From 19cc5eb9e6f1b5127bf01e4c1ae061875e61cb4c Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 1 Jun 2015 14:10:54 +0200
Subject: [PATCH 001/115] schema: Encode URL safe random vnc password string

/+= may break on some environments, url safe encoded passwords will have -_,
characters which are more acceptable

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 engine/schema/src/com/cloud/vm/VMInstanceVO.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engine/schema/src/com/cloud/vm/VMInstanceVO.java b/engine/schema/src/com/cloud/vm/VMInstanceVO.java
index d542f33237..3d2c3af677 100644
--- a/engine/schema/src/com/cloud/vm/VMInstanceVO.java
+++ b/engine/schema/src/com/cloud/vm/VMInstanceVO.java
@@ -206,7 +206,7 @@ public VMInstanceVO(long id, long serviceOfferingId, String name, String instanc
             SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
             byte[] randomBytes = new byte[16];
             random.nextBytes(randomBytes);
-            vncPassword = Base64.encodeBase64String(randomBytes);
+            vncPassword = Base64.encodeBase64URLSafeString(randomBytes);
         } catch (NoSuchAlgorithmException e) {
             s_logger.error("Unexpected exception in SecureRandom Algorithm selection ", e);
         }

From d55d45348c978294d0ba28de146160769d87ba81 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 1 Jun 2015 14:53:58 +0200
Subject: [PATCH 002/115] CLOUDSTACK-8530: KVM hosts without active agents
 should be in Disconnected state

KVM hosts which are actuall up, but if their agents are shutdown should be put
in disconnected state. This would avoid getting the VMs HA'd and other commands
such as deploying a VM will exclude that host and save us from errors.

The improvement is that, we first try to contact the KVM host itself. If it fails
we assume that it's disconnected, and then ask its KVM neighbours if they can
check its status. If all of the KVM neighbours tell us that it's Down and we're
unable to reach the KVM host, then the host is possibly down. In case any of the
KVM neighbours tell us that it's Up but we're unable to reach the KVM host then
we can be sure that the agent is offline but the host is running.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #340
---
 .../kvm/src/com/cloud/ha/KVMInvestigator.java | 43 ++++++++++++++-----
 1 file changed, 33 insertions(+), 10 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/com/cloud/ha/KVMInvestigator.java b/plugins/hypervisors/kvm/src/com/cloud/ha/KVMInvestigator.java
index e750ced7e1..b816d09dbc 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/ha/KVMInvestigator.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/ha/KVMInvestigator.java
@@ -18,13 +18,6 @@
  */
 package com.cloud.ha;
 
-import java.util.List;
-
-import javax.ejb.Local;
-import javax.inject.Inject;
-
-import org.apache.log4j.Logger;
-
 import com.cloud.agent.AgentManager;
 import com.cloud.agent.api.Answer;
 import com.cloud.agent.api.CheckOnHostCommand;
@@ -35,6 +28,11 @@
 import com.cloud.hypervisor.Hypervisor;
 import com.cloud.resource.ResourceManager;
 import com.cloud.utils.component.AdapterBase;
+import org.apache.log4j.Logger;
+
+import javax.ejb.Local;
+import javax.inject.Inject;
+import java.util.List;
 
 @Local(value = Investigator.class)
 public class KVMInvestigator extends AdapterBase implements Investigator {
@@ -60,22 +58,47 @@ public Status isAgentAlive(Host agent) {
         if (agent.getHypervisorType() != Hypervisor.HypervisorType.KVM && agent.getHypervisorType() != Hypervisor.HypervisorType.LXC) {
             return null;
         }
+        Status hostStatus = null;
+        Status neighbourStatus = null;
         CheckOnHostCommand cmd = new CheckOnHostCommand(agent);
+
+        try {
+            Answer answer = _agentMgr.easySend(agent.getId(), cmd);
+            if (answer != null) {
+                hostStatus = answer.getResult() ? Status.Down : Status.Up;
+            }
+        } catch (Exception e) {
+            s_logger.debug("Failed to send command to host: " + agent.getId());
+        }
+        if (hostStatus == null) {
+            hostStatus = Status.Disconnected;
+        }
+
         List<HostVO> neighbors = _resourceMgr.listHostsInClusterByStatus(agent.getClusterId(), Status.Up);
         for (HostVO neighbor : neighbors) {
             if (neighbor.getId() == agent.getId() || (neighbor.getHypervisorType() != Hypervisor.HypervisorType.KVM && neighbor.getHypervisorType() != Hypervisor.HypervisorType.LXC)) {
                 continue;
             }
+            s_logger.debug("Investigating host:" + agent.getId() + " via neighbouring host:" + neighbor.getId());
             try {
                 Answer answer = _agentMgr.easySend(neighbor.getId(), cmd);
                 if (answer != null) {
-                    return answer.getResult() ? Status.Down : Status.Up;
+                    neighbourStatus = answer.getResult() ? Status.Down : Status.Up;
+                    s_logger.debug("Neighbouring host:" + neighbor.getId() + " returned status:" + neighbourStatus + " for the investigated host:" + agent.getId());
+                    if (neighbourStatus == Status.Up) {
+                        break;
+                    }
                 }
             } catch (Exception e) {
                 s_logger.debug("Failed to send command to host: " + neighbor.getId());
             }
         }
-
-        return null;
+        if (neighbourStatus == Status.Up && (hostStatus == Status.Disconnected || hostStatus == Status.Down)) {
+            hostStatus = Status.Disconnected;
+        }
+        if (neighbourStatus == Status.Down && (hostStatus == Status.Disconnected || hostStatus == Status.Down)) {
+            hostStatus = Status.Down;
+        }
+        return hostStatus;
     }
 }

From fb50283fbe7875ce64992e268fb9ad5792e75962 Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan.hoogland@gmail.com>
Date: Wed, 3 Jun 2015 17:37:13 +0200
Subject: [PATCH 003/115] CID 1302974: Scanner in try-with-resource

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #353

(cherry picked from commit 109b6e94d39d7c6db4ff721c4699e42abe47ec5e)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../org/apache/cloudstack/utils/linux/MemStat.java  | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/linux/MemStat.java b/plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/linux/MemStat.java
index 1e3c872c35..1d6a4fc5b4 100644
--- a/plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/linux/MemStat.java
+++ b/plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/linux/MemStat.java
@@ -16,11 +16,10 @@
 // under the License.
 package org.apache.cloudstack.utils.linux;
 
-import java.util.HashMap;
-import java.util.Map;
-
 import java.io.File;
 import java.io.FileNotFoundException;
+import java.util.HashMap;
+import java.util.Map;
 import java.util.Scanner;
 
 public class MemStat {
@@ -29,7 +28,7 @@ public class MemStat {
     protected final static String CACHE_KEY = "Cached";
     protected final static String TOTAL_KEY = "MemTotal";
 
-    private Map<String, Double> _memStats = new HashMap<String, Double>();
+    private final Map<String, Double> _memStats = new HashMap<String, Double>();
 
     public MemStat() {
     }
@@ -51,9 +50,9 @@ public Double getCache() {
     }
 
     public void refresh() {
-        try {
-            Scanner fileScanner = new Scanner(new File(MEMINFO_FILE));
-            parseFromScanner(fileScanner);
+        File f = new File(MEMINFO_FILE);
+        try (Scanner scanner = new Scanner(f)) {
+            parseFromScanner(scanner);
         } catch (FileNotFoundException ex) {
             throw new RuntimeException("File " + MEMINFO_FILE + " not found:" + ex.toString());
         }

From 5fb86ae316d5e6703e2c54075b8d01149ec8e343 Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan.hoogland@gmail.com>
Date: Wed, 3 Jun 2015 17:31:19 +0200
Subject: [PATCH 004/115] CID 1302976 Scanner in try-with-resource

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #352

(cherry picked from commit 3d4d15275340bd9bbec76afb535e4a48371ef421)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../src/org/apache/cloudstack/utils/linux/CPUStat.java   | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/linux/CPUStat.java b/plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/linux/CPUStat.java
index 38b7e8ef9e..d8228a4202 100644
--- a/plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/linux/CPUStat.java
+++ b/plugins/hypervisors/kvm/src/org/apache/cloudstack/utils/linux/CPUStat.java
@@ -17,12 +17,12 @@
 
 package org.apache.cloudstack.utils.linux;
 
-import org.apache.log4j.Logger;
-
 import java.io.File;
 import java.io.FileNotFoundException;
 import java.util.Scanner;
 
+import org.apache.log4j.Logger;
+
 public class CPUStat {
     private static final Logger s_logger = Logger.getLogger(CPUStat.class);
 
@@ -52,8 +52,9 @@ private void init() {
 
     private UptimeStats getUptimeAndCpuIdleTime() {
         UptimeStats uptime = new UptimeStats(0d, 0d);
-        try {
-            String[] stats =  new Scanner(new File(_uptimeFile)).useDelimiter("\\Z").next().split("\\s+");
+        File f = new File(_uptimeFile);
+        try (Scanner scanner = new Scanner(f);) {
+            String[] stats = scanner.useDelimiter("\\Z").next().split("\\s+");
             uptime = new UptimeStats(Double.parseDouble(stats[0]), Double.parseDouble(stats[1]));
         } catch (FileNotFoundException ex) {
             s_logger.warn("File " + _uptimeFile + " not found:" + ex.toString());

From 64d72db0fce615bd3ada32a94634360995c97452 Mon Sep 17 00:00:00 2001
From: jeff <jeff@greenqloud.com>
Date: Thu, 11 Jun 2015 15:36:18 +0000
Subject: [PATCH 005/115] Allow EC2 to be run from Maven properly

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #389
---
 awsapi/pom.xml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/awsapi/pom.xml b/awsapi/pom.xml
index 8d15a45497..9366ccbd9d 100644
--- a/awsapi/pom.xml
+++ b/awsapi/pom.xml
@@ -204,6 +204,19 @@
       <artifactId>cloud-framework-db</artifactId>
       <version>${project.version}</version>
     </dependency>
+    <dependency>
+      <groupId>mysql</groupId>
+      <artifactId>mysql-connector-java</artifactId>
+      <version>${cs.mysql.version}</version>
+      <scope>runtime</scope>
+    </dependency>
+
+    <dependency>
+      <groupId>org.apache.ws.xmlschema</groupId>
+      <artifactId>xmlschema-core</artifactId>
+      <version>2.2.1</version>
+      <scope>runtime</scope>
+    </dependency>
   </dependencies>
   <build>
     <resources>

From 979956a4effba0f6bb427d4d501dd643d1692f5e Mon Sep 17 00:00:00 2001
From: Kishan Kavala <kishan@apache.org>
Date: Tue, 9 Jun 2015 16:03:15 +0530
Subject: [PATCH 006/115] CLOUDSTACK-5409: Include projectid during ACL check
 while listing S2S Vpn gateways

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #374
---
 server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
index a470ba1a0a..bf4b8a36ac 100644
--- a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
@@ -623,7 +623,7 @@ public Pair<List<? extends Site2SiteVpnGateway>, Integer> searchForVpnGateways(L
 
         Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean,
                 ListProjectResourcesCriteria>(domainId, isRecursive, null);
-        _accountMgr.buildACLSearchParameters(caller, id, accountName, null, permittedAccounts, domainIdRecursiveListProject, listAll, false);
+        _accountMgr.buildACLSearchParameters(caller, id, accountName, cmd.getProjectId(), permittedAccounts, domainIdRecursiveListProject, listAll, false);
         domainId = domainIdRecursiveListProject.first();
         isRecursive = domainIdRecursiveListProject.second();
         ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();

From 9ff3fe371e3b5db77fc1eb6e7c60280d674fd949 Mon Sep 17 00:00:00 2001
From: Wido den Hollander <wido@widodh.nl>
Date: Mon, 15 Jun 2015 14:15:26 +0200
Subject: [PATCH 007/115] CLOUDSTACK-8559: IP Source spoofing should not be
 allowed

We did not verify if the packets leaving an Instance had the correct
source address.

Any IP packet not matching the Instance IP(s) will be dropped

(cherry picked from commit 3e3c11ffcaf6ab736800dfdc777cb0681f58ddf1)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 scripts/vm/network/security_group.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/vm/network/security_group.py b/scripts/vm/network/security_group.py
index 146e403789..44d20fc254 100755
--- a/scripts/vm/network/security_group.py
+++ b/scripts/vm/network/security_group.py
@@ -474,6 +474,7 @@ def default_network_rules(vm_name, vm_id, vm_ip, vm_mac, vif, brname, sec_ips):
 
         #don't let vm spoof its ip address
         if vm_ip is not None:
+            execute("iptables -A " + vmchain_default + " -m physdev --physdev-is-bridged --physdev-in " + vif + " -m set ! --set " + vmipsetName + " src -j DROP")
             execute("iptables -A " + vmchain_default + " -m physdev --physdev-is-bridged --physdev-in " + vif + " -m set --set " + vmipsetName + " src -p udp --dport 53  -j RETURN ")
             execute("iptables -A " + vmchain_default + " -m physdev --physdev-is-bridged --physdev-in " + vif + " -m set --set " + vmipsetName + " src -j " + vmchain_egress)
         execute("iptables -A " + vmchain_default + " -m physdev --physdev-is-bridged --physdev-out " + vif + " -j " + vmchain)

From ad1fbc1b79691b33bed776a4c73415ce3f90bd53 Mon Sep 17 00:00:00 2001
From: Wido den Hollander <wido@widodh.nl>
Date: Mon, 15 Jun 2015 17:30:06 +0200
Subject: [PATCH 008/115] CLOUDSTACK-8560: Stat the resulting image after
 copying from template and return the size

This way we update the DB with the actual size of the disk after deployment from template

(cherry picked from commit 4b4c52ea77aedde663cd0238b774aa243c856f42)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
---
 .../kvm/storage/LibvirtStorageAdaptor.java    | 20 ++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
index 5edc07b6db..856a78ab81 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
@@ -39,6 +39,7 @@
 import com.ceph.rbd.Rbd;
 import com.ceph.rbd.RbdException;
 import com.ceph.rbd.RbdImage;
+import com.ceph.rbd.jna.RbdImageInfo;
 import com.ceph.rbd.jna.RbdSnapInfo;
 
 import org.apache.cloudstack.utils.qemu.QemuImg;
@@ -1243,6 +1244,10 @@ public KVMPhysicalDisk copyPhysicalDisk(KVMPhysicalDisk disk, String name, KVMSt
                         destFile = new QemuImgFile(destPath, destFormat);
                         try {
                             qemu.convert(srcFile, destFile);
+                            Map<String, String> destInfo = qemu.info(destFile);
+                            Long virtualSize = Long.parseLong(destInfo.get(new String("virtual_size")));
+                            newDisk.setVirtualSize(virtualSize);
+                            newDisk.setSize(virtualSize);
                         } catch (QemuImgException e) {
                             s_logger.error("Failed to convert " + srcFile.getFileName() + " to " + destFile.getFileName() + " the error was: " + e.getMessage());
                             newDisk = null;
@@ -1264,18 +1269,19 @@ public KVMPhysicalDisk copyPhysicalDisk(KVMPhysicalDisk disk, String name, KVMSt
 
             try {
                 srcFile = new QemuImgFile(sourcePath, sourceFormat);
+                String rbdDestPath = destPool.getSourceDir() + "/" + name;
                 String rbdDestFile = KVMPhysicalDisk.RBDStringBuilder(destPool.getSourceHost(),
                                                                       destPool.getSourcePort(),
                                                                       destPool.getAuthUserName(),
                                                                       destPool.getAuthSecret(),
-                                                                      destPool.getSourceDir() + "/" + name);
+                                                                      rbdDestPath);
                 destFile = new QemuImgFile(rbdDestFile, destFormat);
 
-                s_logger.debug("Starting copy from source image " + srcFile.getFileName() + " to RBD image " + destPool.getSourceDir() + "/" + name);
+                s_logger.debug("Starting copy from source image " + srcFile.getFileName() + " to RBD image " + rbdDestPath);
                 qemu.convert(srcFile, destFile);
-                s_logger.debug("Succesfully converted source image " + srcFile.getFileName() + " to RBD image " + destPool.getSourceDir() + "/" + name);
+                s_logger.debug("Succesfully converted source image " + srcFile.getFileName() + " to RBD image " + rbdDestPath);
 
-                /* We still have to create and protect a RBD snapshot in order to do cloning */
+                /* We have to stat the RBD image to see how big it became afterwards */
                 Rados r = new Rados(destPool.getAuthUserName());
                 r.confSet("mon_host", destPool.getSourceHost() + ":" + destPool.getSourcePort());
                 r.confSet("key", destPool.getAuthSecret());
@@ -1287,8 +1293,12 @@ public KVMPhysicalDisk copyPhysicalDisk(KVMPhysicalDisk disk, String name, KVMSt
                 Rbd rbd = new Rbd(io);
 
                 RbdImage image = rbd.open(name);
-
+                RbdImageInfo rbdInfo = image.stat();
+                newDisk.setSize(rbdInfo.size);
+                newDisk.setVirtualSize(rbdInfo.size);
+                s_logger.debug("After copy the resulting RBD image " + rbdDestPath + " is " + rbdInfo.size + " bytes long");
                 rbd.close(image);
+
                 r.ioCtxDestroy(io);
             } catch (QemuImgException e) {
                 s_logger.error("Failed to convert from " + srcFile.getFileName() + " to " + destFile.getFileName() + " the error was: " + e.getMessage());

From 570d162692b74cfcfc81db548cd73ae8f0ac6f5f Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan.hoogland@gmail.com>
Date: Thu, 4 Jun 2015 16:48:14 +0200
Subject: [PATCH 009/115] CLOUDSTACK-8537 add check for unique public key and
 account on ssh keypair registration

Signed-off-by: Daan Hoogland <daan.hoogland@gmail.com>
---
 .../src/com/cloud/user/dao/SSHKeyPairDao.java   |  2 ++
 .../com/cloud/user/dao/SSHKeyPairDaoImpl.java   |  9 +++++++++
 .../com/cloud/server/ManagementServerImpl.java  | 17 +++++++++++------
 3 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/engine/schema/src/com/cloud/user/dao/SSHKeyPairDao.java b/engine/schema/src/com/cloud/user/dao/SSHKeyPairDao.java
index 7a4ac40363..e035e9688c 100644
--- a/engine/schema/src/com/cloud/user/dao/SSHKeyPairDao.java
+++ b/engine/schema/src/com/cloud/user/dao/SSHKeyPairDao.java
@@ -35,4 +35,6 @@ public interface SSHKeyPairDao extends GenericDao<SSHKeyPairVO, Long> {
 
     public boolean deleteByName(long accountId, long domainId, String name);
 
+    public SSHKeyPairVO findByPublicKey(long accountId, long domainId, String publicKey);
+
 }
diff --git a/engine/schema/src/com/cloud/user/dao/SSHKeyPairDaoImpl.java b/engine/schema/src/com/cloud/user/dao/SSHKeyPairDaoImpl.java
index cfaa993e60..51e5fbeefd 100644
--- a/engine/schema/src/com/cloud/user/dao/SSHKeyPairDaoImpl.java
+++ b/engine/schema/src/com/cloud/user/dao/SSHKeyPairDaoImpl.java
@@ -72,6 +72,15 @@ public SSHKeyPairVO findByPublicKey(String publicKey) {
         return findOneBy(sc);
     }
 
+    @Override
+    public SSHKeyPairVO findByPublicKey(long accountId, long domainId, String publicKey) {
+        SearchCriteria<SSHKeyPairVO> sc = createSearchCriteria();
+        sc.addAnd("accountId", SearchCriteria.Op.EQ, accountId);
+        sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
+        sc.addAnd("publicKey", SearchCriteria.Op.EQ, publicKey);
+        return findOneBy(sc);
+    }
+
     @Override
     public boolean deleteByName(long accountId, long domainId, String name) {
         SSHKeyPairVO pair = findByName(accountId, domainId, name);
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index 33fb7781c1..e9f2e0bc9f 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -37,9 +37,6 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
-import org.apache.cloudstack.api.command.user.snapshot.UpdateSnapshotPolicyCmd;
-import org.apache.commons.codec.binary.Base64;
-import org.apache.log4j.Logger;
 import org.apache.cloudstack.acl.ControlledEntity;
 import org.apache.cloudstack.affinity.AffinityGroupProcessor;
 import org.apache.cloudstack.affinity.dao.AffinityGroupVMMapDao;
@@ -408,6 +405,7 @@
 import org.apache.cloudstack.api.command.user.snapshot.ListSnapshotPoliciesCmd;
 import org.apache.cloudstack.api.command.user.snapshot.ListSnapshotsCmd;
 import org.apache.cloudstack.api.command.user.snapshot.RevertSnapshotCmd;
+import org.apache.cloudstack.api.command.user.snapshot.UpdateSnapshotPolicyCmd;
 import org.apache.cloudstack.api.command.user.ssh.CreateSSHKeyPairCmd;
 import org.apache.cloudstack.api.command.user.ssh.DeleteSSHKeyPairCmd;
 import org.apache.cloudstack.api.command.user.ssh.ListSSHKeyPairsCmd;
@@ -511,6 +509,8 @@
 import org.apache.cloudstack.storage.datastore.db.PrimaryDataStoreDao;
 import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
 import org.apache.cloudstack.utils.identity.ManagementServerNode;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.log4j.Logger;
 
 import com.cloud.agent.AgentManager;
 import com.cloud.agent.api.GetVncPortAnswer;
@@ -3616,9 +3616,14 @@ public SSHKeyPair registerSSHKeyPair(RegisterSSHKeyPairCmd cmd) {
 
         Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
 
-        SSHKeyPairVO s = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
-        if (s != null) {
-            throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists.");
+        SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
+        if (existingPair != null) {
+            throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
+        }
+
+        existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
+        if (existingPair != null) {
+            throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey() + "' already exists for this account.");
         }
 
         String name = cmd.getName();

From 6e3c6e82990cafdab8453ed56530dc619ba70338 Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan.hoogland@gmail.com>
Date: Tue, 9 Jun 2015 23:57:00 +0200
Subject: [PATCH 010/115] CLOUDSTACK-8537 refactor registerSSHKeyPair() for
 legibility and testability reasons

Signed-off-by: Daan Hoogland <daan.hoogland@gmail.com>
---
 .../cloud/server/ManagementServerImpl.java    | 110 +++++++++++++-----
 1 file changed, 83 insertions(+), 27 deletions(-)

diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index e9f2e0bc9f..08fd9e9315 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -16,7 +16,9 @@
 // under the License.
 package com.cloud.server;
 
+import java.io.UnsupportedEncodingException;
 import java.lang.reflect.Field;
+import java.net.URLDecoder;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Calendar;
@@ -940,7 +942,7 @@ protected void checkPortParameters(String publicPort, String privatePort, String
 
     @Override
     public boolean archiveEvents(ArchiveEventsCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         List<Long> ids = cmd.getIds();
         boolean result = true;
         List<Long> permittedAccountIds = new ArrayList<Long>();
@@ -967,7 +969,7 @@ public boolean archiveEvents(ArchiveEventsCmd cmd) {
 
     @Override
     public boolean deleteEvents(DeleteEventsCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         List<Long> ids = cmd.getIds();
         boolean result = true;
         List<Long> permittedAccountIds = new ArrayList<Long>();
@@ -1091,8 +1093,7 @@ public Pair<List<? extends Host>, Integer> searchForServers(ListHostsCmd cmd) {
 
     @Override
     public Ternary<Pair<List<? extends Host>, Integer>, List<? extends Host>, Map<Host, Boolean>> listHostsForMigrationOfVM(Long vmId, Long startIndex, Long pageSize) {
-        // access check - only root admin can migrate VM
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         if (!_accountMgr.isRootAdmin(caller.getId())) {
             if (s_logger.isDebugEnabled()) {
                 s_logger.debug("Caller is not a root admin, permission denied to migrate the VM");
@@ -1269,8 +1270,7 @@ private boolean hasSuitablePoolsForVolume(VolumeVO volume, Host host, VirtualMac
 
     @Override
     public Pair<List<? extends StoragePool>, List<? extends StoragePool>> listStoragePoolsForMigrationOfVolume(Long volumeId) {
-        // Access check - only root administrator can migrate volumes.
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         if (!_accountMgr.isRootAdmin(caller.getId())) {
             if (s_logger.isDebugEnabled()) {
                 s_logger.debug("Caller is not a root admin, permission denied to migrate the volume");
@@ -1762,7 +1762,7 @@ public Pair<List<? extends IpAddress>, Integer> searchForIPAddresses(ListPublicI
         List<Long> permittedAccounts = new ArrayList<Long>();
         ListProjectResourcesCriteria listProjectResourcesCriteria = null;
         if (isAllocated) {
-            Account caller = CallContext.current().getCallingAccount();
+            Account caller = getCaller();
 
             Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
                     cmd.getDomainId(), cmd.isRecursive(), null);
@@ -2255,8 +2255,7 @@ public DomainVO updateDomain(UpdateDomainCmd cmd) {
             throw new InvalidParameterValueException("ROOT domain can not be edited with a new name");
         }
 
-        // check permissions
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         _accountMgr.checkAccess(caller, domain);
 
         // domain name is unique under the parent domain
@@ -3304,7 +3303,7 @@ private String signRequest(String request, String key) {
 
     @Override
     public ArrayList<String> getCloudIdentifierResponse(long userId) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
 
         // verify that user exists
         User user = _accountMgr.getUserIncludingRemoved(userId);
@@ -3344,7 +3343,7 @@ public ArrayList<String> getCloudIdentifierResponse(long userId) {
     public Map<String, Object> listCapabilities(ListCapabilitiesCmd cmd) {
         Map<String, Object> capabilities = new HashMap<String, Object>();
 
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         boolean securityGroupsEnabled = false;
         boolean elasticLoadBalancerEnabled = false;
         boolean KVMSnapshotEnabled = false;
@@ -3410,7 +3409,7 @@ public GuestOSHypervisorVO getGuestOsHypervisor(Long guestOsHypervisorId) {
 
     @Override
     public InstanceGroupVO updateVmGroup(UpdateVMGroupCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         Long groupId = cmd.getId();
         String groupName = cmd.getGroupName();
 
@@ -3528,7 +3527,7 @@ public List<String> getHypervisors(Long zoneId) {
 
     @Override
     public SSHKeyPair createSSHKeyPair(CreateSSHKeyPairCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         String accountName = cmd.getAccountName();
         Long domainId = cmd.getDomainId();
         Long projectId = cmd.getProjectId();
@@ -3552,7 +3551,7 @@ public SSHKeyPair createSSHKeyPair(CreateSSHKeyPairCmd cmd) {
 
     @Override
     public boolean deleteSSHKeyPair(DeleteSSHKeyPairCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         String accountName = cmd.getAccountName();
         Long domainId = cmd.getDomainId();
         Long projectId = cmd.getProjectId();
@@ -3580,7 +3579,7 @@ public Pair<List<? extends SSHKeyPair>, Integer> listSSHKeyPairs(ListSSHKeyPairs
         String name = cmd.getName();
         String fingerPrint = cmd.getFingerprint();
 
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         List<Long> permittedAccounts = new ArrayList<Long>();
 
         Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
@@ -3612,30 +3611,87 @@ public Pair<List<? extends SSHKeyPair>, Integer> listSSHKeyPairs(ListSSHKeyPairs
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_REGISTER_SSH_KEYPAIR, eventDescription = "registering ssh keypair", async = true)
     public SSHKeyPair registerSSHKeyPair(RegisterSSHKeyPairCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account owner = getOwner(cmd);
+        checkForKeyByName(cmd, owner);
+        checkForKeyByPublicKey(cmd, owner);
 
-        Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
+        String name = cmd.getName();
+        String key = cmd.getPublicKey();
+        try {
+            key = URLDecoder.decode(key, "UTF-8");
+        } catch (UnsupportedEncodingException e) {
+            s_logger.warn("key decoding tried invain: " + e.getLocalizedMessage());
+        }
+        String publicKey = getPublicKeyFromKeyKeyMaterial(key);
+        String fingerprint = getFingerprint(publicKey);
 
-        SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
+        return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
+    }
+
+    /**
+     * @param cmd
+     * @param owner
+     * @throws InvalidParameterValueException
+     */
+    private void checkForKeyByPublicKey(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
+        SSHKeyPairVO existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
         if (existingPair != null) {
-            throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
+            throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey() + "' already exists for this account.");
         }
+    }
 
-        existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
+    /**
+     * @param cmd
+     * @param owner
+     * @throws InvalidParameterValueException
+     */
+    private void checkForKeyByName(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
+        SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
         if (existingPair != null) {
-            throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey() + "' already exists for this account.");
+            throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
         }
+    }
 
-        String name = cmd.getName();
-        String publicKey = SSHKeysHelper.getPublicKeyFromKeyMaterial(cmd.getPublicKey());
+    /**
+     * @param publicKey
+     * @return
+     */
+    private String getFingerprint(String publicKey) {
+        String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
+        return fingerprint;
+    }
+
+    /**
+     * @param key
+     * @return
+     * @throws InvalidParameterValueException
+     */
+    private String getPublicKeyFromKeyKeyMaterial(String key) throws InvalidParameterValueException {
+        String publicKey = SSHKeysHelper.getPublicKeyFromKeyMaterial(key);
 
         if (publicKey == null) {
             throw new InvalidParameterValueException("Public key is invalid");
         }
+        return publicKey;
+    }
 
-        String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
+    /**
+     * @param cmd
+     * @return
+     */
+    private Account getOwner(RegisterSSHKeyPairCmd cmd) {
+        Account caller = getCaller();
 
-        return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
+        Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
+        return owner;
+    }
+
+    /**
+     * @return
+     */
+    private Account getCaller() {
+        Account caller = CallContext.current().getCallingAccount();
+        return caller;
     }
 
     private SSHKeyPair createAndSaveSSHKeyPair(String name, String fingerprint, String publicKey, String privateKey, Account owner) {
@@ -3655,7 +3711,7 @@ private SSHKeyPair createAndSaveSSHKeyPair(String name, String fingerprint, Stri
 
     @Override
     public String getVMPassword(GetVMPasswordCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
 
         UserVmVO vm = _userVmDao.findById(cmd.getId());
         if (vm == null) {
@@ -3831,7 +3887,7 @@ public VirtualMachine upgradeSystemVM(UpgradeSystemVMCmd cmd) {
     }
 
     private VirtualMachine upgradeStoppedSystemVm(Long systemVmId, Long serviceOfferingId, Map<String, String> customparameters) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
 
         VMInstanceVO systemVm = _vmInstanceDao.findByIdTypes(systemVmId, VirtualMachine.Type.ConsoleProxy, VirtualMachine.Type.SecondaryStorageVm);
         if (systemVm == null) {

From 4d096ea0e10906138747fb2643a8fa84b5f11fd1 Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan.hoogland@gmail.com>
Date: Mon, 15 Jun 2015 16:11:36 +0200
Subject: [PATCH 011/115] CLOUDSTACK-8537 test for the sake of testing the fix
 seems so trivial but no testing is available for it at all. when bugs arise
 test extension should be the start point here.

Signed-off-by: Daan Hoogland <daan.hoogland@gmail.com>

This closes #357
---
 .../cloud/server/ManagementServerImpl.java    |  8 +--
 .../server/ManagementServerImplTest.java      | 67 +++++++++++++++++++
 2 files changed, 71 insertions(+), 4 deletions(-)
 create mode 100644 server/test/com/cloud/server/ManagementServerImplTest.java

diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index 08fd9e9315..5946b292f7 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -745,7 +745,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
     @Inject
     private InstanceGroupDao _vmGroupDao;
     @Inject
-    private SSHKeyPairDao _sshKeyPairDao;
+    protected SSHKeyPairDao _sshKeyPairDao;
     @Inject
     private LoadBalancerDao _loadbalancerDao;
     @Inject
@@ -3645,7 +3645,7 @@ private void checkForKeyByPublicKey(RegisterSSHKeyPairCmd cmd, Account owner) th
      * @param owner
      * @throws InvalidParameterValueException
      */
-    private void checkForKeyByName(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
+    protected void checkForKeyByName(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
         SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
         if (existingPair != null) {
             throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
@@ -3679,7 +3679,7 @@ private String getPublicKeyFromKeyKeyMaterial(String key) throws InvalidParamete
      * @param cmd
      * @return
      */
-    private Account getOwner(RegisterSSHKeyPairCmd cmd) {
+    protected Account getOwner(RegisterSSHKeyPairCmd cmd) {
         Account caller = getCaller();
 
         Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
@@ -3689,7 +3689,7 @@ private Account getOwner(RegisterSSHKeyPairCmd cmd) {
     /**
      * @return
      */
-    private Account getCaller() {
+    protected Account getCaller() {
         Account caller = CallContext.current().getCallingAccount();
         return caller;
     }
diff --git a/server/test/com/cloud/server/ManagementServerImplTest.java b/server/test/com/cloud/server/ManagementServerImplTest.java
new file mode 100644
index 0000000000..1e530e6372
--- /dev/null
+++ b/server/test/com/cloud/server/ManagementServerImplTest.java
@@ -0,0 +1,67 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.server;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.Spy;
+import org.mockito.runners.MockitoJUnitRunner;
+
+import org.apache.cloudstack.api.command.user.ssh.RegisterSSHKeyPairCmd;
+
+import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.user.Account;
+import com.cloud.user.SSHKeyPairVO;
+import com.cloud.user.dao.SSHKeyPairDao;
+
+@RunWith(MockitoJUnitRunner.class)
+public class ManagementServerImplTest {
+
+    @Mock
+    RegisterSSHKeyPairCmd regCmd;
+    @Mock
+    SSHKeyPairVO existingPair;
+    @Mock
+    Account account;
+    @Mock
+    SSHKeyPairDao sshKeyPairDao;
+    ManagementServerImpl ms = new ManagementServerImpl();
+    @Spy
+    ManagementServerImpl spy;
+
+    @Test(expected = InvalidParameterValueException.class)
+    public void testExistingPairRegistration() {
+        String accountName = "account";
+        String publicKeyString = "very public";
+        // setup owner with domainid
+        Mockito.doReturn(account).when(spy).getCaller();
+        Mockito.doReturn(account).when(spy).getOwner(regCmd);
+        // mock _sshKeyPairDao.findByName to return null
+        Mockito.doNothing().when(spy).checkForKeyByName(regCmd, account);
+        // mock _sshKeyPairDao.findByPublicKey to return a known object
+        Mockito.doReturn(accountName).when(regCmd).getAccountName();
+        Mockito.doReturn(publicKeyString).when(regCmd).getPublicKey();
+        Mockito.doReturn("name").when(regCmd).getName();
+        spy._sshKeyPairDao = sshKeyPairDao;
+        Mockito.doReturn(1L).when(account).getAccountId();
+        Mockito.doReturn(1L).when(account).getDomainId();
+        Mockito.doReturn(existingPair).when(sshKeyPairDao).findByPublicKey(1L, 1L, publicKeyString);
+        spy.registerSSHKeyPair(regCmd);
+    }
+}

From 88fb8431f235b92f7de291413a6880a7ea08de1b Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan.hoogland@gmail.com>
Date: Tue, 16 Jun 2015 17:12:43 +0200
Subject: [PATCH 012/115] CLOUDSTACK-8545 make reboot on out of band migration
 configurable

---
 .../VirtualNetworkApplianceManager.java       |  9 ++-
 .../VirtualNetworkApplianceManagerImpl.java   | 56 +++++++++----------
 2 files changed, 32 insertions(+), 33 deletions(-)

diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
index 443402e7bc..4022b56bff 100644
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
@@ -53,6 +53,7 @@ public interface VirtualNetworkApplianceManager extends Manager, VirtualNetworkA
     static final String RouterTemplateLxcCK = "router.template.lxc";
     static final String SetServiceMonitorCK = "network.router.EnableServiceMonitoring";
     static final String RouterAlertsCheckIntervalCK = "router.alerts.check.interval";
+    static final String RouterReprovisionOnOutOfBandMigrationCK = "router.reboot.when.outofband.migrated";
 
     static final ConfigKey<String> RouterTemplateXen = new ConfigKey<String>(String.class, RouterTemplateXenCK, "Advanced", "SystemVM Template (XenServer)",
         "Name of the default router template on Xenserver.", true, ConfigKey.Scope.Zone, null);
@@ -64,12 +65,16 @@ public interface VirtualNetworkApplianceManager extends Manager, VirtualNetworkA
         "Name of the default router template on Hyperv.", true, ConfigKey.Scope.Zone, null);
     static final ConfigKey<String> RouterTemplateLxc = new ConfigKey<String>(String.class, RouterTemplateLxcCK, "Advanced", "SystemVM Template (LXC)",
         "Name of the default router template on LXC.", true, ConfigKey.Scope.Zone, null);
-
     static final ConfigKey<String> SetServiceMonitor = new ConfigKey<String>(String.class, SetServiceMonitorCK, "Advanced", "true",
             "service monitoring in router enable/disable option, default true", true, ConfigKey.Scope.Zone, null);
-
     static final ConfigKey<Integer> RouterAlertsCheckInterval = new ConfigKey<Integer>(Integer.class, RouterAlertsCheckIntervalCK, "Advanced", "1800",
             "Interval (in seconds) to check for alerts in Virtual Router.", false, ConfigKey.Scope.Global, null);
+    static final ConfigKey<Boolean> routerVersionCheckEnabled = new ConfigKey<Boolean>("Advanced", Boolean.class, "router.version.check", "true",
+            "If true, router minimum required version is checked before sending command", false);
+    static final ConfigKey<Boolean> UseExternalDnsServers = new ConfigKey<Boolean>(Boolean.class, "use.external.dns", "Advanced", "false",
+            "Bypass internal dns, use external dns1 and dns2", true, ConfigKey.Scope.Zone, null);
+    static final ConfigKey<Boolean> RouterReprovisionOnOutOfBandMigration = new ConfigKey<Boolean>(Boolean.class, RouterReprovisionOnOutOfBandMigrationCK, "Advanced", "false",
+            "Reboot routers when they are migrated out of band in order to reprovision", true, ConfigKey.Scope.Zone, null);
 
     public static final int DEFAULT_ROUTER_VM_RAMSIZE = 256;            // 256M
     public static final int DEFAULT_ROUTER_CPU_MHZ = 500;                // 500 MHz
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index 46463cdf66..698f94dce5 100755
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -676,13 +676,6 @@ public VirtualRouter rebootRouter(final long routerId, final boolean reprogramNe
         }
     }
 
-    static final ConfigKey<Boolean> UseExternalDnsServers = new ConfigKey<Boolean>(Boolean.class, "use.external.dns", "Advanced", "false",
-            "Bypass internal dns, use external dns1 and dns2", true, ConfigKey.Scope.Zone, null);
-
-    static final ConfigKey<Boolean> routerVersionCheckEnabled = new ConfigKey<Boolean>("Advanced", Boolean.class, "router.version.check", "true",
-            "If true, router minimum required version is checked before sending command", false);
-
-
     @Override
     public boolean configure(final String name, final Map<String, Object> params) throws ConfigurationException {
 
@@ -4466,7 +4459,7 @@ public String getConfigComponentName() {
 
     @Override
     public ConfigKey<?>[] getConfigKeys() {
-        return new ConfigKey<?>[] {UseExternalDnsServers, routerVersionCheckEnabled, SetServiceMonitor, RouterAlertsCheckInterval};
+        return new ConfigKey<?>[] {UseExternalDnsServers, routerVersionCheckEnabled, SetServiceMonitor, RouterAlertsCheckInterval, RouterReprovisionOnOutOfBandMigration};
     }
 
     @Override
@@ -4479,32 +4472,33 @@ public boolean postStateTransitionEvent(StateMachine2.Transition<State, VirtualM
         State oldState = transition.getCurrentState();
         State newState = transition.getToState();
         VirtualMachine.Event event = transition.getEvent();
-        if (event == VirtualMachine.Event.FollowAgentPowerOnReport && newState == State.Running) {
-            if (vo.getType() == VirtualMachine.Type.DomainRouter) {
-                // opaque -> <hostId, powerHostId>
-                if (opaque != null && opaque instanceof Pair<?, ?>) {
-                    Pair<?, ?> pair = (Pair<?, ?>)opaque;
-                    Object first = pair.first();
-                    Object second = pair.second();
-                    // powerHostId cannot be null in case of out-of-band VM movement
-                    if (second != null && second instanceof Long) {
-                        Long powerHostId = (Long)second;
-                        Long hostId = null;
-                        if (first != null && first instanceof Long) {
-                            hostId = (Long)first;
-                        }
-                        // The following scenarios are due to out-of-band VM movement
-                        // 1. If VM is in stopped state in CS due to 'PowerMissing' report from old host (hostId is null) and then there is a 'PowerOn' report from new host
-                        // 2. If VM is in running state in CS and there is a 'PowerOn' report from new host
-                        if (hostId == null || (hostId.longValue() != powerHostId.longValue())) {
-                            s_logger.info("Schedule a router reboot task as router " + vo.getId() + " is powered-on out-of-band, need to reboot to refresh network rules");
-                            _rebootRouterExecutor.execute(new RebootTask(vo.getId()));
-                        }
-                    }
+        boolean reprovision_out_of_band = RouterReprovisionOnOutOfBandMigration.value();
+        if (
+            (vo.getType() == VirtualMachine.Type.DomainRouter) &&
+            ((oldState == State.Stopped) || (reprovision_out_of_band && isOutOfBandMigrated(opaque))) &&
+            (event == VirtualMachine.Event.FollowAgentPowerOnReport) &&
+            (newState == State.Running)) {
+                s_logger.info("Schedule a router reboot task as router " + vo.getId() + " is powered-on out-of-band. we need to reboot to refresh network rules");
+                _executor.schedule(new RebootTask(vo.getId()), 1000, TimeUnit.MICROSECONDS);
+        }
+        return true;
+    }
+
+    private boolean isOutOfBandMigrated(Object opaque) {
+        if (opaque != null && opaque instanceof Pair<?, ?>) {
+            Pair<?, ?> pair = (Pair<?, ?>)opaque;
+            Object first = pair.first();
+            Object second = pair.second();
+            if (first != null && second != null && first instanceof Long && second instanceof Long) {
+                Long hostId = (Long)first;
+                Long powerHostId = (Long)second;
+                // If VM host known to CS is different from 'PowerOn' report host, then it is out-of-band movement
+                if (hostId.longValue() != powerHostId.longValue()) {
+                    return true;
                 }
             }
         }
-        return true;
+        return false;
     }
 
     protected class RebootTask extends ManagedContextRunnable {

From 85e2d9611f90d00e0d61b2cfd6a1779d400eb60b Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan.hoogland@gmail.com>
Date: Thu, 18 Jun 2015 08:04:50 +0200
Subject: [PATCH 013/115] CLOUDSTACK-8545 alert when out of band migration is
 detected and not acted upon

---
 .../router/VirtualNetworkApplianceManagerImpl.java        | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index 698f94dce5..e0d1edb5f8 100755
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -4480,7 +4480,15 @@ public boolean postStateTransitionEvent(StateMachine2.Transition<State, VirtualM
             (newState == State.Running)) {
                 s_logger.info("Schedule a router reboot task as router " + vo.getId() + " is powered-on out-of-band. we need to reboot to refresh network rules");
                 _executor.schedule(new RebootTask(vo.getId()), 1000, TimeUnit.MICROSECONDS);
+        } else {
+            if (isOutOfBandMigrated(opaque)) {
+                final String title = "Router has been migrated out of band: " + vo.getInstanceName();
+                final String context =
+                        "An out of band migration of router " + vo.getInstanceName() + "(" + vo.getUuid() + ") was detected. No automated action was performed.";
+                _alertMgr.sendAlert(AlertManager.AlertType.ALERT_TYPE_DOMAIN_ROUTER, vo.getDataCenterId(), vo.getPodIdToDeployIn(), title, context);
+            }
         }
+
         return true;
     }
 

From 259b2639f5c31950d7f480a41a19f710a6f1ae3b Mon Sep 17 00:00:00 2001
From: Jayapal <jayapal@apache.org>
Date: Wed, 17 Jun 2015 15:16:54 +0530
Subject: [PATCH 014/115] Fixed issue in adding vm SG rules on vm reboot for
 xenserver 6.5

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #479

(cherry picked from commit 59e6596fefe55b56d414b1c4a8a665153aba1035)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 scripts/vm/hypervisor/xenserver/vmops | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/scripts/vm/hypervisor/xenserver/vmops b/scripts/vm/hypervisor/xenserver/vmops
index e5e5c40ee4..b5ac17f146 100755
--- a/scripts/vm/hypervisor/xenserver/vmops
+++ b/scripts/vm/hypervisor/xenserver/vmops
@@ -938,10 +938,9 @@ def network_rules_for_rebooted_vm(session, vmName):
         for cmd in [delcmd, delcmd2, inscmd, inscmd2, inscmd3, inscmd4]:
             cmds = util.pread2(['/bin/bash', '-c', cmd]).split('\n')
             cmds.pop()
-            for c in cmds:
+            for c in filter(None,cmds):
                     ipt = c.split(' ')
                     ipt.insert(0, 'iptables')
-                    ipt.pop()
                     ipts.append(ipt)
 
         for ipt in ipts:

From 04c7cf4e15a24f3717223c42a5adafe14404d416 Mon Sep 17 00:00:00 2001
From: Abhinandan Prateek <abhinandan.prateek@shapeblue.com>
Date: Fri, 19 Jun 2015 09:24:56 +0530
Subject: [PATCH 015/115] CLOUDSTACK-8570:Exception in calculating reserved
 capacity for dynamic service offering

---
 .../com/cloud/capacity/CapacityManagerImpl.java    | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/server/src/com/cloud/capacity/CapacityManagerImpl.java b/server/src/com/cloud/capacity/CapacityManagerImpl.java
index f91a20a19a..4c715ae8e8 100755
--- a/server/src/com/cloud/capacity/CapacityManagerImpl.java
+++ b/server/src/com/cloud/capacity/CapacityManagerImpl.java
@@ -645,8 +645,18 @@ public void updateCapacityForHost(final Host host) {
                     ramOvercommitRatio = Float.parseFloat(vmDetailRam.getValue());
                 }
                 ServiceOffering so = offeringsMap.get(vm.getServiceOfferingId());
-                reservedMemory += ((so.getRamSize() * 1024L * 1024L) / ramOvercommitRatio) * clusterRamOvercommitRatio;
-                reservedCpu += (so.getCpu() * so.getSpeed() / cpuOvercommitRatio) * clusterCpuOvercommitRatio;
+                Map<String, String> vmDetails = _userVmDetailsDao.listDetailsKeyPairs(vm.getId());
+                if (so.isDynamic()) {
+                    reservedMemory +=
+                        ((Integer.parseInt(vmDetails.get(UsageEventVO.DynamicParameters.memory.name())) * 1024L * 1024L) / ramOvercommitRatio) *
+                            clusterRamOvercommitRatio;
+                    reservedCpu +=
+                        ((Integer.parseInt(vmDetails.get(UsageEventVO.DynamicParameters.cpuNumber.name())) * Integer.parseInt(vmDetails.get(UsageEventVO.DynamicParameters.cpuSpeed.name()))) / cpuOvercommitRatio) *
+                            clusterCpuOvercommitRatio;
+                } else {
+                    reservedMemory += ((so.getRamSize() * 1024L * 1024L) / ramOvercommitRatio) * clusterRamOvercommitRatio;
+                    reservedCpu += (so.getCpu() * so.getSpeed() / cpuOvercommitRatio) * clusterCpuOvercommitRatio;
+                }
             } else {
                 // signal if not done already, that the VM has been stopped for skip.counting.hours,
                 // hence capacity will not be reserved anymore.

From eb904cd8fde640599fda87271729f53aa8022313 Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan@onecht.net>
Date: Fri, 19 Jun 2015 14:02:13 +0200
Subject: [PATCH 016/115] findbugs: repeated condition seems c&p error the
 tested states sugest that EXPUNGED should be the last one

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #491

(cherry picked from commit bb613baa2b716dfe9aa7aed08b6cdd2027395456)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 server/src/com/cloud/storage/VolumeApiServiceImpl.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/src/com/cloud/storage/VolumeApiServiceImpl.java b/server/src/com/cloud/storage/VolumeApiServiceImpl.java
index 0f17a57ad4..b45b8aa872 100644
--- a/server/src/com/cloud/storage/VolumeApiServiceImpl.java
+++ b/server/src/com/cloud/storage/VolumeApiServiceImpl.java
@@ -1105,7 +1105,7 @@ public boolean deleteVolume(long volumeId, Account caller) throws ConcurrentOper
         }
 
         try {
-            if (volume.getState() != Volume.State.Destroy && volume.getState() != Volume.State.Expunging && volume.getState() != Volume.State.Expunging) {
+            if (volume.getState() != Volume.State.Destroy && volume.getState() != Volume.State.Expunging && volume.getState() != Volume.State.Expunged) {
                 Long instanceId = volume.getInstanceId();
                 if (!volService.destroyVolume(volume.getId())) {
                     return false;

From a8959bca553013d7b8182dfd355a2ecb799c3995 Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan@onecht.net>
Date: Sun, 19 Apr 2015 18:10:03 +0200
Subject: [PATCH 017/115] 4.4.4 to 4.5.2 upgrade

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #528
---
 .../cloud/upgrade/DatabaseUpgradeChecker.java |  3 +
 .../cloud/upgrade/dao/Upgrade443to444.java    | 64 +++++++++++++++++++
 .../cloud/upgrade/dao/Upgrade444to450.java    | 30 +++++++++
 setup/db/db/schema-443to444.sql               | 20 ++++++
 4 files changed, 117 insertions(+)
 create mode 100644 engine/schema/src/com/cloud/upgrade/dao/Upgrade443to444.java
 create mode 100644 engine/schema/src/com/cloud/upgrade/dao/Upgrade444to450.java
 create mode 100644 setup/db/db/schema-443to444.sql

diff --git a/engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java b/engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
index 2ad1481995..6cdc4c1938 100755
--- a/engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
+++ b/engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
@@ -72,6 +72,7 @@
 import com.cloud.upgrade.dao.Upgrade441to442;
 import com.cloud.upgrade.dao.Upgrade442to450;
 import com.cloud.upgrade.dao.Upgrade443to450;
+import com.cloud.upgrade.dao.Upgrade444to450;
 import com.cloud.upgrade.dao.Upgrade450to451;
 import com.cloud.upgrade.dao.Upgrade451to452;
 import com.cloud.upgrade.dao.UpgradeSnapshot217to224;
@@ -258,6 +259,8 @@ public DatabaseUpgradeChecker() {
 
         _upgradeMap.put("4.4.3", new DbUpgrade[] {new Upgrade443to450(), new Upgrade450to451(), new Upgrade451to452()});
 
+        _upgradeMap.put("4.4.4", new DbUpgrade[] {new Upgrade444to450(), new Upgrade450to451(), new Upgrade451to452()});
+
         _upgradeMap.put("4.5.0", new DbUpgrade[] {new Upgrade450to451(), new Upgrade451to452()});
 
         _upgradeMap.put("4.5.1", new DbUpgrade[] {new Upgrade451to452()});
diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade443to444.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade443to444.java
new file mode 100644
index 0000000000..ded67d6495
--- /dev/null
+++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade443to444.java
@@ -0,0 +1,64 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package com.cloud.upgrade.dao;
+
+import java.io.File;
+import java.sql.Connection;
+
+import org.apache.log4j.Logger;
+
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.utils.script.Script;
+
+public class Upgrade443to444 implements DbUpgrade {
+    final static Logger s_logger = Logger.getLogger(Upgrade443to444.class);
+
+    @Override
+    public String[] getUpgradableVersionRange() {
+        return new String[] {"4.4.3", "4.4.4"};
+    }
+
+    @Override
+    public String getUpgradedVersion() {
+        return "4.4.4";
+    }
+
+    @Override
+    public boolean supportsRollingUpgrade() {
+        return false;
+    }
+
+    @Override
+    public File[] getPrepareScripts() {
+        String script = Script.findScript("", "db/schema-443to444.sql");
+        if (script == null) {
+            throw new CloudRuntimeException("Unable to find db/schema-empty.sql");
+        }
+
+        return new File[] {new File(script)};
+    }
+
+    @Override
+    public void performDataMigration(Connection conn) {
+    }
+
+    @Override
+    public File[] getCleanupScripts() {
+        return null;
+    }
+}
diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade444to450.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade444to450.java
new file mode 100644
index 0000000000..d872e528bf
--- /dev/null
+++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade444to450.java
@@ -0,0 +1,30 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package com.cloud.upgrade.dao;
+
+import org.apache.log4j.Logger;
+
+public class Upgrade444to450 extends Upgrade442to450 implements DbUpgrade {
+
+    final static Logger s_logger = Logger.getLogger(Upgrade444to450.class);
+
+    @Override
+    public String[] getUpgradableVersionRange() {
+        return new String[] {"4.4.4", "4.5.0"};
+    }
+}
diff --git a/setup/db/db/schema-443to444.sql b/setup/db/db/schema-443to444.sql
new file mode 100644
index 0000000000..44e0406a8e
--- /dev/null
+++ b/setup/db/db/schema-443to444.sql
@@ -0,0 +1,20 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements.  See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership.  The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License.  You may obtain a copy of the License at
+--
+--   http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied.  See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+
+--;
+-- Schema upgrade from 4.4.3 to 4.4.4;
+--;

From 20ce346f3acb794b08a51841bab2188d426bf7dc Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Thu, 28 May 2015 14:50:12 +0200
Subject: [PATCH 018/115] CLOUDSTACK-8457: SAML auth plugin improvements for
 production usage

* Move config options to SAML plugin
  This moves all configuration options from Config.java to SAML auth manager. This
  allows us to use the config framework.
* Make SAML2UserAuthenticator validate SAML token in httprequest
* Make logout API use ConfigKeys defined in saml auth manager
* Before doing SAML auth, cleanup local states and cookies
* Fix configurations in 4.5.1 to 4.5.2 upgrade path
* Fail if idp has no sso URL defined
* Add a default set of SAML SP cert for testing purposes
  Now to enable and use saml, one needs to do a deploydb-saml after doing a deploydb
* UI remembers login selections, IDP server

- CLOUDSTACK-8458:
    * On UI show dropdown list of discovered IdPs
    * Support SAML Federation, where there may be more than one IdP
        - New datastructure to hold metadata of SP or IdP
        - Recursive processing of IdP metadata
        - Fix login/logout APIs to get new interface and metadata data structure
        - Add org/contact information to metadata
        - Add new API: listIdps that returns list of all discovered IdPs
        - Refactor and cleanup code and tests

- CLOUDSTACK-8459:
    * Add HTTP-POST binding to SP metadata
    * Authn requests must use either HTTP POST/Artifact binding

- CLOUDSTACK-8461:
    * Use unspecified x509 cert as a fallback encryption/signing key
      In case a IDP's metadata does not clearly say if their certificates need to be
      used as signing or encryption and we don't find that, fallback to use the
      unspecified key itself.

