oracle Container Registry. If left empty the token will be created.\nWARNING: Deletion or expiration of the token will result in the failure to pull images later. Also you must have one free OCI auth token (note that the maximum is two per user). You can NOT use someone elses token.\nEdition BYO Network BYO Database Production Vault Registry Scanning Community Standard x x x x Compartment, Application and Edition If you check the checkbox Set Administrator Passwords in the Administrator Passwords section you have the option to fill in the following passwords (if not they are autogenerated):\nAPISIX Administrator Password (optional) : Leave blank to auto-generate.\nGrafana Administrator Password (optional) : Leave blank to auto-generate.\nORACTL Administrator Password optional) : Leave blank to auto-generate. This is the password for the obaas-admin user.\nORACTL User Password (optional) : Leave blank to auto-generate. This is the password for the obaas-user user.\nAdministrator Passwords (Standard Edition Only) If you check the checkbox Bring Your Own Virtual Cloud Network in the Network Options section you can use an existing Virtual Cloud Network. This is required to Bring Your Own Database (Standard Edition Only).\nNetwork Options - Standard Edition For more information on the network requirements and topology of the Oracle Backend for Spring Boot and Microservices including the options for Bring Your Own Virtual Cloud Network, please see the Networking documentation.\nIn the Kubernetes Cluster Options section, fill in the following for the OKE Cluster Options:\nPublic API Endpoint? : This option allows access to the OKE Control Plane API Endpoint from the internet (public IP). If not selected, access can only be from a private virtual cloud network (VCN). API Endpoint Access Control : Enter the CIDR block you want to give access to the Control Plane API. Default (and not recommended) is 0.0.0.0/0. Node Pool Workers : The number of Kubernetes worker nodes (virtual machines) attached to the OKE cluster. Node Pool Worker Shape : The shape of the node pool workers. Node Workers OCPU : The initial number of Oracle Compute Units (OCPUs) for the node pool workers. NOTE: Oracle recommends that you set API Endpoint Access Control to be as restrictive as possible\nCreate Stack OKE Options In the Load Balancers Options section, fill in the following for the Load Balancers options:\nEnable Public Load Balancer : This option allows access to the load balancer from the internet (public IP). If not selected, access can only be from a private VCN. Public Load Balancer Access Control : Enter the CIDR block you want to give access to the Load Balancer. Default (and not recommended) is 0.0.0.0/0. Public Load Balancer Ports Exposed : The ports exposed from the load balancer. Minimum bandwidth : The minimum bandwidth that the load balancer can achieve. Maximum bandwidth : The maximum bandwidth that the load balancer can achieve. NOTE: Oracle recommends that you set Public Load Balancer Access Control to be as restrictive as possible.\nLoad Balancer Options In the Database Options section, you can modify the following Database options.\nAutonomous Database Compute Model : Choose either ECPU (default) or OCPU compute model for the ADB. Autonomous Database Network Access : Choose the Autonomous Database network access. Choose between SECURE_ACCESS and PRIVATE_ENDPOINT_ACCESS. NOTE: This option currently cannot be changed later. SECURE_ACCESS - Accessible from outside the Kubernetes Cluster. Requires mTLS and can be restricted by IP or CIDR addresses. PRIVATE_ENDPOINT_ACCESS - Accessible only from inside the Kubernetes Cluster or via a Bastion service. Requires mTLS. ADB Access Control : Comma separated list of CIDR blocks from which the ADB can be accessed. This only applies if SECURE_ACCESS was chosen. Default (and not recommended) is 0.0.0.0/0. Autonomous Database CPU Core Count : Choose how many CPU cores will be elastically allocated. Allow Autonomous Database CPU Auto Scaling : Enable auto scaling for the ADB CPU core count (x3 ADB CPU). Autonomous Database Data Storage Size : Choose ADB Database Data Storage Size in gigabytes (ECPU) or terabytes (OCPU). Allow Autonomous Database Storage Auto Scaling : Allow the ADB storage to automatically scale. Autonomous Database License Model : The Autonomous Database license model. Create an Object Storage Bucket for ADB : Create a Object Storage bucket, with the appropriate access policies, for the ADB. NOTE: Oracle recommends that you restrict by IP or CIDR addresses to be as restrictive as possible.\nDatabase Options (Standard Edition Only) If Bring Your Own Virtual Cloud Network has been selected in the Network Options section, then you have the option to Bring Your Own Database in the section Database Options.\nBring your Own Database Options - Standard Edition For more information on the Bring Your Own Database option for the Oracle Backend for Spring Boot and Microservices including the required values, please review the Database documentation.\n(Standard Edition Only) If you check the checkbox Enable Vault in Production Mode in the section Vault Options you will be installing HashiCorp in Production mode otherwise the HashiCorp Vault be installed in Development mode.\nFill in the following Vault options. You have the option of creating a new OCI Vault or using an existing OCI Vault. The OCI Vault is only used in Production mode to auto-unseal the HashiCorp Vault (see documentation \u0026hellip;) Fill in the following information if you want to use an existing OCI Vault:\nVault Compartment (Optional) : Select a compartment for the OCI Vault.\nExisting Vault (Optional) : Select an existing OCI Vault. If not selected a new OCI Vault be created.