- CLOUDSTACK-8462:
    * SAML Auth plugin should not do authorization
      This removes logic to create user if they don't exist. This strictly now
      assumes that users have been already created/imported/authorized by admins.
      As per SAML v2.0 spec section 4.1.2, the SP provider should create authn requests using
      either HTTP POST or HTTP Artifact binding to transfer the message through a
      user agent (browser in our case). The use of HTTP Redirect was one of the reasons
      why this plugin failed to work for some IdP servers that enforce this.
    * Add new User Source
      By reusing the source field, we can find if a user has been SAML enabled or not.
      The limitation is that, once say a user is imported by LDAP and then SAML
      enabled - they won't be able to use LDAP for authentication
    * UI should allow users to pass in domain they want to log into, though it is
      optional and needed only when a user has accounts across domains with same
      username and authorized IDP server
    * SAML users need to be authorized before they can authenticate
        - New column entity to track saml entity id for a user
        - Reusing source column to check if user is saml enabled or not
        - Add new source types, saml2 and saml2disabled
        - New table saml_token to solve the issue of multiple users across domains and
          to enforce security by tracking authn token and checking the samlresponse for
          the tokens
        - Implement API: authorizeSamlSso to enable/disable saml authentication for a
          user
        - Stubs to implement saml token flushing/expiry

- CLOUDSTACK-8463:
    * Use username attribute specified in global setting
      Use username attribute defined by admin from a global setting
      In case of encrypted assertion/attributes:
      - Decrypt them
      - Check signature if provided to check authenticity of message using IdP's
        public key and SP's private key
      - Loop through attributes to find the username

- CLOUDSTACK-8538:
    * Add new global config for SAML request sig algorithm

- CLOUDSTACK-8539:
    * Add metadata refresh timer task and token expiring
        - Fix domain path and save it to saml_tokens
        - Expire hour old saml tokens
        - Refresh metadata based on timer task
        - Fix unit tests

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #489
---
 api/src/com/cloud/user/User.java              |   7 +-
 api/src/com/cloud/user/UserAccount.java       |   4 +
 .../apache/cloudstack/api/ApiConstants.java   |   3 +-
 .../classes/resources/messages.properties     |   5 +-
 .../resources/messages_fr_FR.properties       |   1 -
 .../classes/resources/messages_hu.properties  |   1 -
 .../resources/messages_ja_JP.properties       |   1 -
 client/tomcatconf/commands.properties.in      |   3 +
 developer/developer-prefill.sql               |   5 -
 developer/developer-saml.sql                  |  63 +++
 developer/pom.xml                             |  58 +++
 .../cloud/upgrade/dao/Upgrade451to452.java    |  19 +-
 .../src/com/cloud/user/UserAccountVO.java     |  11 +
 engine/schema/src/com/cloud/user/UserVO.java  |  10 +
 .../com/cloud/user/dao/UserAccountDao.java    |   4 +
 .../cloud/user/dao/UserAccountDaoImpl.java    |  19 +-
 plugins/user-authenticators/saml2/pom.xml     |   5 +
 .../cloudstack/saml2/spring-saml2-context.xml |   3 +
 .../api/command/AuthorizeSAMLSSOCmd.java      | 105 +++++
 .../GetServiceProviderMetaDataCmd.java        |  82 +++-
 .../cloudstack/api/command/ListIdpsCmd.java   | 114 +++++
 .../api/command/ListSamlAuthorizationCmd.java |  95 ++++
 .../SAML2LoginAPIAuthenticatorCmd.java        | 285 +++++++-----
 .../SAML2LogoutAPIAuthenticatorCmd.java       |  29 +-
 .../cloudstack/api/response/IdpResponse.java  |  62 +++
 .../response/SamlAuthorizationResponse.java   |  68 +++
 .../cloudstack/saml/SAML2AuthManager.java     |  67 ++-
 .../cloudstack/saml/SAML2AuthManagerImpl.java | 430 ++++++++++++++----
 .../saml/SAML2UserAuthenticator.java          |  28 +-
 .../cloudstack/saml/SAMLPluginConstants.java  |  30 ++
 .../cloudstack/saml/SAMLProviderMetadata.java | 122 +++++
 .../apache/cloudstack/saml/SAMLTokenDao.java  |  23 +
 .../cloudstack/saml/SAMLTokenDaoImpl.java     |  51 +++
 .../apache/cloudstack/saml/SAMLTokenVO.java   |  97 ++++
 .../apache/cloudstack/saml}/SAMLUtils.java    | 136 +++---
 .../GetServiceProviderMetaDataCmdTest.java    |  30 +-
 .../SAML2UserAuthenticatorTest.java           |   8 +-
 .../org/apache/cloudstack}/SAMLUtilsTest.java |  29 +-
 .../SAML2LoginAPIAuthenticatorCmdTest.java    |  45 +-
 .../SAML2LogoutAPIAuthenticatorCmdTest.java   |  15 +-
 server/src/com/cloud/api/ApiServer.java       |   4 +-
 server/src/com/cloud/api/ApiServlet.java      |   2 +-
 .../src/com/cloud/configuration/Config.java   |  72 ---
 setup/db/db/schema-451to452-cleanup.sql       |  20 +
 setup/db/db/schema-451to452.sql               |  35 ++
 tools/apidoc/gen_toc.py                       |   3 +
 ui/css/cloudstack3.css                        |  19 +-
 ui/dictionary.jsp                             |   5 +-
 ui/index.jsp                                  |  49 +-
 ui/scripts/accounts.js                        | 102 +++++
 ui/scripts/accountsWizard.js                  |  63 ++-
 ui/scripts/cloudStack.js                      |  22 +-
 ui/scripts/docs.js                            |   8 +
 ui/scripts/sharedFunctions.js                 |   1 +
 ui/scripts/ui-custom/accountsWizard.js        |   5 +
 ui/scripts/ui-custom/login.js                 | 133 ++++--
 56 files changed, 2165 insertions(+), 551 deletions(-)
 create mode 100644 developer/developer-saml.sql
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/AuthorizeSAMLSSOCmd.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListSamlAuthorizationCmd.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/IdpResponse.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/SamlAuthorizationResponse.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLPluginConstants.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLProviderMetadata.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenDao.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenDaoImpl.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenVO.java
 rename {utils/src/org/apache/cloudstack/utils/auth => plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml}/SAMLUtils.java (72%)
 rename plugins/user-authenticators/saml2/test/org/apache/cloudstack/{api/command => }/GetServiceProviderMetaDataCmdTest.java (78%)
 rename {utils/test/org/apache/cloudstack/utils/auth => plugins/user-authenticators/saml2/test/org/apache/cloudstack}/SAMLUtilsTest.java (66%)
 create mode 100644 setup/db/db/schema-451to452-cleanup.sql
 create mode 100644 setup/db/db/schema-451to452.sql

diff --git a/api/src/com/cloud/user/User.java b/api/src/com/cloud/user/User.java
index 33d6235f32..1f0dcfd2b4 100644
--- a/api/src/com/cloud/user/User.java
+++ b/api/src/com/cloud/user/User.java
@@ -23,7 +23,7 @@
 public interface User extends OwnedBy, InternalIdentity {
 
     public enum Source {
-        LDAP, UNKNOWN
+        LDAP, SAML2, SAML2DISABLED, UNKNOWN
     }
 
     public static final long UID_SYSTEM = 1;
@@ -83,4 +83,9 @@ public enum Source {
 
     public Source getSource();
 
+    void setSource(Source source);
+
+    public String getExternalEntity();
+
+    public void setExternalEntity(String entity);
 }
diff --git a/api/src/com/cloud/user/UserAccount.java b/api/src/com/cloud/user/UserAccount.java
index d44fcf72a8..0449514cc1 100644
--- a/api/src/com/cloud/user/UserAccount.java
+++ b/api/src/com/cloud/user/UserAccount.java
@@ -63,4 +63,8 @@ public interface UserAccount extends InternalIdentity {
     int getLoginAttempts();
 
     public User.Source getSource();
+
+    public String getExternalEntity();
+
+    public void setExternalEntity(String entity);
 }
diff --git a/api/src/org/apache/cloudstack/api/ApiConstants.java b/api/src/org/apache/cloudstack/api/ApiConstants.java
index b6aed6f80f..2471e08895 100755
--- a/api/src/org/apache/cloudstack/api/ApiConstants.java
+++ b/api/src/org/apache/cloudstack/api/ApiConstants.java
@@ -373,6 +373,7 @@ public class ApiConstants {
     public static final String ISOLATION_METHODS = "isolationmethods";
     public static final String PHYSICAL_NETWORK_ID = "physicalnetworkid";
     public static final String DEST_PHYSICAL_NETWORK_ID = "destinationphysicalnetworkid";
+    public static final String ENABLE = "enable";
     public static final String ENABLED = "enabled";
     public static final String SERVICE_NAME = "servicename";
     public static final String DHCP_RANGE = "dhcprange";
@@ -515,7 +516,7 @@ public class ApiConstants {
     public static final String VMPROFILE_ID = "vmprofileid";
     public static final String VMGROUP_ID = "vmgroupid";
     public static final String CS_URL = "csurl";
-    public static final String IDP_URL = "idpurl";
+    public static final String IDP_ID = "idpid";
     public static final String SCALEUP_POLICY_IDS = "scaleuppolicyids";
     public static final String SCALEDOWN_POLICY_IDS = "scaledownpolicyids";
     public static final String SCALEUP_POLICIES = "scaleuppolicies";
diff --git a/client/WEB-INF/classes/resources/messages.properties b/client/WEB-INF/classes/resources/messages.properties
index 523c7cc86a..7223552961 100644
--- a/client/WEB-INF/classes/resources/messages.properties
+++ b/client/WEB-INF/classes/resources/messages.properties
@@ -112,6 +112,7 @@ label.action.attach.iso=Attach ISO
 label.action.cancel.maintenance.mode.processing=Cancelling Maintenance Mode....
 label.action.cancel.maintenance.mode=Cancel Maintenance Mode
 label.action.change.password=Change Password
+label.action.configure.samlauthorization=Configure SAML SSO Authorization
 label.action.change.service.processing=Changing Service....
 label.action.change.service=Change Service
 label.action.copy.ISO.processing=Copying ISO....
@@ -757,7 +758,9 @@ label.local.storage=Local Storage
 label.local=Local
 label.login=Login
 label.logout=Logout
-label.saml.login=SAML Login
+label.saml.enable=Authorize SAML SSO
+label.saml.entity=Identity Provider
+label.add.LDAP.account=Add LDAP Account
 label.LUN.number=LUN \#
 label.lun=LUN
 label.make.project.owner=Make account project owner
diff --git a/client/WEB-INF/classes/resources/messages_fr_FR.properties b/client/WEB-INF/classes/resources/messages_fr_FR.properties
index eddc664751..f2f2c60159 100644
--- a/client/WEB-INF/classes/resources/messages_fr_FR.properties
+++ b/client/WEB-INF/classes/resources/messages_fr_FR.properties
@@ -1249,7 +1249,6 @@ label.s3.nfs.server=Serveur NFS S3
 label.s3.secret_key=Cl\u00e9 Priv\u00e9e
 label.s3.socket_timeout=D\u00e9lai d\\'expiration de la socket
 label.s3.use_https=Utiliser HTTPS
-label.saml.login=Identifiant SAML
 label.saturday=Samedi
 label.save.and.continue=Enregistrer et continuer
 label.save=Sauvegarder
diff --git a/client/WEB-INF/classes/resources/messages_hu.properties b/client/WEB-INF/classes/resources/messages_hu.properties
index 9ae73e8fe1..bc3b6e6d1a 100644
--- a/client/WEB-INF/classes/resources/messages_hu.properties
+++ b/client/WEB-INF/classes/resources/messages_hu.properties
@@ -1249,7 +1249,6 @@ label.s3.nfs.server=S3 NFS kiszolg\u00e1l\u00f3
 label.s3.secret_key=Titkos kulcs
 label.s3.socket_timeout=Kapcsolat id\u0151t\u00fall\u00e9p\u00e9s
 label.s3.use_https=HTTPS haszn\u00e1lata
-label.saml.login=SAML bel\u00e9p\u00e9s
 label.saturday=Szombat
 label.save.and.continue=Ment\u00e9s \u00e9s folytat\u00e1s
 label.save=Ment\u00e9s
diff --git a/client/WEB-INF/classes/resources/messages_ja_JP.properties b/client/WEB-INF/classes/resources/messages_ja_JP.properties
index d662ea468f..cf3f07a936 100644
--- a/client/WEB-INF/classes/resources/messages_ja_JP.properties
+++ b/client/WEB-INF/classes/resources/messages_ja_JP.properties
@@ -1248,7 +1248,6 @@ label.s3.nfs.server=S3 NFS \u30b5\u30fc\u30d0\u30fc
 label.s3.secret_key=\u79d8\u5bc6\u30ad\u30fc
 label.s3.socket_timeout=\u30bd\u30b1\u30c3\u30c8 \u30bf\u30a4\u30e0\u30a2\u30a6\u30c8
 label.s3.use_https=HTTPS \u3092\u4f7f\u7528\u3059\u308b
-label.saml.login=SAML \u30ed\u30b0\u30a4\u30f3
 label.saturday=\u571f\u66dc\u65e5
 label.save.and.continue=\u4fdd\u5b58\u3057\u3066\u7d9a\u884c
 label.save=\u4fdd\u5b58
diff --git a/client/tomcatconf/commands.properties.in b/client/tomcatconf/commands.properties.in
index a87d1677f2..a66a3dce48 100644
--- a/client/tomcatconf/commands.properties.in
+++ b/client/tomcatconf/commands.properties.in
@@ -26,6 +26,9 @@ logout=15
 samlSso=15
 samlSlo=15
 getSPMetadata=15
+listIdps=15
+authorizeSamlSso=7
+listSamlAuthorization=7
 
 ### Account commands
 createAccount=7
diff --git a/developer/developer-prefill.sql b/developer/developer-prefill.sql
index 27b36e7858..3097203b41 100644
--- a/developer/developer-prefill.sql
+++ b/developer/developer-prefill.sql
@@ -83,9 +83,4 @@ INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
             VALUES ('Advanced', 'DEFAULT', 'management-server',
             'developer', 'true');
 
--- Enable SAML plugin for developers by default
-INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
-            VALUES ('Advanced', 'DEFAULT', 'management-server',
-            'saml2.enabled', 'true');
-
 commit;
diff --git a/developer/developer-saml.sql b/developer/developer-saml.sql
new file mode 100644
index 0000000000..18afb28878
--- /dev/null
+++ b/developer/developer-saml.sql
@@ -0,0 +1,63 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements.  See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership.  The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License.  You may obtain a copy of the License at
+--
+--   http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied.  See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+
+-- SAML keystore for testing, allows testing on ssocirlce and other public IdPs
+-- with pre-seeded SP metadata
+USE cloud;
+
+-- Enable SAML plugin for developers by default
+INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
+            VALUES ('Advanced', 'DEFAULT', 'SAML2-PLUGIN',
+            'saml2.enabled', 'true')
+            ON DUPLICATE KEY UPDATE value=VALUES(value);
+
+INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
+            VALUES ('Advanced', 'DEFAULT', 'SAML2-PLUGIN',
+            'saml2.default.idpid', 'https://idp.bhaisaab.org/idp/shibboleth')
+            ON DUPLICATE KEY UPDATE value=VALUES(value);
+
+INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
+            VALUES ('Advanced', 'DEFAULT', 'SAML2-PLUGIN',
+            'saml2.idp.metadata.url', 'http://idp.bhaisaab.org/idp/shibboleth')
+            ON DUPLICATE KEY UPDATE value=VALUES(value);
+
+-- Enable LDAP source
+INSERT INTO `cloud`.`ldap_configuration` (hostname, port)
+            VALUES ('idp.bhaisaab.org', 389);
+
+-- Fix ldap configs
+INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
+            VALUES ('Advanced', 'DEFAULT', 'management-server',
+            'ldap.basedn', 'ou=people,dc=idp,dc=bhaisaab,dc=org')
+            ON DUPLICATE KEY UPDATE value=VALUES(value);
+
+INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
+            VALUES ('Advanced', 'DEFAULT', 'management-server',
+            'ldap.bind.principal', 'cn=admin,dc=idp,dc=bhaisaab,dc=org')
+            ON DUPLICATE KEY UPDATE value=VALUES(value);
+
+INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
+            VALUES ('Advanced', 'DEFAULT', 'management-server',
+            'ldap.bind.password', 'password')
+            ON DUPLICATE KEY UPDATE value=VALUES(value);
+
+-- Add default set of certificates for testing
+LOCK TABLES `keystore` WRITE;
+/*!40000 ALTER TABLE `keystore` DISABLE KEYS */;
+INSERT INTO `keystore` VALUES (1,'SAMLSP_KEYPAIR','MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDQDirtAajTrScXCUgXrsOBgQ++y+IUcyzXwUGEYBlM9kBCmcdlbt5zuYQ8pOvoOQz6CAVqSjYNbnbg1ph37Zfv/tzGUg2V5cpB5BfEyt2KY0mBFNbwa0LKnCAYlBlarm4XZF+oZ0maH6cdboHdHiEqNRscylnXYA2zHKU3YoEfOR+9acl4z54PAyuPjr9SWUPTAyYf326i0q+h3J4nT6FwBFK+yKSC1PeVG/viYQ0otU1UUDkQ3pX81qfJfN/6Ih7W4v73LgUlZsTBMzlu/kJzMuP5Wc5IkU6Mt+8EHMZeLnN0ZErkMk0DCQE14hG8W7S8/inUJpwJlmb5E634Zq8u0I1zVUmSmAGqvvqKJBGnqY5X/j2bsA8B2qFsrcxasIlkKaWLvY+AvXD5X0OHwIZzRbuuCtguSz671C7Cwok8R3N+e9ATDHmG9gC10NJaB6dUBA9p2UdA82TR73x6nGe8pLJnGyecEQfxz1+ptPVAENj1Rl3Wrwu/dbPd/X6inlYpuwlsnWi3LYrkguT/9W3Z2uuq5PTVT04zcyev+50gVnDPzTrNCZfHpmMNQIqZGFmFKz4m+VUZmzZOdg1Vx51t9+t7iHGHqFk6/vnqqWiyEuTEFAaC9krm1VNzGvno5LyNm5Dk9JGAHFfjgNV++viGTpSPLeEeMnlvPuQJy5OJMwIDAQABAoICABME6Imn+C35izRA5fU8RaUGDlFrw+wIp1XF1d5rBoURkchE1ISCQRWlJOCCVwpwhK4qo4wW4qARtA5Tr7Zu4s/OpZH/mDxWuEmTt1SHEv9+mg6RwCBUPdPVt91nVHYEsg2zYEc9we2z7Qv0uSxkf7WjCypzmQjmP/paqQPKHnGjQDKJhCBmIlXO/WFvNDAr9tZIWGjbfPqndeS/DTocvm5GBuZn4xoOq99Woo0MQC6zfDEz8DOJlX56hPYXU0ZDbjxInfQsoc3MejoLG7n4xkxPn6WAvynFFsAoZFIk60Faz7UZIfuAWafoX9L0KpjkbT5Fob9CFEuQEzO7x9CIWoUr2PYn8HbThHDUOFAuVVpOLqleLPCrxkX/P01WTrLFuT6vSJKW2kxVwiHvZH6pNT01X/nlHDD6Jd9oWse2jIDBVor6fMnNDtgKl9azKgyakxoOGB7BMcb5u0Im8vFBCCRIyN3lrYjjR1F3H1tvY6Q0fEGLkilO334IyjC63he6lZ6NqslE/3QWEyyIiCL52rMzadN2SwVNawCa8YIR6+TpBjKyqY17LCP57v3UyM6J/kcUqXxDRcg1XnsjiWU+u0j9ZdlBgcbNuQeb1jD2QgICcyr/tWyJ2asyVfvARcD/xt5a9AnGjO0LnwMfw/DdBz1XCxz5uf3gOM69+nXk2gWhAoIBAQDr7NhlmVrASpOJHXXvqkpC2P4+hx7bmwKUZPbqm32pqCBypn6Qd2h4wdFzcP41wN6kpYqmmsPBoezctSgromfHeVjTyjhGku8b1HqtyRoX5sqIIPtv5pKKGS/tVWfyqQ8BspcdhZaR7+ZiRsLRwOXCscRq82+vbyq5Jd1bjsDGeLtcYyASv3II1xTBzSgNlvB+WiFXIlGWT9IPXwhv6IxZn7ME/y992d7bhgPxCcdTfKQNPBpcKerjcNxeDMto8vVijBDqujVpTf+3YvOOzWrcLn5UORFzpVho7oml5+5qnkFI/RZoiagUixFeQMv5+72qKJrxJu3VfI3mxlzZm5YjAoIBAQDhwjvzNWCQ2y7wwwnr88snVxAhd7kByvbKmnFVzHFTy2lheyWkiAqXj9juqsCtbkOK8a1ogmFAHz3i0/n+QhcJ20gudryniMt+u+wKxpmEKyqHKX3d4biPOvkKx7tdfwnlRKpSWXuynlDNVaQnJKUqBqDygLaE2s0LK3Fwdl+HN5ZPjRcuHkNpXA8t5lbm3tttMIs3JMneKAq77rodgRg+JcYhUNiybek3cZQcEiIGoh8UU6AhgQIOyMy5lkdG7XwZ2FEMQlqZo+T4HnkdTMU1CbTav1/ZzwDQP4/BJvKXhdRBuYHHAwhV6NIEMk5fzXcOoYmhfOMjvftrSxqUOImxAoIBAQDrhaEuJB8d0hVhD6EZ5kWGYHvHzjp2/1Ne80AwS5Pyl5309tNow1vvGYZQGaAd53Icqgo1clE0b8M3Pj5g+RtjXnfXzovJoIvFm6Pw887xx3uu1EZOmr710FkxNE62SCFsD26ekSsUe4rh10RMA6cbaz3riySW3YKoHO3Tpjo6qHJas7ZkIOzleFoHcximIGXrrWyVQPRz+zF4GOYiWeQq4KvltB8kIylAu5QZwCpV5Rsc/0BNe6c68QN9fIZgOhPQEoYc3lHN04kR+V2t1NH2BxAkYmhSq+ELt/6AOn6fv2brR4VkTPAXuhFXp5Y59B+OzESJs9RAiLxcgvBUaOdDAoIBAQCzlPJjUL5z/Cam1j76NoAP1y25saa1SmJuX9Rvz6UGZvR42qDi9GSYk5CYqbODQgbwa7bpP21kuHVeDgj6vE/fQ1NzwnfnPOXC9nGZUMmlXUEDK3o4GenZ5atda+wbP4b7nVdvEkdXmp/j9pARoxDPEV7OCJ0nqXUZwYEHWOI8iXdD6JPb168ADH72oBfYpsYdYVQclWMPGQMQ46Gg/qPuK9YjglAd/1hZBjwu6C2w4R2f6bWjcR/V6t0Pc/9W6GqjlHNEMTQoqzrkNDlbmUn2GraGm1z/wa5/+U+88eJfrdFeRtZ5HGxxCjalp+64PpTKSq1UjCeSsvlgK+oEpcTBAoIBAQCDDcS69BnjFWNa68FBrA2Uw6acQ6lnpXALohXCRL5qOTMe/FFDEBo0ADGrGpSo+cPaE2buNsYO79CafqTxPoZ38OAtTVmX3uL3z9+2ne2dc486gmAnKdJA8w9uawqMEkVpTA9f4WiBJJVzPwAv19AJCPKfUaB8IdNPV+HL8CdK+Dm+lZBADlB9RyvkJRLVJUAuK8/h9kbS3myKI6FIBeFFJpXRONkBSEkANknMqelvdf0GQsHliRslqIK2QVTIOmkJKecG35OhZ5WtU54oSxljlvmtvEKkEJAhEUyfFQRwQTTsDxkFFsfIVr9gv8K1RVEb4D00GUY7GSyAgPKPNsib','MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0A4q7QGo060nFwlIF67DgYEPvsviFHMs18FBhGAZTPZAQpnHZW7ec7mEPKTr6DkM+ggFako2DW524NaYd+2X7/7cxlINleXKQeQXxMrdimNJgRTW8GtCypwgGJQZWq5uF2RfqGdJmh+nHW6B3R4hKjUbHMpZ12ANsxylN2KBHzkfvWnJeM+eDwMrj46/UllD0wMmH99uotKvodyeJ0+hcARSvsikgtT3lRv74mENKLVNVFA5EN6V/NanyXzf+iIe1uL+9y4FJWbEwTM5bv5CczLj+VnOSJFOjLfvBBzGXi5zdGRK5DJNAwkBNeIRvFu0vP4p1CacCZZm+ROt+GavLtCNc1VJkpgBqr76iiQRp6mOV/49m7APAdqhbK3MWrCJZCmli72PgL1w+V9Dh8CGc0W7rgrYLks+u9QuwsKJPEdzfnvQEwx5hvYAtdDSWgenVAQPadlHQPNk0e98epxnvKSyZxsnnBEH8c9fqbT1QBDY9UZd1q8Lv3Wz3f1+op5WKbsJbJ1oty2K5ILk//Vt2drrquT01U9OM3Mnr/udIFZwz806zQmXx6ZjDUCKmRhZhSs+JvlVGZs2TnYNVcedbffre4hxh6hZOv756qloshLkxBQGgvZK5tVTcxr56OS8jZuQ5PSRgBxX44DVfvr4hk6Ujy3hHjJ5bz7kCcuTiTMCAwEAAQ==','samlsp-keypair',NULL),(2,'SAMLSP_X509CERT','rO0ABXNyAC1qYXZhLnNlY3VyaXR5LmNlcnQuQ2VydGlmaWNhdGUkQ2VydGlmaWNhdGVSZXCJJ2qdya48DAIAAlsABGRhdGF0AAJbQkwABHR5cGV0ABJMamF2YS9sYW5nL1N0cmluZzt4cHVyAAJbQqzzF/gGCFTgAgAAeHAAAASzMIIErzCCApcCBgFNmkdlAzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDExBBcGFjaGVDbG91ZFN0YWNrMB4XDTE1MDUyNzExMjc1OVoXDTE4MDUyODExMjc1OVowGzEZMBcGA1UEAxMQQXBhY2hlQ2xvdWRTdGFjazCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANAOKu0BqNOtJxcJSBeuw4GBD77L4hRzLNfBQYRgGUz2QEKZx2Vu3nO5hDyk6+g5DPoIBWpKNg1uduDWmHftl+/+3MZSDZXlykHkF8TK3YpjSYEU1vBrQsqcIBiUGVqubhdkX6hnSZofpx1ugd0eISo1GxzKWddgDbMcpTdigR85H71pyXjPng8DK4+Ov1JZQ9MDJh/fbqLSr6HcnidPoXAEUr7IpILU95Ub++JhDSi1TVRQORDelfzWp8l83/oiHtbi/vcuBSVmxMEzOW7+QnMy4/lZzkiRToy37wQcxl4uc3RkSuQyTQMJATXiEbxbtLz+KdQmnAmWZvkTrfhmry7QjXNVSZKYAaq++ookEaepjlf+PZuwDwHaoWytzFqwiWQppYu9j4C9cPlfQ4fAhnNFu64K2C5LPrvULsLCiTxHc3570BMMeYb2ALXQ0loHp1QED2nZR0DzZNHvfHqcZ7yksmcbJ5wRB/HPX6m09UAQ2PVGXdavC791s939fqKeVim7CWydaLctiuSC5P/1bdna66rk9NVPTjNzJ6/7nSBWcM/NOs0Jl8emYw1AipkYWYUrPib5VRmbNk52DVXHnW3363uIcYeoWTr++eqpaLIS5MQUBoL2SubVU3Ma+ejkvI2bkOT0kYAcV+OA1X76+IZOlI8t4R4yeW8+5AnLk4kzAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAHZWSGpypDmQLQWr2FCVQUnulbPuMMJ0sCH0rNLGLe8qNbZ0YeAuWFsg7+0kVGZ4OuDgioIhD0h3Q3huZtF/WF81eyZqPyVfkXG8egjK58AzMDPHZECeoSVGUCZuq3wjmbnT2sLLDvr8RrzMbbCEvkrYHWivQ18Lbd3eWYYnDbXZRy9GuSWrA9cMqXVYjSTxam9Kel33BIF6CAlMQN5o11oiAv+ciNoxHqGh+8xX3kFKP+x+SRt40NOEs537lEpj/6KdLvd/bP6J4K94jAX3lsdg6zDaBiQWl7P3t50AKtP384Qsb/33uXcbTyw/TkzvPcbmsgTbEUTZIOv44CxMstFrUCyT7ptrzLvDk7Iy2cMgWghULgDvKT3esPE9pleyHG8bkjGt9ypDF/Lmp7j/kILYbF7eq1wIbHOSam4p8WyddVsW4nesu6fqLiCGXum9paChIfvL3To/VHFFKduhJd0Y7LMgWO7pXxWh7XfgRmzQaEN1eJmj5315HEYTS2wXWjptwYDrhiobKuCbpADfOQks8xNKJFLMnXp+IvAqz+ZjkNOz60MLuQ3hvKLTo6nQcTYTfZZxo3Aap30/hA2GtxxSXK/xpBDm58jcVoudgCdxML/OqERBfcADBLvIw5h9+DlXjPUg25IefU0oA336YtnzftJ6cfQfatrc0tBqNEeXdAAFWC41MDk=','','samlsp-x509cert',NULL);
+/*!40000 ALTER TABLE `keystore` ENABLE KEYS */;
+UNLOCK TABLES;
diff --git a/developer/pom.xml b/developer/pom.xml
index e39820b01a..6717a6242a 100644
--- a/developer/pom.xml
+++ b/developer/pom.xml
@@ -172,6 +172,64 @@
         </plugins>
       </build>
     </profile>
+    <profile>
+      <!-- saml deploydb property -->
+      <id>deploydb-saml</id>
+      <activation>
+        <property>
+          <name>deploydb-saml</name>
+        </property>
+      </activation>
+      <build>
+        <plugins>
+          <plugin>
+            <groupId>org.codehaus.mojo</groupId>
+            <artifactId>exec-maven-plugin</artifactId>
+            <dependencies>
+              <dependency>
+                <groupId>mysql</groupId>
+                <artifactId>mysql-connector-java</artifactId>
+                <version>${cs.mysql.version}</version>
+              </dependency>
+            </dependencies>
+            <version>1.2.1</version>
+            <executions>
+              <execution>
+                <phase>process-resources</phase>
+                <id>create-schema-simulator</id>
+                <goals>
+                  <goal>java</goal>
+                </goals>
+              </execution>
+            </executions>
+            <configuration>
+              <mainClass>com.cloud.upgrade.DatabaseCreator</mainClass>
+              <includePluginDependencies>true</includePluginDependencies>
+              <arguments>
+                <!-- db properties file -->
+                <argument>${basedir}/../utils/conf/db.properties</argument>
+                <argument>${basedir}/../utils/conf/db.properties.override</argument>
+                <!-- simulator sql files -->
+                <argument>${basedir}/developer-saml.sql</argument>
+                <!-- upgrade -->
+                <argument>com.cloud.upgrade.DatabaseUpgradeChecker</argument>
+                <argument>--rootpassword=${db.root.password}</argument>
+              </arguments>
+              <systemProperties>
+                <systemProperty>
+                  <key>catalina.home</key>
+                  <value>${basedir}/../utils</value>
+                </systemProperty>
+                <systemProperty>
+                  <key>paths.script</key>
+                  <value>${basedir}/target/db</value>
+                </systemProperty>
+              </systemProperties>
+            </configuration>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
     <profile>
       <!-- simulator deploydb property -->
       <id>deploydb-simulator</id>
diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade451to452.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade451to452.java
index 3b7b643fdb..870e534fb7 100644
--- a/engine/schema/src/com/cloud/upgrade/dao/Upgrade451to452.java
+++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade451to452.java
@@ -17,11 +17,13 @@
 
 package com.cloud.upgrade.dao;
 
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.utils.script.Script;
+import org.apache.log4j.Logger;
+
 import java.io.File;
 import java.sql.Connection;
 
-import org.apache.log4j.Logger;
-
 public class Upgrade451to452 implements DbUpgrade {
     final static Logger s_logger = Logger.getLogger(Upgrade451to452.class);
 
@@ -42,7 +44,11 @@ public boolean supportsRollingUpgrade() {
 
     @Override
     public File[] getPrepareScripts() {
-        return new File[] {};
+        String script = Script.findScript("", "db/schema-451to452.sql");
+        if (script == null) {
+            throw new CloudRuntimeException("Unable to find db/schema-451to452.sql");
+        }
+        return new File[] {new File(script)};
     }
 
     @Override
@@ -51,6 +57,11 @@ public void performDataMigration(Connection conn) {
 
     @Override
     public File[] getCleanupScripts() {
-        return null;
+        String script = Script.findScript("", "db/schema-451to452-cleanup.sql");
+        if (script == null) {
+            throw new CloudRuntimeException("Unable to find db/schema-451to452-cleanup.sql");
+        }
+
+        return new File[] {new File(script)};
     }
 }
diff --git a/engine/schema/src/com/cloud/user/UserAccountVO.java b/engine/schema/src/com/cloud/user/UserAccountVO.java
index 5f33c47e64..80ee873f3e 100644
--- a/engine/schema/src/com/cloud/user/UserAccountVO.java
+++ b/engine/schema/src/com/cloud/user/UserAccountVO.java
@@ -105,6 +105,9 @@ public class UserAccountVO implements UserAccount, InternalIdentity {
     @Enumerated(value = EnumType.STRING)
     private User.Source source;
 
+    @Column(name = "external_entity", length = 65535)
+    private String externalEntity = null;
+
     public UserAccountVO() {
     }
 
@@ -296,4 +299,12 @@ public User.Source getSource() {
     public void setSource(User.Source source) {
         this.source = source;
     }
+
+    public String getExternalEntity() {
+        return externalEntity;
+    }
+
+    public void setExternalEntity(String externalEntity) {
+        this.externalEntity = externalEntity;
+    }
 }
diff --git a/engine/schema/src/com/cloud/user/UserVO.java b/engine/schema/src/com/cloud/user/UserVO.java
index eb2813bf38..da7811ecc5 100644
--- a/engine/schema/src/com/cloud/user/UserVO.java
+++ b/engine/schema/src/com/cloud/user/UserVO.java
@@ -101,6 +101,9 @@ public class UserVO implements User, Identity, InternalIdentity {
     @Enumerated(value = EnumType.STRING)
     private Source source;
 
+    @Column(name = "external_entity", length = 65535)
+    private String externalEntity;
+
     public UserVO() {
         this.uuid = UUID.randomUUID().toString();
     }
@@ -283,4 +286,11 @@ public void setSource(Source source) {
         this.source = source;
     }
 
+    public String getExternalEntity() {
+        return externalEntity;
+    }
+
+    public void setExternalEntity(String externalEntity) {
+        this.externalEntity = externalEntity;
+    }
 }
diff --git a/engine/schema/src/com/cloud/user/dao/UserAccountDao.java b/engine/schema/src/com/cloud/user/dao/UserAccountDao.java
index a26ff7f85f..1d005b2090 100644
--- a/engine/schema/src/com/cloud/user/dao/UserAccountDao.java
+++ b/engine/schema/src/com/cloud/user/dao/UserAccountDao.java
@@ -20,7 +20,11 @@
 import com.cloud.user.UserAccountVO;
 import com.cloud.utils.db.GenericDao;
 
+import java.util.List;
+
 public interface UserAccountDao extends GenericDao<UserAccountVO, Long> {
+    List<UserAccountVO> getAllUsersByNameAndEntity(String username, String entity);
+
     UserAccount getUserAccount(String username, Long domainId);
 
     boolean validateUsernameInDomain(String username, Long domainId);
diff --git a/engine/schema/src/com/cloud/user/dao/UserAccountDaoImpl.java b/engine/schema/src/com/cloud/user/dao/UserAccountDaoImpl.java
index 1449e6b82a..a8d9e39a63 100644
--- a/engine/schema/src/com/cloud/user/dao/UserAccountDaoImpl.java
+++ b/engine/schema/src/com/cloud/user/dao/UserAccountDaoImpl.java
@@ -16,15 +16,15 @@
 // under the License.
 package com.cloud.user.dao;
 
-import javax.ejb.Local;
-
-import org.springframework.stereotype.Component;
-
 import com.cloud.user.UserAccount;
 import com.cloud.user.UserAccountVO;
 import com.cloud.utils.db.GenericDaoBase;
 import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
+import org.springframework.stereotype.Component;
+
+import javax.ejb.Local;
+import java.util.List;
 
 @Component
 @Local(value = {UserAccountDao.class})
@@ -38,6 +38,17 @@ public UserAccountDaoImpl() {
         userAccountSearch.done();
     }
 
+    @Override
+    public List<UserAccountVO> getAllUsersByNameAndEntity(String username, String entity) {
+        if (username == null) {
+            return null;
+        }
+        SearchCriteria<UserAccountVO> sc = createSearchCriteria();
+        sc.addAnd("username", SearchCriteria.Op.EQ, username);
+        sc.addAnd("externalEntity", SearchCriteria.Op.EQ, entity);
+        return listBy(sc);
+    }
+
     @Override
     public UserAccount getUserAccount(String username, Long domainId) {
         if ((username == null) || (domainId == null)) {
diff --git a/plugins/user-authenticators/saml2/pom.xml b/plugins/user-authenticators/saml2/pom.xml
index fed1a5406d..c83b1900c5 100644
--- a/plugins/user-authenticators/saml2/pom.xml
+++ b/plugins/user-authenticators/saml2/pom.xml
@@ -47,5 +47,10 @@
       <artifactId>cloud-api</artifactId>
       <version>${project.version}</version>
     </dependency>
+    <dependency>
+      <groupId>org.apache.cloudstack</groupId>
+      <artifactId>cloud-framework-config</artifactId>
+      <version>${project.version}</version>
+    </dependency>
   </dependencies>
 </project>
diff --git a/plugins/user-authenticators/saml2/resources/META-INF/cloudstack/saml2/spring-saml2-context.xml b/plugins/user-authenticators/saml2/resources/META-INF/cloudstack/saml2/spring-saml2-context.xml
index 92f89b8dfb..d3a21947a2 100644
--- a/plugins/user-authenticators/saml2/resources/META-INF/cloudstack/saml2/spring-saml2-context.xml
+++ b/plugins/user-authenticators/saml2/resources/META-INF/cloudstack/saml2/spring-saml2-context.xml
@@ -33,4 +33,7 @@
         <property name="name" value="SAML2Auth"/>
     </bean>
 
+    <bean id="samlTokenDao" class="org.apache.cloudstack.saml.SAMLTokenDaoImpl">
+    </bean>
+
 </beans>
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/AuthorizeSAMLSSOCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/AuthorizeSAMLSSOCmd.java
new file mode 100644
index 0000000000..54ce418b2c
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/AuthorizeSAMLSSOCmd.java
@@ -0,0 +1,105 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command;
+
+import com.cloud.domain.Domain;
+import com.cloud.user.Account;
+import com.cloud.user.UserAccount;
+import org.apache.cloudstack.acl.SecurityChecker;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiErrorCode;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.response.IdpResponse;
+import org.apache.cloudstack.api.response.SuccessResponse;
+import org.apache.cloudstack.api.response.UserResponse;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.saml.SAML2AuthManager;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+
+@APICommand(name = "authorizeSamlSso", description = "Allow or disallow a user to use SAML SSO", responseObject = SuccessResponse.class, requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
+public class AuthorizeSAMLSSOCmd extends BaseCmd {
+    public static final Logger s_logger = Logger.getLogger(AuthorizeSAMLSSOCmd.class.getName());
+
+    private static final String s_name = "authorizesamlssoresponse";
+
+    @Inject
+    SAML2AuthManager _samlAuthManager;
+
+    /////////////////////////////////////////////////////
+    //////////////// API parameters /////////////////////
+    /////////////////////////////////////////////////////
+
+    @Parameter(name = ApiConstants.USER_ID, type = CommandType.UUID, entityType = UserResponse.class, required = true, description = "User uuid")
+    private Long id;
+
+    @Parameter(name = ApiConstants.ENABLE, type = CommandType.BOOLEAN, required = true, description = "If true, authorizes user to be able to use SAML for Single Sign. If False, disable user to user SAML SSO.")
+    private Boolean enable;
+
+    public Boolean getEnable() {
+        return enable;
+    }
+
+    public String getEntityId() {
+        return entityId;
+    }
+
+    @Parameter(name = ApiConstants.ENTITY_ID, type = CommandType.STRING, entityType = IdpResponse.class, description = "The Identity Provider ID the user is allowed to get single signed on from")
+    private String entityId;
+
+    public Long getId() {
+        return id;
+    }
+
+    @Override
+    public String getCommandName() {
+        return s_name;
+    }
+
+    @Override
+    public long getEntityOwnerId() {
+        return Account.ACCOUNT_ID_SYSTEM;
+    }
+
+    @Override
+    public void execute() {
+        // Check permissions
+        UserAccount userAccount = _accountService.getUserAccountById(getId());
+        if (userAccount == null) {
+            throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR , "Unable to find a user account with the given ID");
+        }
+        Domain domain = _domainService.getDomain(userAccount.getDomainId());
+        Account account = _accountService.getAccount(userAccount.getAccountId());
+        _accountService.checkAccess(CallContext.current().getCallingAccount(), domain);
+        _accountService.checkAccess(CallContext.current().getCallingAccount(), SecurityChecker.AccessType.OperateEntry, true, account);
+
+        CallContext.current().setEventDetails("UserId: " + getId());
+        SuccessResponse response = new SuccessResponse();
+        Boolean status = false;
+
+        if (_samlAuthManager.authorizeUser(getId(), getEntityId(), getEnable())) {
+            status = true;
+        }
+        response.setResponseName(getCommandName());
+        response.setSuccess(status);
+        setResponseObject(response);
+    }
+}
\ No newline at end of file
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
index e73083609f..3a52151394 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
@@ -14,7 +14,6 @@
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.
-
 package org.apache.cloudstack.api.command;
 
 import com.cloud.api.response.ApiResponseSerializer;
@@ -30,21 +29,36 @@
 import org.apache.cloudstack.api.auth.PluggableAPIAuthenticator;
 import org.apache.cloudstack.api.response.SAMLMetaDataResponse;
 import org.apache.cloudstack.saml.SAML2AuthManager;
+import org.apache.cloudstack.saml.SAMLProviderMetadata;
 import org.apache.log4j.Logger;
 import org.opensaml.Configuration;
 import org.opensaml.DefaultBootstrap;
 import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.core.NameIDType;
 import org.opensaml.saml2.metadata.AssertionConsumerService;
+import org.opensaml.saml2.metadata.ContactPerson;
+import org.opensaml.saml2.metadata.ContactPersonTypeEnumeration;
+import org.opensaml.saml2.metadata.EmailAddress;
 import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.GivenName;
 import org.opensaml.saml2.metadata.KeyDescriptor;
+import org.opensaml.saml2.metadata.LocalizedString;
 import org.opensaml.saml2.metadata.NameIDFormat;
+import org.opensaml.saml2.metadata.Organization;
+import org.opensaml.saml2.metadata.OrganizationName;
+import org.opensaml.saml2.metadata.OrganizationURL;
 import org.opensaml.saml2.metadata.SPSSODescriptor;
 import org.opensaml.saml2.metadata.SingleLogoutService;
 import org.opensaml.saml2.metadata.impl.AssertionConsumerServiceBuilder;
+import org.opensaml.saml2.metadata.impl.ContactPersonBuilder;
+import org.opensaml.saml2.metadata.impl.EmailAddressBuilder;
 import org.opensaml.saml2.metadata.impl.EntityDescriptorBuilder;
+import org.opensaml.saml2.metadata.impl.GivenNameBuilder;
 import org.opensaml.saml2.metadata.impl.KeyDescriptorBuilder;
 import org.opensaml.saml2.metadata.impl.NameIDFormatBuilder;
+import org.opensaml.saml2.metadata.impl.OrganizationBuilder;
+import org.opensaml.saml2.metadata.impl.OrganizationNameBuilder;
+import org.opensaml.saml2.metadata.impl.OrganizationURLBuilder;
 import org.opensaml.saml2.metadata.impl.SPSSODescriptorBuilder;
 import org.opensaml.saml2.metadata.impl.SingleLogoutServiceBuilder;
 import org.opensaml.xml.ConfigurationException;
@@ -73,6 +87,7 @@
 import java.io.IOException;
 import java.io.StringWriter;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 
 @APICommand(name = "getSPMetadata", description = "Returns SAML2 CloudStack Service Provider MetaData", responseObject = SAMLMetaDataResponse.class, entityType = {})
@@ -118,8 +133,10 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
                     params, responseType));
         }
 
+        final SAMLProviderMetadata spMetadata = _samlAuthManager.getSPMetadata();
+
         EntityDescriptor spEntityDescriptor = new EntityDescriptorBuilder().buildObject();
-        spEntityDescriptor.setEntityID(_samlAuthManager.getServiceProviderId());
+        spEntityDescriptor.setEntityID(spMetadata.getEntityId());
 
         SPSSODescriptor spSSODescriptor = new SPSSODescriptorBuilder().buildObject();
         spSSODescriptor.setWantAssertionsSigned(true);
@@ -129,19 +146,23 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
         keyInfoGeneratorFactory.setEmitEntityCertificate(true);
         KeyInfoGenerator keyInfoGenerator = keyInfoGeneratorFactory.newInstance();
 
+        KeyDescriptor signKeyDescriptor = new KeyDescriptorBuilder().buildObject();
+        signKeyDescriptor.setUse(UsageType.SIGNING);
+
         KeyDescriptor encKeyDescriptor = new KeyDescriptorBuilder().buildObject();
         encKeyDescriptor.setUse(UsageType.ENCRYPTION);
 
-        KeyDescriptor signKeyDescriptor = new KeyDescriptorBuilder().buildObject();
-        signKeyDescriptor.setUse(UsageType.SIGNING);
+        BasicX509Credential signingCredential = new BasicX509Credential();
+        signingCredential.setEntityCertificate(spMetadata.getSigningCertificate());
+
+        BasicX509Credential encryptionCredential = new BasicX509Credential();
+        encryptionCredential.setEntityCertificate(spMetadata.getEncryptionCertificate());
 
-        BasicX509Credential credential = new BasicX509Credential();
-        credential.setEntityCertificate(_samlAuthManager.getSpX509Certificate());
         try {
-            encKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential));
-            signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential));
-            spSSODescriptor.getKeyDescriptors().add(encKeyDescriptor);
+            signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(signingCredential));
+            encKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(encryptionCredential));
             spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
+            spSSODescriptor.getKeyDescriptors().add(encKeyDescriptor);
         } catch (SecurityException e) {
             s_logger.warn("Unable to add SP X509 descriptors:" + e.getMessage());
         }
@@ -159,19 +180,50 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
         spSSODescriptor.getNameIDFormats().add(transientNameIDFormat);
 
         AssertionConsumerService assertionConsumerService = new AssertionConsumerServiceBuilder().buildObject();
-        assertionConsumerService.setIndex(0);
-        assertionConsumerService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
-        assertionConsumerService.setLocation(_samlAuthManager.getSpSingleSignOnUrl());
+        assertionConsumerService.setIndex(1);
+        assertionConsumerService.setIsDefault(true);
+        assertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+        assertionConsumerService.setLocation(spMetadata.getSsoUrl());
+        spSSODescriptor.getAssertionConsumerServices().add(assertionConsumerService);
+
+        AssertionConsumerService assertionConsumerService2 = new AssertionConsumerServiceBuilder().buildObject();
+        assertionConsumerService2.setIndex(2);
+        assertionConsumerService2.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+        assertionConsumerService2.setLocation(spMetadata.getSsoUrl());
+        spSSODescriptor.getAssertionConsumerServices().add(assertionConsumerService2);
 
         SingleLogoutService ssoService = new SingleLogoutServiceBuilder().buildObject();
         ssoService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
-        ssoService.setLocation(_samlAuthManager.getSpSingleLogOutUrl());
-
+        ssoService.setLocation(spMetadata.getSloUrl());
         spSSODescriptor.getSingleLogoutServices().add(ssoService);
-        spSSODescriptor.getAssertionConsumerServices().add(assertionConsumerService);
+
+        SingleLogoutService ssoService2 = new SingleLogoutServiceBuilder().buildObject();
+        ssoService2.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+        ssoService2.setLocation(spMetadata.getSloUrl());
+        spSSODescriptor.getSingleLogoutServices().add(ssoService2);
+
         spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
         spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
 
+        ContactPerson contactPerson = new ContactPersonBuilder().buildObject();
+        GivenName givenName = new GivenNameBuilder().buildObject();
+        givenName.setName(spMetadata.getContactPersonName());
+        EmailAddress emailAddress = new EmailAddressBuilder().buildObject();
+        emailAddress.setAddress(spMetadata.getContactPersonEmail());
+        contactPerson.setType(ContactPersonTypeEnumeration.TECHNICAL);
+        contactPerson.setGivenName(givenName);
+        contactPerson.getEmailAddresses().add(emailAddress);
+        spEntityDescriptor.getContactPersons().add(contactPerson);
+
+        Organization organization = new OrganizationBuilder().buildObject();
+        OrganizationName organizationName = new OrganizationNameBuilder().buildObject();
+        organizationName.setName(new LocalizedString(spMetadata.getOrganizationName(), Locale.getDefault().getLanguage()));
+        OrganizationURL organizationURL = new OrganizationURLBuilder().buildObject();
+        organizationURL.setURL(new LocalizedString(spMetadata.getOrganizationUrl(), Locale.getDefault().getLanguage()));
+        organization.getOrganizationNames().add(organizationName);
+        organization.getURLs().add(organizationURL);
+        spEntityDescriptor.setOrganization(organization);
+
         StringWriter stringWriter = new StringWriter();
         try {
             DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
new file mode 100644
index 0000000000..7d7c95ef59
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
@@ -0,0 +1,114 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command;
+
+import com.cloud.api.response.ApiResponseSerializer;
+import com.cloud.user.Account;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiErrorCode;
+import org.apache.cloudstack.api.ApiServerService;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.auth.APIAuthenticationType;
+import org.apache.cloudstack.api.auth.APIAuthenticator;
+import org.apache.cloudstack.api.auth.PluggableAPIAuthenticator;
+import org.apache.cloudstack.api.response.IdpResponse;
+import org.apache.cloudstack.api.response.ListResponse;
+import org.apache.cloudstack.saml.SAML2AuthManager;
+import org.apache.cloudstack.saml.SAMLProviderMetadata;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+@APICommand(name = "listIdps", description = "Returns list of discovered SAML Identity Providers", responseObject = IdpResponse.class, entityType = {})
+public class ListIdpsCmd extends BaseCmd implements APIAuthenticator {
+    public static final Logger s_logger = Logger.getLogger(ListIdpsCmd.class.getName());
+    private static final String s_name = "listidpsresponse";
+
+    @Inject
+    ApiServerService _apiServer;
+
+    SAML2AuthManager _samlAuthManager;
+
+    /////////////////////////////////////////////////////
+    /////////////// API Implementation///////////////////
+    /////////////////////////////////////////////////////
+
+    @Override
+    public String getCommandName() {
+        return s_name;
+    }
+
+    @Override
+    public long getEntityOwnerId() {
+        return Account.ACCOUNT_TYPE_NORMAL;
+    }
+
+    @Override
+    public void execute() throws ServerApiException {
+        // We should never reach here
+        throw new ServerApiException(ApiErrorCode.METHOD_NOT_ALLOWED, "This is an authentication api, cannot be used directly");
+    }
+
+    @Override
+    public String authenticate(String command, Map<String, Object[]> params, HttpSession session, String remoteAddress, String responseType, StringBuilder auditTrailSb, final HttpServletRequest req, final HttpServletResponse resp) throws ServerApiException {
+        auditTrailSb.append("=== SAML List IdPs ===");
+        ListResponse<IdpResponse> response = new ListResponse<IdpResponse>();
+        List<IdpResponse> idpResponseList = new ArrayList<IdpResponse>();
+        for (SAMLProviderMetadata metadata: _samlAuthManager.getAllIdPMetadata()) {
+            if (metadata == null) {
+                continue;
+            }
+            IdpResponse idpResponse = new IdpResponse();
+            idpResponse.setId(metadata.getEntityId());
+            if (metadata.getOrganizationName() == null || metadata.getOrganizationName().isEmpty()) {
+                idpResponse.setOrgName(metadata.getEntityId());
+            } else {
+                idpResponse.setOrgName(metadata.getOrganizationName());
+            }
+            idpResponse.setOrgUrl(metadata.getOrganizationUrl());
+            idpResponse.setObjectName("idp");
+            idpResponseList.add(idpResponse);
+        }
+        response.setResponses(idpResponseList, idpResponseList.size());
+        response.setResponseName(getCommandName());
+        return ApiResponseSerializer.toSerializedString(response, responseType);
+    }
+
+    @Override
+    public APIAuthenticationType getAPIType() {
+        return APIAuthenticationType.LOGIN_API;
+    }
+
+    @Override
+    public void setAuthenticators(List<PluggableAPIAuthenticator> authenticators) {
+        for (PluggableAPIAuthenticator authManager: authenticators) {
+            if (authManager != null && authManager instanceof SAML2AuthManager) {
+                _samlAuthManager = (SAML2AuthManager) authManager;
+            }
+        }
+        if (_samlAuthManager == null) {
+            s_logger.error("No suitable Pluggable Authentication Manager found for SAML2 Login Cmd");
+        }
+    }
+}
\ No newline at end of file
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListSamlAuthorizationCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListSamlAuthorizationCmd.java
new file mode 100644
index 0000000000..be958a1628
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListSamlAuthorizationCmd.java
@@ -0,0 +1,95 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command;
+
+import com.cloud.user.Account;
+import com.cloud.user.User;
+import com.cloud.user.UserVO;
+import com.cloud.user.dao.UserDao;
+import org.apache.cloudstack.acl.SecurityChecker;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.BaseListCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.response.ListResponse;
+import org.apache.cloudstack.api.response.SamlAuthorizationResponse;
+import org.apache.cloudstack.api.response.UserResponse;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+import java.util.ArrayList;
+import java.util.List;
+
+@APICommand(name = "listSamlAuthorization", description = "Lists authorized users who can used SAML SSO", responseObject = SamlAuthorizationResponse.class, requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
+public class ListSamlAuthorizationCmd extends BaseListCmd {
+    public static final Logger s_logger = Logger.getLogger(ListSamlAuthorizationCmd.class.getName());
+    private static final String s_name = "listsamlauthorizationsresponse";
+
+    @Inject
+    private UserDao _userDao;
+
+    /////////////////////////////////////////////////////
+    //////////////// API parameters /////////////////////
+    /////////////////////////////////////////////////////
+    @Parameter(name = ApiConstants.USER_ID, type = CommandType.UUID, entityType = UserResponse.class, required = false, description = "User uuid")
+    private Long userId;
+
+    /////////////////////////////////////////////////////
+    /////////////// API Implementation///////////////////
+    /////////////////////////////////////////////////////
+
+    public Long getUserId() {
+        return userId;
+    }
+
+    @Override
+    public String getCommandName() {
+        return s_name;
+    }
+
+    @Override
+    public long getEntityOwnerId() {
+        return Account.ACCOUNT_ID_SYSTEM;
+    }
+
+    @Override
+    public void execute() {
+        List<UserVO> users = new ArrayList<UserVO>();
+        if (getUserId() != null) {
+            UserVO user = _userDao.getUser(getUserId());
+            if (user != null) {
+                Account account = _accountService.getAccount(user.getAccountId());
+                _accountService.checkAccess(CallContext.current().getCallingAccount(), SecurityChecker.AccessType.ListEntry, true, account);
+                users.add(user);
+            }
+        } else if (CallContext.current().getCallingAccount().getType() == Account.ACCOUNT_TYPE_ADMIN) {
+            users = _userDao.listAll();
+        }
+
+        ListResponse<SamlAuthorizationResponse> response = new ListResponse<SamlAuthorizationResponse>();
+        List<SamlAuthorizationResponse> authorizationResponses = new ArrayList<SamlAuthorizationResponse>();
+        for (User user: users) {
+            SamlAuthorizationResponse authorizationResponse = new SamlAuthorizationResponse(user.getUuid(), user.getSource().equals(User.Source.SAML2), user.getExternalEntity());
+            authorizationResponse.setObjectName("samlauthorization");
+            authorizationResponses.add(authorizationResponse);
+        }
+        response.setResponses(authorizationResponses);
+        response.setResponseName(getCommandName());
+        setResponseObject(response);
+    }
+}
\ No newline at end of file
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index a10afb6588..b05ebf656a 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -14,16 +14,14 @@
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.
-
 package org.apache.cloudstack.api.command;
 
 import com.cloud.api.response.ApiResponseSerializer;
-import com.cloud.configuration.Config;
-import com.cloud.domain.Domain;
 import com.cloud.exception.CloudAuthenticationException;
 import com.cloud.user.Account;
 import com.cloud.user.DomainManager;
 import com.cloud.user.UserAccount;
+import com.cloud.user.UserAccountVO;
 import com.cloud.user.dao.UserAccountDao;
 import com.cloud.utils.HttpUtils;
 import com.cloud.utils.db.EntityManager;
@@ -38,24 +36,29 @@
 import org.apache.cloudstack.api.auth.APIAuthenticator;
 import org.apache.cloudstack.api.auth.PluggableAPIAuthenticator;
 import org.apache.cloudstack.api.response.LoginCmdResponse;
-import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
 import org.apache.cloudstack.saml.SAML2AuthManager;
-import org.apache.cloudstack.utils.auth.SAMLUtils;
+import org.apache.cloudstack.saml.SAMLPluginConstants;
+import org.apache.cloudstack.saml.SAMLProviderMetadata;
+import org.apache.cloudstack.saml.SAMLTokenVO;
+import org.apache.cloudstack.saml.SAMLUtils;
 import org.apache.log4j.Logger;
 import org.opensaml.DefaultBootstrap;
 import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.AttributeStatement;
-import org.opensaml.saml2.core.AuthnRequest;
-import org.opensaml.saml2.core.NameID;
-import org.opensaml.saml2.core.NameIDType;
+import org.opensaml.saml2.core.EncryptedAssertion;
+import org.opensaml.saml2.core.Issuer;
 import org.opensaml.saml2.core.Response;
 import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml2.encryption.Decrypter;
 import org.opensaml.xml.ConfigurationException;
-import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.encryption.DecryptionException;
+import org.opensaml.xml.encryption.EncryptedKeyResolver;
+import org.opensaml.xml.encryption.InlineEncryptedKeyResolver;
 import org.opensaml.xml.io.UnmarshallingException;
+import org.opensaml.xml.security.SecurityHelper;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.keyinfo.StaticKeyInfoCredentialResolver;
 import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.opensaml.xml.signature.Signature;
 import org.opensaml.xml.signature.SignatureValidator;
 import org.opensaml.xml.validation.ValidationException;
 import org.xml.sax.SAXException;
@@ -69,12 +72,8 @@
 import javax.xml.stream.FactoryConfigurationError;
 import java.io.IOException;
 import java.net.URLEncoder;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
 import java.util.List;
 import java.util.Map;
-import java.util.UUID;
 
 @APICommand(name = "samlSso", description = "SP initiated SAML Single Sign On", requestHasSensitiveInfo = true, responseObject = LoginCmdResponse.class, entityType = {})
 public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthenticator {
@@ -84,16 +83,14 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
-    @Parameter(name = ApiConstants.IDP_URL, type = CommandType.STRING, description = "Identity Provider SSO HTTP-Redirect binding URL", required = true)
-    private String idpUrl;
+    @Parameter(name = ApiConstants.IDP_ID, type = CommandType.STRING, description = "Identity Provider Entity ID", required = true)
+    private String idpId;
 
     @Inject
     ApiServerService _apiServer;
     @Inject
     EntityManager _entityMgr;
     @Inject
-    ConfigurationDao _configDao;
-    @Inject
     DomainManager _domainMgr;
     @Inject
     private UserAccountDao _userAccountDao;
@@ -104,8 +101,8 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
     /////////////////// Accessors ///////////////////////
     /////////////////////////////////////////////////////
 
-    public String getIdpUrl() {
-        return idpUrl;
+    public String getIdpId() {
+        return idpId;
     }
 
     /////////////////////////////////////////////////////
@@ -128,30 +125,6 @@ public void execute() throws ServerApiException {
         throw new ServerApiException(ApiErrorCode.METHOD_NOT_ALLOWED, "This is an authentication api, cannot be used directly");
     }
 
-    private String buildAuthnRequestUrl(String idpUrl) {
-        String spId = _samlAuthManager.getServiceProviderId();
-        String consumerUrl = _samlAuthManager.getSpSingleSignOnUrl();
-        String identityProviderUrl = _samlAuthManager.getIdpSingleSignOnUrl();
-
-        if (idpUrl != null) {
-            identityProviderUrl = idpUrl;
-        }
-
-        String redirectUrl = "";
-        try {
-            DefaultBootstrap.bootstrap();
-            AuthnRequest authnRequest = SAMLUtils.buildAuthnRequestObject(spId, identityProviderUrl, consumerUrl);
-            PrivateKey privateKey = null;
-            if (_samlAuthManager.getSpKeyPair() != null) {
-                privateKey = _samlAuthManager.getSpKeyPair().getPrivate();
-            }
-            redirectUrl = identityProviderUrl + "?" + SAMLUtils.generateSAMLRequestSignature("SAMLRequest=" + SAMLUtils.encodeSAMLRequest(authnRequest), privateKey);
-        } catch (ConfigurationException | FactoryConfigurationError | MarshallingException | IOException | NoSuchAlgorithmException | InvalidKeyException | java.security.SignatureException e) {
-            s_logger.error("SAML AuthnRequest message building error: " + e.getMessage());
-        }
-        return redirectUrl;
-    }
-
     public Response processSAMLResponse(String responseMessage) {
         Response responseObject = null;
         try {
@@ -167,13 +140,44 @@ public Response processSAMLResponse(String responseMessage) {
     @Override
     public String authenticate(final String command, final Map<String, Object[]> params, final HttpSession session, final String remoteAddress, final String responseType, final StringBuilder auditTrailSb, final HttpServletRequest req, final HttpServletResponse resp) throws ServerApiException {
         try {
-            if (!params.containsKey("SAMLResponse") && !params.containsKey("SAMLart")) {
-                String idpUrl = null;
-                final String[] idps = (String[])params.get(ApiConstants.IDP_URL);
-                if (idps != null && idps.length > 0) {
-                    idpUrl = idps[0];
+            if (!params.containsKey(SAMLPluginConstants.SAML_RESPONSE) && !params.containsKey("SAMLart")) {
+                String idpId = null;
+                String domainPath = null;
+
+                if (params.containsKey(ApiConstants.IDP_ID)) {
+                    idpId = ((String[])params.get(ApiConstants.IDP_ID))[0];
+                }
+
+                if (params.containsKey(ApiConstants.DOMAIN)) {
+                    domainPath = ((String[])params.get(ApiConstants.DOMAIN))[0];
+                }
+
+                if (domainPath != null && !domainPath.isEmpty()) {
+                    if (!domainPath.startsWith("/")) {
+                        domainPath = "/" + domainPath;
+                    }
+                    if (!domainPath.endsWith("/")) {
+                        domainPath = domainPath + "/";
+                    }
+                }
+
+                SAMLProviderMetadata spMetadata = _samlAuthManager.getSPMetadata();
+                SAMLProviderMetadata idpMetadata = _samlAuthManager.getIdPMetadata(idpId);
+                if (idpMetadata == null) {
+                    throw new ServerApiException(ApiErrorCode.PARAM_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(),
+                            "IdP ID (" + idpId + ") is not found in our list of supported IdPs, cannot proceed.",
+                            params, responseType));
+                }
+                if (idpMetadata.getSsoUrl() == null || idpMetadata.getSsoUrl().isEmpty()) {
+                    throw new ServerApiException(ApiErrorCode.PARAM_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(),
+                            "IdP ID (" + idpId + ") has no Single Sign On URL defined please contact "
+                                    + idpMetadata.getContactPersonName() + " <" + idpMetadata.getContactPersonEmail() + ">, cannot proceed.",
+                            params, responseType));
                 }
-                String redirectUrl = this.buildAuthnRequestUrl(idpUrl);
+                String authnId = SAMLUtils.generateSecureRandomId();
+                _samlAuthManager.saveToken(authnId, domainPath, idpMetadata.getEntityId());
+                s_logger.debug("Sending SAMLRequest id=" + authnId);
+                String redirectUrl = SAMLUtils.buildAuthnRequestUrl(authnId, spMetadata, idpMetadata, SAML2AuthManager.SAMLSignatureAlgorithm.value());
                 resp.sendRedirect(redirectUrl);
                 return "";
             } if (params.containsKey("SAMLart")) {
@@ -181,7 +185,7 @@ public String authenticate(final String command, final Map<String, Object[]> par
                         "SAML2 HTTP Artifact Binding is not supported",
                         params, responseType));
             } else {
-                final String samlResponse = ((String[])params.get(SAMLUtils.SAML_RESPONSE))[0];
+                final String samlResponse = ((String[])params.get(SAMLPluginConstants.SAML_RESPONSE))[0];
                 Response processedSAMLResponse = this.processSAMLResponse(samlResponse);
                 String statusCode = processedSAMLResponse.getStatus().getStatusCode().getValue();
                 if (!statusCode.equals(StatusCode.SUCCESS_URI)) {
@@ -190,10 +194,37 @@ public String authenticate(final String command, final Map<String, Object[]> par
                             params, responseType));
                 }
 
-                if (_samlAuthManager.getIdpSigningKey() != null) {
-                    org.opensaml.xml.signature.Signature sig = processedSAMLResponse.getSignature();
+                String username = null;
+                Long domainId = null;
+                Issuer issuer = processedSAMLResponse.getIssuer();
+                SAMLProviderMetadata spMetadata = _samlAuthManager.getSPMetadata();
+                SAMLProviderMetadata idpMetadata = _samlAuthManager.getIdPMetadata(issuer.getValue());
+
+                String responseToId = processedSAMLResponse.getInResponseTo();
+                s_logger.debug("Received SAMLResponse in response to id=" + responseToId);
+                SAMLTokenVO token = _samlAuthManager.getToken(responseToId);
+                if (token != null) {
+                    if (token.getDomainId() != null) {
+                        domainId = token.getDomainId();
+                    }
+                    if (!(token.getEntity().equalsIgnoreCase(issuer.getValue()))) {
+                        throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
+                                "The SAML response contains Issuer Entity ID that is different from the original SAML request",
+                                params, responseType));
+                    }
+                } else {
+                    throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
+                            "Received SAML response for a SSO request that we may not have made or has expired, please try logging in again",
+                            params, responseType));
+                }
+
+                // Set IdpId for this session
+                session.setAttribute(SAMLPluginConstants.SAML_IDPID, issuer.getValue());
+
+                Signature sig = processedSAMLResponse.getSignature();
+                if (idpMetadata.getSigningCertificate() != null && sig != null) {
                     BasicX509Credential credential = new BasicX509Credential();
-                    credential.setEntityCertificate(_samlAuthManager.getIdpSigningKey());
+                    credential.setEntityCertificate(idpMetadata.getSigningCertificate());
                     SignatureValidator validator = new SignatureValidator(credential);
                     try {
                         validator.validate(sig);
@@ -204,94 +235,106 @@ public String authenticate(final String command, final Map<String, Object[]> par
                                 params, responseType));
                     }
                 }
-
-                String domainString = _configDao.getValue(Config.SAMLUserDomain.key());
-
-                Long domainId = null;
-                Domain domain = _domainMgr.getDomain(domainString);
-                if (domain != null) {
-                    domainId = domain.getId();
-                } else {
-                    try {
-                        domainId = Long.parseLong(domainString);
-                    } catch (NumberFormatException ignore) {
-                    }
-                }
-                if (domainId == null) {
-                    s_logger.error("The default domain ID for SAML users is not set correct, it should be a UUID. ROOT domain will be used.");
+                if (username == null) {
+                    username = SAMLUtils.getValueFromAssertions(processedSAMLResponse.getAssertions(), SAML2AuthManager.SAMLUserAttributeName.value());
                 }
 
-                String username = null;
-                String password = SAMLUtils.generateSecureRandomId(); // Random password
-                String firstName = "";
-                String lastName = "";
-                String timeZone = "GMT";
-                String email = "";
-                short accountType = 0; // User account
-
-                Assertion assertion = processedSAMLResponse.getAssertions().get(0);
-                NameID nameId = assertion.getSubject().getNameID();
-                String sessionIndex = assertion.getAuthnStatements().get(0).getSessionIndex();
-                session.setAttribute(SAMLUtils.SAML_NAMEID, nameId);
-                session.setAttribute(SAMLUtils.SAML_SESSION, sessionIndex);
-
-                if (nameId.getFormat().equals(NameIDType.PERSISTENT) || nameId.getFormat().equals(NameIDType.EMAIL)) {
-                    username = nameId.getValue();
-                    if (nameId.getFormat().equals(NameIDType.EMAIL)) {
-                        email = username;
+                for (Assertion assertion: processedSAMLResponse.getAssertions()) {
+                    if (assertion!= null && assertion.getSubject() != null && assertion.getSubject().getNameID() != null) {
+                        session.setAttribute(SAMLPluginConstants.SAML_NAMEID, assertion.getSubject().getNameID().getValue());
+                        break;
                     }
                 }
 
-                List<AttributeStatement> attributeStatements = assertion.getAttributeStatements();
-                if (attributeStatements != null && attributeStatements.size() > 0) {
-                    for (AttributeStatement attributeStatement: attributeStatements) {
-                        if (attributeStatement == null) {
-                            continue;
-                        }
-                        // Try capturing standard LDAP attributes
-                        for (Attribute attribute: attributeStatement.getAttributes()) {
-                            String attributeName = attribute.getName();
-                            String attributeValue = attribute.getAttributeValues().get(0).getDOM().getTextContent();
-                            if (attributeName.equalsIgnoreCase("uid") && username == null) {
-                                username = attributeValue;
-                            } else if (attributeName.equalsIgnoreCase("givenName")) {
-                                firstName = attributeValue;
-                            } else if (attributeName.equalsIgnoreCase(("sn"))) {
-                                lastName = attributeValue;
-                            } else if (attributeName.equalsIgnoreCase("mail")) {
-                                email = attributeValue;
+                if (idpMetadata.getEncryptionCertificate() != null && spMetadata != null
+                        && spMetadata.getKeyPair() != null && spMetadata.getKeyPair().getPrivate() != null) {
+                    Credential credential = SecurityHelper.getSimpleCredential(idpMetadata.getEncryptionCertificate().getPublicKey(),
+                            spMetadata.getKeyPair().getPrivate());
+                    StaticKeyInfoCredentialResolver keyInfoResolver = new StaticKeyInfoCredentialResolver(credential);
+                    EncryptedKeyResolver keyResolver = new InlineEncryptedKeyResolver();
+                    Decrypter decrypter = new Decrypter(null, keyInfoResolver, keyResolver);
+                    decrypter.setRootInNewDocument(true);
+                    List<EncryptedAssertion> encryptedAssertions = processedSAMLResponse.getEncryptedAssertions();
+                    if (encryptedAssertions != null) {
+                        for (EncryptedAssertion encryptedAssertion : encryptedAssertions) {
+                            Assertion assertion = null;
+                            try {
+                                assertion = decrypter.decrypt(encryptedAssertion);
+                            } catch (DecryptionException e) {
+                                s_logger.warn("SAML EncryptedAssertion error: " + e.toString());
+                            }
+                            if (assertion == null) {
+                                continue;
+                            }
+                            Signature encSig = assertion.getSignature();
+                            if (idpMetadata.getSigningCertificate() != null && encSig != null) {
+                                BasicX509Credential sigCredential = new BasicX509Credential();
+                                sigCredential.setEntityCertificate(idpMetadata.getSigningCertificate());
+                                SignatureValidator validator = new SignatureValidator(sigCredential);
+                                try {
+                                    validator.validate(encSig);
+                                } catch (ValidationException e) {
+                                    s_logger.error("SAML Response's signature failed to be validated by IDP signing key:" + e.getMessage());
+                                    throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
+                                            "SAML Response's signature failed to be validated by IDP signing key",
+                                            params, responseType));
+                                }
+                            }
+                            if (assertion.getSubject() != null && assertion.getSubject().getNameID() != null) {
+                                session.setAttribute(SAMLPluginConstants.SAML_NAMEID, assertion.getSubject().getNameID().getValue());
+                            }
+                            if (username == null) {
+                                username = SAMLUtils.getValueFromAttributeStatements(assertion.getAttributeStatements(), SAML2AuthManager.SAMLUserAttributeName.value());
                             }
                         }
                     }
                 }
 
-                if (username == null && email != null) {
-                    username = email;
+                if (username == null) {
+                    throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
+                            "Failed to find admin configured username attribute in the SAML Response. Please ask your administrator to check SAML user attribute name.", params, responseType));
+                }
+
+                UserAccount userAccount = null;
+                List<UserAccountVO> possibleUserAccounts = _userAccountDao.getAllUsersByNameAndEntity(username, issuer.getValue());
+                if (possibleUserAccounts != null && possibleUserAccounts.size() > 0) {
+                    if (possibleUserAccounts.size() == 1) {
+                        userAccount = possibleUserAccounts.get(0);
+                    } else if (possibleUserAccounts.size() > 1) {
+                        if (domainId != null) {
+                            userAccount = _userAccountDao.getUserAccount(username, domainId);
+                        } else {
+                            throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
+                                    "You have accounts in multiple domains, please re-login by specifying the domain you want to log into.",
+                                    params, responseType));
+                        }
+                    }
                 }
-                final String uniqueUserId = SAMLUtils.createSAMLId(username);
 