\nExisting Vault Key (Optional) : Select an existing OCI Vault key. If not selected a new OCI Vault Key will be created.\nHashiCorp Vault Options - Standard Edition Warning Never run a Development mode HashiCorp Vault Server in a production environment. It is insecure and will lose data on every restart (since it stores data in-memory). It is only intended for development or experimentation. (Standard Edition Only) If you check the checkbox Enable Container Registry Vulnerability Scanning in the section Additional Options you will enable the automatic Vulnerability Scanning on images stored in the Oracle Container Registry.\nCreate Stack Additional Options - Standard Edition Now you can review the stack configuration and save the changes. Oracle recommends that you do not check the Run apply option. This gives you the opportunity to run the \u0026ldquo;plan\u0026rdquo; first and check for issues. Click Create\nCreate Stack Wizard Config Review Apply the stack.\nAfter you create the stack, you can test the plan, edit the stack, and apply or destroy the stack.\nOracle recommends that you test the plan before applying the stack in order to identify any issues before you start creating resources. Testing a plan does not create any actual resources. It is just an exercise to tell you what would happen if you did apply the stack.\nYou can test the plan by clicking on Plan and reviewing the output. You can fix any issues (for example, you may find that you do not have enough quota for some resources) before proceeding.\nCreate Stack Plan When you are happy with the results of the test, you can apply the stack by clicking on Apply. This creates your Oracle Backend as a Service and Microservices for a Spring Cloud environment. This takes about 20 minutes to complete. Much of this time is spent provisioning the Kubernetes cluster, worker nodes, database and all the included services. You can watch the logs to follow the progress of the operation.\nCreate Stack Apply The OCI Resource Manager applies your stack and generates the execution logs. The apply job takes approximately 45 minutes.\nCreate Stack Apply Logs When the Apply job finishes you can collect the OKE access information by clicking on Outputs.\nCreate Stack Outputs Click on Copy for the variable named kubeconfig_cmd. Save this information because it is needed to access the OKE cluster.\nGet Kube Config Cmd Set Up the Local Machine To set up the local machine, process these steps:\nSet up cluster access.\nTo access a cluster, use the kubectl command-line interface that is installed (see the Kubernetes access) locally. If you have not already done so, do the following:\nInstall the kubectl command-line interface (see the kubectl documentation).\nGenerate an API signing key pair. If you already have an API signing key pair, go to the next step. If not:\na. Use OpenSSL commands to generate the key pair in the required P-Early-Media (PEM) format. If you are using Windows, you need to install Git Bash for Windows in order to run the commands. See How to Generate an API Signing Key.\nb. Copy the contents of the public key to the clipboard to paste the value into the Console later.\nAdd the public key value of the API signing key pair to the User Settings for your user name. For example:\na. In the upper right corner of the OCI Console, open the Profile menu (User menu symbol) and click User Settings to view the details.\nb. Click Add Public Key.\nc. Paste the value of the public key into the window and click Add.\nThe key is uploaded and its fingerprint is displayed (for example, d1:b2:32:53:d3:5f:cf:68:2d:6f:8b:5f:77:8f:07:13).\nInstall and configure the Oracle Cloud Infrastructure CLI. For example:\na. Install the Oracle Cloud Infrastructure CLI version 2.6.4 (or later). See Quickstart.\nb. Configure the Oracle Cloud Infrastructure CLI. See Configuring the CLI.\nInstall the Oracle Backend for Spring Boot and Microservices command-line.\nThe Oracle Backend for Spring Boot and Microservices command-line interface, oractl, is available for Linux and Mac systems. Download the binary that you want from the Releases page and add it to your PATH environment variable. You can rename the binary to remove the suffix.\nIf your environment is a Linux or Mac machine, run chmod +x on the downloaded binary. Also, if your environment is a Mac, run the following command. Otherwise, you get a security warning and the CLI does not work:\nsudo xattr -r -d com.apple.quarantine \u0026lt;downloaded-file\u0026gt;\nAccess information and passwords from the OCI Console You can get the necessary access information from the OCI COnsole:\nOKE Cluster Access information e.g. how to generate the kubeconfig information. Oracle Backend for Spring Boot and Microservices Passwords. The assigned passwords (either auto generated or provided by the installer) can be viewed in the OCI Console (ORM homepage). Click on Application Information in the OCI ORM Stack.\nAccess Information You will presented with a screen with the access information and passwords. NOTE: The passwords can also be accessed from the k8s secrets.\nDetailed Access Information ","description":"Oracle Backend for Spring Boot and Microservices is available in the OCI Marketplace.