-                UserAccount userAccount = _userAccountDao.getUserAccount(username, domainId);
-                if (userAccount == null && uniqueUserId != null && username != null) {
-                    CallContext.current().setEventDetails("SAML Account/User with UserName: " + username + ", FirstName :" + password + ", LastName: " + lastName);
-                    userAccount = _accountService.createUserAccount(username, password, firstName, lastName, email, timeZone,
-                            username, (short) accountType, domainId, null, null, UUID.randomUUID().toString(), uniqueUserId);
+                if (userAccount == null || userAccount.getExternalEntity() == null || !_samlAuthManager.isUserAuthorized(userAccount.getId(), issuer.getValue())) {
+                    throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
+                            "Your authenticated user is not authorized, please contact your administrator",
+                            params, responseType));
                 }
 
                 if (userAccount != null) {
                     try {
                         if (_apiServer.verifyUser(userAccount.getId())) {
-                            LoginCmdResponse loginResponse = (LoginCmdResponse) _apiServer.loginUser(session, username, userAccount.getPassword(), domainId, null, remoteAddress, params);
+                            LoginCmdResponse loginResponse = (LoginCmdResponse) _apiServer.loginUser(session, userAccount.getUsername(), userAccount.getUsername() + userAccount.getSource().toString(),
+                                    userAccount.getDomainId(), null, remoteAddress, params);
                             resp.addCookie(new Cookie("userid", URLEncoder.encode(loginResponse.getUserId(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("domainid", URLEncoder.encode(loginResponse.getDomainId(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("role", URLEncoder.encode(loginResponse.getType(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("username", URLEncoder.encode(loginResponse.getUsername(), HttpUtils.UTF_8)));
-                            resp.addCookie(new Cookie("sessionkey", URLEncoder.encode(loginResponse.getSessionKey(), HttpUtils.UTF_8)));
+                            resp.addCookie(new Cookie(ApiConstants.SESSIONKEY, URLEncoder.encode(loginResponse.getSessionKey(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("account", URLEncoder.encode(loginResponse.getAccount(), HttpUtils.UTF_8)));
-                            resp.addCookie(new Cookie("timezone", URLEncoder.encode(loginResponse.getTimeZone(), HttpUtils.UTF_8)));
+                            String timezone = loginResponse.getTimeZone();
+                            if (timezone != null) {
+                                resp.addCookie(new Cookie("timezone", URLEncoder.encode(timezone, HttpUtils.UTF_8)));
+                            }
                             resp.addCookie(new Cookie("userfullname", URLEncoder.encode(loginResponse.getFirstName() + " " + loginResponse.getLastName(), HttpUtils.UTF_8).replace("+", "%20")));
-                            resp.sendRedirect(_configDao.getValue(Config.SAMLCloudStackRedirectionUrl.key()));
+                            resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
                             return ApiResponseSerializer.toSerializedString(loginResponse, responseType);
-
                         }
                     } catch (final CloudAuthenticationException ignored) {
                     }
@@ -302,7 +345,7 @@ public String authenticate(final String command, final Map<String, Object[]> par
             auditTrailSb.append(e.getMessage());
         }
         throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
-                "Unable to authenticate or retrieve user while performing SAML based SSO",
+                "Unable to authenticate user while performing SAML based SSO. Please make sure your user/account has been added, enable and authorized by the admin before you can authenticate. Please contact your administrator.",
                 params, responseType));
     }
 
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmd.java
index 992e4317f8..a012431b29 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmd.java
@@ -17,7 +17,6 @@
 package org.apache.cloudstack.api.command;
 
 import com.cloud.api.response.ApiResponseSerializer;
-import com.cloud.configuration.Config;
 import com.cloud.user.Account;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiErrorCode;
@@ -28,13 +27,13 @@
 import org.apache.cloudstack.api.auth.APIAuthenticator;
 import org.apache.cloudstack.api.auth.PluggableAPIAuthenticator;
 import org.apache.cloudstack.api.response.LogoutCmdResponse;
-import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
 import org.apache.cloudstack.saml.SAML2AuthManager;
-import org.apache.cloudstack.utils.auth.SAMLUtils;
+import org.apache.cloudstack.saml.SAMLPluginConstants;
+import org.apache.cloudstack.saml.SAMLProviderMetadata;
+import org.apache.cloudstack.saml.SAMLUtils;
 import org.apache.log4j.Logger;
 import org.opensaml.DefaultBootstrap;
 import org.opensaml.saml2.core.LogoutRequest;
-import org.opensaml.saml2.core.NameID;
 import org.opensaml.saml2.core.Response;
 import org.opensaml.saml2.core.StatusCode;
 import org.opensaml.xml.ConfigurationException;
@@ -59,8 +58,7 @@ public class SAML2LogoutAPIAuthenticatorCmd extends BaseCmd implements APIAuthen
 
     @Inject
     ApiServerService _apiServer;
-    @Inject
-    ConfigurationDao _configDao;
+
     SAML2AuthManager _samlAuthManager;
 
     /////////////////////////////////////////////////////
@@ -93,7 +91,7 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
 
         if (session == null) {
             try {
-                resp.sendRedirect(_configDao.getValue(Config.SAMLCloudStackRedirectionUrl.key()));
+                resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
             } catch (IOException ignored) {
             }
             return responseString;
@@ -110,7 +108,7 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
 
         if (params != null && params.containsKey("SAMLResponse")) {
             try {
-                final String samlResponse = ((String[])params.get(SAMLUtils.SAML_RESPONSE))[0];
+                final String samlResponse = ((String[])params.get(SAMLPluginConstants.SAML_RESPONSE))[0];
                 Response processedSAMLResponse = SAMLUtils.decodeSAMLResponse(samlResponse);
                 String statusCode = processedSAMLResponse.getStatus().getStatusCode().getValue();
                 if (!statusCode.equals(StatusCode.SUCCESS_URI)) {
@@ -122,25 +120,26 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
                 s_logger.error("SAMLResponse processing error: " + e.getMessage());
             }
             try {
-                resp.sendRedirect(_configDao.getValue(Config.SAMLCloudStackRedirectionUrl.key()));
+                resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
             } catch (IOException ignored) {
             }
             return responseString;
         }
 
-        NameID nameId = (NameID) session.getAttribute(SAMLUtils.SAML_NAMEID);
-        String sessionIndex = (String) session.getAttribute(SAMLUtils.SAML_SESSION);
-        if (nameId == null || sessionIndex == null) {
+        String idpId = (String) session.getAttribute(SAMLPluginConstants.SAML_IDPID);
+        SAMLProviderMetadata idpMetadata = _samlAuthManager.getIdPMetadata(idpId);
+        String nameId = (String) session.getAttribute(SAMLPluginConstants.SAML_NAMEID);
+        if (idpMetadata == null || nameId == null || nameId.isEmpty()) {
             try {
-                resp.sendRedirect(_configDao.getValue(Config.SAMLCloudStackRedirectionUrl.key()));
+                resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
             } catch (IOException ignored) {
             }
             return responseString;
         }
-        LogoutRequest logoutRequest = SAMLUtils.buildLogoutRequest(_samlAuthManager.getIdpSingleLogOutUrl(), _samlAuthManager.getServiceProviderId(), nameId, sessionIndex);
+        LogoutRequest logoutRequest = SAMLUtils.buildLogoutRequest(idpMetadata.getSloUrl(), _samlAuthManager.getSPMetadata().getEntityId(), nameId);
 
         try {
-            String redirectUrl = _samlAuthManager.getIdpSingleLogOutUrl() + "?SAMLRequest=" + SAMLUtils.encodeSAMLRequest(logoutRequest);
+            String redirectUrl = idpMetadata.getSloUrl() + "?SAMLRequest=" + SAMLUtils.encodeSAMLRequest(logoutRequest);
             resp.sendRedirect(redirectUrl);
         } catch (MarshallingException | IOException e) {
             s_logger.error("SAML SLO error: " + e.getMessage());
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/IdpResponse.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/IdpResponse.java
new file mode 100644
index 0000000000..d95cc3349c
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/IdpResponse.java
@@ -0,0 +1,62 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.response;
+
+import com.cloud.serializer.Param;
+import com.google.gson.annotations.SerializedName;
+
+public class IdpResponse extends AuthenticationCmdResponse {
+    @SerializedName("id")
+    @Param(description = "The IdP Entity ID")
+    private String id;
+
+    @SerializedName("orgName")
+    @Param(description = "The IdP Organization Name")
+    private String orgName;
+
+    @SerializedName("orgUrl")
+    @Param(description = "The IdP Organization URL")
+    private String orgUrl;
+
+    public IdpResponse() {
+        super();
+    }
+
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    public String getOrgName() {
+        return orgName;
+    }
+
+    public void setOrgName(String orgName) {
+        this.orgName = orgName;
+    }
+
+    public String getOrgUrl() {
+        return orgUrl;
+    }
+
+    public void setOrgUrl(String orgUrl) {
+        this.orgUrl = orgUrl;
+    }
+}
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/SamlAuthorizationResponse.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/SamlAuthorizationResponse.java
new file mode 100644
index 0000000000..445ee887af
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/SamlAuthorizationResponse.java
@@ -0,0 +1,68 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.response;
+
+import com.cloud.serializer.Param;
+import com.cloud.user.User;
+import com.google.gson.annotations.SerializedName;
+import org.apache.cloudstack.api.BaseResponse;
+import org.apache.cloudstack.api.EntityReference;
+
+@EntityReference(value = User.class)
+public class SamlAuthorizationResponse extends BaseResponse {
+    @SerializedName("userid")
+    @Param(description = "the user ID")
+    private String userId;
+
+    @SerializedName("status")
+    @Param(description = "the SAML authorization status")
+    private Boolean status;
+
+    @SerializedName("idpid")
+    @Param(description = "the authorized Identity Provider ID")
+    private String idpId;
+
+    public SamlAuthorizationResponse(String userId, Boolean status, String idpId) {
+        this.userId = userId;
+        this.status = status;
+        this.idpId = idpId;
+    }
+
+    public String getUserId() {
+        return userId;
+    }
+
+    public void setUserId(String userId) {
+        this.userId = userId;
+    }
+
+    public Boolean getStatus() {
+        return status;
+    }
+
+    public void setStatus(Boolean status) {
+        this.status = status;
+    }
+
+    public String getIdpId() {
+        return idpId;
+    }
+
+    public void setIdpId(String idpId) {
+        this.idpId = idpId;
+    }
+}
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManager.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManager.java
index 9c0d4b42fc..fc9a6db4d8 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManager.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManager.java
@@ -17,23 +17,64 @@
 
 package org.apache.cloudstack.saml;
 
+import com.cloud.utils.component.PluggableService;
 import org.apache.cloudstack.api.auth.PluggableAPIAuthenticator;
+import org.apache.cloudstack.framework.config.ConfigKey;
 
-import java.security.KeyPair;
-import java.security.cert.X509Certificate;
+import java.util.Collection;
 
-public interface SAML2AuthManager extends PluggableAPIAuthenticator {
-    public String getServiceProviderId();
-    public String getIdentityProviderId();
+public interface SAML2AuthManager extends PluggableAPIAuthenticator, PluggableService {
 
-    public X509Certificate getIdpSigningKey();
-    public X509Certificate getIdpEncryptionKey();
-    public X509Certificate getSpX509Certificate();
-    public KeyPair getSpKeyPair();
+    public static final ConfigKey<Boolean> SAMLIsPluginEnabled = new ConfigKey<Boolean>("Advanced", Boolean.class, "saml2.enabled", "false",
+            "Indicates whether SAML SSO plugin is enabled or not", true);
 
-    public String getSpSingleSignOnUrl();
-    public String getIdpSingleSignOnUrl();
+    public static final ConfigKey<String> SAMLServiceProviderID = new ConfigKey<String>("Advanced", String.class, "saml2.sp.id", "org.apache.cloudstack",
+            "SAML2 Service Provider Identifier String", true);
 
-    public String getSpSingleLogOutUrl();
-    public String getIdpSingleLogOutUrl();
+    public static final ConfigKey<String> SAMLServiceProviderContactPersonName = new ConfigKey<String>("Advanced", String.class, "saml2.sp.contact.person", "CloudStack Developers",
+            "SAML2 Service Provider Contact Person Name", true);
+
+    public static final ConfigKey<String> SAMLServiceProviderContactEmail = new ConfigKey<String>("Advanced", String.class, "saml2.sp.contact.email", "dev@cloudstack.apache.org",
+            "SAML2 Service Provider Contact Email Address", true);
+
+    public static final ConfigKey<String> SAMLServiceProviderOrgName = new ConfigKey<String>("Advanced", String.class, "saml2.sp.org.name", "Apache CloudStack",
+            "SAML2 Service Provider Organization Name", true);
+
+    public static final ConfigKey<String> SAMLServiceProviderOrgUrl = new ConfigKey<String>("Advanced", String.class, "saml2.sp.org.url", "http://cloudstack.apache.org",
+            "SAML2 Service Provider Organization URL", true);
+
+    public static final ConfigKey<String> SAMLServiceProviderSingleSignOnURL = new ConfigKey<String>("Advanced", String.class, "saml2.sp.sso.url", "http://localhost:8080/client/api?command=samlSso",
+            "SAML2 CloudStack Service Provider Single Sign On URL", true);
+
+    public static final ConfigKey<String> SAMLServiceProviderSingleLogOutURL = new ConfigKey<String>("Advanced", String.class, "saml2.sp.slo.url", "http://localhost:8080/client/",
+            "SAML2 CloudStack Service Provider Single Log Out URL", true);
+
+    public static final ConfigKey<String> SAMLCloudStackRedirectionUrl = new ConfigKey<String>("Advanced", String.class, "saml2.redirect.url", "http://localhost:8080/client",
+            "The CloudStack UI url the SSO should redirected to when successful", true);
+
+    public static final ConfigKey<String> SAMLUserAttributeName = new ConfigKey<String>("Advanced", String.class, "saml2.user.attribute", "uid",
+            "Attribute name to be looked for in SAML response that will contain the username", true);
+
+    public static final ConfigKey<String> SAMLIdentityProviderMetadataURL = new ConfigKey<String>("Advanced", String.class, "saml2.idp.metadata.url", "https://openidp.feide.no/simplesaml/saml2/idp/metadata.php",
+            "SAML2 Identity Provider Metadata XML Url", true);
+
+    public static final ConfigKey<String> SAMLDefaultIdentityProviderId = new ConfigKey<String>("Advanced", String.class, "saml2.default.idpid", "https://openidp.feide.no",
+            "The default IdP entity ID to use only in case of multiple IdPs", true);
+
+    public static final ConfigKey<String> SAMLSignatureAlgorithm = new ConfigKey<String>("Advanced", String.class, "saml2.sigalg", "SHA1",
+            "The algorithm to use to when signing a SAML request. Default is SHA1, allowed algorithms: SHA1, SHA256, SHA384, SHA512", true);
+
+    public static final ConfigKey<Integer> SAMLTimeout = new ConfigKey<Integer>("Advanced", Integer.class, "saml2.timeout", "1800",
+            "SAML2 IDP Metadata refresh interval in seconds, minimum value is set to 300", true);
+
+    public SAMLProviderMetadata getSPMetadata();
+    public SAMLProviderMetadata getIdPMetadata(String entityId);
+    public Collection<SAMLProviderMetadata> getAllIdPMetadata();
+
+    public boolean isUserAuthorized(Long userId, String entityId);
+    public boolean authorizeUser(Long userId, String entityId, boolean enable);
+
+    public void saveToken(String authnId, String domain, String entity);
+    public SAMLTokenVO getToken(String authnId);
+    public void expireTokens();
 }
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java
index 36c9da5e1e..185955c338 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java
@@ -16,28 +16,46 @@
 // under the License.
 package org.apache.cloudstack.saml;
 
-import com.cloud.configuration.Config;
+import com.cloud.domain.Domain;
+import com.cloud.user.DomainManager;
+import com.cloud.user.User;
+import com.cloud.user.UserVO;
+import com.cloud.user.dao.UserDao;
+import com.cloud.utils.PropertiesUtil;
 import com.cloud.utils.component.AdapterBase;
 import org.apache.cloudstack.api.auth.PluggableAPIAuthenticator;
+import org.apache.cloudstack.api.command.AuthorizeSAMLSSOCmd;
 import org.apache.cloudstack.api.command.GetServiceProviderMetaDataCmd;
+import org.apache.cloudstack.api.command.ListIdpsCmd;
+import org.apache.cloudstack.api.command.ListSamlAuthorizationCmd;
 import org.apache.cloudstack.api.command.SAML2LoginAPIAuthenticatorCmd;
 import org.apache.cloudstack.api.command.SAML2LogoutAPIAuthenticatorCmd;
-import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.config.Configurable;
 import org.apache.cloudstack.framework.security.keystore.KeystoreDao;
 import org.apache.cloudstack.framework.security.keystore.KeystoreVO;
-import org.apache.cloudstack.utils.auth.SAMLUtils;
-import org.apache.log4j.Logger;
 import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.log4j.Logger;
 import org.opensaml.DefaultBootstrap;
 import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.metadata.ContactPerson;
+import org.opensaml.saml2.metadata.EmailAddress;
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
 import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml2.metadata.IDPSSODescriptor;
 import org.opensaml.saml2.metadata.KeyDescriptor;
+import org.opensaml.saml2.metadata.OrganizationDisplayName;
+import org.opensaml.saml2.metadata.OrganizationName;
+import org.opensaml.saml2.metadata.OrganizationURL;
 import org.opensaml.saml2.metadata.SingleLogoutService;
 import org.opensaml.saml2.metadata.SingleSignOnService;
+import org.opensaml.saml2.metadata.provider.AbstractReloadingMetadataProvider;
+import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
 import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
 import org.opensaml.saml2.metadata.provider.MetadataProviderException;
 import org.opensaml.xml.ConfigurationException;
+import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.credential.UsageType;
 import org.opensaml.xml.security.keyinfo.KeyInfoHelper;
@@ -48,6 +66,7 @@
 import javax.xml.stream.FactoryConfigurationError;
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
+import java.io.File;
 import java.io.IOException;
 import java.io.ObjectInputStream;
 import java.io.ObjectOutput;
@@ -63,61 +82,87 @@
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
+import java.util.Timer;
+import java.util.TimerTask;
 
 @Component
 @Local(value = {SAML2AuthManager.class, PluggableAPIAuthenticator.class})
-public class SAML2AuthManagerImpl extends AdapterBase implements SAML2AuthManager {
+public class SAML2AuthManagerImpl extends AdapterBase implements SAML2AuthManager, Configurable {
     private static final Logger s_logger = Logger.getLogger(SAML2AuthManagerImpl.class);
 
-    private String serviceProviderId;
-    private String identityProviderId;
+    private SAMLProviderMetadata _spMetadata = new SAMLProviderMetadata();
+    private Map<String, SAMLProviderMetadata> _idpMetadataMap = new HashMap<String, SAMLProviderMetadata>();
 
-    private X509Certificate idpSigningKey;
-    private X509Certificate idpEncryptionKey;
-    private X509Certificate spX509Key;
-    private KeyPair spKeyPair;
-
-    private String spSingleSignOnUrl;
     private String idpSingleSignOnUrl;
-
-    private String spSingleLogOutUrl;
     private String idpSingleLogOutUrl;
 
-    private HTTPMetadataProvider idpMetaDataProvider;
+    private Timer _timer;
+    private int _refreshInterval = SAMLPluginConstants.SAML_REFRESH_INTERVAL;
+    private AbstractReloadingMetadataProvider _idpMetaDataProvider;
 
     @Inject
-    ConfigurationDao _configDao;
+    private KeystoreDao _ksDao;
 
     @Inject
-    private KeystoreDao _ksDao;
+    private SAMLTokenDao _samlTokenDao;
+
+    @Inject
+    private UserDao _userDao;
+
+    @Inject
+    DomainManager _domainMgr;
 
     @Override
     public boolean start() {
         if (isSAMLPluginEnabled()) {
             setup();
+            s_logger.info("SAML auth plugin loaded");
+        } else {
+            s_logger.info("SAML auth plugin not enabled so not loading");
         }
         return super.start();
     }
 
-    private boolean setup() {
-        KeystoreVO keyStoreVO = _ksDao.findByName(SAMLUtils.SAMLSP_KEYPAIR);
+    @Override
+    public boolean stop() {
+        if (_timer != null) {
+            _timer.cancel();
+        }
+        return super.stop();
+    }
+
+    private boolean initSP() {
+        KeystoreVO keyStoreVO = _ksDao.findByName(SAMLPluginConstants.SAMLSP_KEYPAIR);
         if (keyStoreVO == null) {
             try {
                 KeyPair keyPair = SAMLUtils.generateRandomKeyPair();
-                _ksDao.save(SAMLUtils.SAMLSP_KEYPAIR, SAMLUtils.savePrivateKey(keyPair.getPrivate()), SAMLUtils.savePublicKey(keyPair.getPublic()), "samlsp-keypair");
-                keyStoreVO = _ksDao.findByName(SAMLUtils.SAMLSP_KEYPAIR);
+                _ksDao.save(SAMLPluginConstants.SAMLSP_KEYPAIR, SAMLUtils.savePrivateKey(keyPair.getPrivate()), SAMLUtils.savePublicKey(keyPair.getPublic()), "samlsp-keypair");
+                keyStoreVO = _ksDao.findByName(SAMLPluginConstants.SAMLSP_KEYPAIR);
+                s_logger.info("No SAML keystore found, created and saved a new Service Provider keypair");
             } catch (NoSuchProviderException | NoSuchAlgorithmException e) {
-                s_logger.error("Unable to create and save SAML keypair");
+                s_logger.error("Unable to create and save SAML keypair: " + e.toString());
             }
         }
 
+        String spId = SAMLServiceProviderID.value();
+        String spSsoUrl = SAMLServiceProviderSingleSignOnURL.value();
+        String spSloUrl = SAMLServiceProviderSingleLogOutURL.value();
+        String spOrgName = SAMLServiceProviderOrgName.value();
+        String spOrgUrl = SAMLServiceProviderOrgUrl.value();
+        String spContactPersonName = SAMLServiceProviderContactPersonName.value();
+        String spContactPersonEmail = SAMLServiceProviderContactEmail.value();
+        KeyPair spKeyPair = null;
+        X509Certificate spX509Key = null;
         if (keyStoreVO != null) {
             PrivateKey privateKey = SAMLUtils.loadPrivateKey(keyStoreVO.getCertificate());
             PublicKey publicKey = SAMLUtils.loadPublicKey(keyStoreVO.getKey());
             if (privateKey != null && publicKey != null) {
                 spKeyPair = new KeyPair(publicKey, privateKey);
-                KeystoreVO x509VO = _ksDao.findByName(SAMLUtils.SAMLSP_X509CERT);
+                KeystoreVO x509VO = _ksDao.findByName(SAMLPluginConstants.SAMLSP_X509CERT);
                 if (x509VO == null) {
                     try {
                         spX509Key = SAMLUtils.generateRandomX509Certificate(spKeyPair);
@@ -125,7 +170,7 @@ private boolean setup() {
                         ObjectOutput out = new ObjectOutputStream(bos);
                         out.writeObject(spX509Key);
                         out.flush();
-                        _ksDao.save(SAMLUtils.SAMLSP_X509CERT, Base64.encodeBase64String(bos.toByteArray()), "", "samlsp-x509cert");
+                        _ksDao.save(SAMLPluginConstants.SAMLSP_X509CERT, Base64.encodeBase64String(bos.toByteArray()), "", "samlsp-x509cert");
                         bos.close();
                     } catch (NoSuchAlgorithmException | NoSuchProviderException | CertificateEncodingException | SignatureException | InvalidKeyException | IOException e) {
                         s_logger.error("SAML Plugin won't be able to use X509 signed authentication");
@@ -142,61 +187,194 @@ private boolean setup() {
                 }
             }
         }
-
-        this.serviceProviderId = _configDao.getValue(Config.SAMLServiceProviderID.key());
-        this.identityProviderId = _configDao.getValue(Config.SAMLIdentityProviderID.key());
-
-        this.spSingleSignOnUrl = _configDao.getValue(Config.SAMLServiceProviderSingleSignOnURL.key());
-        this.spSingleLogOutUrl = _configDao.getValue(Config.SAMLServiceProviderSingleLogOutURL.key());
-
-        String idpMetaDataUrl = _configDao.getValue(Config.SAMLIdentityProviderMetadataURL.key());
-
-        int tolerance = 30000;
-        String timeout = _configDao.getValue(Config.SAMLTimeout.key());
-        if (timeout != null) {
-            tolerance = Integer.parseInt(timeout);
+        if (spKeyPair != null && spX509Key != null
+                && spId != null && spSsoUrl != null && spSloUrl != null
+                && spOrgName != null && spOrgUrl != null
+                && spContactPersonName != null && spContactPersonEmail != null) {
+            _spMetadata.setEntityId(spId);
+            _spMetadata.setOrganizationName(spOrgName);
+            _spMetadata.setOrganizationUrl(spOrgUrl);
+            _spMetadata.setContactPersonName(spContactPersonName);
+            _spMetadata.setContactPersonEmail(spContactPersonEmail);
+            _spMetadata.setSsoUrl(spSsoUrl);
+            _spMetadata.setSloUrl(spSloUrl);
+            _spMetadata.setKeyPair(spKeyPair);
+            _spMetadata.setSigningCertificate(spX509Key);
+            _spMetadata.setEncryptionCertificate(spX509Key);
+            return true;
         }
+        return false;
+    }
 
-        try {
-            DefaultBootstrap.bootstrap();
-            idpMetaDataProvider = new HTTPMetadataProvider(idpMetaDataUrl, tolerance);
-            idpMetaDataProvider.setRequireValidMetadata(true);
-            idpMetaDataProvider.setParserPool(new BasicParserPool());
-            idpMetaDataProvider.initialize();
+    private void addIdpToMap(EntityDescriptor descriptor, Map<String, SAMLProviderMetadata> idpMap) {
+        SAMLProviderMetadata idpMetadata = new SAMLProviderMetadata();
+        idpMetadata.setEntityId(descriptor.getEntityID());
+        s_logger.debug("Adding IdP to the list of discovered IdPs: " + descriptor.getEntityID());
+        if (descriptor.getOrganization() != null) {
+            if (descriptor.getOrganization().getDisplayNames() != null) {
+                for (OrganizationDisplayName orgName : descriptor.getOrganization().getDisplayNames()) {
+                    if (orgName != null && orgName.getName() != null) {
+                        idpMetadata.setOrganizationName(orgName.getName().getLocalString());
+                        break;
+                    }
+                }
+            }
+            if (idpMetadata.getOrganizationName() == null && descriptor.getOrganization().getOrganizationNames() != null) {
+                for (OrganizationName orgName : descriptor.getOrganization().getOrganizationNames()) {
+                    if (orgName != null && orgName.getName() != null) {
+                        idpMetadata.setOrganizationName(orgName.getName().getLocalString());
+                        break;
+                    }
+                }
+            }
+            if (descriptor.getOrganization().getURLs() != null) {
+                for (OrganizationURL organizationURL : descriptor.getOrganization().getURLs()) {
+                    if (organizationURL != null && organizationURL.getURL() != null) {
+                        idpMetadata.setOrganizationUrl(organizationURL.getURL().getLocalString());
+                        break;
+                    }
+                }
+            }
+        }
+        if (descriptor.getContactPersons() != null) {
+            for (ContactPerson person : descriptor.getContactPersons()) {
+                if (person == null || (person.getGivenName() == null && person.getSurName() == null)
+                        || person.getEmailAddresses() == null) {
+                    continue;
+                }
+                if (person.getGivenName() != null) {
+                    idpMetadata.setContactPersonName(person.getGivenName().getName());
 
-            EntityDescriptor idpEntityDescriptor = idpMetaDataProvider.getEntityDescriptor(this.identityProviderId);
+                } else if (person.getSurName() != null) {
+                    idpMetadata.setContactPersonName(person.getSurName().getName());
+                }
+                for (EmailAddress emailAddress : person.getEmailAddresses()) {
+                    if (emailAddress != null && emailAddress.getAddress() != null) {
+                        idpMetadata.setContactPersonEmail(emailAddress.getAddress());
+                    }
+                }
+                if (idpMetadata.getContactPersonName() != null && idpMetadata.getContactPersonEmail() != null) {
+                    break;
+                }
+            }
+        }
 
-            IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
-            if (idpssoDescriptor != null) {
-                for (SingleSignOnService ssos: idpssoDescriptor.getSingleSignOnServices()) {
+        IDPSSODescriptor idpDescriptor = descriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
+        if (idpDescriptor != null) {
+            if (idpDescriptor.getSingleSignOnServices() != null) {
+                for (SingleSignOnService ssos : idpDescriptor.getSingleSignOnServices()) {
                     if (ssos.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
-                        this.idpSingleSignOnUrl = ssos.getLocation();
+                        idpMetadata.setSsoUrl(ssos.getLocation());
                     }
                 }
-
-                for (SingleLogoutService slos: idpssoDescriptor.getSingleLogoutServices()) {
+            }
+            if (idpDescriptor.getSingleLogoutServices() != null) {
+                for (SingleLogoutService slos : idpDescriptor.getSingleLogoutServices()) {
                     if (slos.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
-                        this.idpSingleLogOutUrl = slos.getLocation();
+                        idpMetadata.setSloUrl(slos.getLocation());
                     }
                 }
+            }
 
-                for (KeyDescriptor kd: idpssoDescriptor.getKeyDescriptors()) {
+            X509Certificate unspecifiedKey = null;
+            if (idpDescriptor.getKeyDescriptors() != null) {
+                for (KeyDescriptor kd : idpDescriptor.getKeyDescriptors()) {
                     if (kd.getUse() == UsageType.SIGNING) {
                         try {
-                            this.idpSigningKey = KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0);
+                            idpMetadata.setSigningCertificate(KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0));
                         } catch (CertificateException ignored) {
                         }
                     }
                     if (kd.getUse() == UsageType.ENCRYPTION) {
                         try {
-                            this.idpEncryptionKey = KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0);
+                            idpMetadata.setEncryptionCertificate(KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0));
+                        } catch (CertificateException ignored) {
+                        }
+                    }
+                    if (kd.getUse() == UsageType.UNSPECIFIED) {
+                        try {
+                            unspecifiedKey = KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0);
                         } catch (CertificateException ignored) {
                         }
                     }
                 }
+            }
+            if (idpMetadata.getSigningCertificate() == null && unspecifiedKey != null) {
+                idpMetadata.setSigningCertificate(unspecifiedKey);
+            }
+            if (idpMetadata.getEncryptionCertificate() == null && unspecifiedKey != null) {
+                idpMetadata.setEncryptionCertificate(unspecifiedKey);
+            }
+            if (idpMap.containsKey(idpMetadata.getEntityId())) {
+                s_logger.warn("Duplicate IdP metadata found with entity Id: " + idpMetadata.getEntityId());
+            }
+            idpMap.put(idpMetadata.getEntityId(), idpMetadata);
+        }
+    }
+
+    private void discoverAndAddIdp(XMLObject metadata, Map<String, SAMLProviderMetadata> idpMap) {
+        if (metadata instanceof EntityDescriptor) {
+            EntityDescriptor entityDescriptor = (EntityDescriptor) metadata;
+            addIdpToMap(entityDescriptor, idpMap);
+        } else if (metadata instanceof EntitiesDescriptor) {
+            EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata;
+            if (entitiesDescriptor.getEntityDescriptors() != null) {
+                for (EntityDescriptor entityDescriptor: entitiesDescriptor.getEntityDescriptors()) {
+                    addIdpToMap(entityDescriptor, idpMap);
+                }
+            }
+            if (entitiesDescriptor.getEntitiesDescriptors() != null) {
+                for (EntitiesDescriptor entitiesDescriptorInner: entitiesDescriptor.getEntitiesDescriptors()) {
+                    discoverAndAddIdp(entitiesDescriptorInner, idpMap);
+                }
+            }
+        }
+    }
+
+    class MetadataRefreshTask extends TimerTask {
+        @Override
+        public void run() {
+            if (_idpMetaDataProvider == null) {
+                return;
+            }
+            s_logger.debug("Starting SAML IDP Metadata Refresh Task");
+            Map <String, SAMLProviderMetadata> metadataMap = new HashMap<String, SAMLProviderMetadata>();
+            try {
+                discoverAndAddIdp(_idpMetaDataProvider.getMetadata(), metadataMap);
+                _idpMetadataMap = metadataMap;
+                expireTokens();
+                s_logger.debug("Finished refreshing SAML Metadata and expiring old auth tokens");
+            } catch (MetadataProviderException e) {
+                s_logger.warn("SAML Metadata Refresh task failed with exception: " + e.getMessage());
+            }
+
+        }
+    }
+
+    private boolean setup() {
+        if (!initSP()) {
+            s_logger.error("SAML Plugin failed to initialize, please fix the configuration and restart management server");
+            return false;
+        }
+        _timer = new Timer();
+        final HttpClient client = new HttpClient();
+        final String idpMetaDataUrl = SAMLIdentityProviderMetadataURL.value();
+        if (SAMLTimeout.value() != null && SAMLTimeout.value() > SAMLPluginConstants.SAML_REFRESH_INTERVAL) {
+            _refreshInterval = SAMLTimeout.value();
+        }
+        try {
+            DefaultBootstrap.bootstrap();
+            if (idpMetaDataUrl.startsWith("http")) {
+                _idpMetaDataProvider = new HTTPMetadataProvider(_timer, client, idpMetaDataUrl);
             } else {
-                s_logger.warn("Provided IDP XML Metadata does not contain IDPSSODescriptor, SAML authentication may not work");
+                File metadataFile = PropertiesUtil.findConfigFile(idpMetaDataUrl);
+                s_logger.debug("Provided Metadata is not a URL, trying to read metadata file from local path: " + metadataFile.getAbsolutePath());
+                _idpMetaDataProvider = new FilesystemMetadataProvider(_timer, metadataFile);
             }
+            _idpMetaDataProvider.setRequireValidMetadata(true);
+            _idpMetaDataProvider.setParserPool(new BasicParserPool());
+            _idpMetaDataProvider.initialize();
+            _timer.scheduleAtFixedRate(new MetadataRefreshTask(), 0, _refreshInterval * 1000);
         } catch (MetadataProviderException e) {
             s_logger.error("Unable to read SAML2 IDP MetaData URL, error:" + e.getMessage());
             s_logger.error("SAML2 Authentication may be unavailable");
@@ -204,70 +382,138 @@ private boolean setup() {
             s_logger.error("OpenSAML bootstrapping failed: error: " + e.getMessage());
         } catch (NullPointerException e) {
             s_logger.error("Unable to setup SAML Auth Plugin due to NullPointerException" +
-                    " please check the SAML IDP metadata URL and entity ID in global settings: " + e.getMessage());
-        }
-
-        if (this.idpSingleLogOutUrl == null || this.idpSingleSignOnUrl == null) {
-            s_logger.error("SAML based authentication won't work");
+                    " please check the SAML global settings: " + e.getMessage());
         }
-
         return true;
     }
 
     @Override
-    public List<Class<?>> getAuthCommands() {
-        List<Class<?>> cmdList = new ArrayList<Class<?>>();
-        if (!isSAMLPluginEnabled()) {
-            return cmdList;
+    public SAMLProviderMetadata getSPMetadata() {
+        return _spMetadata;
+    }
+
+    @Override
+    public SAMLProviderMetadata getIdPMetadata(String entityId) {
+        if (entityId != null && _idpMetadataMap.containsKey(entityId)) {
+            return _idpMetadataMap.get(entityId);
         }
-        cmdList.add(SAML2LoginAPIAuthenticatorCmd.class);
-        cmdList.add(SAML2LogoutAPIAuthenticatorCmd.class);
-        cmdList.add(GetServiceProviderMetaDataCmd.class);
-        return cmdList;
+        String defaultIdpId = SAMLDefaultIdentityProviderId.value();
+        if (defaultIdpId != null && _idpMetadataMap.containsKey(defaultIdpId)) {
+            return _idpMetadataMap.get(defaultIdpId);
+        }
+        // In case of a single IdP, return that as default
+        if (_idpMetadataMap.size() == 1) {
+            return _idpMetadataMap.values().iterator().next();
+        }
+        return null;
     }
 
-    public String getServiceProviderId() {
-        return serviceProviderId;
+    @Override
+    public Collection<SAMLProviderMetadata> getAllIdPMetadata() {
+        return _idpMetadataMap.values();
     }
 
-    public String getIdpSingleSignOnUrl() {
-        return this.idpSingleSignOnUrl;
+    @Override
+    public boolean isUserAuthorized(Long userId, String entityId) {
+        UserVO user = _userDao.getUser(userId);
+        if (user != null) {
+            if (user.getSource().equals(User.Source.SAML2) &&
+                    user.getExternalEntity().equalsIgnoreCase(entityId)) {
+                return true;
+            }
+        }
+        return false;
     }
 
-    public String getIdpSingleLogOutUrl() {
-        return this.idpSingleLogOutUrl;
+    @Override
+    public boolean authorizeUser(Long userId, String entityId, boolean enable) {
+        UserVO user = _userDao.getUser(userId);
+        if (user != null) {
+            if (enable) {
+                user.setExternalEntity(entityId);
+                user.setSource(User.Source.SAML2);
+            } else {
+                if (user.getSource().equals(User.Source.SAML2)) {
+                    user.setSource(User.Source.SAML2DISABLED);
+                } else {
+                    return false;
+                }
+            }
+            _userDao.update(user.getId(), user);
+            return true;
+        }
+        return false;
     }
 
-    public String getSpSingleSignOnUrl() {
-        return spSingleSignOnUrl;
+    @Override
+    public void saveToken(String authnId, String domainPath, String entity) {
+        Long domainId = null;
+        if (domainPath != null) {
+            Domain domain = _domainMgr.findDomainByPath(domainPath);
+            if (domain != null) {
+                domainId = domain.getId();
+            }
+        }
+        SAMLTokenVO token = new SAMLTokenVO(authnId, domainId, entity);
+        if (_samlTokenDao.findByUuid(authnId) == null) {
+            _samlTokenDao.persist(token);
+        } else {
+            s_logger.warn("Duplicate SAML token for entity=" + entity + " token id=" + authnId + " domain=" + domainPath);
+        }
     }
 
-    public String getSpSingleLogOutUrl() {
-        return spSingleLogOutUrl;
+    @Override
+    public SAMLTokenVO getToken(String authnId) {
+        return _samlTokenDao.findByUuid(authnId);
     }
 
-    public String getIdentityProviderId() {
-        return identityProviderId;
+    @Override
+    public void expireTokens() {
+        _samlTokenDao.expireTokens();
     }
 
-    public X509Certificate getIdpSigningKey() {
-        return idpSigningKey;
+    public Boolean isSAMLPluginEnabled() {
+        return SAMLIsPluginEnabled.value();
     }
 
-    public X509Certificate getIdpEncryptionKey() {
-        return idpEncryptionKey;
+    @Override
+    public String getConfigComponentName() {
+        return "SAML2-PLUGIN";
     }
 
-    public Boolean isSAMLPluginEnabled() {
-        return Boolean.valueOf(_configDao.getValue(Config.SAMLIsPluginEnabled.key()));
+    @Override
+    public List<Class<?>> getAuthCommands() {
+        List<Class<?>> cmdList = new ArrayList<Class<?>>();
+        if (!isSAMLPluginEnabled()) {
+            return cmdList;
+        }
+        cmdList.add(SAML2LoginAPIAuthenticatorCmd.class);
+        cmdList.add(SAML2LogoutAPIAuthenticatorCmd.class);
+        cmdList.add(GetServiceProviderMetaDataCmd.class);
+        cmdList.add(ListIdpsCmd.class);
+        return cmdList;
     }
 
-    public X509Certificate getSpX509Certificate() {
-        return spX509Key;
+    @Override
+    public List<Class<?>> getCommands() {
+        List<Class<?>> cmdList = new ArrayList<Class<?>>();
+        if (!isSAMLPluginEnabled()) {
+            return cmdList;
+        }
+        cmdList.add(AuthorizeSAMLSSOCmd.class);
+        cmdList.add(ListSamlAuthorizationCmd.class);
+        return cmdList;
     }
 
     @Override
-    public KeyPair getSpKeyPair() {
-        return spKeyPair;
+    public ConfigKey<?>[] getConfigKeys() {
+        return new ConfigKey<?>[] {
+                SAMLIsPluginEnabled, SAMLServiceProviderID,
+                SAMLServiceProviderContactPersonName, SAMLServiceProviderContactEmail,
+                SAMLServiceProviderOrgName, SAMLServiceProviderOrgUrl,
+                SAMLServiceProviderSingleSignOnURL, SAMLServiceProviderSingleLogOutURL,
+                SAMLCloudStackRedirectionUrl, SAMLUserAttributeName,
+                SAMLIdentityProviderMetadataURL, SAMLDefaultIdentityProviderId,
+                SAMLSignatureAlgorithm, SAMLTimeout};
     }
 }
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java
index 68bd81c18f..5c8a39088a 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java
@@ -21,12 +21,20 @@
 import com.cloud.user.dao.UserAccountDao;
 import com.cloud.user.dao.UserDao;
 import com.cloud.utils.Pair;
-import org.apache.cloudstack.utils.auth.SAMLUtils;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.log4j.Logger;
+import org.opensaml.DefaultBootstrap;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.xml.ConfigurationException;
+import org.opensaml.xml.io.UnmarshallingException;
+import org.xml.sax.SAXException;
 
 import javax.ejb.Local;
 import javax.inject.Inject;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.stream.FactoryConfigurationError;
+import java.io.IOException;
 import java.util.Map;
 
 @Local(value = {UserAuthenticator.class})
@@ -50,13 +58,23 @@ public Pair<Boolean, ActionOnFailedAuthentication> authenticate(String username,
         }
 
         final UserAccount userAccount = _userAccountDao.getUserAccount(username, domainId);
-        if (userAccount == null) {
-            s_logger.debug("Unable to find user with " + username + " in domain " + domainId);
+        if (userAccount == null || userAccount.getSource() != User.Source.SAML2) {
+            s_logger.debug("Unable to find user with " + username + " in domain " + domainId + ", or user source is not SAML2");
             return new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
         } else {
             User user = _userDao.getUser(userAccount.getId());
-            if (user != null && SAMLUtils.checkSAMLUser(user.getUuid(), username) &&
-                    requestParameters != null && requestParameters.containsKey(SAMLUtils.SAML_RESPONSE)) {
+            if (user != null && requestParameters != null && requestParameters.containsKey(SAMLPluginConstants.SAML_RESPONSE)) {
+                final String samlResponse = ((String[])requestParameters.get(SAMLPluginConstants.SAML_RESPONSE))[0];
+                Response responseObject = null;
+                try {
+                    DefaultBootstrap.bootstrap();
+                    responseObject = SAMLUtils.decodeSAMLResponse(samlResponse);
+                } catch (ConfigurationException | FactoryConfigurationError | ParserConfigurationException | SAXException | IOException | UnmarshallingException e) {
+                    return new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
+                }
+                if (!responseObject.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
+                    return new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
+                }
                 return new Pair<Boolean, ActionOnFailedAuthentication>(true, null);
             }
         }
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLPluginConstants.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLPluginConstants.java
new file mode 100644
index 0000000000..5f806e2f69
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLPluginConstants.java
@@ -0,0 +1,30 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+package org.apache.cloudstack.saml;
+
+public class SAMLPluginConstants {
+    public static final int SAML_REFRESH_INTERVAL = 300;
+
+    public static final String SAML_RESPONSE = "SAMLResponse";
+    public static final String SAML_IDPID = "SAML_IDPID";
+    public static final String SAML_SESSIONID = "SAML_SESSIONID";
+    public static final String SAML_NAMEID = "SAML_NAMEID";
+    public static final String SAMLSP_KEYPAIR = "SAMLSP_KEYPAIR";
+    public static final String SAMLSP_X509CERT = "SAMLSP_X509CERT";
+}
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLProviderMetadata.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLProviderMetadata.java
new file mode 100644
index 0000000000..c7138a1d79
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLProviderMetadata.java
@@ -0,0 +1,122 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package org.apache.cloudstack.saml;
+
+import java.security.KeyPair;
+import java.security.cert.X509Certificate;
+
+public class SAMLProviderMetadata {
+    private String entityId;
+    private String organizationName;
+    private String organizationUrl;
+    private String contactPersonName;
+    private String contactPersonEmail;
+    private String ssoUrl;
+    private String sloUrl;
+    private KeyPair keyPair;
+    private X509Certificate signingCertificate;
+    private X509Certificate encryptionCertificate;
+
+    public SAMLProviderMetadata() {
+    }
+
+    public void setCommonCertificate(X509Certificate certificate) {
+        this.signingCertificate = certificate;
+        this.encryptionCertificate = certificate;
+    }
+
+    public String getEntityId() {
+        return entityId;
+    }
+
+    public void setEntityId(String entityId) {
+        this.entityId = entityId;
+    }
+
+    public String getContactPersonName() {
+        return contactPersonName;
+    }
+
+    public void setContactPersonName(String contactPersonName) {
+        this.contactPersonName = contactPersonName;
+    }
+
+    public String getContactPersonEmail() {
+        return contactPersonEmail;
+    }
+
+    public void setContactPersonEmail(String contactPersonEmail) {
+        this.contactPersonEmail = contactPersonEmail;
+    }
+
+    public String getOrganizationName() {
+        return organizationName;
+    }
+
+    public void setOrganizationName(String organizationName) {
+        this.organizationName = organizationName;
+    }
+
+    public String getOrganizationUrl() {
+        return organizationUrl;
+    }
+
+    public void setOrganizationUrl(String organizationUrl) {
+        this.organizationUrl = organizationUrl;
+    }
+
+    public KeyPair getKeyPair() {
+        return keyPair;
+    }
+
+    public void setKeyPair(KeyPair keyPair) {
+        this.keyPair = keyPair;
+    }
+
+    public X509Certificate getSigningCertificate() {
+        return signingCertificate;
+    }
+
+    public void setSigningCertificate(X509Certificate signingCertificate) {
+        this.signingCertificate = signingCertificate;
+    }
+
+    public X509Certificate getEncryptionCertificate() {
+        return encryptionCertificate;
+    }
+
+    public void setEncryptionCertificate(X509Certificate encryptionCertificate) {
+        this.encryptionCertificate = encryptionCertificate;
+    }
+
+    public String getSsoUrl() {
+        return ssoUrl;
+    }
+
+    public void setSsoUrl(String ssoUrl) {
+        this.ssoUrl = ssoUrl;
+    }
+
+    public String getSloUrl() {
+        return sloUrl;
+    }
+
+    public void setSloUrl(String sloUrl) {
+        this.sloUrl = sloUrl;
+    }
+}
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenDao.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenDao.java
new file mode 100644
index 0000000000..b045562009
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenDao.java
@@ -0,0 +1,23 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.saml;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface SAMLTokenDao extends GenericDao<SAMLTokenVO, Long> {
+    public void expireTokens();
+}
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenDaoImpl.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenDaoImpl.java
new file mode 100644
index 0000000000..eb106d97ad
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenDaoImpl.java
@@ -0,0 +1,51 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.saml;
+
+import com.cloud.utils.db.DB;
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.TransactionLegacy;
+import com.cloud.utils.exception.CloudRuntimeException;
+import org.springframework.stereotype.Component;
+
+import javax.ejb.Local;
+import java.sql.PreparedStatement;
+
+@DB
+@Component
+@Local(value = {SAMLTokenDao.class})
+public class SAMLTokenDaoImpl extends GenericDaoBase<SAMLTokenVO, Long> implements SAMLTokenDao {
+
+    public SAMLTokenDaoImpl() {
+        super();
+    }
+
+    @Override
+    public void expireTokens() {
+        TransactionLegacy txn = TransactionLegacy.currentTxn();
+        try {
+            txn.start();
+            String sql = "DELETE FROM `saml_token` WHERE `created` < (NOW() - INTERVAL 1 HOUR)";
+            PreparedStatement pstmt = txn.prepareAutoCloseStatement(sql);
+            pstmt.executeUpdate();
+            txn.commit();
+        } catch (Exception e) {
+            txn.rollback();
+            throw new CloudRuntimeException("Unable to flush old SAML tokens due to exception", e);
+        }
+    }
+}
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenVO.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenVO.java
new file mode 100644
index 0000000000..c8ac2f1f43
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLTokenVO.java
@@ -0,0 +1,97 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.saml;
+
+import com.cloud.utils.db.GenericDao;
+import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.api.InternalIdentity;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+import java.util.Date;
+
+@Entity
+@Table(name = "saml_token")
+public class SAMLTokenVO implements Identity, InternalIdentity {
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @Column(name = "id")
+    private long id;
+
+    @Column(name = "uuid")
+    private String uuid;
+
+    @Column(name = "domain_id")
+    private Long domainId = null;
+
+    @Column(name = "entity")
+    private String entity = null;
+
+    @Column(name = GenericDao.CREATED_COLUMN)
+    private Date created;
+
+    public SAMLTokenVO() {
+    }
+
+    public SAMLTokenVO(String uuid, Long domainId, String entity) {
+        this.uuid = uuid;
+        this.domainId = domainId;
+        this.entity = entity;
+    }
+
+    @Override
+    public long getId() {
+        return id;
+    }
+
+    @Override
+    public String getUuid() {
+        return uuid;
+    }
+
+    public void setUuid(String uuid) {
+        this.uuid = uuid;
+    }
+
+    public Long getDomainId() {
+        return domainId;
+    }
+
+    public void setDomainId(long domainId) {
+        this.domainId = domainId;
+    }
+
+    public String getEntity() {
+        return entity;
+    }
+
+    public void setEntity(String entity) {
+        this.entity = entity;
+    }
+
+    public Date getCreated() {
+        return created;
+    }
+
+    public void setCreated(Date created) {
+        this.created = created;
+    }
+}
diff --git a/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
similarity index 72%
rename from utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
rename to plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
index a6d2d347be..0216ad7eb6 100644
--- a/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
@@ -17,37 +17,36 @@
 // under the License.
 //
 
-package org.apache.cloudstack.utils.auth;
+package org.apache.cloudstack.saml;
 
 import com.cloud.utils.HttpUtils;
-import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.log4j.Logger;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.x509.X509V1CertificateGenerator;
 import org.joda.time.DateTime;
 import org.joda.time.DateTimeZone;
 import org.opensaml.Configuration;
+import org.opensaml.DefaultBootstrap;
 import org.opensaml.common.SAMLVersion;
 import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.AttributeStatement;
+import org.opensaml.saml2.core.AuthnContext;
 import org.opensaml.saml2.core.AuthnContextClassRef;
 import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
 import org.opensaml.saml2.core.AuthnRequest;
 import org.opensaml.saml2.core.Issuer;
 import org.opensaml.saml2.core.LogoutRequest;
 import org.opensaml.saml2.core.NameID;
-import org.opensaml.saml2.core.NameIDPolicy;
-import org.opensaml.saml2.core.NameIDType;
 import org.opensaml.saml2.core.RequestedAuthnContext;
 import org.opensaml.saml2.core.Response;
-import org.opensaml.saml2.core.SessionIndex;
 import org.opensaml.saml2.core.impl.AuthnContextClassRefBuilder;
 import org.opensaml.saml2.core.impl.AuthnRequestBuilder;
 import org.opensaml.saml2.core.impl.IssuerBuilder;
 import org.opensaml.saml2.core.impl.LogoutRequestBuilder;
 import org.opensaml.saml2.core.impl.NameIDBuilder;
-import org.opensaml.saml2.core.impl.NameIDPolicyBuilder;
 import org.opensaml.saml2.core.impl.RequestedAuthnContextBuilder;
-import org.opensaml.saml2.core.impl.SessionIndexBuilder;
 import org.opensaml.xml.ConfigurationException;
 import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.io.Marshaller;
@@ -66,6 +65,7 @@
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.stream.FactoryConfigurationError;
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
@@ -90,67 +90,85 @@
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
+import java.util.List;
 import java.util.zip.Deflater;
 import java.util.zip.DeflaterOutputStream;
 
 public class SAMLUtils {
     public static final Logger s_logger = Logger.getLogger(SAMLUtils.class);
 
-    public static final String SAML_RESPONSE = "SAMLResponse";
-    public static final String SAML_NS = "SAML-";
-    public static final String SAML_NAMEID = "SAML_NAMEID";
-    public static final String SAML_SESSION = "SAML_SESSION";
-    public static final String SAMLSP_KEYPAIR = "SAMLSP_KEYPAIR";
-    public static final String SAMLSP_X509CERT = "SAMLSP_X509CERT";
+    public static String generateSecureRandomId() {
+        return new BigInteger(160, new SecureRandom()).toString(32);
+    }
 
-    public static String createSAMLId(String uid) {
-        if (uid == null)  {
+    public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) {
+        if (attributeStatements == null || attributeStatements.size() < 1 || attributeKey == null) {
             return null;
         }
-        String hash = DigestUtils.sha256Hex(uid);
-        String samlUuid = SAML_NS + hash;
-        return samlUuid.substring(0, 40);
+        for (AttributeStatement attributeStatement : attributeStatements) {
+            if (attributeStatement == null || attributeStatements.size() < 1) {
+                continue;
+            }
+            for (Attribute attribute : attributeStatement.getAttributes()) {
+                if (attribute.getAttributeValues() != null && attribute.getAttributeValues().size() > 0) {
+                    String value = attribute.getAttributeValues().get(0).getDOM().getTextContent();
+                    s_logger.debug("SAML attribute name: " + attribute.getName() + " friendly-name:" + attribute.getFriendlyName() + " value:" + value);
+                    if (attributeKey.equals(attribute.getName()) || attributeKey.equals(attribute.getFriendlyName())) {
+                        return value;
+                    }
+                }
+            }
+        }
+        return null;
     }
 
-    public static boolean checkSAMLUser(String uuid, String username) {
-        if (uuid == null || uuid.isEmpty() || username == null || username.isEmpty()) {
-            return false;
+    public static String getValueFromAssertions(final List<Assertion> assertions, final String attributeKey) {
+        if (assertions == null || attributeKey == null) {
+            return null;
         }
-        return uuid.startsWith(SAML_NS) && createSAMLId(username).equals(uuid);
+        for (Assertion assertion : assertions) {
+            String value = getValueFromAttributeStatements(assertion.getAttributeStatements(), attributeKey);
+            if (value != null) {
+                return value;
+            }
+        }
+        return null;
     }
 
-    public static String generateSecureRandomId() {
-        return new BigInteger(160, new SecureRandom()).toString(32);
+    public static String buildAuthnRequestUrl(final String authnId, final SAMLProviderMetadata spMetadata, final SAMLProviderMetadata idpMetadata, final String signatureAlgorithm) {
+        String redirectUrl = "";
+        try {
+            DefaultBootstrap.bootstrap();
+            AuthnRequest authnRequest = SAMLUtils.buildAuthnRequestObject(authnId, spMetadata.getEntityId(), idpMetadata.getSsoUrl(), spMetadata.getSsoUrl());
+            PrivateKey privateKey = null;
+            if (spMetadata.getKeyPair() != null) {
+                privateKey = spMetadata.getKeyPair().getPrivate();
+            }
+            redirectUrl = idpMetadata.getSsoUrl() + "?" + SAMLUtils.generateSAMLRequestSignature("SAMLRequest=" + SAMLUtils.encodeSAMLRequest(authnRequest), privateKey, signatureAlgorithm);
+        } catch (ConfigurationException | FactoryConfigurationError | MarshallingException | IOException | NoSuchAlgorithmException | InvalidKeyException | java.security.SignatureException e) {
+            s_logger.error("SAML AuthnRequest message building error: " + e.getMessage());
+        }
+        return redirectUrl;
     }
 
-    public static AuthnRequest buildAuthnRequestObject(String spId, String idpUrl, String consumerUrl) {
-        String authnId = generateSecureRandomId();
+    public static AuthnRequest buildAuthnRequestObject(final String authnId, final String spId, final String idpUrl, final String consumerUrl) {
         // Issuer object
         IssuerBuilder issuerBuilder = new IssuerBuilder();
         Issuer issuer = issuerBuilder.buildObject();
         issuer.setValue(spId);
 
-        // NameIDPolicy
-        NameIDPolicyBuilder nameIdPolicyBuilder = new NameIDPolicyBuilder();
-        NameIDPolicy nameIdPolicy = nameIdPolicyBuilder.buildObject();
-        nameIdPolicy.setFormat(NameIDType.PERSISTENT);
-        nameIdPolicy.setSPNameQualifier(spId);
-        nameIdPolicy.setAllowCreate(true);
-
         // AuthnContextClass
         AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
         AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(
                 SAMLConstants.SAML20_NS,
                 "AuthnContextClassRef", "saml");
-        authnContextClassRef.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
+        authnContextClassRef.setAuthnContextClassRef(AuthnContext.PPT_AUTHN_CTX);
 
-        // AuthnContex
+        // AuthnContext
         RequestedAuthnContextBuilder requestedAuthnContextBuilder = new RequestedAuthnContextBuilder();
         RequestedAuthnContext requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
-        requestedAuthnContext
-                .setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
-        requestedAuthnContext.getAuthnContextClassRefs().add(
-                authnContextClassRef);
+        requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
+        requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
 
         // Creation of AuthRequestObject
         AuthnRequestBuilder authRequestBuilder = new AuthnRequestBuilder();
@@ -160,36 +178,27 @@ public static AuthnRequest buildAuthnRequestObject(String spId, String idpUrl, S
         authnRequest.setVersion(SAMLVersion.VERSION_20);
         authnRequest.setForceAuthn(false);
         authnRequest.setIsPassive(false);
-        authnRequest.setIssuer(issuer);
         authnRequest.setIssueInstant(new DateTime());
-        authnRequest.setProtocolBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+        authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI);
         authnRequest.setAssertionConsumerServiceURL(consumerUrl);
         authnRequest.setProviderName(spId);
-        authnRequest.setNameIDPolicy(nameIdPolicy);
+        authnRequest.setIssuer(issuer);
         authnRequest.setRequestedAuthnContext(requestedAuthnContext);
 
         return authnRequest;
     }
 
-    public static LogoutRequest buildLogoutRequest(String logoutUrl, String spId, NameID sessionNameId, String sessionIndex) {
-        IssuerBuilder issuerBuilder = new IssuerBuilder();
-        Issuer issuer = issuerBuilder.buildObject();
+    public static LogoutRequest buildLogoutRequest(String logoutUrl, String spId, String nameIdString) {
+        Issuer issuer = new IssuerBuilder().buildObject();
         issuer.setValue(spId);
-
-        SessionIndex sessionIndexElement = new SessionIndexBuilder().buildObject();
-        sessionIndexElement.setSessionIndex(sessionIndex);
-
         NameID nameID = new NameIDBuilder().buildObject();
-        nameID.setValue(sessionNameId.getValue());
-        nameID.setFormat(sessionNameId.getFormat());
-
+        nameID.setValue(nameIdString);
         LogoutRequest logoutRequest = new LogoutRequestBuilder().buildObject();
         logoutRequest.setID(generateSecureRandomId());
         logoutRequest.setDestination(logoutUrl);
         logoutRequest.setVersion(SAMLVersion.VERSION_20);
         logoutRequest.setIssueInstant(new DateTime());
         logoutRequest.setIssuer(issuer);
-        logoutRequest.getSessionIndexes().add(sessionIndexElement);
         logoutRequest.setNameID(nameID);
         return logoutRequest;
     }
@@ -226,13 +235,28 @@ public static Response decodeSAMLResponse(String responseMessage)
         return (Response) unmarshaller.unmarshall(element);
     }
 
-    public static String generateSAMLRequestSignature(String urlEncodedString, PrivateKey signingKey)
+    public static String generateSAMLRequestSignature(final String urlEncodedString, final PrivateKey signingKey, final String sigAlgorithmName)
             throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, UnsupportedEncodingException {
         if (signingKey == null) {
             return urlEncodedString;
         }
-        String url = urlEncodedString + "&SigAlg=" + URLEncoder.encode(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1, HttpUtils.UTF_8);
-        Signature signature = Signature.getInstance("SHA1withRSA");
+
+        String opensamlAlgoIdSignature = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1;
+        String javaSignatureAlgorithmName = "SHA1withRSA";
+
+        if (sigAlgorithmName.equalsIgnoreCase("SHA256")) {
+            opensamlAlgoIdSignature = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256;
+            javaSignatureAlgorithmName = "SHA256withRSA";
+        } else if (sigAlgorithmName.equalsIgnoreCase("SHA384")) {
+            opensamlAlgoIdSignature = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA384;
+            javaSignatureAlgorithmName = "SHA384withRSA";
+        } else if (sigAlgorithmName.equalsIgnoreCase("SHA512")) {
+            opensamlAlgoIdSignature = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512;
+            javaSignatureAlgorithmName = "SHA512withRSA";
+        }
+
+        String url = urlEncodedString + "&SigAlg=" + URLEncoder.encode(opensamlAlgoIdSignature, HttpUtils.UTF_8);
+        Signature signature = Signature.getInstance(javaSignatureAlgorithmName);
         signature.initSign(signingKey);
         signature.update(url.getBytes());
         String signatureString = Base64.encodeBytes(signature.sign(), Base64.DONT_BREAK_LINES);
diff --git a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmdTest.java b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/GetServiceProviderMetaDataCmdTest.java
similarity index 78%
rename from plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmdTest.java
rename to plugins/user-authenticators/saml2/test/org/apache/cloudstack/GetServiceProviderMetaDataCmdTest.java
index cb16f0cc29..5b4d552223 100644
--- a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmdTest.java
+++ b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/GetServiceProviderMetaDataCmdTest.java
@@ -17,13 +17,15 @@
  * under the License.
  */
 
-package org.apache.cloudstack.api.command;
+package org.apache.cloudstack;
 
 import com.cloud.utils.HttpUtils;
 import org.apache.cloudstack.api.ApiServerService;
 import org.apache.cloudstack.api.auth.APIAuthenticationType;
+import org.apache.cloudstack.api.command.GetServiceProviderMetaDataCmd;
 import org.apache.cloudstack.saml.SAML2AuthManager;
-import org.apache.cloudstack.utils.auth.SAMLUtils;
+import org.apache.cloudstack.saml.SAMLProviderMetadata;
+import org.apache.cloudstack.saml.SAMLUtils;
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -36,6 +38,7 @@
 import javax.servlet.http.HttpSession;
 import java.lang.reflect.Field;
 import java.security.InvalidKeyException;
+import java.security.KeyPair;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.SignatureException;
@@ -75,20 +78,21 @@ public void testAuthenticate() throws NoSuchFieldException, SecurityException, I
 
         String spId = "someSPID";
         String url = "someUrl";
-        X509Certificate cert = SAMLUtils.generateRandomX509Certificate(SAMLUtils.generateRandomKeyPair());
-        Mockito.when(samlAuthManager.getServiceProviderId()).thenReturn(spId);
-        Mockito.when(samlAuthManager.getIdpSigningKey()).thenReturn(cert);
-        Mockito.when(samlAuthManager.getIdpSingleLogOutUrl()).thenReturn(url);
-        Mockito.when(samlAuthManager.getSpSingleLogOutUrl()).thenReturn(url);
+        KeyPair kp = SAMLUtils.generateRandomKeyPair();
+        X509Certificate cert = SAMLUtils.generateRandomX509Certificate(kp);
+
+        SAMLProviderMetadata providerMetadata = new SAMLProviderMetadata();
+        providerMetadata.setEntityId("random");
+        providerMetadata.setSigningCertificate(cert);
+        providerMetadata.setEncryptionCertificate(cert);
+        providerMetadata.setKeyPair(kp);
+        providerMetadata.setSsoUrl("http://test.local");
+        providerMetadata.setSloUrl("http://test.local");
+
+        Mockito.when(samlAuthManager.getSPMetadata()).thenReturn(providerMetadata);
 