\nPrerequisites Summary of Components Overview of the Setup Process Set Up the OCI Environment Set Up the Local Machine Access information and passwords from the OCI Console Prerequisites You must meet the following prerequisites to use Oracle Backend for Spring Boot and Microservices. You need:\nAn Oracle Cloud Infrastructure (OCI) account in a tenancy with sufficient quota to create the following:"},{"id":38,"href":"/microservices-datadriven/spring/platform/spring-admin/","title":"Spring Boot Admin","parent":"Platform Services","content":" View Application Details Using the Spring Boot Admin Dashboard Spring Boot Admin is a web application used for managing and monitoring Spring Boot applications. Applications are discovered from the service registry. Most of the information displayed in the web user interface comes from the Spring Boot Actuator endpoints exposed by the applications:\nExpose the Spring Boot Admin dashboard using this command:\nkubectl -n admin-server port-forward svc/admin-server 8989 Open the Spring Boot Admin dashboard URL: http://localhost:8989\nSpring Admin DashboardI On the dashboard you will see all the internal services registered with Eureka. If you have deployed the sample application CloudBank or done the LiveLab for Oracle Backend for Spring Boot and Microservices you will see those services.\nIf you click (expand) an application and click on the instance of service you will details about the service instance, metrics, configuration, and so on,\nSpring Admin Service Details ","description":"View Application Details Using the Spring Boot Admin Dashboard Spring Boot Admin is a web application used for managing and monitoring Spring Boot applications. Applications are discovered from the service registry. Most of the information displayed in the web user interface comes from the Spring Boot Actuator endpoints exposed by the applications:\nExpose the Spring Boot Admin dashboard using this command:\nkubectl -n admin-server port-forward svc/admin-server 8989 Open the Spring Boot Admin dashboard URL: http://localhost:8989"},{"id":39,"href":"/microservices-datadriven/spring/platform/config/","title":"Spring Config Server","parent":"Platform Services","content":"Oracle Backend for Spring Boot and Microservices includes Spring Cloud Config which provides server- and client-side support for externalized configurations in a distributed system. The Spring Cloud Config server provides a central place to manage external properties for applications across all environments.\nThe Spring Cloud Config server is pre-configured to work with the Spring Boot Eureka service registry, configured to store the Configuration in the Oracle Autonomous Database to support labeled versions of configuration environments as well as being accessible to a wide range of tools for managing the content. More details can be found here: (Spring Cloud Config Documentation).\nManaging Config Server Data Config Server REST API endpoints overview Config Server REST API endpoints examples Re-create test data Overview When building applications using Spring Config Server, the Spring Cloud Config client\u0026rsquo;s application.yaml configuration file must include access information to the deployed Spring Config Server:\nspring: application: name: \u0026lt;application name\u0026gt; config: import: optional:configserver:${config.server.url} cloud: config: label: \u0026lt;optional\u0026gt; profile: \u0026lt;optional\u0026gt; username: \u0026lt;A user with the role ROLE_USER\u0026gt; password: \u0026lt;password\u0026gt; You also need to add the following dependency to your Spring Boot application pom.xml:\n\u0026lt;dependency\u0026gt; \u0026lt;groupId\u0026gt;org.springframework.cloud\u0026lt;/groupId\u0026gt; \u0026lt;artifactId\u0026gt;spring-cloud-starter-config\u0026lt;/artifactId\u0026gt; \u0026lt;/dependency\u0026gt; The configuration is stored in the CONFIGSERVER schema in the PROPERTIES table. Managing the data for the Spring Cloud Config server should be done using the CLI or the REST API endpoints. If you prefer, you can also work directly with the CONFIGSERVER.PROPERTIES table in the database. How to access the database is documented here, (Accessing the database).\nDuring setup of Oracle Backend for Spring Boot and Microservices, the following data is loaded into CONFIGSERVER.PROPERTIES. This data can be deleted.\n| APPLICATION | PROFILE | LABEL | PROP_KEY | VALUE |-----------------|----------------|----------|---------------------|-----------------------------------| | atael | dev | latest | test-property | This is the test-property value | | atael | dev | latest | test-property-2 | This is the test-property-2 value | | application-a | production | 12c | db-name | databasename-a-prod | | application-a | production | 12c | db-connection | connectionstring-a-prod | | application-a | development | 23cbeta | db-dev-name | databasename-a-dev | | application-a | development | 23cbeta | db-dev-connection | connectionstring-a-dev | | application-b | production | 19c | db-name | databasename-b-prod | | application-b | production | 19c | db-connection | connectionstring-b-prod | | application-b | development | 23cbeta | db-dev-name | databasename-b-dev | | application-b | development | 23cbeta | db-dev-connection | connectionstring-b-dev | | application-c | secret | 23.4 | json-db | 23c-json-db | | application-c | secret | 23.4 | json-sdb-conn | 23c-mongo-conn | | application-c | secret | 23.4 | txeventq | 23c-conn-string | | application-c | secret | 23.4 | txeventq | 23c-kafka-name | Managing Config Server Data Maintaining the Config Servers information can be done using the following methods:\nOracle Backend for Microservices CLI, oractl. REST API endpoints exposed via obaas-admin and config-server services. Config Server REST API endpoints overview The following REST API endpoints are available to the Config Server entries. The table lists which minimum required role is needed to perform the operation. \u0026lsquo;N/A\u0026rsquo; in the following table indicates that the endpoint does not require authentication to be accessed.