         String result = cmd.authenticate("command", null, session, "random", HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp);
         Assert.assertTrue(result.contains("md:EntityDescriptor"));
-
-        Mockito.verify(samlAuthManager, Mockito.atLeast(1)).getServiceProviderId();
-        Mockito.verify(samlAuthManager, Mockito.atLeast(1)).getSpSingleSignOnUrl();
-        Mockito.verify(samlAuthManager, Mockito.atLeast(1)).getSpSingleLogOutUrl();
-        Mockito.verify(samlAuthManager, Mockito.never()).getIdpSingleSignOnUrl();
-        Mockito.verify(samlAuthManager, Mockito.never()).getIdpSingleLogOutUrl();
     }
 
     @Test
diff --git a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAML2UserAuthenticatorTest.java b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAML2UserAuthenticatorTest.java
index 83792c64d0..5b37388560 100644
--- a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAML2UserAuthenticatorTest.java
+++ b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAML2UserAuthenticatorTest.java
@@ -25,8 +25,8 @@
 import com.cloud.user.dao.UserAccountDao;
 import com.cloud.user.dao.UserDao;
 import com.cloud.utils.Pair;
+import org.apache.cloudstack.saml.SAMLPluginConstants;
 import org.apache.cloudstack.saml.SAML2UserAuthenticator;
-import org.apache.cloudstack.utils.auth.SAMLUtils;
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -68,8 +68,6 @@ public void authenticate() throws NoSuchFieldException, SecurityException, Illeg
         account.setId(1L);
 
         UserVO user = new UserVO();
-        user.setUuid(SAMLUtils.createSAMLId("someUID"));
-
         Mockito.when(userAccountDao.getUserAccount(Mockito.anyString(), Mockito.anyLong())).thenReturn(account);
         Mockito.when(userDao.getUser(Mockito.anyLong())).thenReturn(user);
 
@@ -81,9 +79,9 @@ public void authenticate() throws NoSuchFieldException, SecurityException, Illeg
         Assert.assertFalse(pair.first());
 
         // When there is SAMLRequest in params and user is same as the mocked one
-        params.put(SAMLUtils.SAML_RESPONSE, new Object[]{});
+        params.put(SAMLPluginConstants.SAML_RESPONSE, new String[]{"RandomString"});
         pair = authenticator.authenticate("someUID", "random", 1l, params);
-        Assert.assertTrue(pair.first());
+        Assert.assertFalse(pair.first());
 
         // When there is SAMLRequest in params but username is null
         pair = authenticator.authenticate(null, "random", 1l, params);
diff --git a/utils/test/org/apache/cloudstack/utils/auth/SAMLUtilsTest.java b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAMLUtilsTest.java
similarity index 66%
rename from utils/test/org/apache/cloudstack/utils/auth/SAMLUtilsTest.java
rename to plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAMLUtilsTest.java
index bebfd13044..bd87831913 100644
--- a/utils/test/org/apache/cloudstack/utils/auth/SAMLUtilsTest.java
+++ b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAMLUtilsTest.java
@@ -17,14 +17,13 @@
 // under the License.
 //
 
-package org.apache.cloudstack.utils.auth;
+package org.apache.cloudstack;
 
 import junit.framework.TestCase;
+import org.apache.cloudstack.saml.SAMLUtils;
 import org.junit.Test;
 import org.opensaml.saml2.core.AuthnRequest;
 import org.opensaml.saml2.core.LogoutRequest;
-import org.opensaml.saml2.core.NameID;
-import org.opensaml.saml2.core.impl.NameIDBuilder;
 
 import java.security.KeyPair;
 import java.security.PrivateKey;
@@ -32,18 +31,6 @@
 
 public class SAMLUtilsTest extends TestCase {
 
-    @Test
-    public void testSAMLId() throws Exception {
-        assertEquals(SAMLUtils.createSAMLId(null), null);
-        assertEquals(SAMLUtils.createSAMLId("someUserName"), "SAML-305e19dd2581f33fd90b3949298ec8b17de");
-
-        assertTrue(SAMLUtils.checkSAMLUser(SAMLUtils.createSAMLId("someUserName"), "someUserName"));
-        assertFalse(SAMLUtils.checkSAMLUser(SAMLUtils.createSAMLId("someUserName"), "someOtherUserName"));
-        assertFalse(SAMLUtils.checkSAMLUser(SAMLUtils.createSAMLId(null), "someOtherUserName"));
-        assertFalse(SAMLUtils.checkSAMLUser("randomUID", "randomUID"));
-        assertFalse(SAMLUtils.checkSAMLUser(null, null));
-    }
-
     @Test
     public void testGenerateSecureRandomId() throws Exception {
         assertTrue(SAMLUtils.generateSecureRandomId().length() > 0);
@@ -54,7 +41,8 @@ public void testBuildAuthnRequestObject() throws Exception {
         String consumerUrl = "http://someurl.com";
         String idpUrl = "http://idp.domain.example";
         String spId = "cloudstack";
-        AuthnRequest req = SAMLUtils.buildAuthnRequestObject(spId, idpUrl, consumerUrl);
+        String authnId = SAMLUtils.generateSecureRandomId();
+        AuthnRequest req = SAMLUtils.buildAuthnRequestObject(authnId, spId, idpUrl, consumerUrl);
         assertEquals(req.getAssertionConsumerServiceURL(), consumerUrl);
         assertEquals(req.getDestination(), idpUrl);
         assertEquals(req.getIssuer().getValue(), spId);
@@ -64,15 +52,10 @@ public void testBuildAuthnRequestObject() throws Exception {
     public void testBuildLogoutRequest() throws Exception {
         String logoutUrl = "http://logoutUrl";
         String spId = "cloudstack";
-        String sessionIndex = "12345";
-        String nameIdString = "someNameID";
-        NameID sessionNameId = new NameIDBuilder().buildObject();
-        sessionNameId.setValue(nameIdString);
-        LogoutRequest req = SAMLUtils.buildLogoutRequest(logoutUrl, spId, sessionNameId,  sessionIndex);
+        String nameId = "_12345";
+        LogoutRequest req = SAMLUtils.buildLogoutRequest(logoutUrl, spId, nameId);
         assertEquals(req.getDestination(), logoutUrl);
         assertEquals(req.getIssuer().getValue(), spId);
-        assertEquals(req.getNameID().getValue(), nameIdString);
-        assertEquals(req.getSessionIndexes().get(0).getSessionIndex(), sessionIndex);
     }
 
     @Test
diff --git a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmdTest.java b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmdTest.java
index 30ecc938af..00455b97e2 100644
--- a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmdTest.java
+++ b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmdTest.java
@@ -29,9 +29,10 @@
 import org.apache.cloudstack.api.BaseCmd;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.auth.APIAuthenticationType;
-import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
 import org.apache.cloudstack.saml.SAML2AuthManager;
-import org.apache.cloudstack.utils.auth.SAMLUtils;
+import org.apache.cloudstack.saml.SAMLPluginConstants;
+import org.apache.cloudstack.saml.SAMLProviderMetadata;
+import org.apache.cloudstack.saml.SAMLUtils;
 import org.joda.time.DateTime;
 import org.junit.Assert;
 import org.junit.Test;
@@ -43,6 +44,7 @@
 import org.opensaml.saml2.core.Assertion;
 import org.opensaml.saml2.core.AttributeStatement;
 import org.opensaml.saml2.core.AuthnStatement;
+import org.opensaml.saml2.core.Issuer;
 import org.opensaml.saml2.core.NameID;
 import org.opensaml.saml2.core.NameIDType;
 import org.opensaml.saml2.core.Response;
@@ -52,6 +54,7 @@
 import org.opensaml.saml2.core.impl.AssertionBuilder;
 import org.opensaml.saml2.core.impl.AttributeStatementBuilder;
 import org.opensaml.saml2.core.impl.AuthnStatementBuilder;
+import org.opensaml.saml2.core.impl.IssuerBuilder;
 import org.opensaml.saml2.core.impl.NameIDBuilder;
 import org.opensaml.saml2.core.impl.ResponseBuilder;
 import org.opensaml.saml2.core.impl.StatusBuilder;
@@ -62,6 +65,7 @@
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import java.lang.reflect.Field;
+import java.security.KeyPair;
 import java.security.cert.X509Certificate;
 import java.util.HashMap;
 import java.util.Map;
@@ -75,9 +79,6 @@ public class SAML2LoginAPIAuthenticatorCmdTest {
     @Mock
     SAML2AuthManager samlAuthManager;
 
-    @Mock
-    ConfigurationDao configDao;
-
     @Mock
     DomainManager domainMgr;
 
@@ -104,6 +105,9 @@ private Response buildMockResponse() throws Exception {
         samlMessage.setID("foo");
         samlMessage.setVersion(SAMLVersion.VERSION_20);
         samlMessage.setIssueInstant(new DateTime(0));
+        Issuer issuer = new IssuerBuilder().buildObject();
+        issuer.setValue("MockedIssuer");
+        samlMessage.setIssuer(issuer);
         Status status = new StatusBuilder().buildObject();
         StatusCode statusCode = new StatusCodeBuilder().buildObject();
         statusCode.setValue(StatusCode.SUCCESS_URI);
@@ -145,32 +149,33 @@ public void testAuthenticate() throws Exception {
         domainMgrField.setAccessible(true);
         domainMgrField.set(cmd, domainMgr);
 
-        Field configDaoField = SAML2LoginAPIAuthenticatorCmd.class.getDeclaredField("_configDao");
-        configDaoField.setAccessible(true);
-        configDaoField.set(cmd, configDao);
-
         Field userAccountDaoField = SAML2LoginAPIAuthenticatorCmd.class.getDeclaredField("_userAccountDao");
         userAccountDaoField.setAccessible(true);
         userAccountDaoField.set(cmd, userAccountDao);
 
         String spId = "someSPID";
         String url = "someUrl";
-        X509Certificate cert = SAMLUtils.generateRandomX509Certificate(SAMLUtils.generateRandomKeyPair());
-        Mockito.when(samlAuthManager.getServiceProviderId()).thenReturn(spId);
-        Mockito.when(samlAuthManager.getIdpSigningKey()).thenReturn(null);
-        Mockito.when(samlAuthManager.getIdpSingleSignOnUrl()).thenReturn(url);
-        Mockito.when(samlAuthManager.getSpSingleSignOnUrl()).thenReturn(url);
+        KeyPair kp = SAMLUtils.generateRandomKeyPair();
+        X509Certificate cert = SAMLUtils.generateRandomX509Certificate(kp);
+
+        SAMLProviderMetadata providerMetadata = new SAMLProviderMetadata();
+        providerMetadata.setEntityId("random");
+        providerMetadata.setSigningCertificate(cert);
+        providerMetadata.setEncryptionCertificate(cert);
+        providerMetadata.setKeyPair(kp);
+        providerMetadata.setSsoUrl("http://test.local");
+        providerMetadata.setSloUrl("http://test.local");
 
         Mockito.when(session.getAttribute(Mockito.anyString())).thenReturn(null);
-        Mockito.when(configDao.getValue(Mockito.anyString())).thenReturn("someString");
 
         Mockito.when(domain.getId()).thenReturn(1L);
         Mockito.when(domainMgr.getDomain(Mockito.anyString())).thenReturn(domain);
         UserAccountVO user = new UserAccountVO();
-        user.setUsername(SAMLUtils.createSAMLId("someUID"));
         user.setId(1000L);
         Mockito.when(userAccountDao.getUserAccount(Mockito.anyString(), Mockito.anyLong())).thenReturn(user);
         Mockito.when(apiServer.verifyUser(Mockito.anyLong())).thenReturn(false);
+        Mockito.when(samlAuthManager.getSPMetadata()).thenReturn(providerMetadata);
+        Mockito.when(samlAuthManager.getIdPMetadata(Mockito.anyString())).thenReturn(providerMetadata);
 
         Map<String, Object[]> params = new HashMap<String, Object[]>();
 
@@ -179,16 +184,14 @@ public void testAuthenticate() throws Exception {
         Mockito.verify(resp, Mockito.times(1)).sendRedirect(Mockito.anyString());
 
         // SSO SAMLResponse verification test, this should throw ServerApiException for auth failure
-        params.put(SAMLUtils.SAML_RESPONSE, new String[]{"Some String"});
+        params.put(SAMLPluginConstants.SAML_RESPONSE, new String[]{"Some String"});
         Mockito.stub(cmd.processSAMLResponse(Mockito.anyString())).toReturn(buildMockResponse());
         try {
             cmd.authenticate("command", params, session, "random", HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp);
         } catch (ServerApiException ignored) {
         }
-        Mockito.verify(configDao, Mockito.atLeastOnce()).getValue(Mockito.anyString());
-        Mockito.verify(domainMgr, Mockito.times(1)).getDomain(Mockito.anyString());
-        Mockito.verify(userAccountDao, Mockito.times(1)).getUserAccount(Mockito.anyString(), Mockito.anyLong());
-        Mockito.verify(apiServer, Mockito.times(1)).verifyUser(Mockito.anyLong());
+        Mockito.verify(userAccountDao, Mockito.times(0)).getUserAccount(Mockito.anyString(), Mockito.anyLong());
+        Mockito.verify(apiServer, Mockito.times(0)).verifyUser(Mockito.anyLong());
     }
 
     @Test
diff --git a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmdTest.java b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmdTest.java
index e9834c9dd1..eff4b296d6 100644
--- a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmdTest.java
+++ b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmdTest.java
@@ -22,9 +22,8 @@
 import com.cloud.utils.HttpUtils;
 import org.apache.cloudstack.api.ApiServerService;
 import org.apache.cloudstack.api.auth.APIAuthenticationType;
-import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
 import org.apache.cloudstack.saml.SAML2AuthManager;
-import org.apache.cloudstack.utils.auth.SAMLUtils;
+import org.apache.cloudstack.saml.SAMLUtils;
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -47,9 +46,6 @@ public class SAML2LogoutAPIAuthenticatorCmdTest {
     @Mock
     SAML2AuthManager samlAuthManager;
 
-    @Mock
-    ConfigurationDao configDao;
-
     @Mock
     HttpSession session;
 
@@ -71,19 +67,10 @@ public void testAuthenticate() throws Exception {
         managerField.setAccessible(true);
         managerField.set(cmd, samlAuthManager);
 
-        Field configDaoField = SAML2LogoutAPIAuthenticatorCmd.class.getDeclaredField("_configDao");
-        configDaoField.setAccessible(true);
-        configDaoField.set(cmd, configDao);
-
         String spId = "someSPID";
         String url = "someUrl";
         X509Certificate cert = SAMLUtils.generateRandomX509Certificate(SAMLUtils.generateRandomKeyPair());
-        Mockito.when(samlAuthManager.getServiceProviderId()).thenReturn(spId);
-        Mockito.when(samlAuthManager.getIdpSigningKey()).thenReturn(cert);
-        Mockito.when(samlAuthManager.getIdpSingleLogOutUrl()).thenReturn(url);
-        Mockito.when(samlAuthManager.getSpSingleLogOutUrl()).thenReturn(url);
         Mockito.when(session.getAttribute(Mockito.anyString())).thenReturn(null);
-        Mockito.when(configDao.getValue(Mockito.anyString())).thenReturn("someString");
 
         cmd.authenticate("command", null, session, "random", HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp);
         Mockito.verify(resp, Mockito.times(1)).sendRedirect(Mockito.anyString());
diff --git a/server/src/com/cloud/api/ApiServer.java b/server/src/com/cloud/api/ApiServer.java
index 6dcf48ad0a..2ab1f7c67f 100755
--- a/server/src/com/cloud/api/ApiServer.java
+++ b/server/src/com/cloud/api/ApiServer.java
@@ -1062,8 +1062,8 @@ public ResponseObject loginUser(final HttpSession session, final String username
             final SecureRandom sesssionKeyRandom = new SecureRandom();
             final byte sessionKeyBytes[] = new byte[20];
             sesssionKeyRandom.nextBytes(sessionKeyBytes);
-            final String sessionKey = Base64.encodeBase64String(sessionKeyBytes);
-            session.setAttribute("sessionkey", sessionKey);
+            final String sessionKey = Base64.encodeBase64URLSafeString(sessionKeyBytes);
+            session.setAttribute(ApiConstants.SESSIONKEY, sessionKey);
 
             return createLoginResponse(session);
         }
diff --git a/server/src/com/cloud/api/ApiServlet.java b/server/src/com/cloud/api/ApiServlet.java
index 8d34dfe730..2bffc77ad8 100644
--- a/server/src/com/cloud/api/ApiServlet.java
+++ b/server/src/com/cloud/api/ApiServlet.java
@@ -231,7 +231,7 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
                 userId = (Long)session.getAttribute("userid");
                 final String account = (String)session.getAttribute("account");
                 final Object accountObj = session.getAttribute("accountobj");
-                final String sessionKey = (String)session.getAttribute("sessionkey");
+                final String sessionKey = (String)session.getAttribute(ApiConstants.SESSIONKEY);
                 final String[] sessionKeyParam = (String[])params.get(ApiConstants.SESSIONKEY);
                 if ((sessionKeyParam == null) || (sessionKey == null) || !sessionKey.equals(sessionKeyParam[0])) {
                     try {
diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index fc529b5180..0d6a4e66f4 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -1362,78 +1362,6 @@ public enum Config {
             "300000",
             "The allowable clock difference in milliseconds between when an SSO login request is made and when it is received.",
             null),
-    SAMLIsPluginEnabled(
-            "Advanced",
-            ManagementServer.class,
-            Boolean.class,
-            "saml2.enabled",
-            "false",
-            "Set it to true to enable SAML SSO plugin",
-            null),
-    SAMLUserDomain(
-            "Advanced",
-            ManagementServer.class,
-            String.class,
-            "saml2.default.domainid",
-            "1",
-            "The default domain UUID to use when creating users from SAML SSO",
-            null),
-    SAMLCloudStackRedirectionUrl(
-            "Advanced",
-            ManagementServer.class,
-            String.class,
-            "saml2.redirect.url",
-            "http://localhost:8080/client",
-            "The CloudStack UI url the SSO should redirected to when successful",
-            null),
-    SAMLServiceProviderID(
-            "Advanced",
-            ManagementServer.class,
-            String.class,
-            "saml2.sp.id",
-            "org.apache.cloudstack",
-            "SAML2 Service Provider Identifier String",
-            null),
-    SAMLServiceProviderSingleSignOnURL(
-            "Advanced",
-            ManagementServer.class,
-            String.class,
-            "saml2.sp.sso.url",
-            "http://localhost:8080/client/api?command=samlSso",
-            "SAML2 CloudStack Service Provider Single Sign On URL",
-            null),
-    SAMLServiceProviderSingleLogOutURL(
-            "Advanced",
-            ManagementServer.class,
-            String.class,
-            "saml2.sp.slo.url",
-            "http://localhost:8080/client/api?command=samlSlo",
-            "SAML2 CloudStack Service Provider Single Log Out URL",
-            null),
-    SAMLIdentityProviderID(
-            "Advanced",
-            ManagementServer.class,
-            String.class,
-            "saml2.idp.id",
-            "https://openidp.feide.no",
-            "SAML2 Identity Provider Identifier String",
-            null),
-    SAMLIdentityProviderMetadataURL(
-            "Advanced",
-            ManagementServer.class,
-            String.class,
-            "saml2.idp.metadata.url",
-            "https://openidp.feide.no/simplesaml/saml2/idp/metadata.php",
-            "SAML2 Identity Provider Metadata XML Url",
-            null),
-    SAMLTimeout(
-            "Advanced",
-            ManagementServer.class,
-            Long.class,
-            "saml2.timeout",
-            "30000",
-            "SAML2 IDP Metadata Downloading and parsing etc. activity timeout in milliseconds",
-            null),
     //NetworkType("Hidden", ManagementServer.class, String.class, "network.type", "vlan", "The type of network that this deployment will use.", "vlan,direct"),
     RouterRamSize("Hidden", NetworkOrchestrationService.class, Integer.class, "router.ram.size", "256", "Default RAM for router VM (in MB).", null),
 
diff --git a/setup/db/db/schema-451to452-cleanup.sql b/setup/db/db/schema-451to452-cleanup.sql
new file mode 100644
index 0000000000..9f5e62a367
--- /dev/null
+++ b/setup/db/db/schema-451to452-cleanup.sql
@@ -0,0 +1,20 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements.  See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership.  The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License.  You may obtain a copy of the License at
+--
+--   http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied.  See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+
+--;
+-- Schema cleanup from 4.5.1 to 4.5.2;
+--;
diff --git a/setup/db/db/schema-451to452.sql b/setup/db/db/schema-451to452.sql
new file mode 100644
index 0000000000..5c89008a83
--- /dev/null
+++ b/setup/db/db/schema-451to452.sql
@@ -0,0 +1,35 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements.  See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership.  The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License.  You may obtain a copy of the License at
+--
+--   http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied.  See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+
+--;
+-- Schema upgrade from 4.5.1 to 4.5.2;
+--;
+
+DELETE FROM `cloud`.`configuration` WHERE name like 'saml%';
+
+ALTER TABLE `cloud`.`user` ADD COLUMN `external_entity` text DEFAULT NULL COMMENT "reference to external federation entity";
+
+DROP TABLE IF EXISTS `cloud`.`saml_token`;
+CREATE TABLE `cloud`.`saml_token` (
+  `id` bigint unsigned NOT NULL AUTO_INCREMENT,
+  `uuid` varchar(255) UNIQUE NOT NULL COMMENT 'The Authn Unique Id',
+  `domain_id` bigint unsigned DEFAULT NULL,
+  `entity` text NOT NULL COMMENT 'Identity Provider Entity Id',
+  `created` DATETIME NOT NULL,
+  PRIMARY KEY (`id`),
+  CONSTRAINT `fk_saml_token__domain_id` FOREIGN KEY(`domain_id`) REFERENCES `domain`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
diff --git a/tools/apidoc/gen_toc.py b/tools/apidoc/gen_toc.py
index 95f06c8c1a..4fac7ee379 100644
--- a/tools/apidoc/gen_toc.py
+++ b/tools/apidoc/gen_toc.py
@@ -115,6 +115,9 @@
     'logout': 'Authentication',
     'saml': 'Authentication',
     'getSPMetadata': 'Authentication',
+    'listIdps': 'Authentication',
+    'authorizeSamlSso': 'Authentication',
+    'listSamlAuthorization': 'Authentication',
     'Capacity': 'System Capacity',
     'NetworkDevice': 'Network Device',
     'ExternalLoadBalancer': 'Ext Load Balancer',
diff --git a/ui/css/cloudstack3.css b/ui/css/cloudstack3.css
index 0a2c57fdb3..ef33deae82 100644
--- a/ui/css/cloudstack3.css
+++ b/ui/css/cloudstack3.css
@@ -369,7 +369,7 @@ body.login {
 .login .select-language select {
   width: 260px;
   border: 1px solid #808080;
-  margin-top: 30px;
+  margin-top: 20px;
   /*+border-radius:4px;*/
   -moz-border-radius: 4px;
   -webkit-border-radius: 4px;
@@ -460,14 +460,12 @@ body.login {
   background: transparent url(../images/sprites.png) -563px -747px;
   cursor: pointer;
   border: none;
-  margin: 7px 120px 0 -1px;
   text-align: center;
   width: 60px;
   height: 15px;
   display: block;
   color: #FFFFFF;
   font-weight: bold;
-  float: left;
   text-indent: -1px;
   /*+text-shadow:0px 1px 2px #000000;*/
   -moz-text-shadow: 0px 1px 2px #000000;
@@ -12730,6 +12728,14 @@ div.ui-dialog div.autoscaler div.field-group div.form-container form div.form-it
   background-position: -196px -704px;
 }
 
+.configureSamlAuthorization .icon {
+  background-position: -165px -122px;
+}
+
+.configureSamlAuthorization:hover .icon {
+  background-position: -165px -704px;
+}
+
 .viewConsole .icon {
   background-position: -231px -2px;
 }
@@ -12953,13 +12959,6 @@ div.ui-dialog div.autoscaler div.field-group div.form-container form div.form-it
   border-radius: 4px;
   border-radius: 4px 4px 4px 4px;
   border: 1px solid #AFAFAF;
-  -moz-box-shadow: inset 0px 1px #727272;
-  -webkit-box-shadow: inset 0px 1px #727272;
-  -o-box-shadow: inset 0px 1px #727272;
-  box-shadow: inset 0px 1px #727272;
-  -moz-box-shadow: inset 0px 1px 0px #727272;
-  -webkit-box-shadow: inset 0px 1px 0px #727272;
-  -o-box-shadow: inset 0px 1px 0px #727272;
 }
 
 .manual-account-details > *:nth-child(even) {
diff --git a/ui/dictionary.jsp b/ui/dictionary.jsp
index 317acfa081..414dab8783 100644
--- a/ui/dictionary.jsp
+++ b/ui/dictionary.jsp
@@ -141,6 +141,7 @@ dictionary = {
 'label.action.cancel.maintenance.mode': '<fmt:message key="label.action.cancel.maintenance.mode" />',
 'label.action.cancel.maintenance.mode.processing': '<fmt:message key="label.action.cancel.maintenance.mode.processing" />',
 'label.action.change.password': '<fmt:message key="label.action.change.password" />',
+'label.action.configure.samlauthorization': '<fmt:message key="label.action.configure.samlauthorization" />',
 'label.action.change.service': '<fmt:message key="label.action.change.service" />',
 'label.action.change.service.processing': '<fmt:message key="label.action.change.service.processing" />',
 'label.action.copy.ISO': '<fmt:message key="label.action.copy.ISO" />',
@@ -761,7 +762,9 @@ dictionary = {
 'label.local.storage': '<fmt:message key="label.local.storage" />',
 'label.login': '<fmt:message key="label.login" />',
 'label.logout': '<fmt:message key="label.logout" />',
-'label.saml.login': '<fmt:message key="label.saml.login" />',
+'label.saml.enable': '<fmt:message key="label.saml.enable" />',
+'label.saml.entity': '<fmt:message key="label.saml.entity" />',
+'label.add.LDAP.account': '<fmt:message key="label.add.LDAP.account" />',
 'label.lun': '<fmt:message key="label.lun" />',
 'label.LUN.number': '<fmt:message key="label.LUN.number" />',
 'label.make.project.owner': '<fmt:message key="label.make.project.owner" />',
diff --git a/ui/index.jsp b/ui/index.jsp
index 4b601a57b0..c3bae19a54 100644
--- a/ui/index.jsp
+++ b/ui/index.jsp
@@ -51,28 +51,45 @@
                 <form>
                     <div class="logo"></div>
                     <div class="fields">
-                        <!-- User name -->
-                        <div class="field username">
-                            <label for="username"><fmt:message key="label.username"/></label>
-                            <input type="text" name="username" class="required" />
+                        <div id="login-dropdown">
+                            <select id="login-options" style="width: 260px">
+                                <option value="cloudstack-login">Local <fmt:message key="label.login"/></option>
+                            </select>
                         </div>
-                        <!-- Password -->
-                        <div class="field password">
-                            <label for="password"><fmt:message key="label.password"/></label>
-                            <input type="password" name="password" class="required" autocomplete="off" />
+
+                        <div id="cloudstack-login">
+                            <!-- User name -->
+                            <div class="field username">
+                                <label for="username"><fmt:message key="label.username"/></label>
+                                <input type="text" name="username" class="required" />
+                            </div>
+                            <!-- Password -->
+                            <div class="field password">
+                                <label for="password"><fmt:message key="label.password"/></label>
+                                <input type="password" name="password" class="required" autocomplete="off" />
+                            </div>
+                            <!-- Domain -->
+                            <div class="field domain">
+                                <label for="domain"><fmt:message key="label.domain"/></label>
+                                <input type="text" name="domain" />
+                            </div>
                         </div>
-                        <!-- Domain -->
-                        <div class="field domain">
-                            <label for="domain"><fmt:message key="label.domain"/></label>
-                            <input type="text" name="domain" />
+
+                        <div id="saml-login">
+                            <div class="field domain">
+                                <label for="saml-domain"><fmt:message key="label.domain"/></label>
+                                <input id="saml-domain" type="text" name="saml-domain" />
+                            </div>
+                        </div>
+
+                        <div id="login-submit">
+                            <!-- Submit (login) -->
+                            <input id="login-submit" type="submit" value="<fmt:message key="label.login"/>" />
                         </div>
-                        <!-- Submit (login) -->
-                        <input type="submit" value="<fmt:message key="label.login"/>" />
-                        <div id="saml-login"><input type="samlsubmit" value="<fmt:message key="label.saml.login"/>"/></div>
                         <!-- Select language -->
                         <div class="select-language">
                             <select name="language">
-                                <option value=""></option> <!-- when this blank option is selected, browser's default language will be used -->
+                                <option value=""></option> <!-- when this blank option is selected, default language of the browser will be used -->
                                 <option value="en"><fmt:message key="label.lang.english"/></option>
                                 <option value="ja_JP"><fmt:message key="label.lang.japanese"/></option>
                                 <option value="zh_CN"><fmt:message key="label.lang.chinese"/></option>
diff --git a/ui/scripts/accounts.js b/ui/scripts/accounts.js
index bb85ebf81e..ad8ee61def 100644
--- a/ui/scripts/accounts.js
+++ b/ui/scripts/accounts.js
@@ -1223,6 +1223,102 @@
                                 }
                             },
 
+                            configureSamlAuthorization: {
+                                label: 'label.action.configure.samlauthorization',
+                                messages: {
+                                    notification: function(args) {
+                                        return 'label.action.configure.samlauthorization';
+                                    }
+                                },
+                                action: {
+                                    custom: function(args) {
+                                        var start = args.start;
+                                        var complete = args.complete;
+                                        var context = args.context;
+
+                                        if (g_idpList) {
+                                            $.ajax({
+                                                url: createURL('listSamlAuthorization'),
+                                                data: {
+                                                    userid: context.users[0].id,
+                                                },
+                                                success: function(json) {
+                                                    var authorization = json.listsamlauthorizationsresponse.samlauthorization[0];
+                                                    cloudStack.dialog.createForm({
+                                                        form: {
+                                                            title: 'label.action.configure.samlauthorization',
+                                                            fields: {
+                                                                samlEnable: {
+                                                                    label: 'label.saml.enable',
+                                                                    docID: 'helpSamlEnable',
+                                                                    isBoolean: true,
+                                                                    isChecked: authorization.status,
+                                                                    validation: {
+                                                                        required: false
+                                                                    }
+                                                                },
+                                                                samlEntity: {
+                                                                    label: 'label.saml.entity',
+                                                                    docID: 'helpSamlEntity',
+                                                                    validation: {
+                                                                        required: false
+                                                                    },
+                                                                    select: function(args) {
+                                                                        var items = [];
+                                                                        $(g_idpList).each(function() {
+                                                                            items.push({
+                                                                                id: this.id,
+                                                                                description: this.orgName
+                                                                            });
+                                                                        });
+                                                                        args.response.success({
+                                                                            data: items
+                                                                        });
+                                                                        args.$select.change(function() {
+                                                                            $('select[name="samlEntity"] option[value="' + authorization.idpid  + '"]').attr("selected", "selected");
+                                                                        });
+                                                                    }
+                                                                }
+                                                            }
+                                                        },
+                                                        after: function(args) {
+                                                            start();
+                                                            var enableSaml = false;
+                                                            var idpId = '';
+                                                            if (args.data.hasOwnProperty('samlEnable')) {
+                                                                enableSaml = (args.data.samlEnable === 'on');
+                                                            }
+                                                            if (args.data.hasOwnProperty('samlEntity')) {
+                                                                idpId = args.data.samlEntity;
+                                                            }
+                                                            $.ajax({
+                                                                url: createURL('authorizeSamlSso'),
+                                                                data: {
+                                                                    userid: context.users[0].id,
+                                                                    enable: enableSaml,
+                                                                    entityid: idpId
+                                                                },
+                                                                type: "POST",
+                                                                success: function(json) {
+                                                                    complete();
+                                                                },
+                                                                error: function(json) {
+                                                                    complete({ error: parseXMLHttpResponse(json) });
+                                                                }
+                                                            });
+                                                        }
+                                                    });
+                                                },
+                                                error: function(json) {
+                                                    complete({ error: parseXMLHttpResponse(json) });
+                                                }
+                                            });
+
+                                        }
+                                    }
+                                }
+                            },
+
                             generateKeys: {
                                 label: 'label.action.generate.keys',
                                 messages: {
@@ -1520,6 +1616,9 @@
             allowedActions.push("edit");
             allowedActions.push("changePassword");
             allowedActions.push("generateKeys");
+            if (g_idpList) {
+                allowedActions.push("configureSamlAuthorization");
+            }
             if (!(jsonObj.domain == "ROOT" && jsonObj.account == "admin" && jsonObj.accounttype == 1)) { //if not system-generated default admin account user
                 if (jsonObj.state == "enabled")
                     allowedActions.push("disable");
@@ -1541,6 +1640,9 @@
                 
                 allowedActions.push("changePassword");
                 allowedActions.push("generateKeys");
+                if (g_idpList) {
+                    allowedActions.push("configureSamlAuthorization");
+                }
         	}        	
         }
         return allowedActions;
diff --git a/ui/scripts/accountsWizard.js b/ui/scripts/accountsWizard.js
index 82e7eabb39..7ea5eaa28b 100644
--- a/ui/scripts/accountsWizard.js
+++ b/ui/scripts/accountsWizard.js
@@ -162,8 +162,34 @@
                 validation: {
                     required: false
                 }
+            },
+            samlEnable: {
+                label: 'label.saml.enable',
+                docID: 'helpSamlEnable',
+                isBoolean: true,
+                validation: {
+                    required: false
+                }
+            },
+            samlEntity: {
+                label: 'label.saml.entity',
+                docID: 'helpSamlEntity',
+                validation: {
+                    required: false
+                },
+                select: function(args) {
+                    var items = [];
+                    $(g_idpList).each(function() {
+                        items.push({
+                            id: this.id,
+                            description: this.orgName
+                        });
+                    });
+                    args.response.success({
+                        data: items
+                    });
+                }
             }
-
         },
 
         action: function(args) {
@@ -218,6 +244,18 @@
                 array1.push("&group=" + args.groupname);
             }
 
+            var authorizeUsersForSamlSSO = function (users, entity) {
+                for (var i = 0; i < users.length; i++) {
+                    $.ajax({
+                        url: createURL('authorizeSamlSso&enable=true&userid=' + users[i].id + "&entityid=" + entity),
+                        error: function(XMLHttpResponse) {
+                            args.response.error(parseXMLHttpResponse(XMLHttpResponse));
+                        }
+                    });
+                }
+                return;
+            };
+
             if (ldapStatus) {
                 if (args.groupname) {
                     $.ajax({
@@ -225,6 +263,13 @@
                         dataType: "json",
                         type: "POST",
                         async: false,
+                        success: function (json) {
+                            if (json.ldapuserresponse && args.data.samlEnable && args.data.samlEnable === 'on') {
+                                cloudStack.dialog.notice({
+                                    message: "Unable to find users IDs to enable SAML Single Sign On, kindly enable it manually."
+                                });
+                            }
+                        },
                         error: function(XMLHttpResponse) {
                             args.response.error(parseXMLHttpResponse(XMLHttpResponse));
                         }
@@ -235,6 +280,14 @@
                         dataType: "json",
                         type: "POST",
                         async: false,
+                        success: function(json) {
+                            if (args.data.samlEnable && args.data.samlEnable === 'on') {
+                                var users = json.createaccountresponse.account.user;
+                                var entity = args.data.samlEntity;
+                                if (users && entity)
+                                    authorizeUsersForSamlSSO(users, entity);
+                            }
+                        },
                         error: function(XMLHttpResponse) {
                             args.response.error(parseXMLHttpResponse(XMLHttpResponse));
                         }
@@ -246,6 +299,14 @@
                     dataType: "json",
                     type: "POST",
                     async: false,
+                    success: function(json) {
+                        if (args.data.samlEnable && args.data.samlEnable === 'on') {
+                            var users = json.createaccountresponse.account.user;
+                            var entity = args.data.samlEntity;
+                            if (users && entity)
+                                authorizeUsersForSamlSSO(users, entity);
+                        }
+                    },
                     error: function(XMLHttpResponse) {
                         args.response.error(parseXMLHttpResponse(XMLHttpResponse));
                     }
diff --git a/ui/scripts/cloudStack.js b/ui/scripts/cloudStack.js
index 479b16246e..a701c41030 100644
--- a/ui/scripts/cloudStack.js
+++ b/ui/scripts/cloudStack.js
@@ -115,7 +115,7 @@
                             cookieValue = cookieValue.slice(1, cookieValue.length-1);
                             $.cookie(cookieName, cookieValue, { expires: 1 });
                         }
-                        return cookieValue;
+                        return decodeURIComponent(cookieValue);
                     };
                     unBoxCookieValue('sessionkey');
                     // if sessionkey cookie exists use this to set g_sessionKey
@@ -353,6 +353,17 @@
             },
 
             samlLoginAction: function(args) {
+                g_sessionKey = null;
+                g_username = null;
+                g_account = null;
+                g_domainid = null;
+                g_timezoneoffset = null;
+                g_timezone = null;
+                g_supportELB = null;
+                g_kvmsnapshotenabled = null;
+                g_regionsecondaryenabled = null;
+                g_loginCmdText = null;
+
                 $.cookie('JSESSIONID', null);
                 $.cookie('sessionkey', null);
                 $.cookie('username', null);
@@ -360,7 +371,14 @@
                 $.cookie('domainid', null);
                 $.cookie('role', null);
                 $.cookie('timezone', null);
-                window.location.href = createURL('samlSso');
+                var url = 'samlSso';
+                if (args.data.idpid) {
+                    url = url + '&idpid=' + args.data.idpid;
+                }
+                if (args.data.domain) {
+                    url = url + '&domain=' + args.data.domain;
+                }
+                window.location.href = createURL(url);
             },
 
             // Show cloudStack main UI widget
diff --git a/ui/scripts/docs.js b/ui/scripts/docs.js
index d38bcf7411..ed94ccc25f 100755
--- a/ui/scripts/docs.js
+++ b/ui/scripts/docs.js
@@ -1247,6 +1247,14 @@ cloudStack.docs = {
         desc: 'The group name from which you want to import LDAP users',
         externalLink: ''
     },
+    helpSamlEnable: {
+        desc: 'Enable SAML Single Sign On for the user(s)',
+        externalLink: ''
+    },
+    helpSamlEntity: {
+        desc: 'Choose the SAML Identity Provider Entity ID with which you want to enable the Single Sign On for the user(s)',
+        externalLink: ''
+    },
     helpVpcOfferingName: {
         desc: 'Any desired name for the VPC offering',
         externalLink: ''
diff --git a/ui/scripts/sharedFunctions.js b/ui/scripts/sharedFunctions.js
index 1e1514b0be..75860dc568 100644
--- a/ui/scripts/sharedFunctions.js
+++ b/ui/scripts/sharedFunctions.js
@@ -32,6 +32,7 @@ var g_regionsecondaryenabled = null;
 var g_userPublicTemplateEnabled = "true";
 var g_cloudstackversion = null;
 var g_queryAsyncJobResultInterval = 3000;
+var g_idpList = null;
 
 //keyboard keycode
 var keycode_Enter = 13;
diff --git a/ui/scripts/ui-custom/accountsWizard.js b/ui/scripts/ui-custom/accountsWizard.js
index 3259227d13..cfbe930b2a 100644
--- a/ui/scripts/ui-custom/accountsWizard.js
+++ b/ui/scripts/ui-custom/accountsWizard.js
@@ -271,6 +271,11 @@
                     delete args.informationNotInLdap.ldapGroupName;
                 }
 
+                if (g_idpList == null) {
+                    delete args.informationNotInLdap.samlEnable;
+                    delete args.informationNotInLdap.samlEntity;
+                }
+
                 var informationNotInLdap = cloudStack.dialog.createForm({
                     context: context,
                     noDialog: true,
diff --git a/ui/scripts/ui-custom/login.js b/ui/scripts/ui-custom/login.js
index 1f82c82998..bad40d2c12 100644
--- a/ui/scripts/ui-custom/login.js
+++ b/ui/scripts/ui-custom/login.js
@@ -94,54 +94,119 @@
         $inputs.filter(':first').addClass('first-input').focus();
 
         // Login action
-        $login.find('input[type=submit]').click(function() {
-            if (!$form.valid()) return false;
-
-            var data = cloudStack.serializeForm($form);
-
-            args.loginAction({
-                data: data,
-                response: {
-                    success: function(args) {
-                        $login.remove();
-                        $('html body').removeClass('login');
-                        complete({
-                            user: args.data.user
-                        });
-                    },
-                    error: function(args) {
-                        cloudStack.dialog.notice({
-                            message: args
-                        });
+        var selectedLogin = 'cloudstack';
+        $login.find('#login-submit').click(function() {
+            if (selectedLogin === 'cloudstack') {
+                // CloudStack Local Login
+                if (!$form.valid()) return false;
+
+                var data = cloudStack.serializeForm($form);
+
+                args.loginAction({
+                    data: data,
+                    response: {
+                        success: function(args) {
+                            $login.remove();
+                            $('html body').removeClass('login');
+                            complete({
+                                user: args.data.user
+                            });
+                        },
+                        error: function(args) {
+                            cloudStack.dialog.notice({
+                                message: args
+                            });
+                        }
                     }
-                }
-            });
-
+                });
+            } else if (selectedLogin === 'saml') {
+                // SAML
+                args.samlLoginAction({
+                    data: {'idpid': $login.find('#login-options').find(':selected').val(),
+                          'domain': $login.find('#saml-domain').val()}
+                });
+            }
             return false;
         });
 
-        // SAML Login action
-        $login.find('input[type=samlsubmit]').click(function() {
-            args.samlLoginAction({
-            });
+        // Show SAML button if only SP is configured
+        $login.find('#login-dropdown').hide();
+        $login.find('#saml-login').hide();
+        $login.find('#cloudstack-login').hide();
+
+        var toggleLoginView = function (selectedOption) {
+            $login.find('#login-submit').show();
+            if (selectedOption === '') {
+                    $login.find('#saml-login').hide();
+                    $login.find('#cloudstack-login').hide();
+                    $login.find('#login-submit').hide();
+                    selectedLogin = 'none';
+            } else if (selectedOption === 'cloudstack-login') {
+                    $login.find('#saml-login').hide();
+                    $login.find('#cloudstack-login').show();
+                    selectedLogin = 'cloudstack';
+            } else {
+                    $login.find('#saml-login').show();
+                    $login.find('#cloudstack-login').hide();
+                    selectedLogin = 'saml';
+            }
+        };
+
+        $login.find('#login-options').change(function() {
+            var selectedOption = $login.find('#login-options').find(':selected').val();
+            toggleLoginView(selectedOption);
+            if (selectedOption && selectedOption !== '') {
+                $.cookie('login-option', selectedOption);
+            }
         });
 
-        // Show SAML button if only SP is configured
-        $login.find("#saml-login").hide();
         $.ajax({
-            type: "GET",
-            url: createURL("getSPMetadata"),
-            dataType: "json",
+            type: 'GET',
+            url: createURL('listIdps'),
+            dataType: 'json',
             async: false,
             success: function(data, textStatus, xhr) {
                 if (xhr.status === 200) {
-                    $login.find('#saml-login').show();
+                    $login.find('#login-dropdown').show();
+                    $login.find('#login-submit').hide();
                 } else {
-                    $login.find('#saml-login').hide();
+                    $login.find('#cloudstack-login').show();
+                    $login.find('#login-submit').show();
+                    return;
+                }
+
+                $login.find('#login-options')
+                    .append($('<option>', {
+                        value: '',
+                        text: '--- Select Identity Provider -- ',
+                        selected: true
+                    }));
+
+                if (data.listidpsresponse && data.listidpsresponse.idp) {
+                    var idpList = data.listidpsresponse.idp.sort(function (a, b) {
+                        return a.orgName.localeCompare(b.orgName);
+                    });
+                    g_idpList = idpList;
+                    $.each(idpList, function(index, idp) {
+                        $login.find('#login-options')
+                            .append($('<option>', {
+                                value: idp.id,
+                                text: idp.orgName
+                            }));
+                    });
+                }
+
+                var loginOption = $.cookie('login-option');
+                if (loginOption) {
+                    var option = $login.find('#login-options option[value="' + loginOption + '"]');
+                    if (option.length > 0) {
+                        option.prop('selected', true);
+                        toggleLoginView(loginOption);
+                    }
                 }
             },
             error: function(xhr) {
-                $login.find('#saml-login').hide();
+                $login.find('#cloudstack-login').show();
             },
         });
 

From e50547a3ea558f9ab6a1e396dd32b7a4149b32e1 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 29 Jun 2015 18:33:22 +0200
Subject: [PATCH 019/115] engine/storage/snapshot: Fix NPE when parent could be
 null

Fixed potential NPE in SnapshotServiceImpl where parent snapshot is null

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../cloudstack/storage/snapshot/SnapshotServiceImpl.java     | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/SnapshotServiceImpl.java b/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/SnapshotServiceImpl.java
index 5a8afc6893..4c76cda9fd 100644
--- a/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/SnapshotServiceImpl.java
+++ b/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/SnapshotServiceImpl.java
@@ -237,7 +237,10 @@ private DataStore findSnapshotImageStore(SnapshotInfo snapshot) {
             // Note that DataStore information in parentSnapshot is for primary
             // data store here, we need to
             // find the image store where the parent snapshot backup is located
-            SnapshotDataStoreVO parentSnapshotOnBackupStore = _snapshotStoreDao.findBySnapshot(parentSnapshot.getId(), DataStoreRole.Image);
+            SnapshotDataStoreVO parentSnapshotOnBackupStore = null;
+            if (parentSnapshot != null) {
+                parentSnapshotOnBackupStore = _snapshotStoreDao.findBySnapshot(parentSnapshot.getId(), DataStoreRole.Image);
+            }
             if (parentSnapshotOnBackupStore == null) {
                 return dataStoreMgr.getImageStore(snapshot.getDataCenterId());
             }

From ba750293cc8a4e32c65e7dbb6dab138556ce5736 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 29 Jun 2015 18:34:19 +0200
Subject: [PATCH 020/115] XenserverSnapshotStrategy: check if primary is null
 before proceeding in backupSnapshot

In backupSnapshot, it checks for snapshot in primary but does not check in advance if
it is null.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../cloudstack/storage/snapshot/XenserverSnapshotStrategy.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/XenserverSnapshotStrategy.java b/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/XenserverSnapshotStrategy.java
index 51f75bd0c3..aefb128d68 100644
--- a/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/XenserverSnapshotStrategy.java
+++ b/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/XenserverSnapshotStrategy.java
@@ -111,8 +111,9 @@ public SnapshotInfo backupSnapshot(SnapshotInfo snapshot) {
 
         boolean fullBackup = true;
         SnapshotDataStoreVO parentSnapshotOnBackupStore = snapshotStoreDao.findLatestSnapshotForVolume(snapshot.getVolumeId(), DataStoreRole.Image);
+        SnapshotDataStoreVO parentSnapshotOnPrimaryStore = snapshotStoreDao.findLatestSnapshotForVolume(snapshot.getVolumeId(), DataStoreRole.Primary);
         HypervisorType hypervisorType = snapshot.getBaseVolume().getHypervisorType();
-        if (parentSnapshotOnBackupStore != null && hypervisorType == Hypervisor.HypervisorType.XenServer) { // CS does incremental backup only for XenServer
+        if (parentSnapshotOnBackupStore != null && parentSnapshotOnPrimaryStore != null && hypervisorType == Hypervisor.HypervisorType.XenServer) { // CS does incremental backup only for XenServer
 
             // In case of volume migration from one pool to other pool, CS should take full snapshot to avoid any issues with delta chain,
             // to check if this is a migrated volume, compare the current pool id of volume and store_id of oldest snapshot on primary for this volume.

From 2777caddbb58dfdfe66d1b061103f20cef5f3ccf Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 1 Jul 2015 12:45:52 +0200
Subject: [PATCH 021/115] appliance: bump systemvm template version to 4.5.2

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 tools/appliance/definitions/systemvm64template/postinstall.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/appliance/definitions/systemvm64template/postinstall.sh b/tools/appliance/definitions/systemvm64template/postinstall.sh
index ca2140e700..94df8bcd1e 100644
--- a/tools/appliance/definitions/systemvm64template/postinstall.sh
+++ b/tools/appliance/definitions/systemvm64template/postinstall.sh
@@ -19,7 +19,7 @@ set -x
 
 ROOTPW=password
 HOSTNAME=systemvm
-CLOUDSTACK_RELEASE=4.5.1
+CLOUDSTACK_RELEASE=4.5.2
 
 add_backports () {
     sed -i '/backports/d' /etc/apt/sources.list

From 7eac6310bc1f67e8c61980d43cd31586032503ee Mon Sep 17 00:00:00 2001
From: Koushik Das <koushik@apache.org>
Date: Wed, 1 Jul 2015 23:17:46 +0530
Subject: [PATCH 022/115] CLOUDSTACK-8603: Random list VM failures at scale
 (more than 1000 VMs) when VM has resource tags There is no 'removed' field on
 the resource_tags table. So 'id' based search may return a record or null in
 case record is deleted. Added a check for null or empty in search resource
 tags based on 'id'.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #551

(cherry picked from commit 5d9f851deb1a12e4a07297353ea715f9cf13e677)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../api/query/dao/ResourceTagJoinDaoImpl.java | 20 +++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/server/src/com/cloud/api/query/dao/ResourceTagJoinDaoImpl.java b/server/src/com/cloud/api/query/dao/ResourceTagJoinDaoImpl.java
index a496753d1d..3ec10dd839 100644
--- a/server/src/com/cloud/api/query/dao/ResourceTagJoinDaoImpl.java
+++ b/server/src/com/cloud/api/query/dao/ResourceTagJoinDaoImpl.java
@@ -149,20 +149,24 @@ public List<ResourceTagJoinVO> searchByIds(Long... tagIds) {
     public ResourceTagJoinVO searchById(Long id) {
         SearchCriteria<ResourceTagJoinVO> sc = tagIdSearch.create();
         sc.setParameters("id", id);
-        List<ResourceTagJoinVO> vms = searchIncludingRemoved(sc, null, null, false);
-        assert vms != null && vms.size() == 1 : "No tag found for tag id " + id;
-        return vms.get(0);
+        List<ResourceTagJoinVO> tags = searchIncludingRemoved(sc, null, null, false);
+        if (tags != null && tags.size() > 0) {
+            return tags.get(0);
+        } else {
+            return null;
+        }
     }
 
     @Override
     public ResourceTagJoinVO newResourceTagView(ResourceTag vr) {
-
         SearchCriteria<ResourceTagJoinVO> sc = tagIdSearch.create();
         sc.setParameters("id", vr.getId());
-        List<ResourceTagJoinVO> vms = searchIncludingRemoved(sc, null, null, false);
-        assert vms != null && vms.size() == 1 : "No tag found for tag id " + vr.getId();
-        return vms.get(0);
-
+        List<ResourceTagJoinVO> tags = searchIncludingRemoved(sc, null, null, false);
+        if (tags != null && tags.size() > 0) {
+            return tags.get(0);
+        } else {
+            return null;
+        }
     }
 
 }

From 4de4a0f3dd8db48c2cd3f2367e9970b9ca5561b0 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Tue, 7 Jul 2015 15:01:12 +0530
Subject: [PATCH 023/115] CLOUDSTACK-8621: Allow UI plugins to be shown on
 navigation bar

Introduces a boolean option in UI plugins setting it to 'true' would display
the UI plugin on the left navigation bar.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #563

(cherry picked from commit 7c206c30a58471ecb8ffafc3627ad296d0b06538)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/plugins/testPlugin/testPlugin.js | 1 +
 ui/scripts/cloudStack.js            | 9 ++++++---
 ui/scripts/ui/core.js               | 4 ++--
 3 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/ui/plugins/testPlugin/testPlugin.js b/ui/plugins/testPlugin/testPlugin.js
index e340ae5b8e..66ce56f8d3 100644
--- a/ui/plugins/testPlugin/testPlugin.js
+++ b/ui/plugins/testPlugin/testPlugin.js
@@ -19,6 +19,7 @@
     plugin.ui.addSection({
       id: 'testPlugin',
       title: 'TestPlugin',
+      showOnNavigation: true,
       preFilter: function(args) {
         return isAdmin();
       },
diff --git a/ui/scripts/cloudStack.js b/ui/scripts/cloudStack.js
index a701c41030..feb6e26628 100644
--- a/ui/scripts/cloudStack.js
+++ b/ui/scripts/cloudStack.js
@@ -31,9 +31,12 @@
                 sections = ["dashboard", "instances", "storage", "network", "templates", "accounts", "events", "regions", "affinityGroups"];
             }
 
-            if (cloudStack.plugins.length) {
-                sections.push('plugins');
-            }
+            $.each(cloudStack.plugins, function(idx, plugin) {
+                if (cloudStack.sections.hasOwnProperty(plugin) && !cloudStack.sections[plugin].showOnNavigation) {
+                    sections.push('plugins');
+                    return false;
+                }
+            });
 
             return sections;
         },
diff --git a/ui/scripts/ui/core.js b/ui/scripts/ui/core.js
index 6912d1b32e..e64f386b2c 100644
--- a/ui/scripts/ui/core.js
+++ b/ui/scripts/ui/core.js
@@ -61,7 +61,7 @@
                 );
             }
 
-            if (args.isPlugin) {
+            if (args.isPlugin && !args.showOnNavigation) {
                 $li.hide();
             }
 
@@ -88,7 +88,7 @@
             return $(this).hasClass(sectionID);
         });
         var data = args.sections[sectionID];
-        var isPlugin = data.isPlugin;
+        var isPlugin = data.isPlugin && !data.showOnNavigation;
 
         data.$browser = $browser;
 

From a2ddf2773ebfdc3995b5934a1396c0a23f3441e7 Mon Sep 17 00:00:00 2001
From: Ilya Musayev <ilya@apache.org>
Date: Fri, 10 Jul 2015 06:57:53 +0530
Subject: [PATCH 024/115] CLOUDSTACK-8624: Added the support for mysql db port
 and lowered the requiremnts for available disk capacity to 2.1GB VS original
 5GB as it was too excessive.

---
 .../storage/secondary/cloud-install-sys-tmplt | 23 ++++++++++++-------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/scripts/storage/secondary/cloud-install-sys-tmplt b/scripts/storage/secondary/cloud-install-sys-tmplt
index 96b11de41d..160c874708 100755
--- a/scripts/storage/secondary/cloud-install-sys-tmplt
+++ b/scripts/storage/secondary/cloud-install-sys-tmplt
@@ -20,7 +20,7 @@
 
 
 usage() {
-  printf "Usage: %s: -m <secondary storage mount point> -f <system vm template file> [-h <hypervisor name: kvm|vmware|xenserver|hyperv> ] [ -s <mgmt server secret key, if you specified any when running cloudstack-setup-database, default is password>][-u <Url to system vm template>] [-F <clean up system templates of specified hypervisor>] [-e <Template suffix, e.g vhd, ova, qcow2>] [-o <Database server hostname or ip, e.g localhost>] [-r <Database user name, e.g root>] [-d <Database password. Fllowed by nothing if the password is empty>]\n" $(basename $0) >&2
+  printf "Usage: %s: -m <secondary storage mount point> -f <system vm template file> [-h <hypervisor name: kvm|vmware|xenserver|hyperv> ] [ -s <mgmt server secret key, if you specified any when running cloudstack-setup-database, default is password>][-u <Url to system vm template>] [-F <clean up system templates of specified hypervisor>] [-e <Template suffix, e.g vhd, ova, qcow2>] [-o <Database server hostname or ip, e.g localhost>] [-r <Database user name, e.g root>] [-p <mysql database port>] [-d <Database password. Fllowed by nothing if the password is empty>]\n" $(basename $0) >&2
   printf "or\n" >&2
   printf "%s: -m <secondary storage mount point> -u <http url for system vm template> [-h <hypervisor name: kvm|vmware|xenserver|hyperv> ] [ -s <mgmt server secret key>]\n" $(basename $0) >&2
 }
@@ -36,12 +36,13 @@ ext="vhd"
 templateId=
 hyper=
 msKey=password
-DISKSPACE=5120000  #free disk space required in kilobytes
+DISKSPACE=2120000  #free disk space required in kilobytes
 dbHost=
 dbUser=
 dbPassword=
+dbPort=
 jasypt='/usr/share/cloudstack-common/lib/jasypt-1.9.0.jar'
-while getopts 'm:h:f:u:Ft:e:s:o:r:d:' OPTION
+while getopts 'm:h:f:u:Ft:e:s:o:r:d:p:'# OPTION
 do
   case $OPTION in
   m)	mflag=1
@@ -72,6 +73,9 @@ do
   d)    dflag=1
         dbPassword="$OPTARG"
                 ;;
+  p)    pflag=1
+        dbPort="$OPTARG"
+                ;;
   ?)	usage
 		failed 2
 		;;
@@ -102,6 +106,9 @@ then
   failed 3
 fi
 
+if [ "$pflag" != 1 ]; then
+    dbPort=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.port'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+fi
 
 if [ "$oflag" != 1 ]; then
     dbHost=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.host'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
@@ -148,23 +155,23 @@ then
    if [ "$hyper" == "kvm" ]
    then
       ext="qcow2"
-      templateId=(`mysql -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"KVM\" and removed is null"`)
+      templateId=(`mysql -P $dbPort -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"KVM\" and removed is null"`)
    elif [ "$hyper" == "xenserver" ]
    then
       ext="vhd"
-      templateId=(`mysql -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"XenServer\" and removed is null"`)
+      templateId=(`mysql -P $dbPort -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"XenServer\" and removed is null"`)
    elif [ "$hyper" == "vmware" ]
    then
       ext="ova"
-      templateId=(`mysql -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"VMware\" and removed is null"`)
+      templateId=(`mysql -P $dbPort -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"VMware\" and removed is null"`)
    elif [ "$hyper" == "lxc" ]
    then
       ext="qcow2"
-      templateId=(`mysql -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"LXC\" and removed is null"`)
+      templateId=(`mysql -P $dbPort -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"LXC\" and removed is null"`)
    elif [ "$hyper" == "hyperv" ]
    then
       ext="vhd"
-      templateId=(`mysql -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"Hyperv\" and removed is null"`)
+      templateId=(`mysql -P $dbPort -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"Hyperv\" and removed is null"`)
    else
       usage
       failed 2

From 12edad3e202472961da7bc435e693ca781a59313 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Fri, 10 Jul 2015 02:28:30 +0530
Subject: [PATCH 025/115] CLOUDSTACK-8622: Reinstate working sessions in
 browser

- Login is based on sessionkey HttpOnly Cookie
- ApiServlet does login verification using sessionKey from both the request cookies
  and the API parameters. In both cases, if either or both are passed they should
  match the sessionKey stored in the current session of the HttpRequest
- UI: it no longer needs to read or set sessionkey cookie
- UI: it no longer needs to return g_sessionKey value in the API requests, though
  to support a sso mechanism g_sessionKey is still passed in the API is not null
- Secure jsessionid cookie is set to be HttpOnly and Secure
- SAML login should also set HttpOnly cookie before redirecting to UI
- SAML: listIdps & getSPMetadata APIs are readonly now, won't log out a logged in user

Performed tests (login, saml login if applicable, page refreshes, opening
multiple tabs, logout) with following combinations:
- SAML disabled, normal auth as admin, domain-admin and user
- SAML enabled, normal auth as admin, domain-admin and user; and saml sso as
  admin, domain-admin and user

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #574
This closes #308
---
 .../api/auth/APIAuthenticationType.java       |  2 +-
 .../GetServiceProviderMetaDataCmd.java        |  2 +-
 .../cloudstack/api/command/ListIdpsCmd.java   |  2 +-
 .../SAML2LoginAPIAuthenticatorCmd.java        |  2 +-
 .../GetServiceProviderMetaDataCmdTest.java    |  2 +-
 .../SAML2LoginAPIAuthenticatorCmdTest.java    |  2 +-
 server/src/com/cloud/api/ApiServlet.java      | 60 +++++++-----
 ui/scripts/cloudStack.js                      | 92 ++++++++++---------
 ui/scripts/sharedFunctions.js                 |  5 +-
 ui/scripts/ui-custom/login.js                 | 78 +++++++---------
 utils/src/com/cloud/utils/HttpUtils.java      |  3 +
 11 files changed, 128 insertions(+), 122 deletions(-)

diff --git a/api/src/org/apache/cloudstack/api/auth/APIAuthenticationType.java b/api/src/org/apache/cloudstack/api/auth/APIAuthenticationType.java
index e8c7f0f5ed..fac969dbfc 100644
--- a/api/src/org/apache/cloudstack/api/auth/APIAuthenticationType.java
+++ b/api/src/org/apache/cloudstack/api/auth/APIAuthenticationType.java
@@ -17,5 +17,5 @@
 package org.apache.cloudstack.api.auth;
 
 public enum APIAuthenticationType {
-    LOGIN_API, LOGOUT_API
+    LOGIN_API, LOGOUT_API, READONLY_API
 }
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
index 3a52151394..ffaad7af75 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
@@ -255,7 +255,7 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
 
     @Override
     public APIAuthenticationType getAPIType() {
-        return APIAuthenticationType.LOGIN_API;
+        return APIAuthenticationType.READONLY_API;
     }
 
     @Override
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
index 7d7c95ef59..43ecfc591c 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
@@ -97,7 +97,7 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
 
     @Override
     public APIAuthenticationType getAPIType() {
-        return APIAuthenticationType.LOGIN_API;
+        return APIAuthenticationType.READONLY_API;
     }
 
     @Override
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index b05ebf656a..d4940ecb83 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -326,13 +326,13 @@ public String authenticate(final String command, final Map<String, Object[]> par
                             resp.addCookie(new Cookie("domainid", URLEncoder.encode(loginResponse.getDomainId(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("role", URLEncoder.encode(loginResponse.getType(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("username", URLEncoder.encode(loginResponse.getUsername(), HttpUtils.UTF_8)));
-                            resp.addCookie(new Cookie(ApiConstants.SESSIONKEY, URLEncoder.encode(loginResponse.getSessionKey(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("account", URLEncoder.encode(loginResponse.getAccount(), HttpUtils.UTF_8)));
                             String timezone = loginResponse.getTimeZone();
                             if (timezone != null) {
                                 resp.addCookie(new Cookie("timezone", URLEncoder.encode(timezone, HttpUtils.UTF_8)));
                             }
                             resp.addCookie(new Cookie("userfullname", URLEncoder.encode(loginResponse.getFirstName() + " " + loginResponse.getLastName(), HttpUtils.UTF_8).replace("+", "%20")));
+                            resp.addHeader("SET-COOKIE", String.format("%s=%s;HttpOnly", ApiConstants.SESSIONKEY, loginResponse.getSessionKey()));
                             resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
                             return ApiResponseSerializer.toSerializedString(loginResponse, responseType);
                         }
diff --git a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/GetServiceProviderMetaDataCmdTest.java b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/GetServiceProviderMetaDataCmdTest.java
index 5b4d552223..0b176712cd 100644
--- a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/GetServiceProviderMetaDataCmdTest.java
+++ b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/GetServiceProviderMetaDataCmdTest.java
@@ -97,6 +97,6 @@ public void testAuthenticate() throws NoSuchFieldException, SecurityException, I
 
     @Test
     public void testGetAPIType() {
-        Assert.assertTrue(new GetServiceProviderMetaDataCmd().getAPIType() == APIAuthenticationType.LOGIN_API);
+        Assert.assertTrue(new GetServiceProviderMetaDataCmd().getAPIType() == APIAuthenticationType.READONLY_API);
     }
 }
\ No newline at end of file
diff --git a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmdTest.java b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmdTest.java
index 00455b97e2..c98c0b59e8 100644
--- a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmdTest.java
+++ b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmdTest.java
@@ -196,6 +196,6 @@ public void testAuthenticate() throws Exception {
 
     @Test
     public void testGetAPIType() {
-        Assert.assertTrue(new GetServiceProviderMetaDataCmd().getAPIType() == APIAuthenticationType.LOGIN_API);
+        Assert.assertTrue(new SAML2LoginAPIAuthenticatorCmd().getAPIType() == APIAuthenticationType.LOGIN_API);
     }
 }
\ No newline at end of file
diff --git a/server/src/com/cloud/api/ApiServlet.java b/server/src/com/cloud/api/ApiServlet.java
index 2bffc77ad8..d9e77bd3c6 100644
--- a/server/src/com/cloud/api/ApiServlet.java
+++ b/server/src/com/cloud/api/ApiServlet.java
@@ -16,19 +16,13 @@
 // under the License.
 package com.cloud.api;
 
-import java.io.UnsupportedEncodingException;
-import java.net.URLDecoder;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.inject.Inject;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
+import com.cloud.user.Account;
+import com.cloud.user.AccountService;
+import com.cloud.user.User;
+import com.cloud.utils.HttpUtils;
+import com.cloud.utils.StringUtils;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.net.NetUtils;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.ApiServerService;
 import org.apache.cloudstack.api.ServerApiException;
@@ -41,13 +35,18 @@
 import org.springframework.stereotype.Component;
 import org.springframework.web.context.support.SpringBeanAutowiringSupport;
 
-import com.cloud.user.Account;
-import com.cloud.user.AccountService;
-import com.cloud.user.User;
-import com.cloud.utils.HttpUtils;
-import com.cloud.utils.StringUtils;
-import com.cloud.utils.db.EntityManager;
-import com.cloud.utils.net.NetUtils;
+import javax.inject.Inject;
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.HashMap;
+import java.util.Map;
 
 @Component("apiServlet")
 @SuppressWarnings("serial")
@@ -180,7 +179,7 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
                         }
                         session = req.getSession(true);
                         if (ApiServer.isSecureSessionCookieEnabled()) {
-                            resp.setHeader("SET-COOKIE", "JSESSIONID=" + session.getId() + ";Secure;Path=/client");
+                            resp.setHeader("SET-COOKIE", String.format("JSESSIONID=%s;Secure;HttpOnly;Path=/client", session.getId()));
                             if (s_logger.isDebugEnabled()) {
                                 if (s_logger.isDebugEnabled()) {
                                     s_logger.debug("Session cookie is marked secure!");
@@ -191,11 +190,15 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
 
                     try {
                         responseString = apiAuthenticator.authenticate(command, params, session, remoteAddress, responseType, auditTrailSb, req, resp);
+                        if (session != null && session.getAttribute(ApiConstants.SESSIONKEY) != null) {
+                            resp.addHeader("SET-COOKIE", String.format("%s=%s;HttpOnly", ApiConstants.SESSIONKEY, session.getAttribute(ApiConstants.SESSIONKEY)));
+                        }
                     } catch (ServerApiException e) {
                         httpResponseCode = e.getErrorCode().getHttpCode();
                         responseString = e.getMessage();
                         s_logger.debug("Authentication failure: " + e.getMessage());
                     }
+
                     if (apiAuthenticator.getAPIType() == APIAuthenticationType.LOGOUT_API) {
                         if (session != null) {
                             final Long userId = (Long) session.getAttribute("userid");
@@ -213,6 +216,9 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
                             } catch (final IllegalStateException ignored) {
                             }
                         }
+                        Cookie sessionKeyCookie = new Cookie(ApiConstants.SESSIONKEY, "");
+                        sessionKeyCookie.setMaxAge(0);
+                        resp.addCookie(sessionKeyCookie);
                     }
                     HttpUtils.writeHttpResponse(resp, responseString, httpResponseCode, responseType, ApiServer.getJSONContentType());
                     return;
@@ -229,11 +235,15 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
 
             if (!isNew) {
                 userId = (Long)session.getAttribute("userid");
-                final String account = (String)session.getAttribute("account");
+                final String account = (String) session.getAttribute("account");
                 final Object accountObj = session.getAttribute("accountobj");
-                final String sessionKey = (String)session.getAttribute(ApiConstants.SESSIONKEY);
-                final String[] sessionKeyParam = (String[])params.get(ApiConstants.SESSIONKEY);
-                if ((sessionKeyParam == null) || (sessionKey == null) || !sessionKey.equals(sessionKeyParam[0])) {
+                final String sessionKey = (String) session.getAttribute(ApiConstants.SESSIONKEY);
+                final String sessionKeyFromCookie = HttpUtils.findCookie(req.getCookies(), ApiConstants.SESSIONKEY);
+                final String[] sessionKeyFromParams = (String[]) params.get(ApiConstants.SESSIONKEY);
+                if ((sessionKey == null)
+                        || (sessionKeyFromParams == null && sessionKeyFromCookie == null)
+                        || (sessionKeyFromParams != null && !sessionKey.equals(sessionKeyFromParams[0]))
+                        || (sessionKeyFromCookie != null && !sessionKey.equals(sessionKeyFromCookie))) {
                     try {
                         session.invalidate();
                     } catch (final IllegalStateException ise) {
diff --git a/ui/scripts/cloudStack.js b/ui/scripts/cloudStack.js
index feb6e26628..8b27452ddf 100644
--- a/ui/scripts/cloudStack.js
+++ b/ui/scripts/cloudStack.js
@@ -107,28 +107,11 @@
             // Use this for checking the session, to bypass login screen
             bypassLoginCheck: function(args) { //determine to show or bypass login screen
                 if (g_loginResponse == null) { //show login screen
-                    /*
-                     * Since we no longer store sessionKey in cookie, opening the
-                     * 2nd browser window (of the same domain) will show login screen (i.e. user has to
-                     * enter credentials again) and will cause the 1st browser window session timeout.
-                     */
                     var unBoxCookieValue = function (cookieName) {
-                        var cookieValue = $.cookie(cookieName);
-                        if (cookieValue && cookieValue.length > 2 && cookieValue[0] === '"' && cookieValue[cookieValue.length-1] === '"') {
-                            cookieValue = cookieValue.slice(1, cookieValue.length-1);
-                            $.cookie(cookieName, cookieValue, { expires: 1 });
-                        }
-                        return decodeURIComponent(cookieValue);
+                        return decodeURIComponent($.cookie(cookieName)).replace(/"([^"]+(?="))"/g, '$1');
                     };
-                    unBoxCookieValue('sessionkey');
-                    // if sessionkey cookie exists use this to set g_sessionKey
-                    // and destroy sessionkey cookie
-                    if ($.cookie('sessionkey')) {
-                        g_sessionKey = $.cookie('sessionkey');
-                        $.cookie('sessionkey', null);
-                    } else {
-                        g_sessionKey = unBoxCookieValue('JSESSIONID');
-                    }
+                    // sessionkey is a HttpOnly cookie now, no need to pass as API param
+                    g_sessionKey = null;
                     g_role = unBoxCookieValue('role');
                     g_userid = unBoxCookieValue('userid');
                     g_domainid = unBoxCookieValue('domainid');
@@ -136,7 +119,7 @@
                     g_username = unBoxCookieValue('username');
                     g_userfullname = unBoxCookieValue('userfullname');
                     g_timezone = unBoxCookieValue('timezone');
-                } else { //single-sign-on	(bypass login screen)
+                } else { //single-sign-on (bypass login screen)
                     g_sessionKey = encodeURIComponent(g_loginResponse.sessionkey);
                     g_role = g_loginResponse.type;
                     g_username = g_loginResponse.username;
@@ -144,7 +127,7 @@
                     g_account = g_loginResponse.account;
                     g_domainid = g_loginResponse.domainid;
                     g_userfullname = g_loginResponse.firstname + ' ' + g_loginResponse.lastname;
-                    g_timezone = g_loginResponse.timezone;                    
+                    g_timezone = g_loginResponse.timezone;
                 }
 
                 var userValid = false;
@@ -180,7 +163,25 @@
                         return true;
                     }
                 });
-               
+
+                // Populate IDP list
+                $.ajax({
+                    type: 'GET',
+                    url: createURL('listIdps'),
+                    dataType: 'json',
+                    async: false,
+                    success: function(data, textStatus, xhr) {
+                        if (data && data.listidpsresponse && data.listidpsresponse.idp) {
+                            var idpList = data.listidpsresponse.idp.sort(function (a, b) {
+                                return a.orgName.localeCompare(b.orgName);
+                            });
+                            g_idpList = idpList;
+                        }
+                    },
+                    error: function(xhr) {
+                    },
+                });
+
                 return userValid ? {
                     user: {
                         userid: g_userid,
@@ -227,14 +228,16 @@
                     async: false,
                     success: function(json) {
                         var loginresponse = json.loginresponse;
-                        
-                        g_sessionKey = encodeURIComponent(loginresponse.sessionkey);
+                        // sessionkey is recevied as a HttpOnly cookie
+                        // therefore reset any g_sessionKey value, an explicit
+                        // param in the API call is no longer needed
+                        g_sessionKey = null;
                         g_role = loginresponse.type;
                         g_username = loginresponse.username;
                         g_userid = loginresponse.userid;
                         g_account = loginresponse.account;
                         g_domainid = loginresponse.domainid;
-                        g_timezone = loginresponse.timezone;                        
+                        g_timezone = loginresponse.timezone;
                         g_userfullname = loginresponse.firstname + ' ' + loginresponse.lastname;
 
                         $.cookie('username', g_username, {
@@ -320,7 +323,7 @@
                 $.ajax({
                     url: createURL('logout'),
                     async: false,
-                    success: function() {                        
+                    success: function() {
                         g_sessionKey = null;
                         g_username = null;
                         g_account = null;
@@ -331,15 +334,16 @@
                         g_kvmsnapshotenabled = null;
                         g_regionsecondaryenabled = null;
                         g_loginCmdText = null;
-                        
-                        $.cookie('JSESSIONID', null);
-                        $.cookie('sessionkey', null);
-                        $.cookie('username', null);
-                        $.cookie('account', null);
-                        $.cookie('domainid', null);
-                        $.cookie('role', null);  
-                        $.cookie('timezone', null);
-                        
+
+                        // Remove any cookies
+                        var cookies = document.cookie.split(";");
+                        for (var i = 0; i < cookies.length; i++) {
+                            var cookieName = $.trim(cookies[i].split("=")[0]);
+                            if (['login-option', 'lang'].indexOf(cookieName) < 0) {
+                                $.cookie(cookieName, null);
+                            }
+                        }
+
                         if (onLogoutCallback()) { //onLogoutCallback() will set g_loginResponse(single-sign-on variable) to null, then bypassLoginCheck() will show login screen.
                             document.location.reload(); //when onLogoutCallback() returns true, reload the current document.
                         }
@@ -367,13 +371,15 @@
                 g_regionsecondaryenabled = null;
                 g_loginCmdText = null;
 
-                $.cookie('JSESSIONID', null);
-                $.cookie('sessionkey', null);
-                $.cookie('username', null);
-                $.cookie('account', null);
-                $.cookie('domainid', null);
-                $.cookie('role', null);
-                $.cookie('timezone', null);
+                // Remove any cookies
+                var cookies = document.cookie.split(";");
+                for (var i = 0; i < cookies.length; i++) {
+                    var cookieName = $.trim(cookies[i].split("=")[0]);
+                    if (['login-option', 'lang'].indexOf(cookieName) < 0) {
+                        $.cookie(cookieName, null);
+                    }
+                }
+
                 var url = 'samlSso';
                 if (args.data.idpid) {
                     url = url + '&idpid=' + args.data.idpid;
diff --git a/ui/scripts/sharedFunctions.js b/ui/scripts/sharedFunctions.js
index 75860dc568..11c87a0acd 100644
--- a/ui/scripts/sharedFunctions.js
+++ b/ui/scripts/sharedFunctions.js
@@ -170,7 +170,10 @@ var pollAsyncJobResult = function(args) {
 
     function createURL(apiName, options) {
         if (!options) options = {};
-        var urlString = clientApiUrl + "?" + "command=" + apiName + "&response=json&sessionkey=" + g_sessionKey;
+        var urlString = clientApiUrl + "?" + "command=" + apiName + "&response=json";
+        if (g_sessionKey) {
+            urlString += "&sessionkey=" + g_sessionKey;
+        }
 
         if (cloudStack.context && cloudStack.context.projects && !options.ignoreProject) {
             urlString = urlString + '&projectid=' + cloudStack.context.projects[0].id;
diff --git a/ui/scripts/ui-custom/login.js b/ui/scripts/ui-custom/login.js
index bad40d2c12..e112958345 100644
--- a/ui/scripts/ui-custom/login.js
+++ b/ui/scripts/ui-custom/login.js
@@ -129,10 +129,6 @@
             return false;
         });
 
-        // Show SAML button if only SP is configured
-        $login.find('#login-dropdown').hide();
-        $login.find('#saml-login').hide();
-        $login.find('#cloudstack-login').hide();
 
         var toggleLoginView = function (selectedOption) {
             $login.find('#login-submit').show();
@@ -160,55 +156,43 @@
             }
         });
 
-        $.ajax({
-            type: 'GET',
-            url: createURL('listIdps'),
-            dataType: 'json',
-            async: false,
-            success: function(data, textStatus, xhr) {
-                if (xhr.status === 200) {
-                    $login.find('#login-dropdown').show();
-                    $login.find('#login-submit').hide();
-                } else {
-                    $login.find('#cloudstack-login').show();
-                    $login.find('#login-submit').show();
-                    return;
-                }
+        // By Default hide login option dropdown
+        $login.find('#login-dropdown').hide();
+        $login.find('#login-submit').show();
+        $login.find('#cloudstack-login').show();
+        $login.find('#saml-login').hide();
 
+        // If any IdP servers were set, SAML is enabled
+        if (g_idpList && g_idpList.length > 0) {
+            $login.find('#login-dropdown').show();
+            $login.find('#login-submit').hide();
+            $login.find('#cloudstack-login').hide();
+            $login.find('#saml-login').hide();
+
+            $login.find('#login-options')
+                .append($('<option>', {
+                    value: '',
+                    text: '--- Select Identity Provider -- ',
+                    selected: true
+                }));
+
+            $.each(g_idpList, function(index, idp) {
                 $login.find('#login-options')
                     .append($('<option>', {
-                        value: '',
-                        text: '--- Select Identity Provider -- ',
-                        selected: true
+                        value: idp.id,
+                        text: idp.orgName
                     }));
+            });
 
-                if (data.listidpsresponse && data.listidpsresponse.idp) {
-                    var idpList = data.listidpsresponse.idp.sort(function (a, b) {
-                        return a.orgName.localeCompare(b.orgName);
-                    });
-                    g_idpList = idpList;
-                    $.each(idpList, function(index, idp) {
-                        $login.find('#login-options')
-                            .append($('<option>', {
-                                value: idp.id,
-                                text: idp.orgName
-                            }));
-                    });
-                }
-
-                var loginOption = $.cookie('login-option');
-                if (loginOption) {
-                    var option = $login.find('#login-options option[value="' + loginOption + '"]');
-                    if (option.length > 0) {
-                        option.prop('selected', true);
-                        toggleLoginView(loginOption);
-                    }
+            var loginOption = $.cookie('login-option');
+            if (loginOption) {
+                var option = $login.find('#login-options option[value="' + loginOption + '"]');
+                if (option.length > 0) {
+                    option.prop('selected', true);
+                    toggleLoginView(loginOption);
                 }
-            },
-            error: function(xhr) {
-                $login.find('#cloudstack-login').show();
-            },
-        });
+            }
+        }
 
         // Select language
         var $languageSelect = $login.find('select[name=language]');
diff --git a/utils/src/com/cloud/utils/HttpUtils.java b/utils/src/com/cloud/utils/HttpUtils.java
index 2940985788..6077c44da4 100644
--- a/utils/src/com/cloud/utils/HttpUtils.java
+++ b/utils/src/com/cloud/utils/HttpUtils.java
@@ -51,6 +51,9 @@ public static void addSecurityHeaders(final HttpServletResponse resp) {
     }
 
     public static String findCookie(final Cookie[] cookies, final String key) {
+        if (cookies == null || key == null || key.isEmpty()) {
+            return null;
+        }
         for (Cookie cookie: cookies) {
             if (cookie != null && cookie.getName().equals(key)) {
                 return cookie.getValue();

From 7d11c7bc703be00c91ea267695a33756ebb14b57 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Fri, 10 Jul 2015 02:26:51 +0530
Subject: [PATCH 026/115] CLOUDSTACK-8457: SAML UI enhancements

Add option to authorize SAML SSO for user when adding user. Appends a domain to
user/account name if global setting is enabled, useful in case of multiple IDP
server. By default the setting is set to false (keep as it is).

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #575
---
 .../cloudstack/saml/SAML2AuthManager.java     |  3 +
 .../cloudstack/saml/SAML2AuthManagerImpl.java |  2 +-
 ui/scripts/accounts.js                        | 97 +++++++++++++++++++
 ui/scripts/accountsWizard.js                  | 32 +++++-
 ui/scripts/sharedFunctions.js                 |  1 +
 5 files changed, 132 insertions(+), 3 deletions(-)

diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManager.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManager.java
index fc9a6db4d8..c65f8b3ad1 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManager.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManager.java
@@ -64,6 +64,9 @@ public interface SAML2AuthManager extends PluggableAPIAuthenticator, PluggableSe
     public static final ConfigKey<String> SAMLSignatureAlgorithm = new ConfigKey<String>("Advanced", String.class, "saml2.sigalg", "SHA1",
             "The algorithm to use to when signing a SAML request. Default is SHA1, allowed algorithms: SHA1, SHA256, SHA384, SHA512", true);
 
+    public static final ConfigKey<Boolean> SAMLAppendDomainSuffix = new ConfigKey<Boolean>("Advanced", Boolean.class, "saml2.append.idpdomain", "false",
+            "If enabled, create account/user dialog with SAML SSO enabled will append the IdP domain to the user or account name in the UI dialog", true);
+
     public static final ConfigKey<Integer> SAMLTimeout = new ConfigKey<Integer>("Advanced", Integer.class, "saml2.timeout", "1800",
             "SAML2 IDP Metadata refresh interval in seconds, minimum value is set to 300", true);
 
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java
index 185955c338..7232ac9e07 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java
@@ -514,6 +514,6 @@ public ConfigKey<?>[] getConfigKeys() {
                 SAMLServiceProviderSingleSignOnURL, SAMLServiceProviderSingleLogOutURL,
                 SAMLCloudStackRedirectionUrl, SAMLUserAttributeName,
                 SAMLIdentityProviderMetadataURL, SAMLDefaultIdentityProviderId,
-                SAMLSignatureAlgorithm, SAMLTimeout};
+                SAMLSignatureAlgorithm, SAMLAppendDomainSuffix, SAMLTimeout};
     }
 }
diff --git a/ui/scripts/accounts.js b/ui/scripts/accounts.js
index ad8ee61def..365528c5b0 100644
--- a/ui/scripts/accounts.js
+++ b/ui/scripts/accounts.js
@@ -148,6 +148,23 @@
                                 });
                             }
                         });
+
+                        // SAML: Check Append Domain Setting
+                        if (g_idpList) {
+                            $.ajax({
+                                type: 'GET',
+                                url: createURL('listConfigurations&name=saml2.append.idpdomain'),
+                                dataType: 'json',
+                                async: false,
+                                success: function(data, textStatus, xhr) {
+                                    if (data && data.listconfigurationsresponse && data.listconfigurationsresponse.configuration) {
+                                        g_appendIdpDomain = (data.listconfigurationsresponse.configuration[0].value === 'true');
+                                    }
+                                },
+                                error: function(xhr) {
+                                },
+                            });
+                        }
                     },
 
                     detailView: {
@@ -1061,6 +1078,68 @@
                                                 data: items
                                             });
                                         }
+                                    },
+                                    samlEnable: {
+                                        label: 'label.saml.enable',
+                                        docID: 'helpSamlEnable',
+                                        isBoolean: true,
+                                        validation: {
+                                            required: false
+                                        },
+                                        isHidden: function (args) {
+                                            if (g_idpList) return false;
+                                            return true;
+                                        }
+                                    },
+                                    samlEntity: {
+                                        label: 'label.saml.entity',
+                                        docID: 'helpSamlEntity',
+                                        validation: {
+                                            required: false
+                                        },
+                                        select: function(args) {
+                                            var samlChecked = false;
+                                            var idpUrl = "";
+                                            var appendDomainToUsername = function() {
+                                                if (!g_appendIdpDomain) {
+                                                    return;
+                                                }
+                                                var username = $('input[name=username]').val();
+                                                if (username) {
+                                                    username = username.split('@')[0];
+                                                }
+                                                if (samlChecked) {
+                                                    var link = document.createElement('a');
+                                                    link.setAttribute('href', idpUrl);
+                                                    $('input[name=username]').val(username + "@" + link.host.split('.').splice(-2).join('.'));
+                                                } else {
+                                                    $('input[name=username]').val(username);
+                                                }
+                                            };
+                                            args.$form.find('select[name=samlEntity]').change(function() {
+                                                idpUrl = $(this).children(':selected').val();
+                                                appendDomainToUsername();
+                                            });
+                                            args.$form.find('input[name=samlEnable]').change(function() {
+                                                samlChecked = $(this).context.checked;
+                                                appendDomainToUsername();
+                                            });
+
+                                            var items = [];
+                                            $(g_idpList).each(function() {
+                                                items.push({
+                                                    id: this.id,
+                                                    description: this.orgName
+                                                });
+                                            });
+                                            args.response.success({
+                                                data: items
+                                            });
+                                        },
+                                        isHidden: function (args) {
+                                            if (g_idpList) return false;
+                                            return true;
+                                        }
                                     }
                                 }
                             },
@@ -1098,12 +1177,30 @@
                                     accounttype: accountObj.accounttype
                                 });
 
+
+                                var authorizeUsersForSamlSSO = function (users, entity) {
+                                    for (var i = 0; i < users.length; i++) {
+                                        $.ajax({
+                                            url: createURL('authorizeSamlSso&enable=true&userid=' + users[i].id + "&entityid=" + entity),
+                                            error: function(XMLHttpResponse) {
+                                                args.response.error(parseXMLHttpResponse(XMLHttpResponse));
+                                            }
+                                        });
+                                    }
+                                    return;
+                                };
+
                                 $.ajax({
                                     url: createURL('createUser'),
                                     type: "POST",
                                     data: data,
                                     success: function(json) {
                                         var item = json.createuserresponse.user;
+                                        if (args.data.samlEnable && args.data.samlEnable === 'on') {
+                                            var entity = args.data.samlEntity;
+                                            if (item && entity)
+                                                authorizeUsersForSamlSSO([item], entity);
+                                        }
                                         args.response.success({
                                             data: item
                                         });
diff --git a/ui/scripts/accountsWizard.js b/ui/scripts/accountsWizard.js
index 7ea5eaa28b..3efe6f91f1 100644
--- a/ui/scripts/accountsWizard.js
+++ b/ui/scripts/accountsWizard.js
@@ -16,8 +16,9 @@
 // under the License.
 
 (function(cloudStack, $) {
-	var rootDomainId;
-	
+    var rootDomainId;
+
+
     cloudStack.accountsWizard = {
 
         informationWithinLdap: {
@@ -178,6 +179,33 @@
                     required: false
                 },
                 select: function(args) {
+                    var samlChecked = false;
+                    var idpUrl = "";
+                    var appendDomainToUsername = function() {
+                        if (!g_appendIdpDomain) {
+                            return;
+                        }
+                        var username = $('input[name=username]').val();
+                        if (username) {
+                            username = username.split('@')[0];
+                        }
+                        if (samlChecked) {
+                            var link = document.createElement('a');
+                            link.setAttribute('href', idpUrl);
+                            $('input[name=username]').val(username + "@" + link.host.split('.').splice(-2).join('.'));
+                        } else {
+                            $('input[name=username]').val(username);
+                        }
+                    };
+                    args.$form.find('select[name=samlEntity]').change(function() {
+                        idpUrl = $(this).children(':selected').val();
+                        appendDomainToUsername();
+                    });
+                    args.$form.find('input[name=samlEnable]').change(function() {
+                        samlChecked = $(this).context.checked;
+                        appendDomainToUsername();
+                    });
+
                     var items = [];
                     $(g_idpList).each(function() {
                         items.push({
diff --git a/ui/scripts/sharedFunctions.js b/ui/scripts/sharedFunctions.js
index 11c87a0acd..31c67e3cd9 100644
--- a/ui/scripts/sharedFunctions.js
+++ b/ui/scripts/sharedFunctions.js
@@ -33,6 +33,7 @@ var g_userPublicTemplateEnabled = "true";
 var g_cloudstackversion = null;
 var g_queryAsyncJobResultInterval = 3000;
 var g_idpList = null;
+var g_appendIdpDomain = false;
 
 //keyboard keycode
 var keycode_Enter = 13;

From c7a6623cacf134985a3926f1b6405401b0522e60 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Tue, 14 Jul 2015 11:31:27 +0530
Subject: [PATCH 027/115] CLOUDSTACK-8457: SAML UI Dialog fixes to use local
 $form

This uses local selector to access the DOM elements, the previous commit
would find a global element which is not in the context and fail changing the
element in the opened dialog.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #583

(cherry picked from commit 47d2d07eb95a21f2de301461bbf566b489b5650c)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/accounts.js                 |  8 +++----
 ui/scripts/accountsWizard.js           | 27 ------------------------
 ui/scripts/ui-custom/accountsWizard.js | 29 ++++++++++++++++++++++++++
 3 files changed, 33 insertions(+), 31 deletions(-)

diff --git a/ui/scripts/accounts.js b/ui/scripts/accounts.js
index 365528c5b0..7db28b3a63 100644
--- a/ui/scripts/accounts.js
+++ b/ui/scripts/accounts.js
@@ -1099,21 +1099,21 @@
                                         },
                                         select: function(args) {
                                             var samlChecked = false;
-                                            var idpUrl = "";
+                                            var idpUrl = args.$form.find('select[name=samlEntity]').children(':selected').val();
                                             var appendDomainToUsername = function() {
                                                 if (!g_appendIdpDomain) {
                                                     return;
                                                 }
-                                                var username = $('input[name=username]').val();
+                                                var username = args.$form.find('input[name=username]').val();
                                                 if (username) {
                                                     username = username.split('@')[0];
                                                 }
                                                 if (samlChecked) {
                                                     var link = document.createElement('a');
                                                     link.setAttribute('href', idpUrl);
-                                                    $('input[name=username]').val(username + "@" + link.host.split('.').splice(-2).join('.'));
+                                                    args.$form.find('input[name=username]').val(username + "@" + link.host.split('.').splice(-2).join('.'));
                                                 } else {
-                                                    $('input[name=username]').val(username);
+                                                    args.$form.find('input[name=username]').val(username);
                                                 }
                                             };
                                             args.$form.find('select[name=samlEntity]').change(function() {
diff --git a/ui/scripts/accountsWizard.js b/ui/scripts/accountsWizard.js
index 3efe6f91f1..03dc65c3c0 100644
--- a/ui/scripts/accountsWizard.js
+++ b/ui/scripts/accountsWizard.js
@@ -179,33 +179,6 @@
                     required: false
                 },
                 select: function(args) {
-                    var samlChecked = false;
-                    var idpUrl = "";
-                    var appendDomainToUsername = function() {
-                        if (!g_appendIdpDomain) {
-                            return;
-                        }
-                        var username = $('input[name=username]').val();
-                        if (username) {
-                            username = username.split('@')[0];
-                        }
-                        if (samlChecked) {
-                            var link = document.createElement('a');
-                            link.setAttribute('href', idpUrl);
-                            $('input[name=username]').val(username + "@" + link.host.split('.').splice(-2).join('.'));
-                        } else {
-                            $('input[name=username]').val(username);
-                        }
-                    };
-                    args.$form.find('select[name=samlEntity]').change(function() {
-                        idpUrl = $(this).children(':selected').val();
-                        appendDomainToUsername();
-                    });
-                    args.$form.find('input[name=samlEnable]').change(function() {
-                        samlChecked = $(this).context.checked;
-                        appendDomainToUsername();
-                    });
-
                     var items = [];
                     $(g_idpList).each(function() {
                         items.push({
diff --git a/ui/scripts/ui-custom/accountsWizard.js b/ui/scripts/ui-custom/accountsWizard.js
index cfbe930b2a..0d416e1ffe 100644
--- a/ui/scripts/ui-custom/accountsWizard.js
+++ b/ui/scripts/ui-custom/accountsWizard.js
@@ -293,6 +293,35 @@
                 }
                 $wizard.find('.manual-account-details').append(informationNotInLdapForm);
 
+                if (g_idpList && g_appendIdpDomain && !ldapStatus) {
+                    var samlChecked = false;
+                    var idpUrl = $wizard.find('select[name=samlEntity]').children(':selected').val();
+                    var appendDomainToUsername = function() {
+                        if (!g_appendIdpDomain) {
+                            return;
+                        }
+                        var username = $wizard.find('input[name=username]').val();
+                        if (username) {
+                            username = username.split('@')[0];
+                        }
+                        if (samlChecked) {
+                            var link = document.createElement('a');
+                            link.setAttribute('href', idpUrl);
+                            $wizard.find('input[name=username]').val(username + "@" + link.host.split('.').splice(-2).join('.'));
+                        } else {
+                            $wizard.find('input[name=username]').val(username);
+                        }
+                    };
+                    $wizard.find('select[name=samlEntity]').change(function() {
+                        idpUrl = $(this).children(':selected').val();
+                        appendDomainToUsername();
+                    });
+                    $wizard.find('input[name=samlEnable]').change(function() {
+                        samlChecked = $(this).context.checked;
+                        appendDomainToUsername();
+                    });
+                }
+
                 return $wizard.dialog({
                     title: ldapStatus ? _l('Add LDAP Account') : _l('label.add.account'),
                     width: ldapStatus ? 800 : 330,

From 56522fda67f30416b756891919a38ee7779b12d1 Mon Sep 17 00:00:00 2001
From: Boris Schrijver <boris@pcextreme.nl>
Date: Thu, 16 Jul 2015 14:44:52 +0200
Subject: [PATCH 028/115] CLOUDSTACK-8642: SSO Method not allowed bug fix. Due
 to CLOUDSTACK-8505 and commit 1c81b241e7914b24b06c3b7b3ee98bc0d3b4f68b

Signed-off-by: Daan Hoogland <daan@onecht.net>

This closes #598

(cherry picked from commit b1e5906923512d3fe8470382277a85d82cb131c4)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/cloud.core.callbacks.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ui/scripts/cloud.core.callbacks.js b/ui/scripts/cloud.core.callbacks.js
index a32d0680a2..3ae6d09fe7 100644
--- a/ui/scripts/cloud.core.callbacks.js
+++ b/ui/scripts/cloud.core.callbacks.js
@@ -65,6 +65,7 @@ $(document).ready(function() {
     if (url != undefined && url != null && url.length > 0) {
         url = unescape(clientApiUrl + "?" + url);
         $.ajax({
+            type: 'POST',
             url: url,
             dataType: "json",
             async: false,

From 9cb4a913d377867a33f62a9a172acb42c5253e5f Mon Sep 17 00:00:00 2001
From: Hiroki Ohashi <hiroki.oohashi@aist.go.jp>
Date: Thu, 2 Oct 2014 17:21:06 +0900
Subject: [PATCH 029/115] CLOUDSTACK-7539: [S3] Parallel deployment makes
 reference count of a cache in nfs secondary staging store negative(-1)

---
 .../manager/StorageCacheManagerImpl.java      | 95 +++++++++++++++++--
 1 file changed, 88 insertions(+), 7 deletions(-)

diff --git a/engine/storage/cache/src/org/apache/cloudstack/storage/cache/manager/StorageCacheManagerImpl.java b/engine/storage/cache/src/org/apache/cloudstack/storage/cache/manager/StorageCacheManagerImpl.java
index 3a502d12ae..6be35812b1 100644
--- a/engine/storage/cache/src/org/apache/cloudstack/storage/cache/manager/StorageCacheManagerImpl.java
+++ b/engine/storage/cache/src/org/apache/cloudstack/storage/cache/manager/StorageCacheManagerImpl.java
@@ -23,6 +23,7 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Random;
+import java.util.Date;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
@@ -40,6 +41,7 @@
 import org.apache.cloudstack.engine.subsystem.api.storage.DataStore;
 import org.apache.cloudstack.engine.subsystem.api.storage.DataStoreManager;
 import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine;
+import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine.State;
 import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine.Event;
 import org.apache.cloudstack.engine.subsystem.api.storage.Scope;
 import org.apache.cloudstack.engine.subsystem.api.storage.StorageCacheManager;
@@ -60,6 +62,8 @@
 import com.cloud.utils.db.SearchCriteria;
 import com.cloud.utils.exception.CloudRuntimeException;
 
+import com.cloud.agent.api.to.DataObjectType;
+
 public class StorageCacheManagerImpl implements StorageCacheManager, Manager {
     private static final Logger s_logger = Logger.getLogger(StorageCacheManagerImpl.class);
     @Inject
@@ -78,6 +82,9 @@ public class StorageCacheManagerImpl implements StorageCacheManager, Manager {
     int workers;
     ScheduledExecutorService executors;
     int cacheReplaceMentInterval;
+    private static final Object templateLock = new Object();
+    private static final Object volumeLock = new Object();
+    private static final Object snapshotLock = new Object();
 
     @Override
     public DataStore getCacheStorage(Scope scope) {
@@ -216,15 +223,82 @@ public boolean stop() {
 
     @Override
     public DataObject createCacheObject(DataObject data, DataStore store) {
-        DataObjectInStore obj = objectInStoreMgr.findObject(data, store);
-        if (obj != null && obj.getState() == ObjectInDataStoreStateMachine.State.Ready) {
-            s_logger.debug("there is already one in the cache store");
-            DataObject dataObj = objectInStoreMgr.get(data, store);
-            dataObj.incRefCount();
-            return dataObj;
+        DataObject objOnCacheStore;
+        final Object lock;
+        final DataObjectType type = data.getType();
+        final String typeName;
+        final DataStoreRole role = store.getRole();
+        final long storeId = store.getId();
+        final long dataId = data.getId();
+
+        /*
+         * Make sure any thread knows own lock type.
+         */
+        if (type == DataObjectType.TEMPLATE) {
+            lock = templateLock;
+            typeName = "template";
+        } else if (type == DataObjectType.VOLUME) {
+            lock = volumeLock;
+            typeName = "volume";
+        } else if (type == DataObjectType.SNAPSHOT) {
+            lock = snapshotLock;
+            typeName = "snapshot";
+        } else {
+            String msg = "unsupported DataObject comes, then can't acquire correct lock object";
+            throw new CloudRuntimeException(msg);
         }
+        s_logger.debug("check " + typeName + " cache entry(id: " + dataId + ") on store(id: " + storeId + ")");
+
+        synchronized (lock) {
+            DataObjectInStore obj = objectInStoreMgr.findObject(data, store);
+            if (obj != null) {
+                State st = obj.getState();
+
+                long miliSeconds = 10000;
+                long timeoutSeconds = 3600;
+                long timeoutMiliSeconds = timeoutSeconds * 1000;
+                Date now = new Date();
+                long expiredEpoch = now.getTime() + timeoutMiliSeconds;
+                Date expiredDate = new Date(expiredEpoch);
+
+                /*
+                 * Waiting for completion of cache copy.
+                 */
+                while (st == ObjectInDataStoreStateMachine.State.Allocated ||
+                    st == ObjectInDataStoreStateMachine.State.Creating ||
+                    st == ObjectInDataStoreStateMachine.State.Copying) {
+
+                    /*
+                     * Threads must release lock within waiting for cache copy and
+                     * must be waken up at completion.
+                     */
+                    s_logger.debug("waiting cache copy completion type: " + typeName + ", id: " + obj.getObjectId() + ", lock: " + lock.hashCode());
+                    try {
+                        lock.wait(miliSeconds);
+                    } catch (InterruptedException e) {}
+                    s_logger.debug("waken up");
+
+                    now = new Date();
+                    if (now.after(expiredDate)) {
+                        String msg = "Waiting time exceeds timeout limit(" + timeoutSeconds + " s)";
+                        throw new CloudRuntimeException(msg);
+                    }
 
-        DataObject objOnCacheStore = store.create(data);
+                    obj = objectInStoreMgr.findObject(data, store);
+                    st = obj.getState();
+                }
+
+                if (st == ObjectInDataStoreStateMachine.State.Ready) {
+                    s_logger.debug("there is already one in the cache store");
+                    DataObject dataObj = objectInStoreMgr.get(data, store);
+                    dataObj.incRefCount();
+                    return dataObj;
+                }
+            }
+
+            s_logger.debug("create " + typeName + " cache entry(id: " + dataId + ") on store(id: " + storeId + ")");
+            objOnCacheStore = store.create(data);
+        }
 
         AsyncCallFuture<CopyCommandResult> future = new AsyncCallFuture<CopyCommandResult>();
         CopyCommandResult result = null;
@@ -251,6 +325,13 @@ public DataObject createCacheObject(DataObject data, DataStore store) {
             if (result == null) {
                 objOnCacheStore.processEvent(Event.OperationFailed);
             }
+            synchronized (lock) {
+                /*
+                 * Wake up all threads waiting for cache copy.
+                 */
+                s_logger.debug("wake up all waiting threads(lock: " + lock.hashCode() + ")");
+                lock.notifyAll();
+            }
         }
         return null;
     }

From fd459b89ff70454e9f6d9bbfe1b00e3514cd1212 Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan@onecht.net>
Date: Fri, 17 Jul 2015 11:07:57 +0200
Subject: [PATCH 030/115] CLOUDSTACK-7539: no return in synchronised block

---
 .../manager/StorageCacheManagerImpl.java      | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/engine/storage/cache/src/org/apache/cloudstack/storage/cache/manager/StorageCacheManagerImpl.java b/engine/storage/cache/src/org/apache/cloudstack/storage/cache/manager/StorageCacheManagerImpl.java
index 6be35812b1..48e8af6cb0 100644
--- a/engine/storage/cache/src/org/apache/cloudstack/storage/cache/manager/StorageCacheManagerImpl.java
+++ b/engine/storage/cache/src/org/apache/cloudstack/storage/cache/manager/StorageCacheManagerImpl.java
@@ -223,7 +223,7 @@ public boolean stop() {
 
     @Override
     public DataObject createCacheObject(DataObject data, DataStore store) {
-        DataObject objOnCacheStore;
+        DataObject objOnCacheStore = null;
         final Object lock;
         final DataObjectType type = data.getType();
         final String typeName;
@@ -249,6 +249,7 @@ public DataObject createCacheObject(DataObject data, DataStore store) {
         }
         s_logger.debug("check " + typeName + " cache entry(id: " + dataId + ") on store(id: " + storeId + ")");
 
+        DataObject existingDataObj = null;
         synchronized (lock) {
             DataObjectInStore obj = objectInStoreMgr.findObject(data, store);
             if (obj != null) {
@@ -292,12 +293,22 @@ public DataObject createCacheObject(DataObject data, DataStore store) {
                     s_logger.debug("there is already one in the cache store");
                     DataObject dataObj = objectInStoreMgr.get(data, store);
                     dataObj.incRefCount();
-                    return dataObj;
+                    existingDataObj = dataObj;
                 }
             }
 
-            s_logger.debug("create " + typeName + " cache entry(id: " + dataId + ") on store(id: " + storeId + ")");
-            objOnCacheStore = store.create(data);
+            if(existingDataObj == null) {
+                s_logger.debug("create " + typeName + " cache entry(id: " + dataId + ") on store(id: " + storeId + ")");
+                objOnCacheStore = store.create(data);
+            }
+            lock.notifyAll();
+        }
+        if (existingDataObj != null) {
+            return existingDataObj;
+        }
+        if (objOnCacheStore == null) {
+            s_logger.error("create " + typeName + " cache entry(id: " + dataId + ") on store(id: " + storeId + ") failed");
+            return null;
         }
 
         AsyncCallFuture<CopyCommandResult> future = new AsyncCallFuture<CopyCommandResult>();

From 8dc8e9b8f31ef249a553cb20fb5be617a74cfbba Mon Sep 17 00:00:00 2001
From: Boris Schrijver <boris@pcextreme.nl>
Date: Wed, 22 Jul 2015 12:50:54 +0200
Subject: [PATCH 031/115] CLOUDSTACK-8649: Fixed unnecessary double url
 decoding in registerSSHKeyPair.

Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>

This closes #615

(cherry picked from commit 2e79c628e052ebdaf782458cfe4c4ef6e95545c6)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	server/src/com/cloud/server/ManagementServerImpl.java
---
 server/src/com/cloud/server/ManagementServerImpl.java | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index 5946b292f7..be61b22e46 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -16,9 +16,7 @@
 // under the License.
 package com.cloud.server;
 
-import java.io.UnsupportedEncodingException;
 import java.lang.reflect.Field;
-import java.net.URLDecoder;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Calendar;
@@ -3617,11 +3615,7 @@ public SSHKeyPair registerSSHKeyPair(RegisterSSHKeyPairCmd cmd) {
 
         String name = cmd.getName();
         String key = cmd.getPublicKey();
-        try {
-            key = URLDecoder.decode(key, "UTF-8");
-        } catch (UnsupportedEncodingException e) {
-            s_logger.warn("key decoding tried invain: " + e.getLocalizedMessage());
-        }
+
         String publicKey = getPublicKeyFromKeyKeyMaterial(key);
         String fingerprint = getFingerprint(publicKey);
 

From f3c423fb781ce563eacc380a9dbf86f8d3a996d9 Mon Sep 17 00:00:00 2001
From: Milamber <milamber@apache.org>
Date: Thu, 30 Jul 2015 11:10:18 +0100
Subject: [PATCH 032/115] Update L10N resource files on 4.5 branch with 4.5
 translation strings from Transifex (20150730)

---
 .../resources/messages_de_DE.properties       |   9 +
 .../resources/messages_fr_FR.properties       |   4 +
 .../classes/resources/messages_hu.properties  |  64 +-
 .../resources/messages_nb_NO.properties       | 294 ++++++
 .../resources/messages_pt_BR.properties       | 427 ++++++++-
 .../resources/messages_ru_RU.properties       | 856 ++++++++++--------
 6 files changed, 1228 insertions(+), 426 deletions(-)