\nEnd point Method Description Minimum Required Role /srv/config/all GET Get all distinct properties for a service (application) N/A /srv/config/properties GET Get all distinct properties with filters (see examples) N/A /srv/config/properties/add POST Create properties from a file ROLE_USER /srv/config/property/add POST Create a property ROLE_USER /srv/config/property/update PUT Update a property ROLE_USER /srv/config/properties/delete DELETE Delete properties with filters (see examples) ROLE_ADMIN Config Server REST API endpoints examples In all of the following examples, replace \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; with your username and password when necessary. (Getting User information). The examples are using curl to interact with the REST API endpoints. This also requires an open tunnel on port 8080 to either the config-server or obaas-admin service. Use the following command to start a tunnel to the config-server service:\nkubectl port-forward -n config-server svc/config-server 8080 The output will be slightly different when using a tunnel to obaas-admin. The data will be included in the \u0026quot;body\u0026quot; section.\n/srv/config/all Get all distinct application services:\ncurl -s http://localhost:8080/srv/config/all Example of data returned:\n[ { \u0026#34;name\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;\u0026#34; }, { \u0026#34;name\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;\u0026#34; }, { \u0026#34;name\u0026#34;: \u0026#34;application-c\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;\u0026#34; }, { \u0026#34;name\u0026#34;: \u0026#34;atael\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;\u0026#34; } ] /srv/config/all?service-profile=\u0026lt;profile-name\u0026gt; Get all distinct services filtered on profile (service-profile):\ncurl -s http://localhost:8080/srv/config/all\\?service-profile\\=dev Example of data returned:\n[ { \u0026#34;name\u0026#34;: \u0026#34;atael\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;latest\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;dev\u0026#34; } ] /srv/config/properties?service-name=\u0026lt;service-name\u0026gt; Get all properties for a service-name (application):\ncurl -s http://localhost:8080/srv/config/properties\\?service-name\\=application-a Example of data returned:\n[ { \u0026#34;id\u0026#34;: 3, \u0026#34;application\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;12c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-name\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;databasename-a-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 4, \u0026#34;application\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;12c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-connection\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;connectionstring-a-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 5, \u0026#34;application\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;development\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;23cbeta\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-dev-name\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;databasename-a-dev\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 6, \u0026#34;application\u0026#34;: \u0026#34;application-a\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;development\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;23cbeta\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-dev-connection\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;connectionstring-a-dev\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; } ] /srv/config/properties?service-name=\u0026lt;service-name\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt; Get all properties for a service-name (application) filtered on service-label (label):\ncurl -s http://localhost:8080/srv/config/properties\\?service-name\\=application-b\\\u0026amp;service-label\\=19c Example of data returned:\n[ { \u0026#34;id\u0026#34;: 7, \u0026#34;application\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;19c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-name\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;databasename-b-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 8, \u0026#34;application\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;19c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-connection\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;connectionstring-b-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; } ] /srv/config/properties?service-name=\u0026lt;service-name\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt; Get all properties for a service-name (application) filtered on service-label (label) and service-profile (profile):\ncurl -s http://localhost:8080/srv/config/properties\\?service-name\\=application-b\\\u0026amp;service-label\\=19c\\\u0026amp;service-profile\\=production Example of data returned:\n[ { \u0026#34;id\u0026#34;: 7, \u0026#34;application\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;19c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-name\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;databasename-b-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; }, { \u0026#34;id\u0026#34;: 8, \u0026#34;application\u0026#34;: \u0026#34;application-b\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;production\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;19c\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;db-connection\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;connectionstring-b-prod\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; } ] /srv/config/properties?service-name=\u0026lt;service-name\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt;\u0026amp;property-key=\u0026lt;property-key\u0026gt; Get all properties for a service-name (application) filtered on service-label (label), service-profile (profile) and property-key (prop_key):\ncurl -s http://localhost:8080/srv/config/properties\\?service-name\\=application-c\\\u0026amp;service-label\\=23.4\\\u0026amp;service-profile\\=secret\\\u0026amp;property-key\\=txeventq