diff --git a/client/WEB-INF/classes/resources/messages_de_DE.properties b/client/WEB-INF/classes/resources/messages_de_DE.properties
index f5aced42fc..7255e8ca76 100644
--- a/client/WEB-INF/classes/resources/messages_de_DE.properties
+++ b/client/WEB-INF/classes/resources/messages_de_DE.properties
@@ -209,6 +209,7 @@ label.action.resource.limits=Grenzen der Ressourcen
 label.action.restore.instance=Instanz wiederherstellen
 label.action.restore.instance.processing=Wiederherstellen der Instanz....
 label.action.revert.snapshot=Auf Schnappschuss zur\u00fcckkehren
+label.action.revert.snapshot.processing=Es wird auf den Schnappschuss zur\u00fcckgekehrt...
 label.actions=Aktionen
 label.action.start.instance=Instanz beginnen
 label.action.start.instance.processing=Beginnen mit der Instanz....
@@ -232,6 +233,7 @@ label.action.update.resource.count.processing=Ressourcenanzahl wird aktualisiert
 label.action.update.resource.count=Ressourcenanzahl aktualisieren
 label.action.vmsnapshot.create=VM-Schnappschuss machen
 label.action.vmsnapshot.delete=VM-Schnappschuss l\u00f6schen
+label.action.vmsnapshot.revert=Auf VM-Schnappschuss zur\u00fcckkehren
 label.activate.project=Projekt aktivieren
 label.active.sessions=Aktive Sitzungen
 label.add.account=Konto hinzuf\u00fcgen
@@ -471,7 +473,11 @@ label.disable.vpn=Fernzugriff-VPN deaktivieren
 label.disabling.vpn.access=Deaktivierung des VPN Zugangs
 label.disbale.vnmc.device=VNMC-Ger\u00e4t deaktivieren
 label.disk.allocated=Zugeordnete Festplatte
+label.disk.bytes.read.rate=Festplatten-Leserate (BPS)
+label.disk.bytes.write.rate=Festplatten-Schreibrate (BPS)
+label.disk.iops.read.rate=Festplatten-Leserate (IOPS)
 label.disk.iops.total=Gesamte IOPS
+label.disk.iops.write.rate=Festplatten-Schreibrate (IOPS)
 label.disk.offering=Festplatten-Angebot
 label.disk.size=Festplattengr\u00f6\u00dfe
 label.disk.size.gb=Festplattengr\u00f6\u00dfe (in GB)
@@ -495,10 +501,12 @@ label.duration.in.sec=Dauer (in Sekunden)
 label.dynamically.scalable=Dynamisch skalierbar
 label.edit.acl.rule=ACL-Regel bearbeiten
 label.edit=Bearbeiten
+label.edit.lb.rule=LB-Regel bearbeiten
 label.edit.network.details=Netzwerkdetails bearbeiten
 label.edit.project.details=Projektdetails bearbeiten
 label.edit.region=Region bearbeiten
 label.edit.tags=Schlagw\u00f6rter bearbeiten
+label.edit.traffic.type=Datenverkehrstyp bearbeiten
 label.edit.vpc=VPC bearbeiten
 label.email=E-Mail
 label.email.lower=E-Mail-Adresse
@@ -1112,6 +1120,7 @@ label.total.cpu=Gesamtanzahl CPU
 label.total.CPU=Gesamtanzahl CPU
 label.total.hosts=Gesamtanzahl Hosts
 label.total.memory=Gesamter Speicher
+label.total.of.ip=Gesamtzahl der IP-Adressen
 label.total.of.vm=Insgesamte VMs
 label.total.storage=Gesamter Speicher
 label.total.vms=Insgesamte VMs
diff --git a/client/WEB-INF/classes/resources/messages_fr_FR.properties b/client/WEB-INF/classes/resources/messages_fr_FR.properties
index f2f2c60159..d8a26e5483 100644
--- a/client/WEB-INF/classes/resources/messages_fr_FR.properties
+++ b/client/WEB-INF/classes/resources/messages_fr_FR.properties
@@ -68,6 +68,7 @@ label.action.cancel.maintenance.mode.processing=Annulation du mode maintenance..
 label.action.change.password=Changer le mot de passe
 label.action.change.service=Changer d\\'offre de service
 label.action.change.service.processing=Changement de d\\'offre de service...
+label.action.configure.samlauthorization=Configurer Autorisation SAML SSO
 label.action.copy.ISO=Copier une image ISO
 label.action.copy.ISO.processing=Copie ISO...
 label.action.copy.template=Copier mod\u00e8le
@@ -293,6 +294,7 @@ label.add.ip.range=Ajouter une plage IP
 label.add.isolated.guest.network=Ajouter un r\u00e9seau d\\'invit\u00e9 isol\u00e9
 label.add.isolated.network=Ajouter un r\u00e9seau isol\u00e9
 label.additional.networks=R\u00e9seaux additionnels
+label.add.LDAP.account=Ajouter Compte LDAP
 label.add.list.name=Nom Liste ACL
 label.add.load.balancer=Ajouter un r\u00e9partiteur de charge
 label.add.more=Ajouter plus
@@ -1249,6 +1251,8 @@ label.s3.nfs.server=Serveur NFS S3
 label.s3.secret_key=Cl\u00e9 Priv\u00e9e
 label.s3.socket_timeout=D\u00e9lai d\\'expiration de la socket
 label.s3.use_https=Utiliser HTTPS
+label.saml.enable=Autoriser SAML SSO
+label.saml.entity=Fournisseur d\\'identit\u00e9
 label.saturday=Samedi
 label.save.and.continue=Enregistrer et continuer
 label.save=Sauvegarder
diff --git a/client/WEB-INF/classes/resources/messages_hu.properties b/client/WEB-INF/classes/resources/messages_hu.properties
index bc3b6e6d1a..b91687e8f8 100644
--- a/client/WEB-INF/classes/resources/messages_hu.properties
+++ b/client/WEB-INF/classes/resources/messages_hu.properties
@@ -414,7 +414,7 @@ label.broadcast.domain.type=Broadcast Domain Type
 label.broadcast.uri=Broadcast URI
 label.broadcasturi=broadcasturi
 label.broadcat.uri=Broadcast URI
-label.brocade.vcs.address=Vcs Switch Address
+label.brocade.vcs.address=Vcs Switch c\u00edm
 label.brocade.vcs.details=Brocade Vcs Switch r\u00e9szletek
 label.by.account=Sz\u00e1mla alapj\u00e1n
 label.by.alert.type=Riaszt\u00e1s t\u00edpus szerint
@@ -481,7 +481,7 @@ label.confirm.password=Jelsz\u00f3 meger\u0151s\u00edt\u00e9s
 label.congratulations=Gratul\u00e1ci\u00f3\!
 label.conserve.mode=Conserve mode
 label.console.proxy=Konzol proxy
-label.console.proxy.vm=Console Proxy VM
+label.console.proxy.vm=Konzol Proxy VM
 label.continue.basic.install=Folytat\u00e1s alaptelep\u00edt\u00e9ssel
 label.continue=Tov\u00e1bb
 label.copying.iso=ISO m\u00e1sol\u00e1sa
@@ -988,7 +988,7 @@ label.netScaler=NetScaler
 label.network.ACL=H\u00e1l\u00f3zati ACL
 label.network.ACLs=H\u00e1l\u00f3zati ACL-ek
 label.network.ACL.total=H\u00e1l\u00f3zati ACL \u00f6sszesen
-label.network.addVM=Add network to VM
+label.network.addVM=H\u00e1l\u00f3zat felv\u00e9tele a VM-hez
 label.network.cidr=H\u00e1l\u00f3zat CIDR
 label.network.desc=H\u00e1l\u00f3zat le\u00edr\u00e1s
 label.network.device=H\u00e1l\u00f3zati eszk\u00f6z
@@ -1114,7 +1114,7 @@ label.primary.allocated=Els\u0151dleges t\u00e1r elk\u00fcl\u00f6n\u00edtve
 label.primary.network=Els\u0151dleges h\u00e1l\u00f3zat
 label.primary.storage.count=Primary Storage Pools
 label.primary.storage=Els\u0151dleges t\u00e1r
-label.primary.storage.limits=Primary Storage limits (GiB)
+label.primary.storage.limits=Els\u0151dleges t\u00e1r korl\u00e1tok (GiB)
 label.primary.used=Haszn\u00e1lt els\u0151dleges t\u00e1r
 label.private.Gateway=Priv\u00e1t \u00e1tj\u00e1r\u00f3
 label.private.interface=Private Interface
@@ -1181,7 +1181,7 @@ label.release.dedicated.zone=Dedik\u00e1lt z\u00f3na elenged\u00e9se
 label.remind.later=Eml\u00e9keztess k\u00e9s\u0151bb\!
 label.remove.ACL=ACL elt\u00e1vol\u00edt\u00e1sa
 label.remove.egress.rule=Egress szab\u00e1ly t\u00f6rl\u00e9se
-label.remove.from.load.balancer=Removing instance from load balancer
+label.remove.from.load.balancer=P\u00e9ld\u00e1ny elt\u00e1vol\u00edt\u00e1sa a terhel\u00e9seloszt\u00f3b\u00f3l
 label.remove.ingress.rule=Ingress szab\u00e1ly t\u00f6rl\u00e9se
 label.remove.ip.range=IP tartom\u00e1ny elt\u00e1vol\u00edt\u00e1sa
 label.remove.ldap=LDAP elt\u00e1vol\u00edt\u00e1sa
@@ -1206,7 +1206,7 @@ label.replace.acl.list=ACL lista cser\u00e9je
 label.required=Sz\u00fcks\u00e9ges
 label.requires.upgrade=Friss\u00edt\u00e9st ig\u00e9nyel
 label.reserved.ip.range=Elk\u00fcl\u00f6n\u00edtett IP c\u00edmtartom\u00e1ny
-label.reserved.system.gateway=Reserved system gateway
+label.reserved.system.gateway=Elk\u00fcl\u00f6n\u00edtett rendszer \u00e1tj\u00e1r\u00f3
 label.reserved.system.ip=Elk\u00fcl\u00f6n\u00edtett rendszer IP
 label.reserved.system.netmask=Elk\u00fcl\u00f6n\u00edtett rendszer h\u00e1l\u00f3zati maszk
 label.resetVM=VM \u00fajraind\u00edt\u00e1sa
@@ -1233,7 +1233,7 @@ label.root.certificate=F\u0151tan\u00fas\u00edtv\u00e1ny
 label.root.disk.controller=Root disk controller
 label.root.disk.offering=Root Disk Offering
 label.root.disk.size=Root merevlemez m\u00e9ret
-label.router.vm.scaled.up=Router VM Scaled Up
+label.router.vm.scaled.up=Router VM felm\u00e9retezve
 label.routing.host=Routing Host
 label.routing=\u00datvonalv\u00e1laszt\u00e1s
 label.rule.number=Szab\u00e1ly sz\u00e1m
@@ -1263,7 +1263,7 @@ label.secondary.storage.count=Secondary Storage Pools
 label.secondary.storage.details=M\u00e1sodlagos t\u00e1r r\u00e9szletek
 label.secondary.storage.limits=M\u00e1sodlagos t\u00e1r korl\u00e1tok (GiB)
 label.secondary.storage=M\u00e1sodlagos t\u00e1r
-label.secondary.storage.vm=Secondary storage VM
+label.secondary.storage.vm=M\u00e1sodlagos t\u00e1r VM
 label.secondary.used=Haszn\u00e1lt m\u00e1sodlagos t\u00e1r
 label.secret.key=Titkos kulcs
 label.security.group=Biztons\u00e1gi csoport
@@ -1443,7 +1443,7 @@ label.update.ssl.cert= SSL tan\u00fas\u00edtv\u00e1ny
 label.update.ssl= SSL tan\u00fas\u00edtv\u00e1ny
 label.updating=Updating
 label.upgrade.required=Frissit\u00e9sre van sz\u00fcks\u00e9g
-label.upgrade.router.newer.template=Upgrade Router to Use Newer Template
+label.upgrade.router.newer.template=Router friss\u00edt\u00e9se \u00faj sablonnal
 label.upload=Felt\u00f6lt\u00e9s
 label.upload.volume=K\u00f6tet felt\u00f6lt\u00e9se
 label.url=URL
@@ -1482,7 +1482,7 @@ label.viewing=Megtekint\u00e9s
 label.view.more=Tov\u00e1bbiak megtekint\u00e9se
 label.view=N\u00e9zet
 label.view.secondary.ips=M\u00e1sodlagos IP c\u00edmek megtekint\u00e9se
-label.virtual.appliance.details=Virtual applicance details
+label.virtual.appliance.details=Virtu\u00e1lis k\u00e9sz\u00fcl\u00e9k r\u00e9szletei
 label.virtual.appliances=Virtu\u00e1lis k\u00e9sz\u00fcl\u00e9kek
 label.virtual.appliance=Virtu\u00e1lis k\u00e9sz\u00fcl\u00e9k
 label.virtual.machines=Virtu\u00e1lis g\u00e9pek
@@ -1585,7 +1585,7 @@ label.zone.step.4.title=4. l\u00e9p\u00e9s\: <strong>IP c\u00edmtartom\u00e1ny f
 label.zones=Z\u00f3n\u00e1k
 label.zone.type=Z\u00f3na t\u00edpus
 label.zone.wide=Eg\u00e9sz z\u00f3n\u00e1ra kiterjed\u0151
-label.zoneWizard.trafficType.guest=Guest\: Traffic between end-user virtual machines
+label.zoneWizard.trafficType.guest=Vend\u00e9g\: forgalom v\u00e9gfelhaszn\u00e1l\u00f3i virtu\u00e1lis g\u00e9pek k\u00f6z\u00f6tt
 label.zoneWizard.trafficType.management=Vez\u00e9rl\u00e9s\: forgalom a CloudStack felh\u0151 er\u0151forr\u00e1sai k\u00f6z\u00f6tt, bele\u00e9rtve azokat a komponenseket, amelyek a vez\u00e9rl\u0151 szerverrel kommunik\u00e1lnak, mint a kiszolg\u00e1l\u00f3k \u00e9s a rendszer VM-ek
 label.zoneWizard.trafficType.public=Publikus\: forgalom az internet \u00e9s a felh\u0151 virtu\u00e1lis g\u00e9pei k\u00f6z\u00f6tt
 label.zoneWizard.trafficType.storage=T\u00e1r\: forgalom az els\u0151dleges \u00e9s m\u00e1sodlagos t\u00e1r szerverek k\u00f6z\u00f6tt, p\u00e9ld\u00e1ul VM sablonok \u00e9s pillanatfelv\u00e9telek
@@ -1661,14 +1661,14 @@ message.action.stop.instance=Er\u0151s\u00edtsd meg, hogy le akarod \u00e1ll\u00
 message.action.stop.router=Minden ezzel a routerrel kapcsolatos szolg\u00e1ltat\u00e1s megszakad. Er\u0151s\u00edtsd meg, hogy le akarod \u00e1ll\u00edtani ezt a routert\!
 message.action.stop.systemvm=Er\u0151s\u00edtsd meg, hogy le akarod \u00e1ll\u00edtani ezt a rendszer VM-et\!
 message.action.take.snapshot=Er\u0151s\u00edtsd meg, hogy pillanatfelv\u00e9telt k\u00e9rsz err\u0151l a k\u00f6tetr\u0151l\!
-message.action.unmanage.cluster=Please confirm that you want to unmanage the cluster.
+message.action.unmanage.cluster=Er\u0151s\u00edtsd meg, hogy megszak\u00edtod a f\u00fcrt vez\u00e9rl\u00e9s\u00e9t\!
 message.action.vmsnapshot.delete=Er\u0151s\u00edtsd meg, hogy t\u00f6r\u00f6lni akarod ezt a VM pillanatfelv\u00e9telt\!
 message.action.vmsnapshot.revert=Revert VM snapshot
 message.activate.project=Biztosan aktiv\u00e1lni szeretn\u00e9d ezt a projektet?
 message.add.cluster=Add a hypervisor managed cluster for zone <b><span id\="zone_name"></span></b>, pod <b><span id\="pod_name"></span></b>
 message.add.cluster.zone=Add a hypervisor managed cluster for zone <b><span id\="zone_name"></span></b>
 message.add.disk.offering=Add meg a k\u00f6vetkez\u0151 param\u00e9tereket az \u00faj merevlemez aj\u00e1nlat felv\u00e9tel\u00e9hez
-message.add.domain=Please specify the subdomain you want to create under this domain
+message.add.domain=Adj meg egy aldom\u00e9nt, amit ez alatt a dom\u00e9n alatt l\u00e9tre akarsz hozni\!
 message.add.firewall=T\u0171zfal felv\u00e9tele a z\u00f3n\u00e1ba
 message.add.guest.network=Er\u0151s\u00edtsd meg, hogy vend\u00e9g h\u00e1l\u00f3zatot szeretn\u00e9l felvenni\!
 message.add.host=Add meg a k\u00f6vetkez\u0151 adatokat az \u00faj kiszolg\u00e1l\u00f3 felv\u00e9tel\u00e9hez
@@ -1677,18 +1677,18 @@ message.adding.Netscaler.device=Netscaler eszk\u00f6z felv\u00e9tele
 message.adding.Netscaler.provider=Netscaler szolg\u00e1ltat\u00f3 felv\u00e9tele
 message.add.ip.range.direct.network=Add an IP range to direct network <b><span id\="directnetwork_name"></span></b> in zone <b><span id\="zone_name"></span></b>
 message.add.ip.range=IP tartom\u00e1ny felv\u00e9tele a z\u00f3na publikus h\u00e1l\u00f3zat\u00e1hoz
-message.add.ip.range.to.pod=<p>Add an IP range to pod\: <b><span id\="pod_name_label"></span></b></p>
+message.add.ip.range.to.pod=<p>IP tartom\u00e1ny felv\u00e9tele a <b><span id\="pod_name_label"></span></b> pod-hoz</p>
 message.additional.networks.desc=V\u00e1lassz ki tov\u00e1bbi h\u00e1l\u00f3zatokat, amelyekhez a virtu\u00e1lis p\u00e9ld\u00e1nyod csatlakozik majd\!
 message.add.load.balancer=Terhel\u00e9seloszt\u00f3 felv\u00e9tele a z\u00f3n\u00e1ba
-message.add.load.balancer.under.ip=The load balancer rule has been added under IP\:
-message.add.network=Add a new network for zone\: <b><span id\="zone_name"></span></b>
-message.add.new.gateway.to.vpc=Please specify the information to add a new gateway to this VPC.
-message.add.pod=Add a new pod for zone <b><span id\="add_pod_zone_name"></span></b>
+message.add.load.balancer.under.ip=A terhel\u00e9seloszt\u00f3 szab\u00e1ly felv\u00e9telre ker\u00fclt a k\u00f6vetkez\u0151 IP-hez\:
+message.add.network=H\u00e1l\u00f3zat felv\u00e9tele a <b><span id\="zone_name"></span></b> z\u00f3n\u00e1ban
+message.add.new.gateway.to.vpc=Add meg az inform\u00e1ci\u00f3kat az \u00faj \u00e1tj\u00e1r\u00f3 felv\u00e9tel\u00e9hez a VPC-ben\!
 message.add.pod.during.zone.creation=Minden z\u00f3n\u00e1nak egy vagy t\u00f6bb pod-ot kell tartalmaznia. Vegy\u00fck fel az els\u0151 pod-ot\! A pod tartalmaz kiszolg\u00e1l\u00f3kat \u00e9s els\u0151dleges t\u00e1r szervereket, amelyeket a k\u00f6vetkez\u0151 l\u00e9p\u00e9sekben vesz\u00fcnk majd fel. El\u0151sz\u00f6r \u00e1ll\u00edts be egy elk\u00fcl\u00f6n\u00edtett IP c\u00edmtartom\u00e1nyt a CloudStack bels\u0151 forgalm\u00e1nak. A c\u00edmtartom\u00e1nynak egyedinek kell lennie a felh\u0151ben.
-message.add.primary=Please specify the following parameters to add a new primary storage
-message.add.primary.storage=Add a new Primary Storage for zone <b><span id\="zone_name"></span></b>, pod <b><span id\="pod_name"></span></b>
-message.add.region=Please specify the required information to add a new region.
-message.add.secondary.storage=Add a new storage for zone <b><span id\="zone_name"></span></b>
+message.add.pod=\u00daj pod felv\u00e9tele a <b><span id\="add_pod_zone_name"></span></b> z\u00f3n\u00e1ban
+message.add.primary=Add meg a k\u00f6vetkez\u0151 adatokat az \u00faj els\u0151dleges t\u00e1r felv\u00e9tel\u00e9hez
+message.add.primary.storage=\u00daj els\u0151dleges t\u00e1r felv\u00e9tele a <b><span id\="zone_name"></span></b> z\u00f3n\u00e1ban a <b><span id\="pod_name"></span> pod-hoz</b>
+message.add.region=Add meg az inform\u00e1ci\u00f3kat az \u00faj r\u00e9gi\u00f3 felv\u00e9tel\u00e9hez\!
+message.add.secondary.storage=\u00daj t\u00e1r felv\u00e9tele a <b><span id\="zone_name"></span> z\u00f3n\u00e1hoz</b>
 message.add.service.offering=T\u00f6ltsd ki a k\u00f6vetkez\u0151 adatokat a sz\u00e1m\u00edt\u00e1si aj\u00e1nlat l\u00e9trehoz\u00e1s\u00e1hoz\!
 message.add.system.service.offering=T\u00f6ltsd ki a k\u00f6vetkez\u0151 adatokat a \u00faj rendszer szolg\u00e1ltat\u00e1s aj\u00e1nlat l\u00e9trehoz\u00e1s\u00e1hoz\!
 message.add.template=T\u00f6ltsd ki a k\u00f6vetkez\u0151 adatokat \u00faj sablon felv\u00e9tel\u00e9hez\!
@@ -1697,8 +1697,8 @@ message.add.VPN.gateway=Er\u0151s\u00edtsd meg, hogy VPN \u00e1tj\u00e1r\u00f3t
 message.admin.guide.read=For VMware-based VMs, please read the dynamic scaling section in the admin guide before scaling. Would you like to continue?\\,
 message.advanced.mode.desc=Akkor v\u00e1laszd ezt a h\u00e1l\u00f3zat modellt, ha szeretn\u00e9d haszn\u00e1lni a VLAN t\u00e1mogat\u00e1st. Ez a h\u00e1l\u00f3zat modell biztos\u00edtja a legnagyobb rugalmass\u00e1got \u00e9s lehet\u0151v\u00e9 teszi, hogy a rendszergazd\u00e1k olyan aj\u00e1nlatokat biztos\u00edtsanak, mint a t\u0171zfalak, VPN vagy terhel\u00e9seloszt\u00f3k valamint a direkt \u00e9s virtu\u00e1lis h\u00e1l\u00f3zatok.
 message.advanced.security.group=V\u00e1laszd ezt, ha biztons\u00e1gi csoportokat akarsz haszn\u00e1lni a vend\u00e9g VM izol\u00e1ci\u00f3hoz\!
-message.advanced.virtual=Choose this if you wish to use zone-wide VLANs to provide guest VM isolation.
-message.after.enable.s3=S3-backed Secondary Storage configured. Note\: When you leave this page, you will not be able to re-configure S3 again.
+message.advanced.virtual=V\u00e1laszd ezt, ha z\u00f3na-szint\u0171 VLAN-okat szeretn\u00e9l haszn\u00e1lni a vend\u00e9g VM-ek izol\u00e1ci\u00f3j\u00e1ra\!
+message.after.enable.s3=Az S3-alap\u00fa m\u00e1sodlagos t\u00e1r konfigur\u00e1ci\u00f3ja k\u00e9sz. Megjegyz\u00e9s\: miut\u00e1n elhagytad ezt az oldalt, nem tudod majd az S3-at ism\u00e9t konfigur\u00e1lni.
 message.after.enable.swift=A Swift konfigur\u00e1ci\u00f3ja k\u00e9sz. Megjegyz\u00e9s\: miut\u00e1n elhagytad ezt az oldalt, nem tudod majd \u00fajrakonfigur\u00e1lni a Swift-et\!
 message.alert.state.detected=Alert state detected
 message.allow.vpn.access=Add meg a VPN felhaszn\u00e1l\u00f3 nev\u00e9t \u00e9s jelszav\u00e1t
@@ -1775,7 +1775,7 @@ message.confirm.scale.up.system.vm=Biztosan fel akarod m\u00e9retezni a rendszer
 message.confirm.shutdown.provider=Er\u0151s\u00edtsd meg, hogy le akarod \u00e1ll\u00edtani ezt a szolg\u00e1ltat\u00f3t
 message.confirm.start.lb.vm=Er\u0151s\u00edtsd meg, hogy el akarod ind\u00edtani az LB VM-et\!
 message.confirm.stop.lb.vm=Er\u0151s\u00edtsd meg, hogy le akarod \u00e1ll\u00edtani az LB VM-et\!
-message.confirm.upgrade.router.newer.template=Please confirm that you want to upgrade router to use newer template
+message.confirm.upgrade.router.newer.template=Er\u0151s\u00edtsd meg, hogy a routert \u00faj sablonnal akarod friss\u00edteni\!
 message.confirm.upgrade.routers.account.newtemplate=Er\u0151s\u00edtsd meg, hogy minden a sz\u00e1mla minden router\u00e9t friss\u00edteni akarod az \u00faj sablonnal\!
 message.confirm.upgrade.routers.cluster.newtemplate=Please confirm that you want to upgrade all routers in this cluster to use newer template
 message.confirm.upgrade.routers.newtemplate=Please confirm that you want to upgrade all routers in this zone to use newer template
@@ -1817,7 +1817,7 @@ message.detach.iso.confirm=Er\u0151s\u00edtsd meg, hogy le akarod v\u00e1lasztan
 message.disable.account=Er\u0151s\u00edtsd meg, hogy ki szeretn\u00e9d kapcsolni ezt a sz\u00e1ml\u00e1t. A sz\u00e1mla kikapcsol\u00e1s\u00e1val a sz\u00e1mla felhaszn\u00e1l\u00f3inak hozz\u00e1f\u00e9r\u00e9se az er\u0151forr\u00e1sokhoz megsz\u00fcnik. Minden fut\u00f3 virtu\u00e1lis g\u00e9p azonnal le lesz \u00e1ll\u00edtva.
 message.disable.snapshot.policy=Sikeresen kikapcsoltad a jelenlegi pillanatfelv\u00e9tel szab\u00e1lyt.
 message.disable.user=Er\u0151s\u00edtsd meg, hogy ki akarod kapcsolni a felhaszn\u00e1l\u00f3t\!
-message.disable.vpn.access=Please confirm that you want to disable Remote Access VPN.
+message.disable.vpn.access=Er\u0151s\u00edtsd meg, hogy ki akarod kapcsolni a t\u00e1voli VPN hozz\u00e1f\u00e9r\u00e9st\!
 message.disable.vpn=Biztosan ki akarod kapcsolni a VPN-t?
 message.disabling.network.offering=H\u00e1l\u00f3zat aj\u00e1nlat kikapcsol\u00e1sa
 message.disabling.vpc.offering=VPC aj\u00e1nlat kikapcsol\u00e1sa
@@ -1826,15 +1826,15 @@ message.download.ISO=Az ISO let\u00f6lt\u00e9s\u00e9hez kattints <a href\="\#">0
 message.download.template=A sablon let\u00f6lt\u00e9s\u00e9hez kattints <a href\="\#">00000</a>
 message.download.volume=A k\u00f6tet let\u00f6lt\u00e9s\u00e9hez kattints href\="\#">00000</a>
 message.download.volume.confirm=Er\u0151s\u00edtsd meg, hogy le akarod t\u00f6lteni ezt a k\u00f6tetet\!
-message.edit.account=Edit ("-1" indicates no limit to the amount of resources create)
+message.edit.account=Szerkeszt\u00e9s ("-1" jelzi az er\u0151forr\u00e1s haszn\u00e1lat\u00e1nak korl\u00e1tlans\u00e1g\u00e1t)
 message.edit.confirm=Er\u0151s\u00edtsd meg a v\u00e1ltoztat\u00e1sokat miel\u00f6tt a ment\u00e9sre kattintassz\!
 message.edit.limits=Hat\u00e1rozz meg korl\u00e1tokat a k\u00f6vetkez\u0151 er\u0151forr\u00e1sokhoz\! A "-1" jelzi a korl\u00e1tlanan felhaszn\u00e1l\u00e1st.
-message.edit.traffic.type=Please specify the traffic label you want associated with this traffic type.
+message.edit.traffic.type=Add meg a forgalom c\u00edmk\u00e9t, amit ezzel a forgalom t\u00edpussal akarsz \u00f6sszek\u00f6tni\!
 message.enable.account=Er\u0151s\u00edtsd meg, hogy be akarod kapcsolni ezt a sz\u00e1ml\u00e1t\!
 message.enabled.vpn=A t\u00e1voli hozz\u00e1f\u00e9r\u00e9s\u0171 VPN jelenleg be van kapcsolva \u00e9s hozz\u00e1f\u00e9rhet\u0151 az IP c\u00edmmel
 message.enabled.vpn.ip.sec=Your IPSec pre-shared key is
 message.enable.user=Er\u0151s\u00edtsd meg, hogy be akarod kapcsolni ezt a felhaszn\u00e1l\u00f3t\!
-message.enable.vpn.access=VPN is currently disabled for this IP Address.  Would you like to enable VPN access?
+message.enable.vpn.access=A VPN jelenleg ki van kapcsolva erre az IP c\u00edmre. Szeretn\u00e9d bekapcsolni a VPN hozz\u00e1f\u00e9r\u00e9st?
 message.enable.vpn=Er\u0151s\u00edtsd meg, hogy be szeretn\u00e9d kapcsolni a t\u00e1voli hozz\u00e1f\u00e9r\u00e9s\u0171 VPN-t ehhez az IP c\u00edmhez\!
 message.enabling.network.offering=H\u00e1l\u00f3zat aj\u00e1nlat bekapcsol\u00e1sa
 message.enabling.security.group.provider=Biztons\u00e1gi csoport szolg\u00e1ltat\u00f3 bekapcsol\u00e1sa
@@ -1926,7 +1926,7 @@ message.portable.ip.delete.confirm=Er\u0151s\u00edtsd meg, hogy t\u00f6r\u00f6ln
 message.project.invite.sent=Megh\u00edv\u00f3 elk\u00fcldve a felhaszn\u00e1l\u00f3nak. A felhaszn\u00e1l\u00f3 akkor ker\u00fcl a projektbe, amikor elfogadja a megh\u00edv\u00f3t.
 message.public.traffic.in.advanced.zone=Public traffic is generated when VMs in the cloud access the internet. Publicly-accessible IPs must be allocated for this purpose. End users can use the CloudStack UI to acquire these IPs to implement NAT between their guest network and their public network.<br/><br/>Provide at least one range of IP addresses for internet traffic.
 message.public.traffic.in.basic.zone=A publikus forgalom akkor keletkezik, amikor a felh\u0151 virtu\u00e1lis g\u00e9pei hozz\u00e1f\u00e9rnek az internethez vagy az interneten szolg\u00e1ltat\u00e1sokat biztos\u00edtanak. Publikusan el\u00e9rhet\u0151 IP c\u00edmeket kell erre a c\u00e9lra elk\u00fcl\u00f6n\u00edteni. Amikor l\u00e9trej\u00f6n egy p\u00e9ld\u00e1ny, ezekb\u0151l a publikus IP c\u00edmekb\u0151l kap egyet a p\u00e9ld\u00e1ny a vend\u00e9g IP c\u00edmen k\u00edv\u00fcl. Statikus 1-1 NAT lesz be\u00e1ll\u0167va a publikus \u00e9s a vend\u00e9g IP c\u00edmek k\u00f6z\u00f6tt. V\u00e9gfelhaszn\u00e1l\u00f3k haszn\u00e1lhatj\u00e1k a CloudStack fel\u00fcletet is \u00faj IP c\u00edmek beszerz\u00e9s\u00e9hez \u00e9s statikus NAT be\u00e1ll\u00edt\u00e1s\u00e1hoz.
-message.read.admin.guide.scaling.up=Please read the dynamic scaling section in the admin guide before scaling up.
+message.read.admin.guide.scaling.up=Olvasd el az adminisztr\u00e1torok \u00fatmutat\u00f3j\u00e1ban a dinamikus m\u00e9retez\u00e9sre vonatkoz\u00f3 r\u00e9szt miel\u0151tt folytatod\!
 message.recover.vm=Er\u0151s\u00edtsd meg, hogy helyre akarod \u00e1ll\u00edtani a VM-et.
 message.redirecting.region=\u00c1tir\u00e1ny\u00edt\u00e1s r\u00e9gi\u00f3ba...
 message.reinstall.vm=Figyelmeztet\u00e9s\: \u00d3vatosan\! Ha folytatod, a VM \u00fajra lesz telep\u00edtve a sablon alapj\u00e1n, a f\u0151 lemez\u00e9n tal\u00e1lhat\u00f3 adat elveszik. Amennyiben vannak tov\u00e1bbi merevlemezek, azok \u00e9rintetlenek maradnak.
@@ -1967,7 +1967,7 @@ message.step.3.continue=V\u00e1lassz egy merevlemez aj\u00e1nlatot a folytat\u00
 message.step.3.desc=
 message.step.4.continue=V\u00e1lassz legal\u00e1bb egy h\u00e1l\u00f3zatot a folytat\u00e1shoz\!
 message.step.4.desc=V\u00e1laszd ki az els\u0151dleges h\u00e1l\u00f3zatot, amelyhez a virtu\u00e1lis p\u00e9ld\u00e1nyod csatlakozni fog\!
-message.storage.traffic=Traffic between CloudStack\\'s internal resources, including any components that communicate with the Management Server, such as hosts and CloudStack system VMs. Please configure storage traffic here.
+message.storage.traffic=Forgalom a CloudStack felh\u0151 er\u0151forr\u00e1sai k\u00f6z\u00f6tt, bele\u00e9rtve azokat a komponenseket, amelyek a vez\u00e9rl\u0151 szerverrel kommunik\u00e1lnak, mint a kiszolg\u00e1l\u00f3k \u00e9s a rendszer VM-ek. \u00c1ll\u00edtsd be a t\u00e1r forgalmat itt\!
 message.suspend.project=Biztosan fel akarod f\u00fcggeszteni ezt a projektet?
 message.systems.vms.ready=A rendszer VM-ek elk\u00e9sz\u00fcltek.
 message.template.copying=A sablon m\u00e1sol\u00e1s alatt \u00e1ll.
@@ -2017,7 +2017,7 @@ message.you.must.have.at.least.one.physical.network=Sz\u00fcks\u00e9ged van lega
 message.your.cloudstack.is.ready=A CloudStack k\u00e9szen \u00e1ll\!
 message.Zone.creation.complete=A z\u00f3na l\u00e9trehoz\u00e1sa befejez\u0151d\u00f6tt
 message.zone.creation.complete.would.you.like.to.enable.this.zone=A z\u00f3na l\u00e9trehoz\u00e1sa befejez\u0151d\u00f6tt. Szeretn\u00e9d bekapcsolni a z\u00f3n\u00e1t?
-message.zone.no.network.selection=The zone you selected does not have any choices for network selection.
+message.zone.no.network.selection=A kiv\u00e1lasztott z\u00f3n\u00e1ban nincsen kiv\u00e1laszthat\u00f3 h\u00e1l\u00f3zat.
 message.zone.step.1.desc=V\u00e1lassz h\u00e1l\u00f3zat modellt a z\u00f3n\u00e1dnak\!
 message.zone.step.2.desc=Add meg a k\u00f6vetkez\u0151 inform\u00e1ci\u00f3kat az \u00faj z\u00f3n\u00e1hoz
 message.zone.step.3.desc=Add meg a k\u00f6vetkez\u0151 inform\u00e1ci\u00f3kat az \u00faj pod-hoz
diff --git a/client/WEB-INF/classes/resources/messages_nb_NO.properties b/client/WEB-INF/classes/resources/messages_nb_NO.properties
index 3bbf789647..42482b9065 100644
--- a/client/WEB-INF/classes/resources/messages_nb_NO.properties
+++ b/client/WEB-INF/classes/resources/messages_nb_NO.properties
@@ -21,11 +21,13 @@ error.could.not.change.your.password.because.ldap.is.enabled=Feil kunne ikke byt
 error.could.not.enable.zone=Kunne ikke aktivere sonen
 error.installWizard.message=Noe gikk galt. G\u00e5 tilbake og korriger feilene.
 error.invalid.username.password=Ugyldig brukernavn eller passord
+error.login=Ditt brukernavn/passord stemmer ikke overens med v\u00e5re opplysninger.
 error.mgmt.server.inaccessible=Administrasjonsserver er utilgjengelig. Vennligst pr\u00f8v igjen senere.
 error.password.not.match=Passordfeltene sammensvarer ikke
 error.session.expired=Din sesjon har utl\u00f8pt.
 error.something.went.wrong.please.correct.the.following=Noe gikk galt. Vennligst korrig\u00e9r f\u00f8lgende
 error.unable.to.reach.management.server=Kan ikke oppn\u00e5 kontakt med administrasjonsserveren
+error.unresolved.internet.name=Ditt internettnavn kan ikke l\u00f8ses.
 force.delete=Tving sletting
 force.remove=Tving fjerning
 force.stop=Tving stopp
@@ -43,11 +45,16 @@ label.account.lower=konto
 label.account.name=Kontonavn
 label.accounts=Kontoer
 label.acl=ACL
+label.acl.id=ACL ID
 label.acl.name=ACL Navn
+label.acl.replaced=ACL erstattet
+label.acquire.new.ip=Tilegne ny IP
 label.action.attach.disk.processing=Tilknytter Disk....
 label.action.attach.disk=Tilknytt Disk
 label.action.attach.iso.processing=Tilknytter ISO....
 label.action.attach.iso=Tilknytt ISO
+label.action.cancel.maintenance.mode=Avbryt vedlikeholdsmodus
+label.action.cancel.maintenance.mode.processing=Avbryter vedlikeholdsmodus....
 label.action.change.password=Endre passord
 label.action.change.service=Endre Tjeneste
 label.action.change.service.processing=Endrer Tjeneste....
@@ -111,6 +118,9 @@ label.action.destroy.instance.processing=\u00d8delegge instans....
 label.action.destroy.instance=\u00d8delegg Instans
 label.action.destroy.systemvm.processing=Sletter system VM....
 label.action.destroy.systemvm=Slett system VM
+label.action.detach.disk=Frakoble disk
+label.action.detach.iso=Frakoble ISO
+label.action.detach.iso.processing=Frakobler ISO....
 label.action.disable.account=Deaktiver konto
 label.action.disable.account.processing=Deaktiverer konto....
 label.action.disable.cluster=Deaktiver klyngen
@@ -137,6 +147,7 @@ label.action.edit.host=Editer vert
 label.action.edit.instance=Rediger instans
 label.action.edit.ISO=Rediger ISO
 label.action.edit.network=Editer Nettverk
+label.action.edit.network.offering=Editer nettverkstilbud
 label.action.edit.network.processing=Editerer Nettverk....
 label.action.edit.pod=Editer Pod
 label.action.edit.primary.storage=Editer Prim\u00e6rlagring
@@ -148,6 +159,8 @@ label.action.enable.account=Aktiver konto
 label.action.enable.account.processing=Aktiverer konto....
 label.action.enable.cluster=Aktiver klynge
 label.action.enable.cluster.processing=Aktiverer klyngen...
+label.action.enable.maintenance.mode=Aktiver vedlikeholdsmodus
+label.action.enable.maintenance.mode.processing=Aktiver vedlikeholdsmodus...
 label.action.enable.nexusVswitch=Aktiver Nexus 1000v
 label.action.enable.physical.network=Aktiver fysisk nettverk
 label.action.enable.pod=Aktiver pod
@@ -160,6 +173,7 @@ label.action.enable.zone=Aktiver sone
 label.action.enable.zone.processing=Aktiverer sone...
 label.action.generate.keys=Generer n\u00f8kler
 label.action.generate.keys.processing=Genererer n\u00f8kler....
+label.action=Handling
 label.action.list.nexusVswitch=Liste Nexus 1000v
 label.action.lock.account=L\u00e5s konto
 label.action.lock.account.processing=L\u00e5ser konto....
@@ -213,28 +227,39 @@ label.add.accounts=Legg til kontoer
 label.add.accounts.to=Legg kontoer til
 label.add.account.to.project=Legg kontoen til prosjektet
 label.add.ACL=Legg til ACL
+label.add.acl.list=Legg til ACL liste
+label.add.BigSwitchVns.device=Legg til BigSwitch Vnc kontroller
 label.add.by=Legg til ved
 label.add.cluster=Legg til klynge
 label.add.compute.offering=Legg til systemtilbud
 label.add.domain=Legg til domene
+label.added.new.bigswitch.vns.controller=Legg til ny BigSwitch VNS kontroller
+label.add.egress.rule=Legg til egress regel
+label.addes.new.f5=La til ny F5
 label.add.F5.device=Legg til F5 enhet
 label.add.firewall=Legg til brannmurregel
+label.add.gslb=Legg til GSLB
 label.add.guest.network=Legg til gjestenettverk
 label.add.host=Legg til vert
 label.adding.cluster=Legger til klynge
 label.adding.failed=Tillegging feilet
 label.adding.pod=Legger til pod
 label.adding.processing=Legger til
+label.add.ingress.rule=Legg til ingressregel
 label.adding.succeeded=Tillegging vellykket
 label.adding=Tillegger
 label.adding.user=Legger til bruker
 label.adding.zone=Legger til sone
+label.add.intermediate.certificate=Legg til intermediate sertifikat
+label.add.internal.lb=Legg til intern LB
 label.add.ip.range=Legg til IP-rekke
 label.add=Legg til
+label.add.list.name=ACL listenavn
 label.add.load.balancer=Legg til lastbalanserer
 label.add.more=Legg til mer
 label.add.netScaler.device=Legg til Netscaler enhet
 label.add.network.ACL=Legg til nettverk ACL
+label.add.network.acl.list=Legg til nettverk ACL liste
 label.add.network.device=Legg til nettverksenhet
 label.add.network=Legg til nettverk
 label.add.network.offering=Legg til nettverkstilbud
@@ -243,6 +268,8 @@ label.add.new.gateway=Legg til ny gateway
 label.add.new.NetScaler=Legg til ny NetScaler
 label.add.new.PA=Legg til ny Palo Alto
 label.add.new.SRX=Legg til ny SRX
+label.add.NiciraNvp.device=Legg til Nvp kontroller
+label.add.OpenDaylight.device=Legg til OpenDayLight kontroller
 label.add.PA.device=Legg til Palo Alto enhet
 label.add.physical.network=Legg til fysisk nettverk
 label.add.pod=Legg til pod
@@ -266,8 +293,12 @@ label.add.vlan=Legg til VLAN
 label.add.vm=Legg til VM
 label.add.vms=Legg til VMer
 label.add.vms.to.lb=Legg til VM(er) til lastbalanseringsregel
+label.add.vmware.datacenter=Legg til VMware datasenter
+label.add.vnmc.device=Legg til VNMC enhet
+label.add.vnmc.provider=Legg til VNMC tilbyder
 label.add.volume=Legg til volum
 label.add.vpc=Legg til VPC
+label.add.vpc.offering=Legg til VPC tilbud
 label.add.VPN.gateway=Legg til VPN Gateway
 label.add.vpn.user=Legg til VPN-bruker
 label.add.vxlan=Legg til VXLAN
@@ -278,10 +309,17 @@ label.advanced=Avansert
 label.advanced.mode=Avansermodus
 label.advanced.search=Avansert s\u00f8k
 label.agent.password=Agentpassord
+label.agent.state=Agentstatus
+label.agent.username=Agentbrukernavn
 label.agree=Godtar
+label.alert.archived=Varsel arkivert
+label.alert.deleted=Varsel slettet
+label.alert.details=Varseldetaljer
 label.alert=Varsel
+label.algorithm=Algoritme
 label.allocated=Allokert
 label.allocation.state=Allokeringsstatus
+label.allow=Tillat
 label.api.key=API-n\u00f8kkel
 label.api.version=API Versjon
 label.apply=Bruk
@@ -289,10 +327,12 @@ label.app.name=CloudStack
 label.archive.alerts=Arkiver varsler
 label.archive=Arkiv
 label.archive.events=Arkiver hendelser
+label.assign.instance.another=Tildel instans til en annen konto
 label.assign=Tildel
 label.attached.iso=Tilknyttet ISO
 label.author.email=Forfatter e-post
 label.author.name=Forfatternavn
+label.autoscale=Autoskaler
 label.availability=Tilgjengelighet
 label.availability.zone=Tilgjengelighetssone
 label.available.public.ips=Tilgjengelig offentlige IP-adresser
@@ -301,6 +341,10 @@ label.back=Tilbake
 label.bandwidth=B\u00e5ndbredde
 label.basic=Basis
 label.basic.mode=Basismodus
+label.bigswitch.vns.details=BigSwitch VNC detaljer
+label.blade.id=Blad-ID
+label.blades=Blad
+label.bootable=Botbar
 label.by.account=Etter Konto
 label.by.alert.type=Etter varseltype
 label.by.availability=Etter Tilgjengelighet
@@ -312,6 +356,7 @@ label.by.pod=Etter Pod
 label.by.role=Etter Rolle
 label.by.start.date=Etter Startdato
 label.bytes.received=Bytes Mottatt
+label.bytes.sent=Bytes sendt
 label.by.traffic.type=Etter Trafikktype
 label.by.type=Etter Type
 label.by.type.id=Etter Type ID
@@ -324,12 +369,14 @@ label.certificate=Sertifikat
 label.change.service.offering=Endre tjenestetilbud
 label.change.value=Endre verdi
 label.character=Karakter
+label.chassis=Kasse
 label.cidr=CIDR
 label.CIDR.list=CIDR liste
 label.cidr.list=Kilde-CIDR
 label.cisco.nexus1000v.ip.address=Nexus 1000v IP Addresse
 label.cisco.nexus1000v.password=Nexus 1000v Passord
 label.cisco.nexus1000v.username=Nexus 1000v Brukernavn
+label.ciscovnmc.resource.details=CiscoVNMC ressursdetaljer
 label.clean.up=Rydd opp
 label.clear.list=T\u00f8m liste
 label.close=Lukk
@@ -340,6 +387,7 @@ label.clusters=Klynger
 label.cluster.type=Klyngetype
 label.clvm=CLVM
 label.code=Kode
+label.community=Fellesskap
 label.compute.and.storage=Regnekraft og lagring
 label.compute=Beregne
 label.compute.offering=Regnekraftstilbud
@@ -347,12 +395,14 @@ label.compute.offerings=Regnekraftstilbud
 label.configuration=Konfigurering
 label.configure=Konfigurer
 label.configure.ldap=Konfigurer LDAP
+label.configure.network.ACLs=Konfigurer Nettverksaksesslister
 label.configure.vpc=Konfigurer VPC
 label.confirmation=Bekreftelse
 label.confirm.password=Bekreft passord
 label.congratulations=Gratulerer\!
 label.conserve.mode=Konserveringsmodus
 label.console.proxy=Konsollproxy
+label.console.proxy.vm=Konsollproxy VM
 label.continue.basic.install=Fortsett med enkelt oppsett
 label.continue=Fortsett
 label.copying.iso=Kopierer ISO
@@ -369,21 +419,31 @@ label.created=Opprettet
 label.create.project=Opprett prosjekt
 label.create.template=Opprett mal
 label.create.VPN.connection=Opprett VPN-tilkobling
+label.cross.zones=Kryssoner
 label.custom.disk.size=Tilpasset Diskst\u00f8rrelse
 label.daily=Daglig
 label.data.disk.offering=Datadisktilbud
 label.date=Dato
 label.decline.invitation=Avvis invitasjon
+label.dedicate.cluster=Dediker kluster
 label.dedicated=Dedikert
+label.dedicate=Dediker
+label.dedicate.host=Dediker host
+label.dedicate.zone=Dediker sone
 label.default=Standardverdi
 label.default.use=Standard bruk
 label.default.view=Standardvisning
+label.delete.acl.list=Slett ACL liste
 label.delete.alerts=Slette varsler
+label.delete.BigSwitchVns=Fjern BigSwitch Vns kontroller
 label.delete.ciscoASA1000v=Slett CiscoASA1000v
+label.delete.ciscovnmc.resource=Slett CiscoVNMC ressurs
 label.delete.events=Slett hendelser
 label.delete.F5=Slett F5
 label.delete.gateway=slett gateway
+label.delete.internal.lb=Slett intern LB
 label.delete.NetScaler=Slett Netscaler
+label.delete.OpenDaylight.device=Fjern OpenDaylight kontroller
 label.delete.PA=Slett Palo Alto
 label.delete.profile=Slett Profil
 label.delete.project=Slett prosjekt
@@ -394,6 +454,7 @@ label.delete.VPN.gateway=Slett VPN-gateway
 label.delete.vpn.user=Slett VPN-bruker
 label.deleting.failed=Sletting feilet
 label.deleting.processing=Sletter....
+label.deny=Nekt
 label.description=Beskrivelse
 label.destination.physical.network.id=Fysisk nettverksid-destinasjon
 label.destination.zone=Destinasjonssone
@@ -404,15 +465,21 @@ label.device.id=Enhets ID
 label.devices=Enheter
 label.dhcp=DHCP
 label.DHCP.server.type=DHCP servertype
+label.disable.autoscale=Deaktiver autoskalering
 label.disabled=Inaktiv
+label.disable.network.offering=Deaktiver nettverkstilbud
 label.disable.provider=Deaktiver tilbyder
+label.disable.vnmc.provider=Deatkiver VNMC tilbyder
+label.disable.vpc.offering=Deaktivert VPC tilbud
 label.disable.vpn=Dekativer VPN
 label.disabling.vpn.access=Deaktiverer VPN Tilgang
+label.disbale.vnmc.device=Deaktiver VNMC enhet
 label.disk.allocated=Disk allokert
 label.disk.iops.max=Maks IOPS
 label.disk.iops.min=Min IOPS
 label.disk.iops.total=IOPS Totalt
 label.disk.offering=Disktilbud
+label.disk.provisioningtype=Provisjoneringstype
 label.disk.read.bytes=Disk lese (Bytes)
 label.disk.read.io=Disk lese (IO)
 label.disk.size=Diskst\u00f8rrelse
@@ -423,6 +490,7 @@ label.disk.write.bytes=Disk skrive (Bytes)
 label.disk.write.io=Disk skrive (IO)
 label.display.name=Visningsnavn
 label.display.text=Visningstekst
+label.distributedrouter=DIstribuert router
 label.dns.1=DNS 1
 label.dns.2=DNS 2
 label.dns=DNS
@@ -435,25 +503,41 @@ label.domain.name=Domenenavn
 label.domain.router=Domeneruter
 label.done=Utf\u00f8rt
 label.drag.new.position=Dra til ny posisjon
+label.duration.in.sec=Varighet (i sek.)
+label.dynamically.scalable=Dynamisk skalerbar
+label.edit.acl.rule=Endre ACL regel
 label.edit=Editer
 label.edit.lb.rule=Endre LB-regel
 label.edit.network.details=Edit\u00e9r nettverksdetaljer
 label.edit.project.details=Editer prosjektdetaljer
+label.edit.region=Editer region
 label.edit.traffic.type=Endre trafikktype
 label.edit.vpc=Rediger VPC
+label.egress.default.policy=Egress standard policy
+label.egress.rule=Egressregel
+label.egress.rules=Egressregler
 label.elastic=Elastisk
 label.elastic.IP=Elastisk IP
 label.elastic.LB=Elastisk LB
 label.email=E-post
 label.email.lower=epost
+label.enable.autoscale=Aktiver autoskalering
+label.enable.network.offering=Aktiver nettverkstilbud
 label.enable.provider=Aktiver tilbyder
+label.enable.s3=Aktiver S3-st\u00f8ttet sekund\u00e6rlagring
 label.enable.swift=Aktiver Swift
+label.enable.vnmc.device=Aktiver VNMC enhet
+label.enable.vnmc.provider=Aktiver VNMC tilbyder
+label.enable.vpc.offering=Aktiver VPC tilbud
 label.enable.vpn=Aktiver VPN
 label.enabling.vpn.access=Aktiverer VPN-tilgang
 label.enabling.vpn=Aktiverer VPN
 label.end.IP=Slutt-IP
 label.end.port=Sluttport
+label.end.vlan=Slutt VLAN
+label.end.vxlan=Slutt VXLAN
 label.enter.token=Skriv inn koden
+label.error.code=Feilkode
 label.error=Feil
 label.error.upper=ERROR
 label.esx.host=ESX/ESXi vert
@@ -478,8 +562,22 @@ label.go.step.3=G\u00e5 til steg 3
 label.go.step.4=G\u00e5 til steg 4
 label.go.step.5=G\u00e5 til steg 5
 label.gpu=CPU
+label.group.by.account=Grupper p\u00e5 konto
+label.group.by.cluster=Grupper p\u00e5 kluster
+label.group.by.pod=Grupper p\u00e5 pod
+label.group.by.zone=Grupper p\u00e5 sone
 label.group=Gruppe
 label.group.optional=Gruppe (Valgfritt)
+label.gslb.assigned.lb.more=Tildel mer lastbalansering
+label.gslb.assigned.lb=Tildelt lastbalansering
+label.gslb.delete=Slett GSLB
+label.gslb.details=GSLB detaljer
+label.gslb.domain.name=GSLB domenenavn
+label.gslb=GSLB
+label.gslb.lb.details=Lastbalanseringsdetaljer
+label.gslb.lb.remove=Fjern lastbalansering fra denne GSLB
+label.gslb.lb.rule=Lastbalanseringsregel
+label.gslb.service=GSLB tjeneste
 label.guest.cidr=Gjest CIDR
 label.guest.end.ip=Gjest slutt-IP
 label.guest=Gjest
@@ -491,19 +589,27 @@ label.guest.start.ip=Gjest start-IP
 label.guest.traffic=Gjestetrafikk
 label.guest.type=Gjestetype
 label.ha.enabled=HA Aktivert
+label.health.check=Helsesjekk
 label.help=Hjelp
+label.hide.ingress.rule=Skjul ingressregel
 label.hints=Hint
 label.home=Hjem
 label.host.alerts=Vertsvarsler
 label.host.MAC=Verts MAC
 label.host.name=Vertsnavn
 label.hosts=Verter
+label.host.tags=Vertsknagger
 label.host=Vert
 label.hourly=Hver time
 label.hvm=HVM
+label.hypervisor=Hypervisor
+label.hypervisors=Hypervisors
+label.hypervisor.type=Hypervisor type
+label.hypervisor.version=Hypervisor versjon
 label.id=ID
 label.info=Info
 label.info.upper=INFO
+label.ingress.rule=Ingressregel
 label.installWizard.addClusterIntro.subtitle=Hva er en klynge?
 label.installWizard.addClusterIntro.title=La oss legge til en klynge
 label.installWizard.addHostIntro.subtitle=Hva er en vert?
@@ -523,9 +629,12 @@ label.installWizard.title=Hei og velkommen til CloudStack&\#8482
 label.instance=Instans
 label.instance.limits=Instans Begrensninger
 label.instance.name=Instans Navn
+label.instance.port=Instansport
+label.instance.scaled.up=Instans skalert opp
 label.instances=Instanser
 label.internal.dns.1=Intern DNS 1
 label.internal.dns.2=Intern DNS 2
+label.internal.lb.details=Intern LB detaljer
 label.internal.name=Internt navn
 label.introduction.to.cloudstack=Introduksjon til CloudStack&\#8482
 label.invitations=Invitasjoner
@@ -544,12 +653,18 @@ label.ipv4.cidr=IPv4 CIDR
 label.ipv4.dns1=IPv4 DNS1
 label.ipv4.dns2=IPv4 DNS2
 label.ipv4.end.ip=IPv4 Slutt IP
+label.ipv4.netmask=IPv4 nettmaske
 label.ipv4.start.ip=IPv4 Start IP
 label.ipv6.address=IPv6 IP Adresse
+label.ipv6.CIDR=IPv6 CIDR
+label.ipv6.dns1=IPv6 DNS1
+label.ipv6.dns2=IPv6 DNS2
 label.ipv6.end.ip=IPv6 Slutt IP
 label.ipv6.gateway=IPv6 Gateway
 label.ipv6.start.ip=IPv6 Start IP
+label.iscsi=iSCSI
 label.is.default=Er standard
+label.iso.boot=ISO Boot
 label.iso=ISO
 label.isolated.networks=Isolerte nettverk
 label.isolation.method=Isolasjonsmetode
@@ -559,19 +674,24 @@ label.is.shared=Er delt
 label.is.system=Er system
 label.item.listing=Elementlisting
 label.keep=Behold
+label.keyboard.type=Tastaturtype
 label.key=N\u00f8kkel
 label.kvm.traffic.label=KVM trafikketikett
+label.label=Etikett
 label.lang.arabic=Arabisk
 label.lang.brportugese=Brasiliansk Portugisisk
 label.lang.catalan=Katalansk
 label.lang.chinese=Kinesisk (Forenklet)
+label.lang.dutch=Dutch (Nederland)
 label.lang.english=Engelsk
 label.lang.french=Fransk
 label.lang.german=Tysk
+label.lang.hungarian=Ungarsk
 label.lang.italian=Italiensk
 label.lang.japanese=Japanesisk
 label.lang.korean=Koreansk
 label.lang.norwegian=Norsk
+label.lang.polish=Polsk
 label.lang.russian=Russisk
 label.lang.spanish=Spansk
 label.last.name=Etternavn
@@ -587,11 +707,13 @@ label.ldap.configuration=LDAP Konfigurering
 label.ldap.group.name=LDAP Gruppe
 label.ldap.port=LDAP port
 label.load.balancer=Lastbalanserer
+label.load.balancer.type=Lastbalanseringstype
 label.load.balancing=Lastbalansering
 label.load.balancing.policies=Regler for lastbalansering
 label.loading=Laster
 label.local=Lokal
 label.local.storage=Lokal lagring
+label.login=Logg inn
 label.logout=Logg ut
 label.lun=LUN
 label.LUN.number=LUN \#
@@ -600,16 +722,23 @@ label.manage=Administrer
 label.management=Administrasjon
 label.management.ips=Administrasjons IP-adresser
 label.manage.resources=Behandle ressurser
+label.max.cpus=Maks CPU kjerner
 label.maximum=Maksimum
 label.max.instances=Maks Instanser
+label.max.memory=Maks minne (MiB)
+label.max.networks=Maks nettverk
+label.max.primary.storage=Maks prim\u00e6r (GiB)
 label.max.public.ips=Maks offentlige IPer
+label.max.secondary.storage=Maks sekund\u00e6r (GiB)
 label.max.snapshots=Maks \u00f8yeblikksbilder
 label.max.templates=Maks maler
 label.max.vms=Maks bruker-VMer
 label.max.volumes=Maks volumer
+label.max.vpcs=Maks VPCs
 label.may.continue=Du kan n\u00e5 fortsette.
 label.md5.checksum=MD5 sjekksum
 label.memory.allocated=Minne allokert
+label.memory.limits=Minnebegrensning (MiB)
 label.memory.mb=Minne (i MB)
 label.memory=Minne
 label.memory.total=Minne totalt
@@ -621,6 +750,7 @@ label.menu.all.instances=Alle instanser
 label.menu.configuration=Konfigurering
 label.menu.domains=Domener
 label.menu.events=Hendelser
+label.menu.global.settings=Globale innstillinger
 label.menu.infrastructure=Infrastruktur
 label.menu.instances=Instanser
 label.menu.ipaddresses=IP-adresser
@@ -645,16 +775,20 @@ label.menu.system.vms=System VMer
 label.menu.templates=Maler
 label.menu.virtual.resources=Virtuelle ressurser
 label.menu.volumes=Volumer
+label.menu.vpc.offerings=VPC tilbud
 label.migrate.instance.to.host=Migrer instansen til en annen vert
 label.migrate.instance.to=Migrer instans til
 label.migrate.instance.to.ps=Migrer instansen til en annen sekund\u00e6r lagring.
+label.migrate.lb.vm=Migrer LB VM
 label.migrate.router.to=Migrer Ruter til
 label.migrate.systemvm.to=Migrer System VM til
 label.migrate.to.host=Migrer til vert
 label.migrate.to.storage=Migrer til lagring
+label.migrate.volume=Migrer volum
 label.migrate.volume.to.primary.storage=Migrer volumet til en annen prim\u00e6rlagring.
 label.minimum=Minimum
 label.min.instances=Min Instanser
+label.mode=Modus
 label.monday=Mandag
 label.monthly=M\u00e5nedlig
 label.more.templates=Flere maler
@@ -668,12 +802,15 @@ label.my.templates=Mine maler
 label.name.lower=Navn
 label.name=Navn
 label.name.optional=Navn (Valgfritt)
+label.na=N/A
 label.nat.port.range=NAT portrekke
 label.netmask=Nettmaske
 label.netscaler.details=NetScaler detaljer
 label.netScaler=NetScaler
 label.network.ACL=Nettverk ACL
 label.network.ACLs=Nettverk ACLer
+label.network.addVM=Legg nettverk til VM
+label.network.cidr=Nettverk CIDR
 label.network.desc=Nettverksbeskrivelse
 label.network.device=Nettverksenhet
 label.network.device.type=Type nettverksenhet
@@ -682,9 +819,11 @@ label.network.domain.text=Nettverksdomene
 label.network.id=Nettverks ID
 label.networking.and.security=Nettverk og sikkerhet
 label.network.label.display.for.blank.value=Bruk standard gateway
+label.network.limits=Nettverksbegrensninger
 label.network.name=Nettverksdame
 label.network=Nettverk
 label.network.offering=Nettverkstilbud
+label.network.read=Nettverk les
 label.networks=Nettverk
 label.new=Ny
 label.new.password=Nytt passord
@@ -695,24 +834,41 @@ label.nexusVswitch=Nexus 1000v
 label.nfs=NFS
 label.nfs.server=NFS Server
 label.nfs.storage=NFS Lagring
+label.nic.adapter.type=NIC adaptertype
 label.nicira.nvp.details=Nicira NVP detaljer
 label.nics=NICer
 label.no.data=Ingen data \u00e5 vise
+label.no.grouping=(ingen gruppering)
+label.no.isos=Ingen tilgjengelige ISOer
+label.no.items=Ingen tilgjengelige elementer
 label.no=Nei
 label.none=Ingen
+label.no.security.groups=Ingen tilgjengelige sikkerhetsgrupper
 label.not.found=Ikke funnet
 label.no.thanks=Nei, takk
 label.notifications=Notifikasjoner
 label.number.of.clusters=Antall klynger
+label.number.of.cpu.sockets=Totalt antall CPU-sockets
+label.number.of.hosts=Antall verter
 label.number.of.pods=Antall pods
+label.number.of.system.vms=Antall System VMer
 label.number.of.virtual.routers=Antall virtuelle rutere
 label.number.of.zones=Antall soner
+label.num.cpu.cores=\# av CPU-kjerner
+label.ocfs2=OCFS2
 label.offer.ha=Tilby HA
 label.ok=OK
+label.opendaylight.controllerdetail=OpenDaylight kontrollerdetaljer
+label.opendaylight.controller=OpenDaylight kontroller
+label.opendaylight.controllers=OpenDaylight kontrollere
+label.openDaylight=OpenDaylight
 label.optional=Valgfritt
 label.order=Rekkef\u00f8lge
 label.os.type=OS-type
+label.other=Andre
 label.ovs=OVS
+label.owner.account=Eierkonto
+label.owner.domain=Eierdomene
 label.palo.alto.details=Palo Alto detaljer
 label.PA=Palo Alto
 label.passive=Passiv
@@ -774,29 +930,49 @@ label.rbd.monitor=Ceph monitor
 label.rbd.pool=Ceph pool
 label.rbd=RBD
 label.reboot=Restart
+label.recover.vm=Gjenopprett VM
 label.redundant.router.capability=Redundant ruter
 label.redundant.router=Redundant ruter
 label.redundant.state=Redundant tilstand
+label.refresh.blades=Oppdater blad(er)
 label.refresh=Oppfrisk
 label.region=Region
 label.reinstall.vm=Reinstaller VM
 label.related=Relaterte
+label.release.dedicated.cluster=Frigj\u00f8r dedikert kluster
+label.release.dedicated.host=Frigj\u00f8r dedikert host
+label.release.dedicated.zone=Frigj\u00f8r dedikert sone
 label.remind.later=P\u00e5minn meg senere
 label.remove.ACL=Fjern ACL
+label.remove.egress.rule=Fjern egressregel
 label.remove.from.load.balancer=Fjerner instans fra lastbalanserer
+label.remove.ingress.rule=Fjern ingressregel
 label.remove.ip.range=Fjern IP-rekke
 label.remove.ldap=Fjern LDAP
+label.remove.network.offering=Fjern nettverkstilbud
 label.remove.pf=Fjern portvideresendingsregel
+label.remove.project.account=Fjern konto fra prosjekt
 label.remove.region=Fjern region
 label.remove.rule=Fjern regel
 label.remove.static.nat.rule=Fjern statisk NAT-regel
 label.remove.static.route=Fjern statisk rute
+label.remove.vm.from.lb=Fjern VM fra lastbalanseringsregel
+label.remove.vmware.datacenter=Fjern VMware datasenter
 label.remove.vpc=fjern VPC
+label.remove.vpc.offering=Fjern VPC tilbud
 label.removing=Fjerner
 label.removing.user=Fjerner Bruker
+label.reource.id=Ressurs ID
+label.replace.acl=Erstatt ACL
 label.required=P\u00e5krevd
+label.requires.upgrade=Krever oppgradering
 label.reserved.system.ip=Reservert System IP
 label.reset.VPN.connection=Resett VPN-tilkobling
+label.resize.new.offering.id=Nytt tilbud
+label.resize.new.size=Ny st\u00f8rrelse (GB)
+label.resize.shrink.ok=Krympe OK
+label.resource.limits=Ressursbegrensninger
+label.resource.name=Ressursnavn
 label.resource=Ressurs
 label.resources=Ressurser
 label.restart.network=Nettverksomstart
@@ -806,12 +982,19 @@ label.restore=Gjenopprett
 label.review=Gjennomg\u00e5
 label.revoke.project.invite=Tilbakekall invitasjonen
 label.role=Rolle
+label.root.certificate=Rootsertifikat
+label.root.disk.controller=Root diskkontroller
+label.root.disk.offering=Root disktilbud
 label.root.disk.size=Rotdiskst\u00f8rrelse
+label.router.vm.scaled.up=RuterVM skalert opp
 label.routing=Ruting
+label.rule.number=Regelnummer
 label.rules=Regler
 label.running.vms=Kj\u00f8rende VMer
+label.s3.access_key=Aksessn\u00f8kkel
 label.s3.nfs.path=S3 NFS Sti
 label.s3.nfs.server=S3 NFS Server
+label.s3.secret_key=Hemmelig n\u00f8kkel
 label.s3.use_https=Bruk HTTPS
 label.saturday=L\u00f8rdag
 label.save.and.continue=Lagre og fortsett
@@ -820,6 +1003,7 @@ label.saving.processing=Lagrer....
 label.search=S\u00f8k
 label.secondary.storage=Sekund\u00e6rlagring
 label.secondary.storage.vm=Sekund\u00e6rlagring VM
+label.secret.key=Hemmelig n\u00f8kkel
 label.security.group.name=Sikkerhetsgruppenavn
 label.security.group=Sikkerhetsgruppe
 label.security.groups=Sikkerhetsgrupper
@@ -841,23 +1025,31 @@ label.service.offering=Tjenestetilbud
 label.service.state=Tjeneste Status
 label.services=Tjenester
 label.session.expired=Sesjon utl\u00f8pt
+label.set.default.NIC=Sett som standard NIC
 label.settings=Innstillinger
 label.setup.network=Nettverksoppsett
 label.setup=Oppsett
 label.setup.zone=Soneoppsett
 label.set.up.zone.type=Oppsett av sonetype
 label.shared=Delt
+label.show.advanced.settings=VIs avanserte instillinger
+label.show.ingress.rule=Vis ingressregel
 label.shutdown.provider=Steng tilbyder
+label.site.to.site.VPN=Site-to-site VPN
 label.size=St\u00f8rrelse
 label.skip.guide=Jeg har brukt CloudStack tidligere. Hopp over denne veiviseren
 label.smb.domain=SMB Domene
 label.smb.password=SMB Passord
 label.smb.username=SMB Brukernavn
+label.snapshot.s=\u00d8yeblikksbilde(r)
 label.snapshots=\u00d8yeblikksbilder
 label.snapshot=\u00d8yeblikksbilde
 label.SNMP.port=SNM Port
 label.sockets=CPU Sokkel
+label.source.ip.address=Kilde IP-adresse
 label.source.nat=Kilde NAT
+label.source.nat.supported=SourceNAT st\u00f8ttet
+label.source.port=Kildeport
 label.specify.IP.ranges=Spesifiser IP-rekker
 label.specify.vlan=Spesifiser VLAN
 label.specify.vxlan=Spesifiser VXLAN
@@ -865,7 +1057,10 @@ label.SR.name=SR navnelapp
 label.srx.details=SRX detaljer
 label.srx=SRX
 label.start.IP=Start-IP
+label.start.lb.vm=Start LB VM
 label.start.port=Start port
+label.start.vlan=Start VLAN
+label.start.vxlan=Start VXLAN
 label.state=Status
 label.static.nat.enabled=Statisk NAT aktivert
 label.static.nat=Statistk NAT
@@ -886,6 +1081,9 @@ label.stickiness=Klebrighet
 label.sticky.domain=Domene
 label.sticky.expire=Utl\u00f8per
 label.sticky.length=Lengde
+label.sticky.mode=Modus
+label.sticky.tablesize=Tabellst\u00f8rrelse
+label.stop.lb.vm=Stop LB VM
 label.stopped.vms=Stoppede VMer
 label.stop=Stopp
 label.storage=Lagring
@@ -901,6 +1099,8 @@ label.suspend.project=Suspender prosjekt
 label.switch.type=Svitsjtype
 label.system.capacity=Systemkapasistet
 label.system.offering=Systemtilbud
+label.system.vm.details=SystemVM-detaljer
+label.system.vm.scaled.up=SystemVM skalert opp
 label.system.vms=System VMer
 label.system.vm=System VM
 label.tagged=Tagget
@@ -919,6 +1119,7 @@ label.total.CPU=Totalt CPU
 label.total.hosts=Totalt Verter
 label.total.memory=Totalt minne
 label.total.storage=Totalt lagring
+label.total.virtual.routers.upgrade=Totalt antall virtuelle routere som trenger oppgradering
 label.traffic.label=Trafikketikett
 label.traffic.types=Trafikktyper
 label.traffic.type=Trafikktype
@@ -926,17 +1127,21 @@ label.tuesday=Tirsdag
 label.type.id=Type ID
 label.type.lower=type
 label.type=Type
+label.ucs=UCS
+label.unavailable=Utilgjengelig
 label.unlimited=Ubegrenset
 label.update.project.resources=Oppdater prosjektressurser
 label.update.ssl.cert= SSL-sertifikat
 label.update.ssl= SSL-sertifikat
 label.updating=Oppdaterer
 label.upgrade.required=Oppgradering er p\u00e5krevd
+label.upgrade.router.newer.template=Oppgrader ruter til nyere mal
 label.upload=Last opp
 label.upload.volume=Last opp volum
 label.url=URL
 label.used=Brukt
 label.user=Bruker
+label.user.data=Brukerdata
 label.username=Brukernavn
 label.username.lower=brukernavn
 label.users=Brukere
@@ -945,12 +1150,19 @@ label.use.vm.ips=Bruk VM IPer
 label.value=Verdi
 label.vcdcname=vCenter DC navn
 label.vcenter.cluster=vCenter Klynge
+label.vcenter.datacenter=vCenter Datacenter
+label.vcenter.datastore=vCenter Datastore
 label.vcenter.host=vCenter Vert
 label.vcenter.password=vCenter passord
 label.vcenter.username=vCenter brukernavn
 label.vcenter=vcenter
 label.vcipaddress=vCenter IP-adresse
 label.version=Versjon
+label.vgpu.max.resolution=Maks oppl\u00f8sning
+label.vgpu.max.vgpu.per.gpu=VGPUs per GPU
+label.vgpu.type=vGPU type
+label.vgpu=VGPU
+label.vgpu.video.ram=Video RAM
 label.view.all=Vis alle
 label.view.console=Se konsoll
 label.viewing=Viser
@@ -959,6 +1171,10 @@ label.view.secondary.ips=Se sekund\u00e6re IPer
 label.view=Vis
 label.virtual.machines=Virtuelle maskiner
 label.virtual.network=Virtuelt-nettverk
+label.virtual.routers.group.account=Virtuelle rutere gruppert p\u00e5 konto
+label.virtual.routers.group.cluster=Virtuelle rutere gruppert p\u00e5 kluster
+label.virtual.routers.group.pod=Virtuelle rutere gruppert p\u00e5 pod
+label.virtual.routers.group.zone=Virtuelle rutere gruppert p\u00e5 sone
 label.virtual.routers=Virtuelle rutere
 label.virtual.router=Virtuell ruter
 label.vlan.id=VLAN/VNI ID
@@ -969,28 +1185,45 @@ label.vm.destroy=Destruer
 label.vm.display.name=Visningsnavn for VM
 label.VMFS.datastore=VMFS lagringsomr\u00e5de
 label.vmfs=VMFS
+label.vm.id=VM ID
 label.vm.ip=VM IP Adresse
 label.vm.name=VM-navn
+label.vm.password=Passord til VM er
 label.vm.reboot=Restart
+label.vmsnapshot.parentname=Forelder
 label.vmsnapshot.type=Type
 label.vmsnapshot=VM \u00d8yeblikksbilder
 label.vm.start=Start
+label.vm.state=VM-status
 label.vm.stop=Stopp
 label.vms=VMer
+label.vmware.datacenter.id=VMware datasenter ID
+label.vmware.datacenter.name=VMware datasenternavn
+label.vmware.datacenter.vcenter=VMware datasenter vcenter
 label.vmware.traffic.label=VMware trafikketikett
 label.vnet.id=VLAN/VNI ID
 label.vnet=VLAN/VNI
+label.vnmc.devices=VNMC enheter
+label.vnmc=VNMC
 label.volgroup=Volumgruppe
+label.volume.details=Volumdetaljer
 label.volume.limits=Volumbegrensninger
+label.volume.migrated=Volum migrert
 label.volume.name=Volumnavn
 label.volumes=Volumer
 label.volume=Volum
+label.vpc.distributedvpcrouter=Distribuert VPC router
 label.vpc.id=VPC ID
+label.VPC.limits=VPC begrensninger
+label.vpc.offering.details=VPC tilbudsdetaljer
+label.vpc.offering=VPC tilbud
 label.VPC.router.details=VPC ruterdetaljer
 label.vpc=VPC
 label.VPN.connection=VPN-tilkobling
 label.VPN.gateway=VPN Gateway
 label.vpn=VPN
+label.vswitch.name=vSwitch navn
+label.vSwitch.type=vSwitch type
 label.vxlan.id=VXLAN ID
 label.vxlan.range=VXLAN-rekke
 label.vxlan=VXLAN
@@ -1002,8 +1235,11 @@ label.weekly=Ukentlig
 label.welcome.cloud.console=Velkommen til administrasjonskonsollet
 label.welcome=Velkommen
 label.what.is.cloudstack=Hva er CloudStack&\#8482?
+label.xenserver.tools.version.61.plus=Original XS versjon er 6.1\\+
+label.Xenserver.Tools.Version61plus=Original XS versjon er 6.1\\+
 label.xenserver.traffic.label=XenServer trafikketikett
 label.yes=Ja
+label.zone.dedicated=Dedikert sone
 label.zone.details=Sonedetaljer
 label.zone.id=Sone ID
 label.zone.lower=Sone
@@ -1042,6 +1278,7 @@ message.action.disable.nexusVswitch=Vennligst bekreft at du \u00f8nsker \u00e5 d
 message.action.disable.physical.network=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere dette fysiske nettverket.
 message.action.disable.pod=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne poden
 message.action.disable.zone=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere denne sonen.
+message.action.downloading.template=Laster ned mal.
 message.action.download.iso=Vennligst bekreft at du \u00f8nsker \u00e5 laste ned denne ISO.
 message.action.download.template=Vennligst bekreft at du \u00f8nsker \u00e5 laste ned denne malen.
 message.action.enable.cluster=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne klyngen.
@@ -1068,6 +1305,7 @@ message.add.load.balancer.under.ip=Lastbalanseringsregelen har blitt lagt til un
 message.add.VPN.gateway=Vennligst bekreft at du \u00f8nsker \u00e5 legge til en VPN Gateway
 message.alert.state.detected=Alarm oppdaget
 message.change.password=Vennligst endre ditt passord
+message.configure.ldap=Bekreft at du \u00f8nsker \u00e5 konfigurere LDAP.
 message.configuring.guest.traffic=Konfigurerer gjestetrafikk
 message.configuring.physical.networks=Konfigurer fysisk nettverk
 message.configuring.public.traffic=Konfigurerer offentlig trafikk
@@ -1078,10 +1316,20 @@ message.confirm.delete.NetScaler=Vennligst bekreft at du \u00f8nsker \u00e5 slet
 message.confirm.delete.PA=Vennligst bekreft at du vil slette Palo Alto
 message.confirm.delete.SRX=Vennligst bekreft at du \u00f8nsker \u00e5 slette SRX
 message.confirm.destroy.router=Vennligst bekreft at du \u00f8nsker \u00e5 fjerne denne ruteren
+message.confirm.disable.network.offering=Er du sikker p\u00e5 at du vil deaktivere dette nettverkstilbudet?
 message.confirm.disable.provider=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere denne tilbyderen
+message.confirm.disable.vpc.offering=Er du sikker p\u00e5 at du vil deaktivere dette VPC tilbudet?
+message.confirm.enable.network.offering=Vil du aktivere dette nettverkstilbudet?
 message.confirm.enable.provider=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne tilbyderen
 message.confirm.join.project=Vennligst bekreft at du \u00f8nsker \u00e5 delta i dette prosjektet.
+message.confirm.remove.network.offering=Er du sikker p\u00e5 at du vil fjerne dette nettverkstilbudet?
+message.confirm.remove.vpc.offering=Er du sikker p\u00e5 at du vil fjerne dette VPC tilbudet?
+message.confirm.scale.up.router.vm=\u00d8nsker du \u00e5 skalere opp denne Ruter-VMen?
+message.confirm.scale.up.system.vm=\u00d8nsker du \u00e5 skalere opp denne system VM?
 message.confirm.shutdown.provider=Vennligst bekreft at du \u00f8nsker \u00e5 stenge denne tilbyderen
+message.confirm.start.lb.vm=Vennligst bekreft at du vil starte LB VM
+message.confirm.stop.lb.vm=Vennligst bekreft at du vil stoppe LB VM
+message.copy.template.confirm=\u00d8nsker du \u00e5 kopiere malen?
 message.create.template=Er du sikker p\u00e5 at du \u00f8nsker \u00e5 lage malen?
 message.creating.cluster=Oppretter klynge
 message.creating.guest.network=Oppretter gjestenettverk
@@ -1089,6 +1337,7 @@ message.creating.physical.networks=Oppretter fysiske nettverk
 message.creating.pod=Oppretter pod
 message.creating.primary.storage=Oppretter prim\u00e6rlagring
 message.creating.secondary.storage=Oppretter sekund\u00e6rlagring
+message.creating.systemVM=Oppretter system-VMer (dette kan ta litt tid)
 message.creating.zone=Oppretter sone
 message.decline.invitation=Er du sikker p\u00e5 du \u00f8nsker \u00e5 avvise denne prosjektinvitasjonen?
 message.delete.gateway=Vennligst bekreft at du \u00f8nsker \u00e5 slette gateway
@@ -1098,11 +1347,21 @@ message.delete.VPN.connection=Vennligst bekreft at du \u00f8nsker \u00e5 slette
 message.detach.disk=Er du sikker p\u00e5 at du \u00f8nsker \u00e5 frakoble denne disken?
 message.disable.user=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere denne bruker.
 message.disable.vpn=Er du sikker p\u00e5 at du vil deaktivere VPN?
+message.disabling.network.offering=Deaktiverer nettverkstilbud
+message.disabling.vpc.offering=Deaktiverer VPC tilbud
+message.disallowed.characters=Ikke tillatte tegn\: \\<\\,\\>
+message.enable.account=Bekreft at du \u00f8nsker \u00e5 aktivere denne kontoen.
+message.enabled.vpn.ip.sec=Din IPSec delte n\u00f8kkel (psk) er
 message.enable.user=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne bruker.
 message.enable.vpn=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere VPN-tilgang for denne IP-adressen
+message.enabling.network.offering=Aktiver nettverkstilbud
+message.enabling.vpc.offering=Aktiverer VPC tilbud
 message.enabling.zone=Aktiverer sonen
+message.enabling.zone.dots=Aktiverer sone...
+message.enter.seperated.list.multiple.cidrs=Skriv inn en kommaseparert liste over CIDRs hvis du har mer enn en
 message.enter.token=Vennligst skriv inn koden du fikk i invitasjonsmailen.
 message.generate.keys=Vennligst bekreft at du \u00f8nsker \u00e5 generere nye n\u00f8kler for denne bruker.
+message.gslb.delete.confirm=Vennligst bekreft at du vil slette denne GSLB
 message.installWizard.click.retry=Klikk p\u00e5 knappen for \u00e5 pr\u00f8ve oppstart p\u00e5 nytt.
 message.installWizard.tooltip.addCluster.name=Klyngenavnet. Dette kan v\u00e6re hva som helst og er ikke benyttet av CloudStack.
 message.installWizard.tooltip.addHost.hostname=DNS-navnet eller IP-adressen til verten.
@@ -1123,6 +1382,7 @@ message.installWizard.tooltip.configureGuestTraffic.description=En beskrivelse a
 message.installWizard.tooltip.configureGuestTraffic.guestGateway=Gatewayen gjestene skal bruke
 message.installWizard.tooltip.configureGuestTraffic.guestNetmask=Nettmasken benyttet p\u00e5 subnettet gjestene skal bruke
 message.installWizard.tooltip.configureGuestTraffic.name=Et navn for nettverket
+message.instance.scaled.up.confirm=\u00d8nsker du \u00e5 skalere opp denne instancen?
 message.instanceWizard.noTemplates=Du har ingen maler tilgjengelig. Vennligst legg til en kompatibel mal og kj\u00f8r instansveiviseren.
 message.ip.address.changed=Din IP-adresse kan ha endret seg. \u00d8nsker du \u00e5 oppdatere visningen? Merk at detaljvisningen vil i s\u00e5fall lukkes.
 message.iso.desc=Diskimage som inneholder data etter oppstartsbar media for OS