Example of data returned:\n[ { \u0026#34;id\u0026#34;: 14, \u0026#34;application\u0026#34;: \u0026#34;application-c\u0026#34;, \u0026#34;profile\u0026#34;: \u0026#34;secret\u0026#34;, \u0026#34;label\u0026#34;: \u0026#34;23.4\u0026#34;, \u0026#34;propKey\u0026#34;: \u0026#34;txeventq\u0026#34;, \u0026#34;value\u0026#34;: \u0026#34;23c-kafka-name\u0026#34;, \u0026#34;createdOn\u0026#34;: \u0026#34;2023-10-19T16:50:07.000+00:00\u0026#34;, \u0026#34;createdBy\u0026#34;: \u0026#34;ADMIN\u0026#34; } ] /srv/config/property/add Create a property:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X POST \\ -d \u0026#34;service-name=application-d\u0026amp;service-label=1.0\u0026amp;service-profile=AI\u0026amp;property-key=url-to-host\u0026amp;property-value=hostname\u0026#34; \\ http://localhost:8080/srv/config/property/add Successful creation of a property returns:\nProperty added successfully. /srv/config/property/update Update a property:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X PUT \\ -d \u0026#34;service-name=application-d\u0026amp;service-label=1.0\u0026amp;service-profile=AI\u0026amp;property-key=url-to-host\u0026amp;property-value=new-hostname\u0026#34; \\ http://localhost:8080/srv/config/property/update Successful update of a property returns:\nProperty successfully modified. /srv/config/properties/delete?service-name\u0026lt;service-name\u0026gt; Delete all properties from a service (application):\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X DELETE http://localhost:8080/srv/config/properties/delete\\?service-name\\=atael Successful deletion of properties returns:\nProperties successfully deleted. /srv/config/delete?service-profile=\u0026lt;profile-name\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt; Delete all properties with a service profile:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X DELETE http://localhost:8080/srv/config/properties/delete\\?service-name\\=application-d\\\u0026amp;service-profile\\=AI Successful deletion of properties returns:\nProperties successfully deleted. /srv/config/delete?service-profile=\u0026lt;profile-name\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt; Delete all properties from a service with a profile and a label:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X DELETE http://localhost:8080/srv/config/properties/delete\\?service-name\\=application-a\\\u0026amp;service-profile\\=development\\\u0026amp;service-label\\=12c Successful deletion of properties returns:\nProperties successfully deleted. /srv/config/delete?service-profile=\u0026lt;profile-name\u0026gt;\u0026amp;service-profile=\u0026lt;service-profile\u0026gt;\u0026amp;service-label=\u0026lt;service-label\u0026gt;\u0026amp;property-key=\u0026lt;property-key\u0026gt; Delete all properties from a service with a profile and a label:\ncurl -u \u0026lt;username\u0026gt;:\u0026lt;password\u0026gt; -s -X DELETE http://localhost:8080/srv/config/properties/delete\\?service-name\\=application-b\\\u0026amp;service-profile\\=development\\\u0026amp;service-label\\=23cbeta\\\u0026amp;property-key\\=db-dev-name Successful deletion of properties returns:\nProperties successfully deleted. Re-create test data The Config Server data can be created using the following SQL statements:\nINSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;atael\u0026#39;,\u0026#39;dev\u0026#39;,\u0026#39;latest\u0026#39;,\u0026#39;test-property\u0026#39;,\u0026#39;This is the test-property value\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;atael\u0026#39;,\u0026#39;dev\u0026#39;,\u0026#39;latest\u0026#39;,\u0026#39;test-property-2\u0026#39;,\u0026#39;This is the test-property-2 value\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-a\u0026#39;,\u0026#39;production\u0026#39;,\u0026#39;12c\u0026#39;,\u0026#39;db-name\u0026#39;,\u0026#39;databasename-a-prod\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-a\u0026#39;,\u0026#39;production\u0026#39;,\u0026#39;12c\u0026#39;,\u0026#39;db-connection\u0026#39;,\u0026#39;connectionstring-a-prod\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-a\u0026#39;,\u0026#39;development\u0026#39;,\u0026#39;23cbeta\u0026#39;,\u0026#39;db-dev-name\u0026#39;,\u0026#39;databasename-a-dev\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-a\u0026#39;,\u0026#39;development\u0026#39;,\u0026#39;23cbeta\u0026#39;,\u0026#39;db-dev-connection\u0026#39;,\u0026#39;connectionstring-a-dev\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-b\u0026#39;,\u0026#39;production\u0026#39;,\u0026#39;19c\u0026#39;,\u0026#39;db-name\u0026#39;,\u0026#39;databasename-b-prod\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-b\u0026#39;,\u0026#39;production\u0026#39;,\u0026#39;19c\u0026#39;,\u0026#39;db-connection\u0026#39;,\u0026#39;connectionstring-b-prod\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-b\u0026#39;,\u0026#39;development\u0026#39;,\u0026#39;23cbeta\u0026#39;,\u0026#39;db-dev-name\u0026#39;,\u0026#39;databasename-b-dev\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-b\u0026#39;,\u0026#39;development\u0026#39;,\u0026#39;23cbeta\u0026#39;,\u0026#39;db-dev-connection\u0026#39;,\u0026#39;connectionstring-b-dev\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-c\u0026#39;,\u0026#39;secret\u0026#39;,\u0026#39;23.4\u0026#39;,\u0026#39;json-db\u0026#39;,\u0026#39;23c-json-db\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-c\u0026#39;,\u0026#39;secret\u0026#39;,\u0026#39;23.4\u0026#39;,\u0026#39;json-sdb-conn\u0026#39;,\u0026#39;23c-mongo-conn\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-c\u0026#39;,\u0026#39;secret\u0026#39;,\u0026#39;23.4\u0026#39;,\u0026#39;txeventq\u0026#39;,\u0026#39;23c-conn-string\u0026#39;); INSERT INTO CONFIGSERVER.PROPERTIES (APPLICATION, PROFILE, LABEL, PROP_KEY, VALUE) VALUES (\u0026#39;application-c\u0026#39;,\u0026#39;secret\u0026#39;,\u0026#39;23.4\u0026#39;,\u0026#39;txeventq\u0026#39;,\u0026#39;23c-kafka-name\u0026#39;); ","description":"Oracle Backend for Spring Boot and Microservices includes Spring Cloud Config which provides server- and client-side support for externalized configurations in a distributed system. The Spring Cloud Config server provides a central place to manage external properties for applications across all environments.\nThe Spring Cloud Config server is pre-configured to work with the Spring Boot Eureka service registry, configured to store the Configuration in the Oracle Autonomous Database to support labeled versions of configuration environments as well as being accessible to a wide range of tools for managing the content."},{"id":40,"href":"/microservices-datadriven/spring/platform/soc/","title":"Spring Operations Center","parent":"Platform Services","content":"Oracle Backend for Spring Boot and Microservices version includes \u0026ldquo;Spring Operations Center\u0026rdquo;. More capabilities will be added to this feature in future releases.\nThe Spring Operations Center provides a web user interface to manage the Oracle Backend for Spring Boot and Microservices. This release includes the following capabilities:\nView details about the configuration and health of the environment Manage and deploy workloads (Spring Boot applications) deployed in the environment Easy one-click access to Grafana dashboards for applications Manage users and roles defined in the Spring Authorization Server included in the environment Easy one-click access to Grafana dashboards for the Kubernetes cluster, the applications and the Oracle Database Collect diagnostic data for support Note: More capabilities will be added to this feature in future releases.\nAccessing Spring Operations Center The Dashboard Manage Namespaces Manage Workloads Manage Identity Accessing Spring Operations Center To access the Spring Operations Center, obtain the public IP address for your environment using this command:\nkubectl -n ingress-nginx get service ingress-nginx-controller The output will be similar to this:\nNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx-controller LoadBalancer 10.96.172.148 xxx.xxx.xxx.xxx 80:31393/TCP,443:30506/TCP 158m Use the EXTERNAL-IP from the results and open a browser to https://xxx.xxx.xxx.xxx/soc to access the login page.\nNote: If you installed with self-signed certificates, which is the default, you will see a browser warning message and will have to click on \u0026ldquo;Accept risk\u0026rdquo; or similar. For information about replacing the self-signed certificate with a production certificate, refer to Transport Layer Security\nSOC Login Page Login using the obaas-admin user (or another user if you have created one) and the password that you set during installation. If you did not set a password, one was auto-generated for you and can be obtained with this command:\nkubectl get secret -n azn-server oractl-passwords -o jsonpath=\u0026#39;{.data.admin}\u0026#39; | base64 -d; echo After logging in, you will see the SOC Dashboard.\nThe Dashboard The Spring Operations Center Dashboard provides information about the overall state of the environment including:\nThe version and platform the environment is running on The configuration and sizing of the Kubernetes cluster The configuration and sizing of the Database instance Easy one-click access to Grafana dashboards to see detailed status of the Kubernetes cluster and Database instance The overall system health status How many applications are deployed in the environment SOC Dashboard Manage Namespaces The Manage Namespaces screen is accessible from the Workloads menu, and allows you to view and manage the namespaces that are configured for Spring Boot application deployments. Note that this does not show you all namespaces in the Kubernetes cluster, just those that have be specifically configured for Spring Boot workloads, meaning they have the necessary secrets for pulling images, accessing the database, and so on.\nSOC Manage Namespaces screen Clicking on a namespace will allow you to drill down into that namespace and see the workloads (Spring Boot applications) deployed there.\nManage Workloads The Manage Workloads screen shows the workloads (Spring Boot applications) deployed in a specific namespace, including the status of each workload, and how many replicas are currently running and desired.\nSOC Manage Workloads screen You can click on the \u0026ldquo;open\u0026rdquo; link in the Dashboard column to open the Spring Boot Statistics Grafana dashboard for any workload listed in the table. Note that you may need to authenticate to Grafana the first time.\nGrafana Dashboard for Workload More details of this dashboard can be found here.\nManage Identity The Manage Identity screen is accessible from the Security menu and allows you to view information about the users and roles defined in the Spring Authorization Server included in the platform.\nSOC Manage Identity screen Collect Diagnostic Data The Collect Diagnostic Data is accessible from the Settings Menu and allows you to collect and download diagnostic data about your installation and platform. Verify its contents for any sensitive information before submitting with any support request.\nDiagnostic Data ","description":"Oracle Backend for Spring Boot and Microservices version includes \u0026ldquo;Spring Operations Center\u0026rdquo;. More capabilities will be added to this feature in future releases.