@@ -1133,6 +1393,9 @@ message.migrate.instance.to.ps=Vennligst bekreft at du \u00f8nsker \u00e5 migrer
 message.migrate.router.confirm=Vennligst bekreft verten du \u00f8nsker \u00e5 migrere ruteren til\:
 message.migrate.systemvm.confirm=Vennligst bekreft verten du \u00f8nsker \u00e5 migrere system VM til\:
 message.migrate.volume=Vennligst bekreft at du \u00f8nsker \u00e5 migrere volumet til en annen prim\u00e6rlagring.
+message.network.addVM.desc=Vennligst spesifiser nettverket du vil legge til denne VMen. Et nytt NIC vil bli lagt til for dette nettverket.
+message.network.addVMNIC=Vennligst bekreft at du vil legge til ett nytt NIC for dette nettverket.
+message.no.host.available=Ingen hoster tilgjengelig for migrering
 message.no.projects.adminOnly=Du har ingen prosjekter.<br/>Vennligst be din administrator om \u00e5 opprette et nytt prosjekt.
 message.no.projects=Du har ingen prosjekter.<br/>Vennligst opprett et nytt fra prosjektseksjonen.
 message.pending.projects.1=Du har f\u00f8lgende prosjektinvitasjoner\:
@@ -1144,6 +1407,9 @@ message.please.select.a.different.public.and.management.network.before.removing=
 message.please.select.networks=Vennligst velg nettverk for din VM
 message.please.wait.while.zone.is.being.created=Vennlist vent mens din sone opprettes. Dette kan ta noe tid...
 message.project.invite.sent=Invitasjon sendt til bruker. De vil bli lagt til prosjektet s\u00e5 snart de har akseptert invitasjonen
+message.recover.vm=Vennligst bekreft at du \u00f8nsker \u00e5 gjenopprette denne VMen.
+message.reinstall.vm=Advarsel\: Fortsett med forsiktighet. Dette vil reinstallere VMen fra malen; data p\u00e5 rot-disken vil forsvinne. Ekstra datavolumer; hvis noen, vil ikke bli r\u00f8rt.
+message.remove.ldap=Er du sikker p\u00e5 at du vil slette LDAP-konfigurasjonen?
 message.remove.region=Er du sikker p\u00e5 at du vil fjerne denne regionen fra denne administrasjonsserveren?
 message.remove.vpc=Vennligst bekreft at du \u00f8nsker \u00e5 fjerne VPC
 message.reset.password.warning.notPasswordEnabled=Denne malen vil bli opprettet uten passord
@@ -1151,29 +1417,56 @@ message.reset.password.warning.notStopped=Din instans m\u00e5 stoppes f\u00f8r m
 message.reset.VPN.connection=Vennligst bekreft at du \u00f8nsker \u00e5 resette VPN-tilkobling
 message.restart.mgmt.server=Vennlist restart administrajonsserveren(e) din(e) for at de nye innstillingene skal tr\u00e5 i kraft.
 message.restart.vpc=Vennligst bekreft at du \u00f8nsker \u00e5 restarte VPC
+message.restoreVM=Vil du gjenopprette denne VMen?
 message.select.instance=Vennligst velg en instans.
 message.select.iso=Vennligst velg en ISO for din nye virtuelle instans.
 message.select.item=Vennligst velg et element
 message.select.security.groups=Vennligst velg sikkerhetsgruppe(r) for din nye VM
 message.select.template=Vennligst velg en mal for din nye virtuelle instans.
+message.set.default.NIC.manual=Vennligst oppdater standard-NIC manuelt p\u00e5 VMen n\u00e5.
+message.set.default.NIC=Vennligst bekreft at du vil gj\u00f8re dette NIC til standard for denne VM.
 message.setup.successful=Oppsettet av nettskyen er vellykket\!
 message.specify.url=Vennligst spesifiser URL
 message.step.2.desc=
 message.step.3.desc=
 message.suspend.project=Er du sikker du \u00f8nsker \u00e5 pause dette prosjektet?
+message.systems.vms.ready=System-VMer klare.
+message.template.copying=Malen blir kopiert.
 message.template.desc=OS-image som kan brukes til \u00e5 starte VMer
 message.tooltip.pod.name=Et navn for denne pod.
 message.tooltip.zone.name=Et navn for denne sonen.
+message.validate.creditcard=Vennligst oppgi et gyldig kredittkortnummer.
+message.validate.date.ISO=Vennligst skriv inn en gyldig dato (ISO).
+message.validate.date=Vennligst skriv inn en gyldig dato.
+message.validate.digits=Vennligst skriv inn kun tall.
+message.validate.email.address=Vennligst skriv inn en gyldig e-postadresse.
+message.validate.equalto=Vennligst skriv inn den samme verdien igjen.
+message.validate.fieldrequired=Dette feltet er p\u00e5krevd.
+message.validate.fixfield=Vennligst fiks dette feltet.
 message.validate.invalid.characters=Ugyldige tegn funnet; vennligst korriger.
+message.validate.maxlength=Vennligst ikke skriv inn mer enn {0} tegn.
+message.validate.max=Skriv en verdi mindre enn eller lik {0}.
+message.validate.minlength=Vennligst skriv inn minst {0} tegn.
+message.validate.number=Vennligst skriv inn et gyldig nummer.
+message.validate.range.length=Vennligst skriv inn en verdi som er mellom {0} og {1} tegn langt.
+message.validate.range=Skriv en verdi mellom {0} og {1}.
+message.validate.URL=Vennligst skriv inn en gyldig URL.
 message.vm.create.template.confirm=Oppretting av Mal vil restarte VM automatisk.
 message.vm.review.launch=Vennligst vurder f\u00f8lgende informasjon og bekreft at din virtuelle instans er korrekt f\u00f8r kj\u00f8ring
 message.you.must.have.at.least.one.physical.network=Du trenger minst ett fysisk nettverk
+message.your.cloudstack.is.ready=Din CloudStack er klar\!
 message.Zone.creation.complete=Opprettelsen av sonen utf\u00f8rt
 message.zone.creation.complete.would.you.like.to.enable.this.zone=Soneopprettelse fullf\u00f8rt. \u00d8nsker du \u00e5 aktivere denne sonen?
 message.zone.no.network.selection=Sonen du har valgt har ingen mulighet for valg av nettverk.
+message.zone.step.1.desc=Vennligst en nettverksmodell for din sone.
+message.zone.step.2.desc=Vennligst skriv inn f\u00f8lgende informasjon for \u00e5 legge til en ny sone
+messgae.validate.min=Skriv en verdig st\u00f8rre enn eller lik {0}.
+mode=Modus
+network.rate=Nettverksrate
 notification.reboot.instance=Omstart av instans
 notification.start.instance=Start instans
 notification.stop.instance=Stopp instans
+side.by.side=Side ved side
 state.Accepted=Akseptert
 state.Active=Aktiv
 state.Allocated=Allokert
@@ -1184,6 +1477,7 @@ state.Completed=Utf\u00f8rt
 state.Creating=Oppretter
 state.Declined=Avvist
 state.Destroyed=Destruert
+state.detached=Frakoblet
 state.Disabled=Inaktiv
 state.enabled=Aktivert
 state.Enabled=Aktivert
diff --git a/client/WEB-INF/classes/resources/messages_pt_BR.properties b/client/WEB-INF/classes/resources/messages_pt_BR.properties
index 5da7e396f3..6d4e168fef 100644
--- a/client/WEB-INF/classes/resources/messages_pt_BR.properties
+++ b/client/WEB-INF/classes/resources/messages_pt_BR.properties
@@ -48,22 +48,30 @@ label.accept.project.invitation=Aceitar convite de projeto.
 label.account.and.security.group=Contas, grupos de Seguran\u00e7a
 label.account=Conta
 label.account.id=ID da Conta
+label.account.lower=conta
 label.account.name=Nome da Conta
 label.accounts=Contas
 label.account.specific=Conta-Specific
+label.acl=ACL
+label.acl.id=ACL ID
+label.acl.name=Nome da ACL
+label.acl.replaced=ACL trocado
 label.acquire.new.ip=Adquirir novo IP
 label.acquire.new.secondary.ip=Adquira um novo IP secund\u00e1rio
 label.action.attach.disk=Anexar Disco
 label.action.attach.disk.processing=Anexando Disco....
 label.action.attach.iso=Anexar ISO
 label.action.attach.iso.processing=Anexando ISO....
+label.action=A\u00e7\u00e3o
 label.action.cancel.maintenance.mode=Cancelar Modo de Manuten\u00e7\u00e3o
 label.action.cancel.maintenance.mode.processing=Cancelando Modo de Manuten\u00e7\u00e3o....
 label.action.change.password=Troca de Senha
 label.action.change.service.processing=Trocando de Plano....
 label.action.change.service=Trocar Plano
 label.action.copy.ISO=Copiar ISO
+label.action.copy.ISO.processing=Copiando ISO...
 label.action.copy.template=Copiar Template
+label.action.copy.template.processing=Copiando Template...
 label.action.create.template=Criar Template
 label.action.create.template.from.vm=Criar Template a partir da VM
 label.action.create.template.from.volume=Criar Template a partir do Disco
@@ -88,7 +96,7 @@ label.action.delete.IP.range.processing=Removendo Range de IP....
 label.action.delete.IP.range=Remover Range IP
 label.action.delete.ISO.processing=Removendo ISO....
 label.action.delete.ISO=Removendo ISO
-label.action.delete.load.balancer.processing=Removendo Load Balancer....
+label.action.delete.load.balancer.processing=Removendo Balanceador de Carga...
 label.action.delete.load.balancer=Remover regra de balanceador de carga
 label.action.delete.network.processing=Removendo Rede....
 label.action.delete.network=Remover Rede
@@ -245,18 +253,26 @@ label.add.accounts=Adicionar contas
 label.add.accounts.to=Adicionar contas para
 label.add.account.to.project=Adicionar conta ao projeto
 label.add.ACL=Adicionar ACL
+label.add.acl.list=Adiciona Lista ACL
 label.add=Adicionar
 label.add.affinity.group=Adicionar um grupo de afinidade
+label.add.baremetal.dhcp.device=Adiciona Dispositivo DHCP Baremetal
 label.add.BigSwitchVns.device=Adicionar BigSwitch Vns Controller
+label.add.BrocadeVcs.device=Adicionar Brocade Vcs Switch
 label.add.by=Adicionado por
 label.add.by.cidr=Adicionar por CIDR
 label.add.by.group=Adicionar por Grupo
+label.add.ciscoASA1000v=Adicone Recurso CiscoASA1000v
 label.add.cluster=Adicionar Cluster
 label.add.compute.offering=Adicionar oferta de computa\u00e7\u00e3o
 label.add.direct.iprange=Add Direct Ip Range
 label.add.disk.offering=Adicionar Oferta de Disco
 label.add.domain=Adicionar Dom\u00ednio
+label.added.brocade.vcs.switch=Adicionado novo Brocade Vcs Switch
+label.added.new.bigswitch.vns.controller=Adicionado BigSwitch VNS Controller
+label.added.nicira.nvp.controller=Adicionado nova Controladora Nicira NVP
 label.add.egress.rule=Adicionar regra egress
+label.addes.new.f5=Adicionado novo F5
 label.add.F5.device=Adicionar dispositivo F5
 label.add.firewall=Adicionar regra de Firewall
 label.add.gslb=Adicionar GSLB
@@ -271,12 +287,18 @@ label.add.ingress.rule=Adicionar Regra de Entrada
 label.adding.succeeded=Adicionado com Sucesso
 label.adding.user=Adicionando Usu\u00e1rio
 label.adding.zone=Adicionando Zona
+label.add.intermediate.certificate=Adicionar certificado intermedi\u00e1rio
+label.add.internal.lb=Adiciona LB Interno
 label.add.ip.range=Adicionar Range de IP
+label.add.isolated.guest.network=Adiciona Rede Guest Isolada
+label.add.isolated.network=Adiciona Rede Isolada
 label.additional.networks=Redes Adicionais
-label.add.load.balancer=Adicionar Load Balance
+label.add.list.name=Nome de Lista ACL
+label.add.load.balancer=Adicionar Balanceador de Carga
 label.add.more=Adicionar Mais
 label.add.netScaler.device=Adicionar dispositivo Netscaler
 label.add.network.ACL=Adicione ACL de rede
+label.add.network.acl.list=Adicionar Lista de ACL de Rede
 label.add.network=Adicionar Rede
 label.add.network.device=Adicionar Dispositivo de Rede
 label.add.network.offering=Adicionar oferta de rede
@@ -286,7 +308,10 @@ label.add.new.NetScaler=Adicionar um novo NetScaler
 label.add.new.PA=Adicionar novo Palo Alto
 label.add.new.SRX=Adicionar um novo SRX
 label.add.new.tier=Adicionar nova camada
+label.add.nfs.secondary.staging.store=Adiciona Armazenamento NFS de Est\u00e1gio Secund\u00e1rio
 label.add.NiciraNvp.device=Adicionar Controlador Nvp
+label.add.NuageVsp.device=Adicionar Nuage Virtualized Services Directory (VSD)
+label.add.OpenDaylight.device=Adiciona Controlador OpenDaylight
 label.add.PA.device=Adicionar dispositivo Palo Alto
 label.add.physical.network=Adicionar rede f\u00edsica
 label.add.pod=Adicionar POD
@@ -306,14 +331,19 @@ label.add.static.route=Adicionar rota est\u00e1tica
 label.add.system.service.offering=Adicionar Plano para VM de Sistema
 label.add.template=Adicionar Template
 label.add.to.group=Adicionar ao grupo
+label.add.ucs.manager=Adiciona Gerenciador UCS
 label.add.user=Adicionar Usu\u00e1rio
 label.add.vlan=Adicionar VLAN
 label.add.vm=Adicionar VM
 label.add.vms=Adicionar VMs
-label.add.vms.to.lb=Add VM(s) na regra de balanceamento de carga
+label.add.vms.to.lb=Adicionar VM(s) na regra de balanceamento de carga
 label.add.VM.to.tier=Adicionar m\u00e1quina virtual \u00e0 camada
+label.add.vmware.datacenter=Adicionar Datacenter VMware
+label.add.vnmc.device=Adiciona dispositivo VNMC
+label.add.vnmc.provider=Adiciona provedor VNMC
 label.add.volume=Adicionar Disco
 label.add.vpc=Adicionar VPC
+label.add.vpc.offering=Adicionar Oferta VPC
 label.add.vpn.customer.gateway=Adicionar Gateway de VPN de usu\u00e1rio
 label.add.VPN.gateway=Adicionar gateway de VPN
 label.add.vpn.user=Adicionar usu\u00e1rio VPN
@@ -328,42 +358,64 @@ label.affinity=Afinidade
 label.affinity.group=Grupo de Afinidade
 label.affinity.groups=Grupos de Afinidade
 label.agent.password=Senha do Agente
+label.agent.state=Estado do Agente
 label.agent.username=Usu\u00e1rio do Agente
 label.agree=Concordo
 label.alert=Alerta
+label.alert.archived=Alerta Arquivado
+label.alert.deleted=Alerta Apagado
+label.alert.details=Detalhes de alerta
 label.algorithm=Algoritmo
 label.allocated=Alocado
 label.allocation.state=Status da Aloca\u00e7\u00e3o
+label.allow=Pertitir
 label.anti.affinity=Anti-afinidade
 label.anti.affinity.group=Grupo de Anti-afinidade
 label.anti.affinity.groups=Grupos de Anti-afinidade
 label.api.key=API Key
+label.api.version=Ver\u00e3o da API
 label.apply=Aplicar
 label.app.name=CloudStack
 label.archive.alerts=Guardar alertas
+label.archive=Arquivo
 label.archive.events=Guardar eventos
 label.assign=Atribuir
+label.assigned.vms=VMs designadas
 label.assign.instance.another=Atribuir Inst\u00e2ncia para outra Conta
 label.assign.to.load.balancer=Atribuindo Inst\u00e2ncia ao balanceador de carga
 label.associated.network.id=ID de Rede Associado
 label.associated.network=Rede associada
+label.associated.profile=Perfil Associado
+label.associate.public.ip=Associa IP P\u00fablico
 label.attached.iso=Imagem ISO Plugada
 label.author.email=E-mail do autor
 label.author.name=Nome do autor
+label.autoscale=Escalonamento Autom\u00e1tico
 label.availability=Availability
 label.availability.zone=Datacenter
 label.available=Dispon\u00edvel
 label.available.public.ips=IP P\u00fablico Dispon\u00edvel
 label.back=Voltar
 label.bandwidth=Bandwidth
+label.baremetal.dhcp.devices=Dispositivos DHCP Baremetal
+label.baremetal.dhcp.provider=Provedor DHCP Baremetal
+label.baremetal.pxe.device=Adiciona Dispositivo PXE Baremetal
+label.baremetal.pxe.devices=Dispositivo PXE Baremetal
+label.baremetal.pxe.provider=Provedor PXE Baremetal
 label.basic=B\u00e1sico
 label.basic.mode=Modo B\u00e1sico
 label.bigswitch.controller.address=Endere\u00e7o do Controlador BigSwitch Vns
+label.bigswitch.vns.details=Detalhes do 
+label.blade.id=ID da L\u00e2mina
+label.blades=L\u00e2minas
 label.bootable=Inicializ\u00e1vel
 label.broadcast.domain.range=Range do dom\u00ednio de Broadcast
 label.broadcast.domain.type=Tipo de Dom\u00ednio Broadcast
 label.broadcast.uri=URI de broadcast
+label.broadcasturi=url de broadcast
 label.broadcat.uri=URI de broadcast
+label.brocade.vcs.address=Endere\u00e7o do Vcs Switch
+label.brocade.vcs.details=Detalhes do Brocade Vcs Switch
 label.by.account=por Conta
 label.by.alert.type=Por tipo de alerta
 label.by.availability=By Availability
@@ -385,16 +437,24 @@ label.by.type=Por Tipo
 label.by.zone=por Zona
 label.cache.mode=Tipo do cache de escrita
 label.cancel=Cancelar
+label.capacity.bytes=Capacidade de Bytes
 label.capacity=Capacidade
+label.capacity.iops=Capacidade de IOPS
 label.certificate=Certificado
+label.change.affinity=Muda Afinidade
 label.change.service.offering=Alterar oferta de servi\u00e7o
 label.change.value=Alterar valor
 label.character=Caracter
+label.chassis=Chassis
 label.cidr.account=CIDR ou Conta/Security Group
 label.cidr=CIDR
 label.cidr.list=CIDR de Origem
 label.CIDR.list=Lista CIDR
 label.CIDR.of.destination.network=CIDR da rede de destino
+label.cisco.nexus1000v.ip.address=Endere\u00e7o IP do Nexus 1000v
+label.cisco.nexus1000v.password=Senha do Nexus 1000v
+label.cisco.nexus1000v.username=Nome do Usu\u00e1rio do Nexus 1000v
+label.ciscovnmc.resource.details=Detalhes de recurso CiscoVNMC
 label.clean.up=Limpar
 label.clear.list=Limpar lista
 label.close=Fechar
@@ -421,9 +481,12 @@ label.confirm.password=Confirme a senha
 label.congratulations=Parab\u00e9ns\!
 label.conserve.mode=Modo Conservativo
 label.console.proxy=Console proxy
+label.console.proxy.vm=VM da Console Proxy
 label.continue.basic.install=Continuar com a instala\u00e7\u00e3o b\u00e1sica
 label.continue=Continuar
+label.copying.iso=Copiando ISO
 label.corrections.saved=Altera\u00e7\u00f5es salvas
+label.counter=Contador
 label.cpu.allocated=CPU Alocada
 label.cpu.allocated.for.VMs=CPU Alocada por VMs
 label.CPU.cap=CPU Cap
@@ -433,11 +496,13 @@ label.cpu.mhz=CPU (em MHz)
 label.cpu.utilized=CPU Utilizada
 label.created.by.system=Criado pelo sistema
 label.created=Criado
+label.create.nfs.secondary.staging.storage=Cria Armazenamento NFS de Est\u00e1gio Secund\u00e1rio
 label.create.nfs.secondary.staging.store=Criar storage staging secund\u00e1rio NFS
 label.create.project=Criar um projeto
 label.create.template=Criar template
 label.create.VPN.connection=Criar uma conex\u00e3o VPN
 label.cross.zones=Inter Zonas
+label.custom=Customizado
 label.custom.disk.iops=IOPS personalizado
 label.custom.disk.size=Tamanho Customizado
 label.daily=Di\u00e1rio
@@ -445,48 +510,77 @@ label.data.disk.offering=Oferta de Disco Adicional
 label.date=Data
 label.day.of.month=Dia do M\u00eas
 label.day.of.week=Dia da Semana
+label.dc.name=Nome do DC
 label.dead.peer.detection=Detec\u00e7\u00e3o de correspondente morto
 label.decline.invitation=Rejeitar convite
+label.dedicate.cluster=Dedica Cluster
 label.dedicated=Dedicado
+label.dedicate=Dedicado
+label.dedicated.vlan.vni.ranges=Ranges de VLAN/VNI Dedicados
+label.dedicate.host=Dedica Host
+label.dedicate.pod=Dedique Pod
+label.dedicate.vlan.vni.range=Range de VLAN/VNI Dedicado
+label.dedicate.zone=Dedicar Zona
+label.default.egress.policy=Pol\u00edtica padr\u00e3o de egress\u00e3o
 label.default=Padr\u00e3o
 label.default.use=Uso padr\u00e3o
 label.default.view=Vis\u00e3o Padr\u00e3o
+label.delete.acl.list=Apagar Lista ACL
 label.delete.affinity.group=Deletar Grupo de Afinidade
 label.delete.alerts=Remover alertas
 label.delete.BigSwitchVns=Remover Controlador BigSwitch Vns
+label.delete.BrocadeVcs=Remover Brocade Vcs Switch
+label.delete.ciscoASA1000v=Apaga CiscoASA1000v
+label.delete.ciscovnmc.resource=Apaga recurso CiscoVNMC
 label.delete.events=Remover eventos
 label.delete.F5=Remover F5
 label.delete.gateway=delete gateway
+label.delete.internal.lb=Apaga LB Interno
 label.delete.NetScaler=Remover NetScaler
 label.delete.NiciraNvp=Remover Controlador Nvp
+label.delete.NuageVsp=Remover Nuage VSD
+label.delete.OpenDaylight.device=Apaga Controladora OpenDaylight
 label.delete.PA=Remover Palo Alto
 label.delete.portable.ip.range=Deletar Endere\u00e7os IPs Port\u00e1teis
+label.delete.profile=Apaga Perfil
 label.delete.project=Deletar projeto
 label.delete=Remover
+label.delete.secondary.staging.store=Apaga Armazenamento de Est\u00e1gio Secund\u00e1rio
 label.delete.SRX=Remover SRX
+label.delete.ucs.manager=Apaga Gerenciador UCS
 label.delete.VPN.connection=deletar a conex\u00e3o VPN
 label.delete.VPN.customer.gateway=deletar gateway de VPN de usu\u00e1rio
 label.delete.VPN.gateway=deletar um gateway de VPN
 label.delete.vpn.user=Deletar usu\u00e1rio VPN
 label.deleting.failed=Falha ao remover
 label.deleting.processing=Removendo....
+label.deny=Negar
 label.deployment.planner=Deployment planejado
 label.description=Descri\u00e7\u00e3o
 label.destination.physical.network.id=ID de destino da rede f\u00edsica
 label.destination.zone=Zona de Destino
 label.destroy=Apagar
 label.destroy.router=Destruir roteador
+label.destroy.vm.graceperiod=Destruir Grace Period da VM
 label.detaching.disk=Desplugando Disco
 label.details=Detalhes
 label.device.id=ID do Dispositivo
 label.devices=Dispositivos
 label.dhcp=DHCP
 label.DHCP.server.type=Tipo de Servidor DHCP
+label.direct.attached.public.ip=IP P\u00fablico Conectado Diretamente
 label.direct.ips=IPs Diretos
+label.disable.autoscale=Desabilita Auto-escala
 label.disabled=Desativado
+label.disable.host=Desabilita Host
+label.disable.network.offering=Desabilita oferta de rede
 label.disable.provider=Desabilitar Provider
+label.disable.vnmc.provider=Habilita provedor VNMC
+label.disable.vpc.offering=Desabilitar oferta VPC
 label.disable.vpn=Desabilitar VPN
 label.disabling.vpn.access=Desativando Acesso VPN
+label.disassociate.profile.blade=Desassocia Perfil de L\u00e2mina
+label.disbale.vnmc.device=Desabilita dispositivo VNMC
 label.disk.allocated=Disco Alocado
 label.disk.bytes.read.rate=Taxa de Leitura do Disco (BPS)
 label.disk.bytes.write.rate=Taxa de Escrita no Disco (BPS)
@@ -496,6 +590,7 @@ label.disk.iops.read.rate=Taxa de Leitura do Disco (IOPS)
 label.disk.iops.total=IOPS Total
 label.disk.iops.write.rate=Taxa de Escrita no Disco (IOPS)
 label.disk.offering=Oferta de Disco
+label.disk.provisioningtype=Tipo de Provisionamento
 label.disk.read.bytes=Leitura do Disco (Bytes)
 label.disk.read.io=Leitura do Disk (I/O)
 label.disk.size.gb=Tamanho (em GB)
@@ -506,6 +601,7 @@ label.disk.write.bytes=Escrita no Disco (Bytes)
 label.disk.write.io=Escrita no Disco (I/O)
 label.display.name=Nome de exibi\u00e7\u00e3o
 label.display.text=Descri\u00e7\u00e3o
+label.distributedrouter=Roteador Distribuido
 label.dns.1=DNS 1
 label.dns.2=DNS 2
 label.dns=DNS
@@ -513,6 +609,7 @@ label.DNS.domain.for.guest.networks=Dom\u00ednio DNS para redes h\u00f3spedes
 label.domain.admin=Administrador de Dom\u00ednio
 label.domain=Dom\u00ednio
 label.domain.id=ID do Dom\u00ednio
+label.domain.lower=dom\u00ednio
 label.domain.name=Nome do Dom\u00ednio
 label.domain.router=Roteador do Dom\u00ednio
 label.domain.suffix=Sufixo de Dom\u00ednio DNS (ex. xyz.com)
@@ -520,7 +617,9 @@ label.done=Pronto
 label.double.quotes.are.not.allowed=Aspas duplas n\u00e3o s\u00e3o permitidas
 label.download.progress=Status do Download
 label.drag.new.position=Arrastar para uma nova posi\u00e7\u00e3o
+label.duration.in.sec=Dura\u00e7\u00e3o (em seg)
 label.dynamically.scalable=Dinamicamente Escal\u00e1vel
+label.edit.acl.rule=Edita regra ACL
 label.edit.affinity.group=Editar Grupo de Afinidade
 label.edit=Editar
 label.edit.lb.rule=Editar regra de LB
@@ -537,9 +636,16 @@ label.elastic=El\u00e1stico
 label.elastic.IP=IP El\u00e1stico
 label.elastic.LB=LB El\u00e1stico
 label.email=Email
+label.email.lower=email
+label.enable.autoscale=Habilita Auto-escala
+label.enable.host=Habilita Host
+label.enable.network.offering=Habilita oferta de rede
 label.enable.provider=Habilitar provider
 label.enable.s3=Habilita storage secund\u00e1ria fornecida por S3
 label.enable.swift=Habilitar Swift
+label.enable.vnmc.device=Habilita dispositivo VNMC
+label.enable.vnmc.provider=Habilita provedor VNMC
+label.enable.vpc.offering=Habilitar oferta VPC
 label.enable.vpn=Habilitar VPN
 label.enabling.vpn.access=Ativando Acesso VPN
 label.enabling.vpn=Ativando VPN
@@ -548,24 +654,31 @@ label.endpoint.or.operation=Endpoint or Operation
 label.endpoint=Ponto de acesso
 label.end.port=Porta Final
 label.end.reserved.system.IP=Fim dos IPs reservados para o sistema
+label.end.vlan=VLAN final
+label.end.vxlan=VXLAN final
 label.enter.token=Digite o token
 label.error.code=C\u00f3digo de Erro
 label.error=Erro
+label.error.upper=ERRO
 label.ESP.encryption=Encripta\u00e7\u00e3o ESP
 label.ESP.hash=Hash ESP
 label.ESP.lifetime=Tempo de vida do ESP (segundos)
 label.ESP.policy=Pol\u00edtica ESP
 label.esx.host=ESX/ESXi Host
+label.event.archived=Evento Arquivado
+label.event.deleted=Evento Detectado
 label.example=Examplo
 label.expunge=Eliminar
 label.external.link=Link externo
 label.extractable=Extra\u00edvel
+label.f5.details=Detalhes do F5
 label.f5=F5
 label.failed=Falhou
 label.featured=Featured
 label.fetch.latest=Obter \u00faltimos
 label.filterBy=Filtrar por
 label.firewall=Firewall
+label.firstname.lower=primeiro nome
 label.first.name=Primeiro Nome
 label.format=Formato
 label.friday=Sexta-feira
@@ -580,10 +693,24 @@ label.go.step.3=V\u00e1 para passo 3
 label.go.step.4=V\u00e1 para passo 4
 label.go.step.5=V\u00e1 para passo 5
 label.gpu=CPU
+label.group.by.account=Agrupamento por conta
+label.group.by.cluster=Agrupamento por cluster
+label.group.by.pod=Agrupamento por pod
+label.group.by.zone=Agrupamento por zona
 label.group=Grupo
 label.group.optional=Grupo (Opcional)
+label.gslb.assigned.lb=Balanceamento de carga designado
+label.gslb.assigned.lb.more=Designe mais balanceamento de carga
+label.gslb.delete=Apaga GSLB
 label.gslb.details=Detalhes do GSLB
 label.gslb.domain.name=Nome do Dom\u00ednio GSLB
+label.gslb=GSLB
+label.gslb.lb.details=Detalhes de balanceamento de carga
+label.gslb.lb.remove=Remova balanceamento de carga deste GSLB
+label.gslb.lb.rule=Regra de balanceamento de carga
+label.gslb.service.private.ip=Servi\u00e7o GSLB - IP Privado
+label.gslb.service.public.ip=Servi\u00e7o GSLB - IP P\u00fablico
+label.gslb.service=Servi\u00e7o GSLB
 label.gslb.servicetype=Tipo do Servi\u00e7o
 label.guest.cidr=CIDR de rede Convidado
 label.guest.end.ip=IP do fim do guest
@@ -592,11 +719,17 @@ label.guest=Guest
 label.guest.ip=Endere\u00e7o IP Convidado
 label.guest.ip.range=Intervalo de rede convidado
 label.guest.netmask=M\u00e1scara de rede Guest
+label.guest.network.details=Detalhes de rede convidada
 label.guest.networks=Redes Guest
 label.guest.start.ip=IP de in\u00edcio do guest
 label.guest.traffic=Tr\u00e1fego de h\u00f3spedes
+label.guest.traffic.vswitch.name=Nome do vSwitch de Tr\u00e1fego Convidado
+label.guest.traffic.vswitch.type=Tipo de vSwitch de Tr\u00e1fego Convidado
 label.guest.type=Tipo de Guest
 label.ha.enabled=HA Ativado
+label.health.check=Checagem de Sa\u00fade
+label.health.check.interval.in.sec=Intervalo de Health Check (em seg)
+label.healthy.threshold=Limiar de Salubridade
 label.help=Ajuda
 label.hide.ingress.rule=Ocultar Regra de Entrada
 label.hints=Dicas
@@ -608,12 +741,14 @@ label.host.name=Host Name
 label.hosts=Hosts
 label.host.tags=Tags de Host
 label.hourly=A cada hora
+label.hvm=HVM
 label.hypervisor.capabilities=Recursos de Virtualizador
 label.hypervisor=Hipervisor
 label.hypervisors=Hypervisors
 label.hypervisor.snapshot.reserve=Reserva de Snapshot do Hypervisor
 label.hypervisor.type=Tipo do Hypervisor
 label.hypervisor.version=Vers\u00e3o de Virtualizador
+label.hyperv.traffic.label=R\u00f3tulo de tr\u00e1fego HyperV
 label.id=ID
 label.IKE.DH=DH IKE
 label.IKE.encryption=Encripta\u00e7\u00e3o IKE
@@ -621,8 +756,10 @@ label.IKE.hash=Hash IKE
 label.IKE.lifetime=Tempo de vida IKE (segundos)
 label.IKE.policy=Pol\u00edtica IKE
 label.info=Info
+label.info.upper=INFO
 label.ingress.rule=Regra de Entrada
 label.initiated.by=Iniciado por
+label.inside.port.profile=Perfil de Porta Interna
 label.installWizard.addClusterIntro.subtitle=O que \u00e9 um cluster?
 label.installWizard.addClusterIntro.title=Vamos adicionar um cluster
 label.installWizard.addHostIntro.subtitle=O que \u00e9 um Host ?
@@ -642,10 +779,15 @@ label.installWizard.title=Ol\u00e1, seja bem vindo ao CloudStack&\#8482
 label.instance=Inst\u00e2ncia
 label.instance.limits=Limites da Inst\u00e2ncia
 label.instance.name=Nome da Inst\u00e2ncia
+label.instance.port=Instanciar Porta
 label.instance.scaled.up=Inst\u00e2ncia Escalada
 label.instances=Inst\u00e2ncias
+label.instanciate.template.associate.profile.blade=Instancia Template e Associa Perfil \u00e0 L\u00e2mina
+label.intermediate.certificate=Certificado intermedi\u00e1rio {0}
 label.internal.dns.1=DNS 1 Interno
 label.internal.dns.2=DNS 2 Interno
+label.internal.lb.details=Detalhes de LB Interno
+label.internallbvm=LbVm Interno
 label.internal.name=Nome interno
 label.interval.type=Tipo de Intervalo
 label.introduction.to.cloudstack=Introdu\u00e7\u00e3o ao CloudStack&\#8482
@@ -665,9 +807,20 @@ label.ip.range=Range de IP
 label.ip.ranges=Ranges de IP
 label.IPsec.preshared.key=Chave IPSec pr\u00e9 compartilhada
 label.ips=IPs
+label.ipv4.cidr=CIDR IPv4
+label.ipv4.dns1=IPv4 DNS1
+label.ipv4.dns2=IPv4 DNS2
+label.ipv4.end.ip=IP FInal IPv4
+label.ipv4.gateway=Gateway IPV4
+label.ipv4.netmask=M\u00e1scara de Rede IPv4
+label.ipv4.start.ip=IP Inicial IPv4
 label.ipv6.address=Endere\u00e7o IPv6
 label.ipv6.CIDR=CIDR IPv6
+label.ipv6.dns1=IPv6 DNS1
+label.ipv6.dns2=IPv6 DNS2
+label.ipv6.end.ip=IP FInal IPv6
 label.ipv6.gateway=Gateway IPv6
+label.ipv6.start.ip=IP Inicial IPv6
 label.iscsi=iSCSI
 label.is.default=\u00c9\u0089 Padr\u00e3o
 label.iso.boot=ISO de Boot
@@ -693,6 +846,7 @@ label.lang.dutch=Holand\u00eas (Holanda)
 label.lang.english=English
 label.lang.french=Franc\u00eas
 label.lang.german=Alem\u00e3o
+label.lang.hungarian=H\u00fangaro
 label.lang.italian=Italiano
 label.lang.japanese=Japanese
 label.lang.korean=Coreano
@@ -701,6 +855,7 @@ label.lang.polish=Polon\u00eas
 label.lang.russian=Russo
 label.lang.spanish=Spanish
 label.last.disconnected=Last Disconnected
+label.lastname.lower=\u00faltimo nome
 label.last.name=\u00daltimo Nome
 label.latest.events=\u00daltimos eventos
 label.launch=Executar
@@ -715,7 +870,8 @@ label.ldap.group.name=Grupo LDAP
 label.ldap.port=Porta do LDAP
 label.level=N\u00edvel
 label.linklocal.ip=Endere\u00e7o IP do Link Local
-label.load.balancer=Load Balancer
+label.load.balancer=Balanceador de Carga
+label.load.balancer.type=Tipo de Balanceador de Carga
 label.load.balancing=Balanceamento de Carga
 label.load.balancing.policies=Pol\u00edticas de balanceamento de carga
 label.loading=Carregando
@@ -726,14 +882,18 @@ label.login=Entrar
 label.logout=Sair
 label.lun=LUN
 label.LUN.number=LUN \#
+label.lxc.traffic.label=R\u00f3tulo de tr\u00e1fego LXC
 label.make.project.owner=Criar propriet\u00e1rio de conta de projeto
+label.managed=Gerenciado
 label.manage=Gerenciar
 label.management=Gerenciamento
 label.management.ips=Gerenciamento de Endere\u00e7os IP
+label.management.server=Servidor de Gerenciamento
 label.manage.resources=Gerenciar Recursos
 label.max.cpus=M\u00e1ximo de cores de CPU
 label.max.guest.limit=Limite m\u00e1x. de guest
 label.maximum=M\u00e1ximo
+label.max.instances=Inst\u00e2ncias Max
 label.max.memory=M\u00e1x. de mem\u00f3ria (MiB)
 label.max.networks=M\u00e1x. de redes
 label.max.primary.storage=M\u00e1x. prim\u00e1rio (GiB)
@@ -792,15 +952,20 @@ label.menu.templates=Templates
 label.menu.virtual.appliances=Appliance Virtual
 label.menu.virtual.resources=Recursos Virtuais
 label.menu.volumes=Discos
+label.menu.vpc.offerings=Ofertas VPC
 label.migrate.instance.to.host=Migrar inst\u00e2ncia para outro host
 label.migrate.instance.to=Migrar Inst\u00e2ncia para
 label.migrate.instance.to.ps=Migrar inst\u00e2ncia para outro storage prim\u00e1rio
+label.migrate.lb.vm=Migre LB VM
 label.migrate.router.to=Migrar Roteador para
 label.migrate.systemvm.to=Migrar VM de sistema para
 label.migrate.to.host=Migrar para outro host
 label.migrate.to.storage=Migrar para storage
+label.migrate.volume=Migrar Volume
 label.migrate.volume.to.primary.storage=Migrar volume para outro storage prim\u00e1rio
 label.minimum=M\u00ed\u00adnimo
+label.min.instances=Inst\u00e2ncias Min
+label.minute.past.hour=minuto(s) passado(s) da \u00faltima hora 
 label.mode=Modo
 label.monday=Segunda
 label.monthly=Mensal
@@ -815,13 +980,16 @@ label.my.templates=Meus templates
 label.name.lower=Nome
 label.name=Nome
 label.name.optional=Nome (Opcional)
+label.na=N/D
 label.nat.port.range=Range de Portas NAT
 label.netmask=M\u00e1scara de Rede
+label.netscaler.details=Detalhes do NetScaler
 label.netScaler=NetScaler
 label.network.ACL=ACL de rede
 label.network.ACLs=Network ACLs
 label.network.ACL.total=Total de rede ACL
 label.network.addVM=Adicionar rede para VM
+label.network.cidr=CIDR da Rede
 label.network.desc=Descri\u00e7\u00e3o de Rede
 label.network.device=Dispositivo de Rede
 label.network.device.type=Tipo de Dispositivo de Rede
@@ -856,12 +1024,14 @@ label.nfs.storage=Storage NFS
 label.nic.adapter.type=Tipo de adaptador de Rede
 label.nicira.controller.address=Endere\u00e7o do Controlador
 label.nicira.l3gatewayserviceuuid=Uuid do Servi\u00e7o de Gateway L3
+label.nicira.nvp.details=Detalhes do Nicira NVP
 label.nicira.transportzoneuuid=Uuid da Zona de Transporte
 label.nics=Adaptadores de Rede
 label.no.actions=Sem A\u00e7\u00f5es Dispon\u00edveis
 label.no.alerts=Sem Alertas Recentes
 label.no.data=Sem dados para mostrar
 label.no.errors=Sem Erros Recentes
+label.no.grouping=(sem agrupamento)
 label.no.isos=Sem ISO Dispon\u00edvel
 label.no.items=Sem Itens Dispon\u00edveis
 label.none=Nenhum
@@ -871,6 +1041,7 @@ label.not.found=N\u00e3o Encontrado
 label.no.thanks=N\u00e3o obrigado
 label.notifications=Notifica\u00e7\u00f5es
 label.number.of.clusters=N\u00famero de Clusters
+label.number.of.cpu.sockets=O N\u00famero de Sockets de CPU
 label.number.of.hosts=N\u00famero de Hosts
 label.number.of.pods=N\u00famero de Pods
 label.number.of.system.vms=N\u00famero de VMs de sistema
@@ -885,37 +1056,53 @@ label.opendaylight.controller=Controlador OpenDaylight
 label.opendaylight.controllerdetail=Detalhes do Controlador OpenDaylight
 label.opendaylight.controllers=Controladores OpenDaylight
 label.openDaylight=OpenDaylight
+label.operator=Operador
 label.optional=Opcional
 label.order=Ordenar
 label.os.preference=Prefer\u00eancia de SO
 label.os.type=Tipo de SO
+label.other=Outro
+label.override.guest.traffic=Anula Tr\u00e1fego Convidado
+label.override.public.traffic=Anula Tr\u00e1fego P\u00fablico
+label.ovm.traffic.label=R\u00f3tulo de tr\u00e1fego OVM
+label.ovs=OVS
 label.owned.public.ips=IP P\u00fablico Utilizado
 label.owner.account=Dono da Conta
 label.owner.domain=Dono do Dom\u00ednio
+label.palo.alto.details=Detalhes do Palo Alto
 label.PA.log.profile=Palo Alto Log Profile
 label.PA=Palo Alto
 label.parent.domain=Dom\u00ednio Principal
+label.passive=Passivo
 label.password.enabled=Senha Ativada
+label.password.lower=senha
 label.password.reset.confirm=A senha foi recuperada para
 label.password=Senha
 label.path=Caminho (Path)
 label.PA.threat.profile=Palo Alto Threat Profile
 label.perfect.forward.secrecy=Perfect Forward Secrecy
+label.persistent=Persistente
 label.physical.network.ID=ID da rede f\u00edsica
 label.physical.network=Rede F\u00edsica
 label.PING.CIFS.password=PING CIFS password
 label.PING.CIFS.username=PING CIFS username
 label.PING.dir=PING Directory
+label.ping.path=Caminho do Ping
 label.PING.storage.IP=Disparar PING para IP do Storage
 label.planner.mode=Modo planejado
 label.please.specify.netscaler.info=Por favor especifique as informa\u00e7\u00f5es do Netscaler
 label.please.wait=Por Favor Aguarde
 label.plugin.details=Detalhes do plugin
 label.plugins=Plugins
+label.pod.dedicated=Pod Dedicado
 label.pod.name=Nome do Pod
 label.pod=POD
 label.pods=Pods
+label.polling.interval.sec=Intervalo de Polling (em seg)
+label.portable.ip=IP Port\u00e1vel
+label.portable.ip.range.details=Detalhes de Range de IP Port\u00e1veis
 label.portable.ip.ranges=Faixa de endere\u00e7os IPs Port\u00e1vel
+label.portable.ips=IPs Port\u00e1veis
 label.port.forwarding=Encaminhamento de Porta
 label.port.forwarding.policies=Pol\u00edticas de redirecionamento de portas
 label.port=Porta
@@ -938,6 +1125,7 @@ label.privatekey=PKCS\#8 Private Key
 label.private.network=Rede Privada
 label.private.port=Porta Privada
 label.private.zone=Zona Privada
+label.profile=Perfil
 label.project.dashboard=Dashboard do Projeto
 label.project.id=ID de Projeto
 label.project.invite=Convidar para o projeto
@@ -945,22 +1133,27 @@ label.project.name=Nome de projeto
 label.project=Projeto
 label.projects=Projetos
 label.project.view=Vis\u00e3o de Projeto
+label.protocol.number=N\u00famero do Protocolo
 label.protocol=Protocolo
 label.provider=Provedor
 label.providers=Providers
 label.public.interface=Interface P\u00fablica
 label.public.ip=Endere\u00e7o IP P\u00fablico
 label.public.ips=IPs P\u00fablicos
+label.public.load.balancer.provider=Provedor P\u00fablico de Balanceamento de Carga
 label.public.network=Rede P\u00fablica
 label.public.port=Porta P\u00fablica
 label.public=P\u00fablico
 label.public.traffic=Tr\u00e1fego P\u00fablico
+label.public.traffic.vswitch.name=Nome do vSwitch de Tr\u00e1fego P\u00fablico
+label.public.traffic.vswitch.type=Tipo de vSwitch de Tr\u00e1fego P\u00fablico
 label.public.zone=Zona P\u00fablica
 label.purpose=Prop\u00f3sito
 label.Pxe.server.type=Tipo de Servidor PXE
 label.qos.type=Tipo de QoS
 label.quickview=Visualiza\u00e7\u00e3o r\u00e1pida
 label.quiesce.vm=Quiesce VM
+label.quiet.time.sec=Tempo Silencioso (em seg)
 label.rbd.id=Usu\u00e1rio Ceph
 label.rbd.monitor=Monitor Ceph
 label.rbd.pool=Pool Ceph
@@ -973,9 +1166,18 @@ label.redundant.router.capability=Recurso de roteador redundante
 label.redundant.router=Roteador Redundantee
 label.redundant.state=Estado redundante
 label.refresh=Atualizar
+label.refresh.blades=Atualizar L\u00e2minas
+label.regionlevelvpc=VPC a N\u00edvel de Regi\u00e3o
 label.region=Regi\u00e3o
 label.reinstall.vm=Reinstalar VM
 label.related=Relacionado
+label.release.account=Liberar de Conta
+label.release.account.lowercase=Liberar de conta
+label.release.dedicated.cluster=Libera Cluster Dedicado
+label.release.dedicated.host=Libera Host Dedicado
+label.release.dedicated.pod=LIberar Pod Dedicado
+label.release.dedicated.vlan.range=Liberar range de VLAN dedicado
+label.release.dedicated.zone=Liberar Zona Dedicada
 label.remind.later=Me lembre depois
 label.remove.ACL=Remove ACL
 label.remove.egress.rule=Remover regra egress
@@ -983,6 +1185,7 @@ label.remove.from.load.balancer=Removendo Inst\u00e2ncia do balanceador de carga
 label.remove.ingress.rule=Remover regra ingress
 label.remove.ip.range=Remover range de IP
 label.remove.ldap=Remover LDAP
+label.remove.network.offering=Remove oferta de rede
 label.remove.pf=Remover regra de redirecionamento de porta
 label.remove.project.account=Remover conta de projeto
 label.remove.region=Remover Regi\u00e3o
@@ -990,33 +1193,50 @@ label.remove.rule=Remover regra
 label.remove.static.nat.rule=Remover regra de NAT est\u00e1tico
 label.remove.static.route=Remover rota est\u00e1tica
 label.remove.tier=Remover camada
-label.remove.vm.from.lb=Remover VM da regra de balanceamento de carga
+label.remove.vm.from.lb=Remover VM da regra de balanceador de carga
+label.remove.vm.load.balancer=Remover VM do balanceamento de carga
+label.remove.vmware.datacenter=Remover Datacenter VMware
+label.remove.vpc.offering=Remover oferta VPC
 label.remove.vpc=remover a VPC
 label.removing=Removendo
 label.removing.user=Removendo Usu\u00e1rio
+label.reource.id=ID do Recurso
+label.replace.acl.list=Substituir Lista ACL
+label.replace.acl=Substituir ACL
 label.required=Obrigat\u00f3rio
+label.requires.upgrade=Requer Atualiza\u00e7\u00e3o
+label.reserved.ip.range=Faixa de IP Reservada
 label.reserved.system.gateway=Gateway de sistema reservado
 label.reserved.system.ip=IP de Sistema Reservado
 label.reserved.system.netmask=M\u00e1scara de rede reservada do sistema
 label.resetVM=Restabelecer VM
 label.reset.VPN.connection=Resetar a conex\u00e3o VPN
 label.resize.new.offering.id=New Offering
+label.resize.new.size=Novo Tamanho (GB)
 label.resize.shrink.ok=Shrink OK
+label.resource.limit.exceeded=Limite de Recurso Excedido
 label.resource.limits=Limite de Recursos
+label.resource.name=Nome do Recurso
 label.resource=Recurso
 label.resources=Recursos
 label.resource.state=Estado do Recurso
+label.response.timeout.in.sec=Timeout de Resposta (em seg)
 label.restart.network=Reiniciar rede
 label.restart.required=Reiniciar obrigat\u00f3rio
 label.restart.vpc=reiniciar a VPC
 label.restore=Restaurar
+label.retry.interval=Intervalo de repeti\u00e7\u00e3o
 label.review=Revisar
 label.revoke.project.invite=Revogar convite
 label.role=Fun\u00e7\u00e3o
+label.root.certificate=Certificado Root
 label.root.disk.controller=Controlador do disco Root
 label.root.disk.offering=Oferta de Disco ROOT
 label.root.disk.size=Tamanho do disco root
+label.router.vm.scaled.up=VM do Roteador Escalonada
+label.routing.host=Host de Roteamento
 label.routing=Roteamento
+label.rule.number=Regra N\u00famero
 label.rules=Regras
 label.running.vms=VMs Rodando
 label.s3.access_key=Chave de acesso
@@ -1033,9 +1253,14 @@ label.saturday=S\u00e1bado
 label.save.and.continue=Salvar e continuar
 label.save=Salvar
 label.saving.processing=Salvando....
+label.scale.up.policy=Pol\u00edtica de Escalonamento
 label.scope=Escopo
 label.search=Pesquisar
+label.secondary.isolated.vlan.id=ID de VLAN Secund\u00e1ria Isolada
+label.secondary.staging.store=Armazenamento de Est\u00e1gio Secund\u00e1rio
+label.secondary.staging.store.details=Detalhes do Armazenamento de Est\u00e1gio Secund\u00e1rio
 label.secondary.storage.count=Pools de Storage secund\u00e1rios
+label.secondary.storage.details=Detalhes do armazenamento secund\u00e1rio
 label.secondary.storage.limits=Limites do Storage Secund\u00e1rio (GiB)
 label.secondary.storage=Storage Secund\u00e1rio
 label.secondary.storage.vm=VM de storage secund\u00e1rio
@@ -1052,7 +1277,9 @@ label.select.instance.to.attach.volume.to=Escolha uma inst\u00e2ncia para conect
 label.select.iso.or.template=Selecione ISO ou template
 label.select.offering=Selecionar Oferta
 label.select.project=Selecionar Projeto
+label.select.region=Selecione Regi\u00e3o
 label.select=Selecionar
+label.select.template=Seleciona Template
 label.select.tier=Selecione camada
 label.select-view=Selecionar visualiza\u00e7\u00e3o
 label.select.vm.for.static.nat=Selecionar VM para NAT est\u00e1tico
@@ -1060,15 +1287,18 @@ label.sent=Enviado
 label.server=Servidor
 label.service.capabilities=Recursos de servi\u00e7os
 label.service.offering=Plano
+label.services=Servi\u00e7os
 label.service.state=Estado do Servi\u00e7o
 label.session.expired=Sess\u00e3o Expirada
 label.set.default.NIC=Configurar para NIC padr\u00e3o
+label.settings=Ajustes
 label.setup=Configura\u00e7\u00e3o
 label.setup.network=Configurar Rede
 label.setup.zone=Configurar Zona
 label.set.up.zone.type=Configurar tipo de zona
 label.shared=Compatilhado
 label.SharedMountPoint=SharedMountPoint
+label.show.advanced.settings=Mostra ajustes avan\u00e7ados
 label.show.ingress.rule=Mostrar Regra de Entrada
 label.shutdown.provider=Desabilitar provider
 label.site.to.site.VPN=Site-to-site VPN
@@ -1081,18 +1311,27 @@ label.snapshot.limits=Limites de Snapshot
 label.snapshot.name=Nome do Snapshot
 label.snapshot.schedule=Configure Snapshots recorrentes
 label.snapshot=Snapshot
+label.snapshot.s=Snapshot(s)
 label.snapshots=Snapshots
+label.SNMP.community=Comunidade SNMP
+label.SNMP.port=Porta SNMP
 label.sockets=Sockets
+label.source.ip.address=Endere\u00e7o IP de origem
 label.source.nat=Source NAT
+label.source.nat.supported=SourceNAT Supportado
+label.source.port=Porta de origem
 label.specify.IP.ranges=Especifique range de IP
 label.specify.vlan=Especificar VLAN
 label.specify.vxlan=Especificar VXLAN
 label.SR.name=SR Name-Label
+label.srx.details=Detalhes do SRX
 label.srx=SRX
 label.start.IP=IP do in\u00edcio
 label.start.lb.vm=Iniciar LB VM
 label.start.port=Porta de In\u00edcio
 label.start.reserved.system.IP=In\u00edcio dos IPs reservados para o sistema
+label.start.vlan=VLAN Inicial
+label.start.vxlan=VXLAN Inicial
 label.state=Estado
 label.static.nat.enabled=NAT est\u00e1tico Habilitado
 label.static.nat=NAT Est\u00e1tico
@@ -1111,6 +1350,7 @@ label.step.4.title=Passo 4\: <strong>Rede</strong>
 label.step.5=Passo 5
 label.step.5.title=Passo 5\: <strong>Revisar</strong>
 label.stickiness=Ader\u00eancia
+label.stickiness.method=M\u00e9todo de Ader\u00eancia
 label.sticky.cookie-name=Nome do Cookie
 label.sticky.domain=Dom\u00ednio
 label.sticky.expire=Expires
@@ -1118,13 +1358,16 @@ label.sticky.holdtime=Tempo de espera
 label.sticky.indirect=Indireto
 label.sticky.length=Tamanho
 label.sticky.mode=Modo
+label.sticky.name=Nome Permanente
 label.sticky.nocache=Sem Cache
 label.sticky.postonly=Apenas publicar
 label.sticky.prefix=Prefixo
 label.sticky.request-learn=Solicitar para aprender
 label.sticky.tablesize=Tamanho da Tabela
+label.stop.lb.vm=Pare LB VM
 label.stop=Parar
 label.stopped.vms=VMs Paradas
+label.storage.pool=Pool de Armazanamento
 label.storage=Storage
 label.storage.tags=Tags de Storage
 label.storage.traffic=Tr\u00e1fego do Storage
@@ -1137,11 +1380,15 @@ label.sunday=Domingo
 label.super.cidr.for.guest.networks=Super CIDR para redes h\u00f3spedes
 label.supported.services=Servi\u00e7os Suportados
 label.supported.source.NAT.type=Tipo de Source NAT Suportado
+label.supportsstrechedl2subnet=Suporte \u00e0 Streched L2 Subnet
 label.suspend.project=Suspender Projeto
 label.switch.type=Tipo de Switch
 label.system.capacity=Capacidade do Sistema
+label.system.offering.for.router=Oferta do Sistema para Roteador
 label.system.offering=Ofertas de Sistema
 label.system.service.offering=System Service Offering
+label.system.vm.details=Detalhes do System VM
+label.system.vm.scaled.up=System VM Escalonada
 label.system.vms=VM de Sistemas
 label.system.vm.type=Tipo de VM de Sistema
 label.system.vm=VM de Sistema
@@ -1155,12 +1402,15 @@ label.task.completed=Tarefa completa
 label.template.limits=Limites do Template
 label.template=Template
 label.TFTP.dir=TFTP Directory
+label.tftp.root.directory=Diret\u00f3rio raiz do tftp
 label.theme.default=Tema Padr\u00e3o
 label.theme.grey=Custom - Grey
 label.theme.lightblue=Custom - Light Blue
+label.threshold=Limiar
 label.thursday=Quinta
 label.tier=Camada
 label.tier.details=Detalhes da camada
+label.timeout.in.second = Timeout (segundos)
 label.timeout=Timeout
 label.time=Time
 label.time.zone=Fuso Hor\u00e1rio
@@ -1170,30 +1420,44 @@ label.total.cpu=CPU TOTAL
 label.total.CPU=CPU TOTAL
 label.total.hosts=Total de Hosts
 label.total.memory=Total de Mem\u00f3ria
+label.total.of.ip=Total de Endere\u00e7os IPs
 label.total.of.vm=Total VMs
 label.total.storage=Totam de Storage
+label.total.virtual.routers=Total de Roteadores Virtuais
+label.total.virtual.routers.upgrade=Total de Roteadores Virtuais que requerem atualiza\u00e7\u00e3o
 label.total.vms=Total VMs
 label.traffic.label=Etiqueta de tr\u00e1fego
 label.traffic.types=Tipos de Tr\u00e1fego
 label.traffic.type=Tipo de Tr\u00e1fego
 label.tuesday=Ter\u00e7a
 label.type.id=Tipo do ID
+label.type.lower=tipo
 label.type=Tipo
+label.ucs=UCS
 label.unavailable=Indispon\u00edvel
+label.unhealthy.threshold=Limiar de Insalubridade
 label.unlimited=Ilimitado
 label.untagged=N\u00e3o Marcado
 label.update.project.resources=Atualizar recursos de projeto
 label.update.ssl= Atualizar Certificado SSL
 label.update.ssl.cert= Atualizar Certificado SSL
 label.updating=Atualizando
+label.upgrade.required=Atualiza\u00e7\u00e3o \u00e9 necess\u00e1ria
+label.upgrade.router.newer.template=Atualize Roteador Para Usar Template Mais Novo
 label.upload=Enviar
 label.upload.volume=Enviar o Volume
 label.url=URL
 label.usage.interface=Usage Interface
+label.usage.sanity.result=Resultado de Sanidade de Uso
+label.usage.server=Uso do Servidor
 label.used=Usado
+label.user.data=Dados de Usu\u00e1rio
+label.username.lower=nome do usu\u00e1rio
 label.username=Nome de usu\u00e1rio
 label.users=Usu\u00e1rios
 label.user=Usu\u00e1rio
+label.user.vm=VM do Usu\u00e1rio
+label.use.vm.ips=Usa IPs da VM
 label.use.vm.ip=Usar IP da VM\:
 label.value=Valor
 label.vcdcname=Nome do vCenter DC
@@ -1203,8 +1467,15 @@ label.vcenter.datastore=vCenter Datastore
 label.vcenter.host=vCenter Host
 label.vcenter.password=vCenter Password
 label.vcenter.username=vCenter Username
+label.vcenter=vcenter
 label.vcipaddress=Endere\u00e7o IP do vCenter
 label.version=Vers\u00e3o
+label.vgpu.max.resolution=Resulo\u00e7\u00e3o max
+label.vgpu.max.vgpu.per.gpu=vGPU por GPU
+label.vgpu.remaining.capacity=Capacidade restante
+label.vgpu.type=Tipo de vGPU
+label.vgpu=VGPU
+label.vgpu.video.ram=RAM de v\u00eddeo
 label.view.all=Visualizar tudo
 label.view.console=Visualizar Console
 label.viewing=Visualizar
@@ -1212,22 +1483,34 @@ label.view.more=Ver mais
 label.view.secondary.ips=Visualizar os IPs secund\u00e1rios
 label.view=Visualizar
 label.virtual.appliance=Appliance Virtual
+label.virtual.appliance.details=Detalhes de appliance virtual
 label.virtual.appliances=Appliance Virtual
 label.virtual.machines=M\u00e1quinas virtuais
+label.virtual.networking=Rede Virtual
 label.virtual.network=Rede Virtual
 label.virtual.router=Roteador Virtual
+label.virtual.routers.group.account=Grupo de Roteadores Virtuais por conta
+label.virtual.routers.group.cluster=Grupo de Roteadores Virtuais por cluster
+label.virtual.routers.group.pod=Grupo de Roteadores Virtuais por pod
+label.virtual.routers.group.zone=Grupo de Roteadores Virtuais por Zona
 label.virtual.routers=Roteadores Virtuais
 label.vlan.id=VLAN ID
 label.vlan.only=VLAN
+label.vlan.range.details=Detalhes de range VLAN
 label.vlan.range=Intervalo de VLAN
+label.vlan.ranges=Range(s) de VLAN
 label.vlan=VLAN
 label.vlan.vni.range=Intervalo de VLAN
+label.vlan.vni.ranges=Range(s) de VLAN/VNI
 label.vm.add=Adicionar Inst\u00e2ncia
 label.vm.destroy=Apagar
 label.vm.display.name=Nome de exibi\u00e7\u00e3o da VM
 label.VMFS.datastore=VMFS datastore
 label.vmfs=VMFS
+label.vm.id=ID da VM
+label.vm.ip=Endere\u00e7o IP da VM
 label.vm.name=Nome da VM
+label.vm.password=Senha para a VM \u00e9
 label.vm.reboot=Reiniciar
 label.VMs.in.tier=M\u00e1quinas virtuais em camadas
 label.vmsnapshot.current=isCurrent
@@ -1239,18 +1522,30 @@ label.vm.start=In\u00edcio
 label.vm.state=Estado da VM
 label.vm.stop=Parar
 label.vms=VMs
+label.vmware.datacenter.id=ID do datacenter VMware
+label.vmware.datacenter.name=Nome do datacenter VMware
+label.vmware.datacenter.vcenter=Vcednter do datacenter VMware
 label.vmware.traffic.label=Etiqueta de tr\u00e1fego VMware
 label.vnet.id=VLAN ID
 label.vnet=VLAN
+label.vnmc.devices=Dispositivos VNMC
+label.vnmc=VNMC
 label.volatile=Vol\u00e1til
 label.volgroup=Grupo de Volume
+label.volume.details=Detalhe do volume
 label.volume=Disco
 label.volume.limits=Limites de Disco
+label.volume.migrated=Volume migrado
 label.volume.name=Nome do Disco
 label.volumes=Discos
+label.vpc.distributedvpcrouter=Roteador VPC Distribuido
 label.vpc.id=VPC ID
 label.VPC.limits=Limites VPC
+label.vpc.offering.details=Detalhes da oferta VPC
+label.vpc.offering=Oferta VPC
 label.VPC.router.details=Detalhes de roteador de VPC
+label.vpc.supportsregionlevelvpc=Suporta VPC em N\u00edvel de Regi\u00e3o
+label.vpc.virtual.router=Roteador Virtual VPC
 label.vpc=VPC
 label.VPN.connection=Conex\u00e3o VPN
 label.vpn.customer.gateway=Gateway de VPN de usu\u00e1rio
@@ -1261,18 +1556,24 @@ label.vsmctrlvlanid=Control VLAN ID
 label.vsmpktvlanid=Packet VLAN ID
 label.vsmstoragevlanid=Storage VLAN ID
 label.vsphere.managed=vSphere Managed
+label.vswitch.name=Nome do vSwitch
+label.vSwitch.type=Tipo do vSwitch
 label.vxlan.id=VXLAN ID
 label.vxlan.range=Intervalo de VXLAN
 label.vxlan=VXLAN
 label.waiting=Aguardando
 label.warn=Avisar
+label.warn.upper=AVISO
 label.wednesday=Quarta-Feira
 label.weekly=Semanal
 label.welcome=Bem-Vindo
 label.welcome.cloud.console=Painel de Controle
 label.what.is.cloudstack=O que \u00e9 o CloudStack&\#8482?
+label.xenserver.tools.version.61.plus=Vers\u00e3o original do XS \u00e9 6.1\\+
+label.Xenserver.Tools.Version61plus=Vers\u00e3o original do XS \u00e9 6.1\\+
 label.xenserver.traffic.label=Etiqueta de tr\u00e1fego XenServer
 label.yes=Sim
+label.zone.dedicated=Zona Dedicada
 label.zone.details=Detalhes de zona
 label.zone.id=ID da Zona
 label.zone.lower=Zona
@@ -1329,6 +1630,7 @@ message.action.disable.physical.network=Por favor confirme que voc\u00ea deseja
 message.action.disable.pod=Confirma a desativa\u00e7\u00e3o do POD.
 message.action.disable.static.NAT=Confirme que voc\u00ea deseja desativar o NAT Est\u00e1tico.
 message.action.disable.zone=Confirma a desativa\u00e7\u00e3o da zona.
+message.action.downloading.template=Baixando template
 message.action.download.iso=Por favor confirme que voc\u00ea deseja baixar esta ISO.
 message.action.download.template=Por favor confirme que voc\u00ea deseja baixar este template.
 message.action.enable.cluster=Confirma a ativa\u00e7\u00e3o do cluster.
@@ -1392,6 +1694,7 @@ message.add.system.service.offering=Por favor preencha os dados abaixo para adic
 message.add.template=Entre com os dados para criar um novo template.
 message.add.volume=Entre com os dados para criar um novo disco.
 message.add.VPN.gateway=Favor confirmar que voc\u00ea deseja adicionar um gateway de VPN
+message.admin.guide.read=Para VMs baseadas em VMware, por favor leia a sess\u00e3o sobre escalonamento din\u00e2mico no guia do administrador antes de escalonar. Voc\u00ea gostaria de continuar?\\
 message.advanced.mode.desc=Escolhe este modelo de rede se deseja ter habilitar o suporte a VLAN. Este modelo permite maior flexibilidade ao administrador ao permitir ofertas de rede customizada, firewall, vpn ou load balancer bem como acesso via rede virtual ou acesso direto.
 message.advanced.security.group=Escolha esta op\u00e7\u00e3o se desejar utilizar Security Groups para isolamento das VMs guest.
 message.advanced.virtual=Escolha esta op\u00e7\u00e3o se desejar utilizar VLANs para isolamento das VMs guest.
@@ -1405,6 +1708,8 @@ message.attach.volume=Preencha os seguintes dados para conectar o novo disco. Se
 message.basic.mode.desc=Escolha este modelo de rede se voc\u00ea <b>*<u>n\u00e3o</u>*</b> quer suporte a VLAN. Toda Inst\u00e2ncia criada neste modelo de rede estar\u00e1 ligado diretamente a um IP da rede e ser\u00e1 usado Security Groups para prover seguran\u00e7a e segrega\u00e7\u00e3o.
 message.change.offering.confirm=Por favor, confirme que voc\u00ea deseja mudar a oferta de servi\u00e7o desta inst\u00e2ncia virtual.
 message.change.password=Por favor, troque sua senha.
+message.cluster.dedicated=Cluster Dedicado
+message.cluster.dedication.released=Cluster dedicado liberado
 message.configure.all.traffic.types=Voc\u00ea tem m\u00faltiplas redes f\u00edsicas; favor configurar etiquetas para cada tipo de tr\u00e1fego clicando no bot\u00e3o Edit.
 message.configure.ldap=Por favor, confirme que voc\u00ea deseja configurar o LDAP.
 message.configuring.guest.traffic=Configurando tr\u00e1fego do guest
@@ -1412,17 +1717,71 @@ message.configuring.physical.networks=Configurando redes f\u00edsicas
 message.configuring.public.traffic=Configurando tr\u00e1fego p\u00fablico
 message.configuring.storage.traffic=Configurando tr\u00e1fego de storage
 message.confirm.action.force.reconnect=Por favor confirme que voc\u00ea deseja for\u00e7ar a reconex\u00e3o com este host.
+message.confirm.add.vnmc.provider=Por favor confirme que voc\u00ea gostaria de adicionar este provedor VNMC.
+message.confirm.archive.alert=Por favor confirme que voc\u00ea deseja arquivar este alerta.
+message.confirm.archive.event=Por favor confirme que voc\u00ea deseja arquivar este evento
+message.confirm.archive.selected.alerts=Por favor confirme que voc\u00ea deseja arquivar os alertas selecionados
+message.confirm.archive.selected.events=Por favor confirme que voc\u00ea deseja arquivar os eventos selecionados
+message.confirm.attach.disk=Voc\u00ea tem certeza que deseja conectar este disco?
+message.confirm.create.volume=Voc\u00ea tem certeza que deseja criar o volume?
+message.confirm.current.guest.CIDR.unchanged=Gostaria de manter o CIDR da rede convidado inalterado?
+message.confirm.dedicate.cluster.domain.account=Voc\u00ea realmente quer dedicar este cluster ao dom\u00ednio/conta?
+message.confirm.dedicate.host.domain.account=Voc\u00ea realmente quer dedicar este host ao dom\u00ednio/conta?
+message.confirm.dedicate.pod.domain.account=Voc\u00ea realmente quer dedicar este pod ao dom\u00ednio/conta?
+message.confirm.dedicate.zone=Voc\u00ea realmente quer dedicar esta zona ao dom\u00ednio/conta?
+message.confirm.delete.acl.list=Voc\u00ea tem certeza que deseja apagar esta lista ACL?
+message.confirm.delete.alert=Voc\u00ea tem certeza que deseja apagar este alerta?
+message.confirm.delete.BrocadeVcs=Por favor confirme que voc\u00ea deseja remover o Brocade Vcs Switch
+message.confirm.delete.ciscoASA1000v=Favor confirmar que voc\u00ea deseja apagar este CiscoASA1000v
+message.confirm.delete.ciscovnmc.resource=Por favor confirme que voc\u00ea deseja apagar este recurso CiscoVNMC
 message.confirm.delete.F5=Por favor confirme que voc\u00ea deseja remover o F5
+message.confirm.delete.internal.lb=Por favor confirme que voc\u00ea deseja remover este LB interno
 message.confirm.delete.NetScaler=Por favor confirme que voc\u00ea deseja remover o NetScaler
+message.confirm.delete.NuageVsp=Por favor confirme que voc\u00ea deseja remover o Nuage Virtualized Services Directory
 message.confirm.delete.PA=Por favor, confirme que voc\u00ea deseja remover Palo Alto
+message.confirm.delete.secondary.staging.store=Por favor confirme que deseja apagar Armazenamento de Est\u00e1gio Secund\u00e1rio
 message.confirm.delete.SRX=Por favor confirme que voc\u00ea deseja remover o SRX
+message.confirm.delete.ucs.manager=Confirme se voc\u00ea deseja excluir o Gerente UCS.
 message.confirm.destroy.router=Por favor confirme que voc\u00ea gostaria de destruir este roteador
+message.confirm.disable.host=Favor confirmar que voc\u00ea deseja desabilitar este host.
+message.confirm.disable.network.offering=Voc\u00ea tem certeza que deseja desabilitar esta oferta de rede?
 message.confirm.disable.provider=Por favor confirme que voc\u00ea gostaria de desabilitar este provider
+message.confirm.disable.vnmc.provider=Por favor confirme que voc\u00ea gostaria de desabilitar este provedor VNMC.
+message.confirm.disable.vpc.offering=Voc\u00ea tem certeza que deseja desabilitar esta oferta de VPC?
+message.confirm.enable.host=Por favor confirme que voc\u00ea deseja habilitar este host.
+message.confirm.enable.network.offering=Voc\u00ea tem certeza que deseja habilitar esta oferta de rede?
 message.confirm.enable.provider=Por favor confirme que voc\u00ea gostaria de habilitar este provider
+message.confirm.enable.vnmc.provider=Por favor confirme que voc\u00ea gostaria de habilitar este provedor VNMC.
+message.confirm.enable.vpc.offering=Voc\u00ea tem certeza que deseja habilitar esta oferta de VPC?
 message.confirm.join.project=Por favor confirme que voc\u00ea deseja entrar neste projeto
+message.confirm.migrate.volume=Voc\u00ea quer migrar este volume?
+message.confirm.refresh.blades=Por favor confirme que voc\u00ea deseja renovar as l\u00e2minas.
+message.confirm.release.dedicated.cluster=Voc\u00ea deseja liberar este cluster dedicado?
+message.confirm.release.dedicated.host=Voc\u00ea deseja liberar esta host dedicado?
+message.confirm.release.dedicated.pod=Voc\u00ea deseja liberar esta pod dedicado?
+message.confirm.release.dedicated.zone=Voc\u00ea deseja liberar esta zona dedicada?
+message.confirm.release.dedicate.vlan.range=Confirme que voc\u00ea deseja liberar esta faixa de VLAN dedicada.
+message.confirm.remove.event=Voc\u00ea tem certeza que deseja remover este evento?
 message.confirm.remove.IP.range=Por favor confirme que voc\u00ea deseja remover este range de IP.
+message.confirm.remove.load.balancer=Por favor, confirme que voc\u00ea quer remover a VM do Balanceador de Carga
+message.confirm.remove.network.offering=Voc\u00ea tem certeza que deseja remover esta oferta de rede?
+message.confirm.remove.selected.alerts=Por favor confirme que voc\u00ea deseja remover os alertas selecionados
+message.confirm.remove.selected.events=Por favor confirme que voc\u00ea deseja remover os eventos selecionados
+message.confirm.remove.vmware.datacenter=Por favor, confirme que voc\u00ea quer remover este VMware datacenter
+message.confirm.remove.vpc.offering=Voc\u00ea tem certeza que deseja remover esta oferta de VPC?
+message.confirm.replace.acl.new.one=Voc\u00ea deseja substituir a ACL com uma nova?
+message.confirm.scale.up.router.vm=Voc\u00ea realmente quer escalonar a VM do Roteador?
+message.confirm.scale.up.system.vm=Voc\u00ea realmente quer escalonar a VM do sistema?
 message.confirm.shutdown.provider=Por favor confirme que voc\u00ea deseja desligar este provider
+message.confirm.start.lb.vm=Confirme que voc\u00ea deseja iniciar esta LB VM
+message.confirm.stop.lb.vm=Confirme que voc\u00ea deseja parar esta LB VM
+message.confirm.upgrade.router.newer.template=Por favor confirme que voc\u00ea deseja atualizar o roteador para usar template mais novo.
+message.confirm.upgrade.routers.account.newtemplate=Por favor confirme que voc\u00ea deseja atualizar todos os roteadores desta conta para o template mais novo.
+message.confirm.upgrade.routers.cluster.newtemplate=Por favor confirme que voc\u00ea deseja atualizar todos os roteadores deste cluster para o template mais novo.
+message.confirm.upgrade.routers.newtemplate=Por favor confirme que voc\u00ea deseja atualizar todos os roteadores desta zona para o template mais novo.
+message.confirm.upgrade.routers.pod.newtemplate=Por favor confirme que voc\u00ea deseja atualizar todos os roteadores neste pod para o template mais novo.
 message.copy.iso.confirm=Confirme se voc\u00ea deseja copiar a ISO para
+message.copy.template.confirm=Voc\u00ea tem certeza que deseja copiar o template ?
 message.copy.template=Copiar template <b id\="copy_template_name_text">XXX</b> da zona <b id\="copy_template_source_zone_text"></b> para
 message.create.template.vm=Criar VM do template <b id\="p_name"></b>
 message.create.template=Voc\u00ea tem certeza que deseja criar um template ?
@@ -1433,8 +1792,10 @@ message.creating.physical.networks=Criando redes fisicas
 message.creating.pod=Criando pod
 message.creating.primary.storage=Criando storage prim\u00e1rio
 message.creating.secondary.storage=Criando storage secund\u00e1rio
+message.creating.systemVM=Criando VMs do sistema (isso pode levar algum tempo)
 message.creating.zone=Criando zona.
 message.decline.invitation=Voc\u00ea tem certeza que quer rejeitar este convite de projeto ?
+message.dedicated.zone.released=Zona dedicada liberada
 message.dedicate.zone=Zona dedicada
 message.delete.account=Confirme se voc\u00ea deseja excluir esta conta.
 message.delete.affinity.group=Por favor, confirme que voc\u00ea deseja remover este grupo de afinidade
@@ -1458,9 +1819,13 @@ message.disable.snapshot.policy=Voc\u00ea desativou com sucesso sua pol\u00edtic
 message.disable.user=Por favor confirme que voc\u00ea deseja desabilitar este usu\u00e1rio.
 message.disable.vpn.access=Confirme se voc\u00ea deseja desativar o acesso VPN.
 message.disable.vpn=Voc\u00ea tem certeza que deseja desabilitar a VPN?
+message.disabling.network.offering=Desabilita oferta de rede
+message.disabling.vpc.offering=Desabilitando oferta VPC
+message.disallowed.characters=Caracteres n\u00e3o-permitidos\: \\<\\,\\>
 message.download.ISO=Por favor clique <a href\="\#">00000</a> para baixar o ISO
 message.download.template=Por favor clique <a href\="\#">00000</a> para baixar o template
 message.download.volume=Clique <a href\="\#">00000</a> para baixar o disco
+message.download.volume.confirm=Por favor confirme que voc\u00ea quer baixar este volume
 message.edit.account=Editar ("-1" indica que n\u00e3o haver\u00e1 limites para a quantidade de recursos criado)
 message.edit.confirm=Por favor confirme suas altera\u00e7\u00f5es antes de clicar em "Salvar".
 message.edit.limits=Especifique os limites para os seguintes recursos. "-1" indica sem limite para o total de recursos criados.
@@ -1471,12 +1836,20 @@ message.enabled.vpn=Seu acesso VPN Est\u00e1 ativado e pode ser acessado atrav\u
 message.enable.user=Por favor confirme que voc\u00ea deseja habilitar este usu\u00e1rio.
 message.enable.vpn.access=VPN Est\u00e1 desativada para este endere\u00e7o IP. Gostaria de ativar o acesso VPN?
 message.enable.vpn=Por favor confirme que voc\u00ea deseja acesso VPN habilitado para este endere\u00e7o IP.
+message.enabling.network.offering=Habilitando oferta de rede
 message.enabling.security.group.provider=Habilitar provider de grupo de seguran\u00e7a
+message.enabling.vpc.offering=Habilitando oferta VPC
+message.enabling.zone.dots=Habilitando Zona....
 message.enabling.zone=Habilitando zona
+message.enter.seperated.list.multiple.cidrs=Por favor entre a de CIDRs separadas por v\u00edrgula, se houver mais de uma
 message.enter.token=Por favor entre o token que voc\u00ea recebeu no e-mail privado.
 message.generate.keys=Por favor confirme que voc\u00ea deseja gerar novas chaves para este usu\u00e1rio.
+message.gslb.delete.confirm=Confirme que voc\u00ea deseja apagar este GSLB
+message.gslb.lb.remove.confirm=Confirme que voc\u00ea deseja remover o balanceamento de carga deste GSLB
 message.guest.traffic.in.advanced.zone=O tr\u00e1fego de rede guest \u00e9 para comunica\u00e7\u00e3o entre m\u00e1quinas virtuais do usu\u00e1rio final. Especifique um intervalo de IDs de VLAN para transportar o tr\u00e1fego do guest para cada rede f\u00edsica.