\nThe Spring Operations Center provides a web user interface to manage the Oracle Backend for Spring Boot and Microservices. This release includes the following capabilities:\nView details about the configuration and health of the environment Manage and deploy workloads (Spring Boot applications) deployed in the environment Easy one-click access to Grafana dashboards for applications Manage users and roles defined in the Spring Authorization Server included in the environment Easy one-click access to Grafana dashboards for the Kubernetes cluster, the applications and the Oracle Database Collect diagnostic data for support Note: More capabilities will be added to this feature in future releases."},{"id":41,"href":"/microservices-datadriven/spring/tags/","title":"Tags","parent":"Oracle Backend for Spring Boot and Microservices","content":"","description":""},{"id":42,"href":"/microservices-datadriven/spring/get-help/troubleshooting/","title":"Troubleshooting","parent":"Get Help","content":"If experiencing issues with the Oracle Backend for Spring Boot and Microservices; check here for known issues and resolutions.\nORA-28000: The account is locked Access the database and determine which account has been locked by running the following SQL:\nSELECT USERNAME, LOCK_DATE, PROFILE FROM DBA_USERS WHERE ACCOUNT_STATUS=\u0026#39;LOCKED\u0026#39; AND AUTHENTICATION_TYPE=\u0026#39;PASSWORD\u0026#39; AND ORACLE_MAINTAINED\u0026lt;\u0026gt;\u0026#39;Y\u0026#39;; Unlock the account by running: ALTER USER \u0026lt;USERNAME\u0026gt; ACCOUNT UNLOCK;\nIf the account continues to be locked, evaluate the password being used by the service and changes appropriately.\n","description":"If experiencing issues with the Oracle Backend for Spring Boot and Microservices; check here for known issues and resolutions.\nORA-28000: The account is locked Access the database and determine which account has been locked by running the following SQL:\nSELECT USERNAME, LOCK_DATE, PROFILE FROM DBA_USERS WHERE ACCOUNT_STATUS=\u0026#39;LOCKED\u0026#39; AND AUTHENTICATION_TYPE=\u0026#39;PASSWORD\u0026#39; AND ORACLE_MAINTAINED\u0026lt;\u0026gt;\u0026#39;Y\u0026#39;; Unlock the account by running: ALTER USER \u0026lt;USERNAME\u0026gt; ACCOUNT UNLOCK;\nIf the account continues to be locked, evaluate the password being used by the service and changes appropriately."},{"id":43,"href":"/microservices-datadriven/spring/uninstall/","title":"Uninstall","parent":"Oracle Backend for Spring Boot and Microservices","content":"To remove Oracle Backend for Spring Boot and Microservices, navigate to Developer Services then Resource Manager - Stacks in the Oracle Cloud Infrastructure Console (OCI Console) main menu. Ensure that you are in the correct region and compartment where you installed the Oracle Backend as a Service (OBaaS).\nClick on the link to open the detailed view for the Oracle Backend for Spring Boot and Microservices instance and click Destroy to clean up resources. For example:\nOCI Stack Destroy The OCI Resource Manager uses the stack definition to destroy all resources. For example:\nOCI Stack Destroy Logs The destroy job takes about 20 minutes to complete. Review the logs when the job is done to ensure that it completed successfully. If there are any errors, run the Destroy job again.\n","description":"To remove Oracle Backend for Spring Boot and Microservices, navigate to Developer Services then Resource Manager - Stacks in the Oracle Cloud Infrastructure Console (OCI Console) main menu. Ensure that you are in the correct region and compartment where you installed the Oracle Backend as a Service (OBaaS).\nClick on the link to open the detailed view for the Oracle Backend for Spring Boot and Microservices instance and click Destroy to clean up resources."},{"id":44,"href":"/microservices-datadriven/spring/upgrade/","title":"Upgrade","parent":"Oracle Backend for Spring Boot and Microservices","content":"The world of Microservices moves fast. In order to keep up with new software versions and provide additional features, regular updates and patches are provided for the Oracle Backend for Spring Boot and Microservices.\nDepending on the original installation method and the state of your infrastructure, these patches and upgrades can either be preformed in-place or out-of-place. Oracle recommends, despite which option you choose, to have a backup of your applications and database in order to recover from any unintentional loss.\nThere are various methods to perform an upgrade including:\nIn-Place Marketplace Upgrade Out-of-Place Marketplace Upgrade In-Place Custom Upgrade Out-of-Place Custom Upgrade In-Place Marketplace Upgrade The in-place Marketplace upgrade can be performed when there has been no external modifications of the infrastructure after the original installation of the Marketplace stack; or you wish to reconcile the infrastructure back to the delivered Marketplace infrastructure.\nThe in-place method will both modify the infrastructure and patch/upgrade the delivered Oracle Backend for Spring Boot and Microservices applications.\nThis method is recommended for development deployments, or after testing the upgrade using the Out-of-Place Upgrade for production deployments.\nWarning: to ensure no unintentional outage or infrastructure destruction; do not directly apply the upgrade stack. Plan and review the actions that will be performed prior to its application. If in doubt about the potential loss of data or infrastructure, opt for the Out-of-Place method.\nDownload the Marketplace Upgrade Stack Visit the Release page and download the marketplace_upgrade.zip file for the version you are upgrading to.\nUpdate the Current Stack In Oracle Cloud Infrastructure, navigate to Developer Services -\u0026gt; Stacks. Ensure the region and compartment is set to the location where the Marketplace stack was first installed, and select the stack.\nEdit the Stack, and upload the marketplace_upgrade.zip file.\nClick through the wizard and ensure the \u0026ldquo;Apply\u0026rdquo; checkbox is not ticked. Save Changes.\nPlan the Upgrade Run the plan Job and review the proposed actions.\nGenerally, any proposed destruction of the Database or Kubernetes cluster should be avoided unless you are confident that you can recover both your applications and data. If the plan shows the destruction of these resources, the Out-of-Place Upgrade should be used as an alternative.\nApply the Upgrade Out-of-Place Marketplace Upgrade The out-of-place Marketplace upgrade can be used when manual changes to the original infrastructure have been made after the initial installation of the Oracle Backend for Spring Boot and Microservices. It is the recommended Marketplace method for production installations as it allows you to test the upgrade prior to go live, while leaving the old infrastructure in place for rollbacks.\nThe out-of-place method deliver new infrastructure and Oracle Backend for Spring Boot and Microservices applications. You will need to migrate your applications to the new platform.\nFollow the instructions to install the latest Marketplace version.\nClone Database Depending on the Oracle Database that was used during the initial installation, the method of cloning the database will vary. For example:\nOracle Autonomous Database Oracle BaseDB On-Premises options include: PDB Clone RMAN Duplicate Datapump Load Custom Applications Once the database has been cloned, re-load your applications into the new Kubernetes environment.\nClean Up Old Installation Follow the uninstall guide to clean up the old Marketplace installation.\nCustom In-Place Upgrade The Custom In-Place upgrade can be applied to any existing installation of the Oracle Backend for Spring Boot and Microservices. It will not modify any infrastructure and only apply changes to existing and install new Oracle Backend for Spring Boot and Microservices applications.\nDownload the Latest Installation Visit the Release page and download the custom-ebaas_latest.zip file for the version you are upgrading to.\nUnzip the custom-ebaas_latest.zip file.\nDefine the Infrastructure From the original installation source, copy the following infrastructure definitions, where they exist, to the new release source:\nansible/roles/common/vars/main.yaml ansible/roles/registry/vars/main.yaml ansible/roles/database/vars/main.yaml ansible/roles/oci/vars/main.yaml ansible/roles/azure/vars/main.yaml Perform the Upgrade From the unzipped source, run the following commands:\n./setup_ansible.sh source activate.env ansible-playbook ansible/k8s_apply.yaml -t full Custom Out-of-Place Upgrade The custom out-of-place upgrade assumes you have out-of-place infrastructure to install into. The existing Oracle Database should be cloned for use with the new version.\nDownload the Latest Installation Visit the Release page and download the custom-ebaas_latest.zip file for the version you are upgrading to.\nUnzip the custom-ebaas_latest.zip file.\nClone Database Depending on the Oracle Database that was used during the initial installation, the method of cloning the database will vary. For example:\nOracle Autonomous Database Oracle BaseDB On-Premises options include: PDB Clone RMAN Duplicate Datapump Update the Infrastructure From the original installation source, copy the following infrastructure definitions, where they exist, to the new release source:\nansible/roles/common/vars/main.yaml ansible/roles/registry/vars/main.yaml ansible/roles/database/vars/main.yaml ansible/roles/oci/vars/main.yaml ansible/roles/azure/vars/main.yaml Update the files to point to the new out-of-place infrastructure.\nPerform the Upgrade From the unzipped source, run the following commands:\n./setup_ansible.sh source activate.env ansible-playbook ansible/k8s_apply.yaml -t full Load Custom Applications Once the upgrade is complete, re-load your applications into the new Kubernetes environment.\n","description":"The world of Microservices moves fast. In order to keep up with new software versions and provide additional features, regular updates and patches are provided for the Oracle Backend for Spring Boot and Microservices.\nDepending on the original installation method and the state of your infrastructure, these patches and upgrades can either be preformed in-place or out-of-place. Oracle recommends, despite which option you choose, to have a backup of your applications and database in order to recover from any unintentional loss."},{"id":45,"href":"/microservices-datadriven/spring/platform/conductor/","title":"Workflow","parent":"Platform Services","content":"Oracle Backend for Spring Boot and Microservices includes the Netflix Conductor Server. Conductor is a popular workflow solution that works with Spring Boot Microservices and Oracle Database.\nDocumentation on Conductor can be found here:\nConductor OSS Documentation Accessing the Server User Interface (UI) Expose the Oracle Spring Cloud Admin server that the CLI calls by using this command:\nkubectl port-forward services/conductor-server -n conductor-server 8080:8080 Access the Conductor server UI at this URL:\nhttp://localhost:8080 Access the Swagger documentation at this URL:\nhttp://localhost:8080/swagger-ui/index.html API Specification The API Specification can be found here:\nAPI Specification ","description":"Oracle Backend for Spring Boot and Microservices includes the Netflix Conductor Server. Conductor is a popular workflow solution that works with Spring Boot Microservices and Oracle Database.\nDocumentation on Conductor can be found here:\nConductor OSS Documentation Accessing the Server User Interface (UI) Expose the Oracle Spring Cloud Admin server that the CLI calls by using this command:\nkubectl port-forward services/conductor-server -n conductor-server 8080:8080 Access the Conductor server UI at this URL:"}] \ No newline at end of file