 message.guest.traffic.in.basic.zone=O tr\u00e1fego de rede guest \u00e9 para comunica\u00e7\u00e3o entre m\u00e1quinas virtuais do usu\u00e1rio final. Especifique um intervalo de endere\u00e7os IP para que CloudStack possa atribuir \u00e0s VMs. Certifique-se que este intervalo n\u00e3o se sobreponha o range de IPs reservados do sistema.
+message.host.dedicated=Host dedicado
+message.host.dedication.released=Host dedicado liberado
 message.installWizard.click.retry=Click no bot\u00e3o para tentar executar novamente.
 message.installWizard.copy.whatIsACluster=Um cluster prov\u00ea uma maneira de agrupar hosts. Os hosts em um cluster tem hardware id\u00eantico, rodam o mesmo hypervisor, est\u00e3o na mesma subnet, acessam o mesmo storage compartilhado. Inst\u00e2ncias de m\u00e1quinas virtuais (VMs) podem ser migradas a quente - live migration -  de um host para outro host no mesmo cluster, sem interromper o servi\u00e7o para o usu\u00e1rio. Um Cluster \u00e9 a terceira maior unidade organizacional em uma instala\u00e7\u00e3o CloudStack&\#8482; . Clusters est\u00e3o contidos em pods e pods est\u00e3o contidos em zonas.<br/><br/>O CloudStack&\#8482; permite m\u00faltiplos clusters em uma mesma cloud, entretanto para a instala\u00e7\u00e3o b\u00e1sica, n\u00f3s iremos precisar apenas de um cluster.
 message.installWizard.copy.whatIsAHost=Um host \u00e9 um \u00fanico computador. Os Hosts prov\u00eaem os recursos computacionais para executar as m\u00e1quinas virtuais.  Cada host possu\u00ed o software do hypervisor instalado nele para gerenciar as guest VMs (Exceto os hosts bare metal, que s\u00e3o um caso especial discutido no Guia Avan\u00e7ado de Instala\u00e7\u00e3o). Por exemplo, um servidor Linux com KVM habilitado,  um servidor Citrix XenServer e um servidor ESXi s\u00e3o hosts. Na Instala\u00e7\u00e3o B\u00e1sica, n\u00f3s utilizamos um \u00fanico host rodando XenServer ou KVM.<br/><br/>O host \u00e9 a menor unidade organizacional dentro de uma instala\u00e7\u00e3o CloudStack&\#8482; . Hosts est\u00e3o contidos dentro de Clusters, clusters est\u00e3o contidos dentro de pods e pods est\u00e3o contidos dentro de zonas.
@@ -1511,12 +1884,14 @@ message.installWizard.tooltip.configureGuestTraffic.guestGateway=O gateway que o
 message.installWizard.tooltip.configureGuestTraffic.guestNetmask=A m\u00e1scara de rede da subrede que os guests devem usar
 message.installWizard.tooltip.configureGuestTraffic.guestStartIp=O range de endere\u00e7os IP que estar\u00e1 dispon\u00edvel para aloca\u00e7\u00e3o para os guests nesta zona. Caso uma Interface de Rede seja utilizada, estes IPs devem estar no mesmo CIDR que o CIDR do pod.
 message.installWizard.tooltip.configureGuestTraffic.name=Um nome para sua rede
+message.instance.scaled.up.confirm=Voc\u00ea realmente quer escalonar sua inst\u00e2ncia?
 message.instanceWizard.noTemplates=Voc\u00ea n\u00e3o possui nenhum template dispon\u00edvel; por favor adicione um template compat\u00edvel e reinicie o wizard de inst\u00e2ncia.
 message.ip.address.changed=Seu endere\u00e7o IP pode ter mudado; voc\u00ea gostaria de atualizar a listagem ? Note que neste caso o painel de detalhes ir\u00e1 fechar.
 message.iso.desc=Imagem de disco contendo dados ou m\u00eddia de sistema operacional boot\u00e1vel
 message.join.project=Voc\u00ea agora entrou em um projeto. Por favor troque para a vis\u00e3o de Projeto para visualizar o projeto.
 message.launch.vm.on.private.network=Voc\u00ea deseja executar a sua inst\u00e2ncia na sua pr\u00f3pria rede privada dedicada?
 message.launch.zone=A zona est\u00e1 pronta para ser executada; por favor, v\u00e1 para o pr\u00f3ximo passo.
+message.listView.subselect.multi=(Ctrl/Cmd-click)
 message.lock.account=Confirme se voc\u00ea deseja bloquear esta conta. Bloqueando a conta, todos os Usu\u00e1rios desta conta n\u00e3o estar\u00e3o mais habilitados a gerenciar os recursos na nuvem. Os recursos existentes (Cloud Server) ainda poder\u00e3o ser acessados.
 message.migrate.instance.confirm=Confirme o host que voc\u00ea deseja migrar a inst\u00e2ncia virtual.
 message.migrate.instance.to.host=Por favor confirme que voc\u00ea deseja migrar a inst\u00e2ncia para outro host.
@@ -1524,8 +1899,11 @@ message.migrate.instance.to.ps=Por favor confirme que voc\u00ea deseja migrar a
 message.migrate.router.confirm=Por favor confirme o host que voc\u00ea deseja migrar o roteador para\:
 message.migrate.systemvm.confirm=Por favor confirme o host para o qual voc\u00ea deseja migrar a VM de sistema\:
 message.migrate.volume=Por favor confirme que voc\u00ea deseja migrar o volume para outro storage prim\u00e1rio.
+message.network.addVM.desc=Por favor especifique a rede onde voc\u00ea gostaria de adicionar esta VM. Uma nova NIC ser\u00e1 adicionada a esta rede.
+message.network.addVMNIC=Por favor confirme que voc\u00ea gostaria de adicionar uma nova VM NIC para esta rede.
 message.new.user=Especifique abaixo para adicionar novos usu\u00e1rios para a conta
 message.no.affinity.groups=Voc\u00ea n\u00e3o tem nenhum grupo de afinidade. Por favor, v\u00e1 para o pr\u00f3ximo passo.
+message.no.host.available=Sem hosts dispon\u00edveis para Migra\u00e7\u00e3o
 message.no.network.support.configuration.not.true=Voc\u00ea n\u00e3o possui nenhuma zona com grupos de seguran\u00e7a habilitado. Assim sendo, n\u00e3o possui recursos adicionais de rede. Por favor continue para o passo 5.
 message.no.network.support=O hypervisor escolhido, vSphere, n\u00e3o possui nenhum recurso de rede adicional. Por favor, v\u00e1 para o passo 5.
 message.no.projects.adminOnly=Voc\u00ea n\u00e3o possui nenhum projeto. <br/> Por favor solicite ao seu administrador a cria\u00e7\u00e3o de um novo projeto.
@@ -1543,12 +1921,15 @@ message.please.select.a.configuration.for.your.zone=Por favor selecione uma conf
 message.please.select.a.different.public.and.management.network.before.removing=Por favor selecione uma rede p\u00fablica e de gerenciamento diferente antes de remover
 message.please.select.networks=Por favor selecione as redes para sua m\u00e1quina virtual.
 message.please.wait.while.zone.is.being.created=Por favor, espere enquanto sua zona est\u00e1 sendo criada; isto pode demorar um pouco...
+message.pod.dedication.released=Pod Dedicado liberado
+message.portable.ip.delete.confirm=Favor confirmar que voc\u00ea deseja apagar esta Faixa de IPs Port\u00e1veis
 message.project.invite.sent=Convite enviado para o usu\u00e1rio; Eles ser\u00e3o adicionados ao projeto ap\u00f3s aceitarem o convite
 message.public.traffic.in.advanced.zone=O tr\u00e1fego p\u00fablico \u00e9 gerado quando as VMs na nuvem acessam a internet. Os IPs acess\u00edveis ao p\u00fablico devem ser alocados para essa finalidade. Os usu\u00e1rios finais podem usar a interface do usu\u00e1rio CloudStack para adquirir esses IPs afim de implementar NAT entre a sua rede de guests e sua rede p\u00fablica. <br/><br/> Forne\u00e7a pelo menos um intervalo de endere\u00e7os IP para o tr\u00e1fego de internet.
 message.public.traffic.in.basic.zone=O tr\u00e1fego p\u00fablico \u00e9 gerado quando as VMs na nuvem acessam a Internet ou prestam servi\u00e7os aos clientes atrav\u00e9s da Internet. Os IPs acess\u00edveis ao p\u00fablico devem ser alocados para essa finalidade. Quando uma inst\u00e2ncia \u00e9 criada, um IP a partir deste conjunto de IPs p\u00fablicos ser\u00e3o destinados \u00e0 inst\u00e2ncia, al\u00e9m do endere\u00e7o IP guest. Um NAT est\u00e1tico 1-1  ser\u00e1 criada automaticamente entre o IP p\u00fablico e IP guest. Os usu\u00e1rios finais tamb\u00e9m podem usar a interface de usu\u00e1rio CloudStack para adquirir IPs adicionais afim de se implementar NAT est\u00e1tico entre suas inst\u00e2ncias e o IP p\u00fablico.
+message.read.admin.guide.scaling.up=Por favor leia a sess\u00e3o sobre escalonamento din\u00e2mico no guia do administrador antes de escalonar.
 message.recover.vm=Por favor, confirme a recupera\u00e7\u00e3o desta VM.
 message.redirecting.region=Redirecionando para regi\u00e3o...
-message.reinstall.vm=NOTA\: Proceda com cuidado. Isso far\u00e1 com que a m\u00e1quina virtual seja re-instalada a partir  do Template. Todos os datos do disco ROOT ser\u00e3o perdidos. Volumes de Dados adicionais, se houver, n\u00e3o ser\u00e3o alterados.
+message.reinstall.vm=NOTA\: Proceda com cuidado. Isso far\u00e1 com que a m\u00e1quina virtual seja re-instalada a partir  do Template. Todos os dados do disco ROOT ser\u00e3o perdidos. Volumes de Dados adicionais, se houver, n\u00e3o ser\u00e3o alterados.
 message.remove.ldap=Voc\u00ea tem certeza que deseja deletar a configura\u00e7\u00e3o LDAP?
 message.remove.region=Voc\u00ea tem certeza que deseja remover esta regi\u00e3o deste servidor de gerenciamento?
 message.remove.vpc=Favor confirmar que voc\u00ea deseja remover a VPC
@@ -1560,6 +1941,7 @@ message.restart.mgmt.server=Reinicie o(s) servidor(es) de gerenciamento para que
 message.restart.mgmt.usage.server=Por favor reinicie seu servidor(es) de gerenciamento e seu servidor(es) de utiliza\u00e7\u00e3o para as mudan\u00e7as entrarem em efeito.
 message.restart.network=Por favor confirme que voc\ufffd deseja reiniciar a rede
 message.restart.vpc=Favor confirmar que voc\u00ea deseja reiniciar a VPC
+message.restoreVM=Quer restaurar a VM?
 message.security.group.usage=(Use <strong>Ctrl-clique</strong> para selecionar todos os Security Groups)
 message.select.affinity.groups=Por favor, selecione quaisquer grupos de afinidade que voc\u00ea deseja que esta VM perten\u00e7a\:
 message.select.a.zone=A zone tipicamente corresponde a um \u00fanico datacenter. M\u00faltiplas zonas auxiliam a cloud a ser mais confi\u00e1vel provendo isolamento f\u00edsico e redund\u00e2ncia.
@@ -1568,10 +1950,14 @@ message.select.iso=Por favor selecione um ISO para sua nova inst\u00e2ncia virtu
 message.select.item=Por favor selecione um item.
 message.select.security.groups=Por favor selecione o(s) grupo(s) de seguran\u00e7a para sua nova VM
 message.select.template=Por favor selecione um template para sua nova inst\u00e2ncia virtual.
+message.select.tier=Por favor, selecione um tier
+message.set.default.NIC.manual=Por favor atualize manualmente o NIC padr\u00e3o desta VM agora.
+message.set.default.NIC=Por favor confirme que voc\u00ea quer tornar este NIC o padr\u00e3o para esta VM,
 message.setup.physical.network.during.zone.creation=Ao adicionar uma zona avan\u00e7ada, voc\u00ea precisa configurar uma ou mais redes f\u00edsicas. Cada rede corresponde  \u00e0 uma Interface de Rede no hypervisor. Cada rede f\u00edsica pode ser utilizada para transportar um ou mais tipos de tr\u00e1fego, com certas restri\u00e7\u00f5es sobre como eles podem ser combinados. <br/> <strong> Arraste e solte um ou mais tipos de tr\u00e1fego </ strong> em cada rede f\u00edsica.
 message.setup.physical.network.during.zone.creation.basic=Quando adicionar uma zona b\u00e1sica, voc\u00ea pode configurar uma rede f\u00edsica, que corresponde a uma Interface de Rede no hypervisor. A rede carrega diversos tipos de tr\u00e1fego.<br/><br/>Voc\u00ea pode <strong>adicionar e remover</strong> outros tipos de tr\u00e1fego na mesma interface de rede f\u00edsica.
 message.setup.successful=Cloud configurada com sucesso\!
 message.snapshot.schedule=Voc\u00ea pode configurar Snapshots recorrentes agendados selecionando as op\u00e7\u00f5es Dispon\u00edveis abaixo
+message.specifiy.tag.key.value=Por favor especifique chave e valor da tag
 message.specify.url=Por favor especifique a URL
 message.step.1.continue=Selecione o template ou ISO para continuar
 message.step.1.desc=Por favor, selecione um template para a sua nova inst\u00e2ncia virtual. Voc\u00ea pode tamb\u00e9m escolher um template limpo e instalar a partir de uma imagem ISO.
@@ -1583,7 +1969,10 @@ message.step.4.continue=Selecione pelo menos uma rede para continuar
 message.step.4.desc=Selecione a rede principal que a sua inst\u00e2ncia virtual estar\u00e1 conectada.
 message.storage.traffic=Tr\u00e1fego entre os recursos internos do CloudStack, incluindo todos os componentes que se comunicam com o servidor de gerenciamento tais como hosts e m\u00e1quinas virtuais de sistema CloudStack. Por favor, configure o tr\u00e1fego do storage aqui.
 message.suspend.project=Voc\u00ea tem certeza que deseja suspender este projeto ?
+message.systems.vms.ready=VM de Sistema prontas.
+message.template.copying=O template est\u00e1 sendo copiado.
 message.template.desc=Imagem de SO que pode ser utilizada para bootar VMs
+message.tier.required=Tier \u00e9 obrigat\u00f3rio
 message.tooltip.dns.1=Endere\u00e7o de um servidor DNS que ser\u00e1 utilizado por todas as VMs da Zone. A faixa de IPs p\u00fablicos para essa Zone deve possuir uma rota para o servidor configurado.
 message.tooltip.dns.2=Um servidor DNS secund\u00e1rio para ser utilizado pelas VMs nesta zona. Os endere\u00e7os IP p\u00fablicos nesta zona devem ter rota para este servidor.
 message.tooltip.internal.dns.1=Nome de um servidor DNS que ser\u00e1 utilizado pelas VMs internas de sistema do CloudStack nesta zona. Os endere\u00e7os privados dos pods devem ter uma rota para este servidor.
@@ -1596,19 +1985,44 @@ message.tooltip.zone.name=Um nome para a zona.
 message.update.os.preference=Escolha o SO de preferencia para este host. Todas Inst\u00e2ncias com preferencias similares ser\u00e3o alocadas neste host antes de tentar em outro.
 message.update.resource.count=Por favor confirme que voc\u00ea quer atualizar a contagem de recursos para esta conta.
 message.update.ssl=Envie o novo certificado SSL X.509 para ser atualizado em cada console proxy\:
+message.update.ssl.failed=Atualiza\u00e7\u00e3o do Certificado SSL falhou
+message.update.ssl.succeeded=Atualiza\u00e7\u00e3o do Certificado SSL feita com sucesso
+message.validate.accept=Por favor entre com uma extens\u00e3o v\u00e1lida.
+message.validate.creditcard=Por favor entre um n\u00famero de cart\u00e3o de cr\u00e9dito v\u00e1lido.
+message.validate.date.ISO=Por favor entre com uma data v\u00e1lida (ISO).
+message.validate.date=Por favor entre com uma data v\u00e1lida.
+message.validate.digits=Por favor entre com d\u00edgitos apenas.
+message.validate.email.address=Por favor entre um email v\u00e1lido.
+message.validate.equalto=Por favor entre com o mesmo valor novamente.
+message.validate.fieldrequired=Este campo \u00e9 obrigat\u00f3rio.
+message.validate.fixfield=Por favor, arrume este campo.
 message.validate.instance.name=Nomes de inst\u00e2ncias n\u00e3o podem ter mais de 63 caracteres. Somente letras ASCII a~z, A~Z, d\u00edgitos 0~9 e h\u00edfen s\u00e3o permitidos. Deve come\u00e7ar com uma letra e terminar com uma letra ou d\u00edgito.
 message.validate.invalid.characters=Caracteres inv\u00e1lidos encontrados, por favor corrija.
+message.validate.maxlength=Por favor entre com mais de {0} caracteres.
+message.validate.max=Por favor entre com um valor menor que ou igual a {0}.
+message.validate.minlength=Por favor entre com pelo menos {0} caracteres.
+message.validate.number=Por favor entre um n\u00famero v\u00e1lido.
+message.validate.range.length=Por favor entre com um valor com tamanho entre {0} e {1} caracteres.
+message.validate.range=Por favor entre com um valor com valor entre {0} e {1}.
+message.validate.URL=Por favor entre uma URL v\u00e1lida.
 message.virtual.network.desc=Rede virtual dedicado para sua conta. O Dom\u00ednio de broadcast Est\u00e1 na VLAN e todo acesso a internet \u00e9 roteado atrav\u00e9s do virtual router.
 message.vm.create.template.confirm=Criar Template reiniciar\u00e1 a VM automaticamente.
 message.vm.review.launch=Por favor revise a informa\u00e7\u00e3o abaixo e confirme que sua inst\u00e2ncia virtual est\u00e1 correta antes de executa-la.
+message.vnmc.available.list=VNMC n\u00e3o est\u00e1 dispon\u00edvel na lista de provedores.
+message.vnmc.not.available.list=VNMC n\u00e3o est\u00e1 dispon\u00edvel na lista de provedores.
 message.volume.create.template.confirm=Confirme se voc\u00ea deseja criar um template a partir deste disco. A cria\u00e7\u00e3o do template pode levar alguns minutos ou mais dependendo do tamanho do disco.
+message.waiting.for.builtin.templates.to.load=Aguardando a carga dos templates integrados...
+message.XSTools61plus.update.failed=A atualiza\u00e7\u00e3o do campo Original XS Version is 6.1\\+ falhou. Erro\:
 message.you.must.have.at.least.one.physical.network=Voc\u00ea deve ter pelo menos uma rede f\u00edsica
+message.your.cloudstack.is.ready=Seu CLoudStack est\u00e1 pronto\!
 message.Zone.creation.complete=Cria\u00e7\u00e3o de zona completa
 message.zone.creation.complete.would.you.like.to.enable.this.zone=Cria\u00e7\u00e3o de zona completa. Voc\u00ea gostaria de habilitar esta zona?
 message.zone.no.network.selection=A zona que voc\u00ea selecionou n\u00e3o possui nenhuma rede para ser escolhida.
 message.zone.step.1.desc=Seleciona o modelo de rede para a zona.
 message.zone.step.2.desc=Entre a informa\u00e7\u00e3o a seguir para adicionar uma nova zona
 message.zone.step.3.desc=Entre a informa\u00e7\u00e3o a seguir para adicionar um novo pod
+message.zoneWizard.enable.local.storage=AVISO\: se voc\u00ea habilitar storage local para esta zona, voc\u00ea deve fazer o seguinte, dependendo se voc\u00ea quiser que suas m\u00e1quinas virtuais de sistema inicializem\:<br/><br/>1. Se m\u00e1quinas virtuais de sistema precisam ser iniciadas em storage prim\u00e1ria, storage prim\u00e1ria precisa ser adicionada \u00e0 zona ap\u00f3s a cria\u00e7\u00e3o. Voc\u00ea tamb\u00e9m deve ativar a zona em um estado desabilitado.<br/><br/>2. Se m\u00e1quinas virtuais de sistema precisam ser iniciadas em storage local, system.vm.use.local.storage precisa ser estabelecida como verdadeira antes de voc\u00ea habilitar a zona.<br/><br/><br/>Voc\u00ea quer continuar?
+messgae.validate.min=Por favor entre com um valor maior que ou igual a {0}.
 mode=Modo
 network.rate=Taxa de Transfer\u00eancia
 notification.reboot.instance=Reiniciar inst\u00e2ncia
@@ -1625,6 +2039,7 @@ state.Completed=Completo
 state.Creating=Criando
 state.Declined=Recusado
 state.Destroyed=Destru\u00eddo
+state.detached=Desanexado
 state.Disabled=Desativado
 state.enabled=Habilitado
 state.Enabled=Habilitado
diff --git a/client/WEB-INF/classes/resources/messages_ru_RU.properties b/client/WEB-INF/classes/resources/messages_ru_RU.properties
index 3cde4ef71e..ae1ed000e9 100644
--- a/client/WEB-INF/classes/resources/messages_ru_RU.properties
+++ b/client/WEB-INF/classes/resources/messages_ru_RU.properties
@@ -21,47 +21,50 @@ confirm.enable.swift=\u0417\u0430\u043f\u043e\u043b\u043d\u0438\u0442\u0435 \u04
 error.could.not.enable.zone=\u041d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0437\u043e\u043d\u0443
 error.installWizard.message=\u0427\u0442\u043e-\u0442\u043e \u043d\u0435 \u0442\u0430\u043a. \u0412\u0435\u0440\u043d\u0438\u0442\u0435\u0441\u044c \u043d\u0430\u0437\u0430\u0434 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u044c\u0442\u0435 \u043e\u0448\u0438\u0431\u043a\u0438.
 error.invalid.username.password=\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0456\u0439 \u043b\u043e\u0433\u0438\u043d \u0438\u043b\u0438 \u043f\u0430\u0440\u043e\u043b\u044c
-error.login=\u0412\u0430\u0448\u0435 \u0438\u043c\u044f/\u043f\u0430\u0440\u043e\u043b\u044c \u043d\u0435 \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u0435\u0442 \u0441 \u0432\u0430\u0448\u0438\u043c\u0438 \u0437\u0430\u043f\u0438\u0441\u044f\u043c\u0438.
+error.login=\u0412\u0430\u0448\u0435 \u0438\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438\u043b\u0438 \u043f\u0430\u0440\u043e\u043b\u044c \u043d\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0442 \u043d\u0430\u0448\u0438\u043c \u0437\u0430\u043f\u0438\u0441\u044f\u043c.
 error.menu.select=\u041d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0432\u044b\u0431\u0440\u0430\u043d\u044b\u0445 \u043f\u0443\u043d\u043a\u0442\u043e\u0432.
-error.mgmt.server.inaccessible=\u0421\u0435\u0440\u0432\u0435\u0440 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430. \u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0439\u0442\u0435 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u043d\u0435\u043c\u0443 \u043f\u043e\u0437\u0436\u0435.
+error.mgmt.server.inaccessible=\u0421\u0435\u0440\u0432\u0435\u0440 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d. \u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0439\u0442\u0435 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u043d\u0435\u043c\u0443 \u043f\u043e\u0437\u0436\u0435.
 error.password.not.match=\u041f\u0430\u0440\u043e\u043b\u0438 \u043d\u0435 \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u044e\u0442
-error.please.specify.physical.network.tags=\u0421\u0435\u0442\u044c \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430, \u043f\u043e\u043a\u0430 \u0432\u044b \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u0442\u0435\u0433\u0438 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0442\u0438.
-error.session.expired=\u0412\u0430\u0448\u0430 \u0441\u0435\u0441\u0441\u0438\u044f \u0431\u044b\u043b\u0430 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0430
+error.please.specify.physical.network.tags=\u0421\u0435\u0442\u0435\u0432\u044b\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u043f\u043e\u043a\u0430 \u0432\u044b \u043d\u0435 \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0442\u0435\u0433\u0438 \u0434\u043b\u044f \u0434\u0430\u043d\u043d\u043e\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0442\u0438.
+error.session.expired=\u0412\u0440\u0435\u043c\u044f \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u044f \u0441\u0435\u0441\u0441\u0438\u0438 \u0438\u0441\u0442\u0435\u043a\u043b\u043e.
 error.something.went.wrong.please.correct.the.following=\u0427\u0442\u043e-\u0442\u043e \u043d\u0435 \u0442\u0430\u043a, \u0438\u0441\u043f\u0440\u0430\u0432\u044c\u0442\u0435 \u043e\u0448\u0438\u0431\u043a\u0438
 error.unable.to.reach.management.server=\u041d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f
-error.unresolved.internet.name=\u0412\u0430\u0448\u0435 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0438\u043c\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c
-force.delete.domain.warning=\u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435\: \u041f\u0440\u0438 \u0432\u044b\u0431\u043e\u0440\u0435 \u044d\u0442\u043e\u0433\u043e \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044e \u0432\u0441\u0435\u0445 \u0434\u043e\u0447\u0435\u0440\u043d\u0438\u0445 \u0434\u043e\u043c\u0435\u043d\u043e\u0432 \u0438 \u0432\u0441\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 \u0438 \u0438\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432.
-force.delete=\u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0434\u0430\u043b\u0438\u0442\u044c
-force.remove.host.warning=\u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435\: \u041f\u0440\u0438 \u0432\u044b\u0431\u043e\u0440\u0435 \u044d\u0442\u043e\u0439 \u043e\u043f\u0446\u0438\u0438 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u0437\u044b\u0432\u0430\u043d CloudStack \u0434\u043b\u044f \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043a\u0438 \u0432\u0441\u0435\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0441\u043d\u0438\u043c\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u0443\u0437\u0435\u043b \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430..
-force.remove=\u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0434\u0430\u043b\u0438\u0442\u044c
-force.stop.instance.warning=\u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435\: \u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c\u0441\u044f \u0432 \u0441\u0430\u043c\u0443\u044e\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c. \u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u043f\u043e\u0442\u0435\u0440\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435/\u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.
-force.stop=\u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c
+error.unresolved.internet.name=\u0412\u0430\u0448\u0435 \u0441\u0435\u0442\u0435\u0432\u043e\u0435 \u0438\u043c\u044f \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c.
+force.delete.domain.warning=\u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435\: \u0412\u044b\u0431\u043e\u0440 \u044d\u0442\u043e\u0439 \u043e\u043f\u0446\u0438\u0438 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044e \u0432\u0441\u0435\u0445 \u0434\u043e\u0447\u0435\u0440\u043d\u0438\u0445 \u0434\u043e\u043c\u0435\u043d\u043e\u0432 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0438 \u0438\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 
+force.delete=\u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435
+force.remove.host.warning=\u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435\: \u041f\u0440\u0438 \u0432\u044b\u0431\u043e\u0440\u0435 \u044d\u0442\u043e\u0439 \u043e\u043f\u0446\u0438\u0438  CloudStack \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442 \u0432\u0441\u0435 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0445\u043e\u0441\u0442 \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430.
+force.remove=\u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435
+force.stop.instance.warning=\u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435\: \u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c\u0441\u044f \u0432 \u0441\u0430\u043c\u0443\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c. \u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u043f\u043e\u0442\u0435\u0440\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.
+force.stop=\u041f\u0440\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430.
 ICMP.code=\u041a\u043e\u0434 ICMP
 ICMP.type=\u0422\u0438\u043f ICMP
 image.directory=\u041a\u0430\u0442\u0430\u043b\u043e\u0433 \u0441 \u043e\u0431\u0440\u0430\u0437\u0430\u043c\u0438
 inline=\u0412\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439
-instances.actions.reboot.label=\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
-label.about.app=\u041e CloudStack
-label.about=\u041e
+instances.actions.reboot.label=\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0412\u041c
+label.about.app=CloudStack
+label.about=\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e
 label.accept.project.invitation=\u041f\u0440\u0438\u043d\u044f\u0442\u044c \u043f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u0435 \u043d\u0430 \u043f\u0440\u043e\u0435\u043a\u0442
 label.account.and.security.group=\u0410\u043a\u043a\u0430\u0443\u043d\u0442, \u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438
 label.account.id=ID \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438
+label.account.lower=\u0423\u0447\u0451\u0442\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c
 label.account.name=\u0418\u043c\u044f \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438
 label.account.specific=\u0421\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430 \u0430\u043a\u043a\u0430\u0443\u043d\u043d\u0442\u0430
 label.accounts=\u0423\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438
 label.account=\u0423\u0447\u0451\u0442\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c
 label.acquire.new.ip=\u041f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 IP
 label.acquire.new.secondary.ip=\u0417\u0430\u043f\u0440\u043e\u0441\u0438\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 IP-\u0430\u0434\u0440\u0435\u0441
-label.action.attach.disk.processing=\u041f\u0440\u0438\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435 \u0434\u0438\u0441\u043a\u0430...
-label.action.attach.disk=\u041f\u0440\u0438\u043a\u0440\u0435\u043f\u0438\u0442\u044c \u0434\u0438\u0441\u043a
-label.action.attach.iso.processing=\u041f\u0440\u0438\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435 ISO...
-label.action.attach.iso=\u041f\u0440\u0438\u043a\u0440\u0435\u043f\u0438\u0442\u044c ISO
-label.action.cancel.maintenance.mode.processing=\u041e\u0442\u043c\u0435\u043d\u0430 \u0440\u0435\u0436\u0438\u043c\u0430 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f...
-label.action.cancel.maintenance.mode=\u041e\u0442\u043c\u0435\u043d\u0438\u0442\u044c \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f
+label.action.attach.disk.processing=\u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0434\u0438\u0441\u043a\u0430...
+label.action.attach.disk=\u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u0438\u0441\u043a
+label.action.attach.iso.processing=\u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 ISO...
+label.action.attach.iso=\u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c ISO
+label.action.cancel.maintenance.mode.processing=\u0412\u044b\u0445\u043e\u0434 \u0438\u0437 \u0440\u0435\u0436\u0438\u043c\u0430 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f...
+label.action.cancel.maintenance.mode=\u0412\u044b\u0439\u0442\u0438 \u0438\u0437 \u0440\u0435\u0436\u0438\u043c\u0430 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f.
 label.action.change.password=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c
 label.action.change.service.processing=\u0418\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0441\u043b\u0443\u0436\u0431\u044b...
 label.action.change.service=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u0443
+label.action.copy.ISO.processing=\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 ISO...
 label.action.copy.ISO=\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c ISO
+label.action.copy.template.processing=\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0448\u0430\u0431\u043b\u043e\u043d\u0430...
 label.action.copy.template=\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d
 label.action.create.template.from.vm=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d \u0438\u0437 \u0412\u041c
 label.action.create.template.from.volume=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d \u0438\u0437 \u0442\u043e\u043c\u0430
@@ -69,8 +72,8 @@ label.action.create.template.processing=\u0421\u043e\u0437\u0434\u0430\u043d\u04
 label.action.create.template=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d
 label.action.create.vm.processing=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0412\u041c...
 label.action.create.vm=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0412\u041c
-label.action.create.volume.processing=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0442\u043e\u043c\u0430...
-label.action.create.volume=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0442\u043e\u043c
+label.action.create.volume.processing=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0434\u0438\u0441\u043a\u0430...
+label.action.create.volume=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0434\u0438\u0441\u043a
 label.action.delete.account.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438...
 label.action.delete.account=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c
 label.action.delete.cluster.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430...
@@ -81,13 +84,13 @@ label.action.delete.domain.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438
 label.action.delete.domain=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0434\u043e\u043c\u0435\u043d
 label.action.delete.firewall.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0444\u0430\u0435\u0440\u0432\u043e\u043b\u0430...
 label.action.delete.firewall=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0444\u0430\u0435\u0440\u0432\u043e\u043b\u0430
-label.action.delete.ingress.rule.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0432\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u0430...
-label.action.delete.ingress.rule=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0432\u0445\u043e\u0434\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
+label.action.delete.ingress.rule.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u0430...
+label.action.delete.ingress.rule=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
 label.action.delete.IP.range.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 IP...
 label.action.delete.IP.range=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP
 label.action.delete.ISO.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 ISO...
 label.action.delete.ISO=\u0423\u0434\u0430\u043b\u0438\u0442\u044c ISO
-label.action.delete.load.balancer.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438...
+label.action.delete.load.balancer.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438....
 label.action.delete.load.balancer=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
 label.action.delete.network.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0441\u0435\u0442\u0438...
 label.action.delete.network=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0441\u0435\u0442\u044c
@@ -98,12 +101,12 @@ label.action.delete.pod.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0
 label.action.delete.pod=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0441\u0442\u0435\u043d\u0434
 label.action.delete.primary.storage.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430...
 label.action.delete.primary.storage=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
-label.action.delete.secondary.storage.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430...
-label.action.delete.secondary.storage=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
-label.action.delete.security.group.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438...
-label.action.delete.security.group=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0433\u0440\u0443\u043f\u043f\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438
-label.action.delete.service.offering.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u043e\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430...
-label.action.delete.service.offering=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
+label.action.delete.secondary.storage.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439....
+label.action.delete.secondary.storage=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439
+label.action.delete.security.group.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 Security Group....
+label.action.delete.security.group=\u0423\u0434\u0430\u043b\u0438\u0442\u044c Security Group
+label.action.delete.service.offering.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0441\u043b\u0443\u0436\u0431\u044b....
+label.action.delete.service.offering=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 \u0441\u043b\u0443\u0436\u0431
 label.action.delete.snapshot.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0441\u043d\u0438\u043c\u043a\u0430...
 label.action.delete.snapshot=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0441\u043d\u0438\u043c\u043e\u043a
 label.action.delete.system.service.offering=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
@@ -111,79 +114,79 @@ label.action.delete.template.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u04
 label.action.delete.template=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d
 label.action.delete.user.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f...
 label.action.delete.user=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
-label.action.delete.volume.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0442\u043e\u043c\u0430...
-label.action.delete.volume=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0442\u043e\u043c
+label.action.delete.volume.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0434\u0438\u0441\u043a\u0430....
+label.action.delete.volume=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0434\u0438\u0441\u043a
 label.action.delete.zone.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0437\u043e\u043d\u044b...
 label.action.delete.zone=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0437\u043e\u043d\u0443
 label.action.destroy.instance.processing=\u0423\u043d\u0438\u0447\u0442\u043e\u0436\u0435\u043d\u0438\u0435 \u043c\u0430\u0448\u0438\u043d\u044b...
 label.action.destroy.instance=\u0423\u043d\u0438\u0447\u0442\u043e\u0436\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
 label.action.destroy.systemvm.processing=\u0423\u043d\u0438\u0447\u0442\u043e\u0436\u0435\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0412\u041c...
-label.action.destroy.systemvm=\u0423\u043d\u0438\u0447\u0442\u043e\u0436\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0412\u041c
-label.action.detach.disk.processing=\u041e\u0442\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435 \u0434\u0438\u0441\u043a\u0430...
-label.action.detach.disk=\u041e\u0442\u043a\u0440\u0435\u043f\u0438\u0442\u044c \u0434\u0438\u0441\u043a
-label.action.detach.iso.processing=\u041e\u0442\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435 ISO
-label.action.detach.iso=\u041e\u0442\u043a\u0440\u0435\u043f\u0438\u0442\u044c ISO
+label.action.destroy.systemvm=\u0423\u043d\u0438\u0447\u0442\u043e\u0436\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u0412\u041c
+label.action.detach.disk.processing=\u041e\u0442\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0434\u0438\u0441\u043a\u0430....
+label.action.detach.disk=\u041e\u0442\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u0434\u0438\u0441\u043a
+label.action.detach.iso.processing=\u041e\u0442\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 ISO....
+label.action.detach.iso=\u041e\u0442\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u0442\u044c ISO
 label.action.disable.account.processing=\u0412\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438
 label.action.disable.account=\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c
-label.action.disable.cluster.processing=\u0412\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430...
-label.action.disable.cluster=\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043a\u043b\u0430\u0441\u0442\u0435\u0440
+label.action.disable.cluster.processing=\u041e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430...
+label.action.disable.cluster=\u041e\u0442\u043a\u043b\u044e\u0447\u0442\u044c \u043a\u043b\u0430\u0441\u0442\u0435\u0440
 label.action.disable.nexusVswitch=\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c NexusVswitch
 label.action.disable.physical.network=\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0435\u0442\u044c
-label.action.disable.pod.processing=\u0412\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043d\u0434\u0430.
-label.action.disable.pod=\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0442\u0435\u043d\u0434
-label.action.disable.static.NAT.processing=\u0412\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u043e\u0433\u043e NAT...
-label.action.disable.static.NAT=\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u044b\u0439 NAT
-label.action.disable.user.processing=\u0412\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
-label.action.disable.user=\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
-label.action.disable.zone.processing=\u0412\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0437\u043e\u043d\u044b...
-label.action.disable.zone=\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0437\u043e\u043d\u0443
+label.action.disable.pod.processing=\u041e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043d\u0434\u0430...
+label.action.disable.pod=\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0442\u0435\u043d\u0434.
+label.action.disable.static.NAT.processing=\u041e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 \u0430\u0434\u0440\u0435\u0441\u043e\u0432....
+label.action.disable.static.NAT=\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u044e \u0430\u0434\u0440\u0435\u0441\u043e\u0432
+label.action.disable.user.processing=\u0414\u0435\u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f....
+label.action.disable.user=\u0414\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
+label.action.disable.zone.processing=\u041e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0437\u043e\u043d\u044b...
+label.action.disable.zone=\u041e\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0437\u043e\u043d\u0443
 label.action.download.ISO=\u0417\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c ISO
 label.action.download.template=\u0417\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d
-label.action.download.volume.processing=\u0417\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0442\u043e\u043c\u0430...
-label.action.download.volume=\u0417\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0442\u043e\u043c
-label.action.edit.account=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c
-label.action.edit.disk.offering=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0438\u0441\u043a\u043e\u0432\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
-label.action.edit.domain=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u043c\u0435\u043d
-label.action.edit.global.setting=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438
-label.action.edit.host=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0437\u0435\u043b
-label.action.edit.instance=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
-label.action.edit.ISO=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c ISO
-label.action.edit.network.offering=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
-label.action.edit.network.processing=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438...
-label.action.edit.network=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0442\u044c
-label.action.edit.pod=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0442\u0435\u043d\u0434
-label.action.edit.primary.storage=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
-label.action.edit.resource.limits=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432
-label.action.edit.service.offering=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
-label.action.edit.template=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d
-label.action.edit.user=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
-label.action.edit.zone=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0437\u043e\u043d\u0443
-label.action.enable.account.processing=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430...
-label.action.enable.account=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c
+label.action.download.volume.processing=\u0417\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0434\u0438\u0441\u043a\u0430....
+label.action.download.volume=\u0417\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0434\u0438\u0441\u043a
+label.action.edit.account=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c
+label.action.edit.disk.offering=\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 \u0434\u0438\u0441\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430
+label.action.edit.domain=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0434\u043e\u043c\u0435\u043d
+label.action.edit.global.setting=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438
+label.action.edit.host=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0443\u0437\u0435\u043b
+label.action.edit.instance=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
+label.action.edit.ISO=\u0418\u0437\u043c\u0435\u043d\u0438\u0438\u0442\u044c ISO
+label.action.edit.network.offering=\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u0430
+label.action.edit.network.processing=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u0435\u0442\u0438....
+label.action.edit.network=\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0441\u0435\u0442\u044c
+label.action.edit.pod=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u0442\u0435\u043d\u0434
+label.action.edit.primary.storage=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
+label.action.edit.resource.limits=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432
+label.action.edit.service.offering=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f
+label.action.edit.template=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d
+label.action.edit.user=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
+label.action.edit.zone=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0437\u043e\u043d\u0443
+label.action.enable.account.processing=\u0410\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438....
+label.action.enable.account=\u0410\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c
 label.action.enable.cluster.processing=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430...
 label.action.enable.cluster=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043a\u043b\u0430\u0441\u0442\u0435\u0440
-label.action.enable.maintenance.mode.processing=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0440\u0435\u0436\u0438\u043c\u0430 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f...
-label.action.enable.maintenance.mode=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f
+label.action.enable.maintenance.mode.processing=\u0410\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u0440\u0435\u0436\u0438\u043c\u0430 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f.....
+label.action.enable.maintenance.mode=\u0410\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f
 label.action.enable.nexusVswitch=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c NexusVswitch
 label.action.enable.physical.network=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0435\u0442\u044c
 label.action.enable.pod.processing=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043d\u0434\u0430..
 label.action.enable.pod=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0442\u0435\u043d\u0434
-label.action.enable.static.NAT.processing=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u043e\u0433\u043e NAT..
-label.action.enable.static.NAT=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u044b\u0439 NAT
-label.action.enable.user.processing=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f...
-label.action.enable.user=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
-label.action.enable.zone.processing=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0437\u043e\u043d\u044b...
-label.action.enable.zone=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0437\u043e\u043d\u0443
+label.action.enable.static.NAT.processing=\u0410\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 \u0430\u0434\u0440\u0435\u0441\u043e\u0432....
+label.action.enable.static.NAT=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u044e \u0430\u0434\u0440\u0435\u0441\u043e\u0432
+label.action.enable.user.processing=\u0410\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f....
+label.action.enable.user=\u0410\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
+label.action.enable.zone.processing=\u0410\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u0437\u043e\u043d\u044b...
+label.action.enable.zone=\u0410\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0437\u043e\u043d\u0443
 label.action.force.reconnect.processing=\u041f\u0435\u0440\u0435\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435...
-label.action.force.reconnect=\u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0435\u0440\u0435\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c
-label.action.generate.keys.processing=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043a\u043b\u044e\u0447\u0435\u0439...
-label.action.generate.keys=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u043a\u043b\u044e\u0447\u0438
+label.action.force.reconnect=\u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435
+label.action.generate.keys.processing=\u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044f \u043a\u043b\u044e\u0447\u0435\u0439...
+label.action.generate.keys=\u0413\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043b\u044e\u0447\u0438
 label.action.list.nexusVswitch=\u041b\u0438\u0441\u0442 NexusVswitch
-label.action.lock.account.processing=\u0411\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438
+label.action.lock.account.processing=\u0411\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438....
 label.action.lock.account=\u0417\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c
 label.action.manage.cluster.processing=\u041f\u0435\u0440\u0435\u0445\u043e\u0434 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432 \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f...
 label.action.manage.cluster=\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c
-label.action.migrate.instance.processing=\u041f\u0435\u0440\u0435\u043d\u043e\u0441 \u043c\u0430\u0448\u0438\u043d\u044b......
+label.action.migrate.instance.processing=\u041c\u0438\u0433\u0440\u0430\u0446\u0438\u044f \u043c\u0430\u0448\u0438\u043d\u044b....
 label.action.migrate.instance=\u041f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u043c\u0430\u0448\u0438\u043d\u0443
 label.action.migrate.router.processing=\u041f\u0435\u0440\u0435\u043d\u043e\u0441 \u0440\u043e\u0443\u0442\u0435\u0440\u0430...
 label.action.migrate.router=\u041f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u0440\u043e\u0443\u0442\u0435\u0440
@@ -204,9 +207,9 @@ label.action.remove.host.processing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u
 label.action.remove.host=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0443\u0437\u0435\u043b
 label.action.reset.password.processing=\u0421\u0431\u0440\u043e\u0441 \u043f\u0430\u0440\u043e\u043b\u044f...
 label.action.reset.password=\u0421\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c
-label.action.resize.volume.processing=Resizing Volume....
-label.action.resize.volume=Resize Volume
-label.action.resource.limits=\u041f\u0440\u0435\u0434\u0435\u043b\u044b \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432
+label.action.resize.volume.processing=\u0418\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0434\u0438\u0441\u043a\u0430....
+label.action.resize.volume=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0440\u0430\u0437\u043c\u0435\u0440 \u0434\u0438\u0441\u043a\u0430
+label.action.resource.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u043e\u0432
 label.action.restore.instance.processing=\u0412\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043c\u0430\u0448\u0438\u043d\u044b...
 label.action.restore.instance=\u0412\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
 label.action.revert.snapshot.processing=\u0412\u043e\u0437\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u0435 \u043a \u0441\u043d\u0438\u043c\u043a\u0443...
@@ -226,10 +229,11 @@ label.action.stop.systemvm=\u041e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u044
 label.actions=\u0414\u0435\u0439\u0441\u0442\u0432\u0438\u044f
 label.action.take.snapshot.processing=\u041f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u0441\u043d\u0438\u043c\u043a\u0430...
 label.action.take.snapshot=\u041f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u043d\u0438\u043c\u043e\u043a...
+label.action=\u0414\u0435\u0439\u0441\u0442\u0432\u0438\u044f
 label.action.unmanage.cluster.processing=\u041f\u0435\u0440\u0435\u0445\u043e\u0434 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432 \u043e\u0431\u044b\u0447\u043d\u044b\u0439 \u0440\u0435\u0436\u0438\u043c...
 label.action.unmanage.cluster=\u041f\u0435\u0440\u0435\u0432\u0435\u0441\u0442\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440 \u0432 \u043e\u0431\u044b\u0447\u043d\u044b\u0439 \u0440\u0435\u0436\u0438\u043c
-label.action.update.OS.preference.processing=\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u041e\u0421...
-label.action.update.OS.preference=\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u041e\u0421
+label.action.update.OS.preference.processing=\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a O\u0421....
+label.action.update.OS.preference=\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u041e\u0421
 label.action.update.resource.count.processing=\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0447\u0435\u0442\u0447\u0438\u043a\u0430 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432...
 label.action.update.resource.count=\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0447\u0451\u0442\u0447\u0438\u043a \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432
 label.action.vmsnapshot.create=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0441\u043d\u0438\u043c\u043e\u043a \u0412\u041c
@@ -238,21 +242,21 @@ label.action.vmsnapshot.revert=\u0412\u043e\u0441\u0441\u0442\u0430\u043d\u043e\
 label.activate.project=\u0417\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043f\u0440\u043e\u0435\u043a\u0442
 label.active.sessions=\u0410\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0435\u0441\u0441\u0438\u0438
 label.add.accounts.to=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438
-label.add.accounts=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u044b
-label.add.account.to.project=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0430\u043a\u043a\u0430\u0443\u043d\u0442 \u0432 \u043f\u0440\u043e\u0435\u043a\u0442
-label.add.account=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0430\u043a\u043a\u0430\u0443\u043d\u0442
+label.add.accounts=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438
+label.add.account.to.project=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u043f\u0440\u043e\u0435\u043a\u0442
+label.add.account=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c
 label.add.ACL=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c ACL
 label.add.affinity.group=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u0443\u044e affinity group
 label.add.BigSwitchVns.device=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c BigSwitch Vns Controller
 label.add.by.cidr=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043a CIDR
 label.add.by.group=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043a \u0433\u0440\u0443\u043f\u043f\u0435
-label.add.by=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c
+label.add.by=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043a
 label.add.cluster=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043a\u043b\u0430\u0441\u0442\u0435\u0440
-label.add.compute.offering=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0435
-label.add.direct.iprange=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u043f\u0440\u044f\u043c\u044b\u0445 IP
-label.add.disk.offering=\u041d\u043e\u0432\u044b\u0439 \u0434\u0438\u0441\u043a\u043e\u0432\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
+label.add.compute.offering=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u044f
+label.add.direct.iprange=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0445 IP \u0430\u0434\u0440\u0435\u0441\u043e\u0432
+label.add.disk.offering=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 \u0434\u0438\u0441\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430
 label.add.domain=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u043e\u043c\u0435\u043d
-label.add.egress.rule=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432\u044b\u0445\u043e\u0434\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
+label.add.egress.rule=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
 label.add.F5.device=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c F5 \u0443\u0441\u0442\u0440\u043e\u0439\u0432\u043e
 label.add.firewall=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0444\u0430\u0435\u0440\u0432\u043e\u043b\u0430.
 label.add.guest.network=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0433\u043e\u0441\u0442\u0435\u0432\u0443\u044e \u0441\u0435\u0442\u044c
@@ -261,19 +265,21 @@ label.adding.cluster=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u043
 label.adding.failed=\u041d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c
 label.adding.pod=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043d\u0434\u0430
 label.adding.processing=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435...
-label.add.ingress.rule=\u041d\u043e\u0432\u043e\u0435 \u0432\u0445\u043e\u0434\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
+label.add.ingress.rule=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
 label.adding.succeeded=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u043e \u0443\u0441\u043f\u0435\u0448\u043d\u043e
 label.adding=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u043e\u043d\u044b
 label.adding.user=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
 label.adding.zone=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u043e\u043d\u044b
-label.add.ip.range=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP
+label.add.ip.range=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0430\u0434\u0440\u0435\u0441\u043e\u0432
+label.add.isolated.guest.network=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0433\u043e\u0441\u0442\u0435\u0432\u0443\u044e \u0441\u0435\u0442\u044c
+label.add.isolated.network=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0441\u0435\u0442\u044c
 label.additional.networks=\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0442\u0438
-label.add.load.balancer=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0443 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
-label.add.more=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0447\u0442\u043e-\u0442\u043e \u0435\u0449\u0435
+label.add.load.balancer=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
+label.add.more=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0435\u0449\u0435
 label.add.netScaler.device=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c Netscaler \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e
 label.add.network.ACL=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u0443\u044e ACL
 label.add.network.device=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e
-label.add.network.offering=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
+label.add.network.offering=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b
 label.add.network=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0442\u044c
 label.add.new.F5=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 F5
 label.add.new.gateway=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 \u0448\u043b\u044e\u0437
@@ -292,12 +298,12 @@ label.add.resources=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0440\u043
 label.add.route=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043c\u0430\u0440\u0448\u0440\u0443\u0442
 label.add.rule=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e
 label.add.secondary.storage=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
-label.add.security.group=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0433\u0440\u0443\u043f\u043f\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438
+label.add.security.group=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c Security Group
 label.add.service.offering=\u041d\u043e\u0432\u044b\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
 label.add.SRX.device=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c SRX \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e
 label.add.static.nat.rule=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u043e\u0433\u043e NAT
 label.add.static.route=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u044b\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442
-label.add.system.service.offering=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
+label.add.system.service.offering=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u044b 
 label.add.template=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d
 label.add.to.group=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432 \u0433\u0440\u0443\u043f\u043f\u0443
 label.add=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c
@@ -307,75 +313,80 @@ label.add.vms.to.lb=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0412\u041
 label.add.vms=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0412\u041c
 label.add.VM.to.tier=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0412\u041c \u043a tier
 label.add.vm=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0412\u041c
-label.add.volume=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0442\u043e\u043c
+label.add.volume=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0441\u043a
+label.add.vpc.offering=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 VPC
 label.add.vpc=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c VPC
 label.add.vpn.customer.gateway=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c VPN \u0448\u043b\u044e\u0437 \u043a\u043b\u0438\u0435\u043d\u0442\u0430
 label.add.VPN.gateway=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c VPN \u0448\u043b\u044e\u0437
 label.add.vpn.user=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f VPN
 label.add.vxlan=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c VXLAN
 label.add.zone=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0437\u043e\u043d\u0443
-label.admin.accounts=\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0441\u043a\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438
+label.admin.accounts=\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438
 label.admin=\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440
-label.advanced.mode=\u041f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u0439 \u0440\u0435\u0436\u0438\u043c
+label.advanced.mode=\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0439 \u0440\u0435\u0436\u0438\u043c
 label.advanced.search=\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0439 \u043f\u043e\u0438\u0441\u043a
-label.advanced=\u041f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u044b\u0439
+label.advanced=\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0439
 label.affinity=\ \u0421\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0441\u0442\u044c
 label.agent.password=\u041f\u0430\u0440\u043e\u043b\u044c \u0430\u0433\u0435\u043d\u0442\u0430
 label.agent.username=\u0418\u043c\u044f \u0430\u0433\u0435\u043d\u0442\u0430
 label.agree=\u0421\u043e\u0433\u043b\u0430\u0441\u0435\u043d
 label.alert=\u0422\u0440\u0435\u0432\u043e\u0433\u0430
 label.algorithm=\u0410\u043b\u0433\u043e\u0440\u0438\u0442\u043c
-label.allocated=\u0420\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043e
-label.allocation.state=\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f
+label.allocated=\u0412\u044b\u0434\u0435\u043b\u0435\u043d\u043e
+label.allocation.state=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f
 label.api.key=\u041a\u043b\u044e\u0447 API
+label.api.version=\u0412\u0435\u0440\u0441\u0438\u044f API
 label.apply=\u041f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c
 label.app.name=CloudStack
 label.archive.alerts=\u0410\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u0432\u043e\u0433\u0438
-label.archive.events=\u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0431\u044b\u0442\u0438\u044f
-label.assign.to.load.balancer=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
-label.assign=\u041f\u0440\u0438\u0441\u0432\u043e\u0438\u0442\u044c
-label.associated.network.id=\u0421\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 ID \u0441\u0435\u0442\u0438
+label.archive.events=\u0410\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0431\u044b\u0442\u0438\u044f
+label.assign.to.load.balancer=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u0432 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
+label.assign=\u041f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u043e
+label.associated.network.id=\u041f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u043d\u044b\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 ID
 label.associated.network=\u0421\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441\u0435\u0442\u044c
-label.attached.iso=\u041f\u0440\u0438\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u043d\u044b\u0439 ISO
+label.associate.public.ip=\u0421\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u0435 IP
+label.attached.iso=\u041f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u043d\u044b\u0439 ISO
 label.author.email=E-mail \u0430\u0432\u0442\u043e\u0440\u0430
 label.author.name=\u0418\u043c\u044f \u0430\u0432\u0442\u043e\u0440\u0430
 label.availability=\u0414\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c
 label.availability.zone=\u0414\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u043e\u043d\u044b
-label.available.public.ips=\u0414\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430
+label.available.public.ips=\u0414\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0435 IP \u0430\u0434\u0440\u0435\u0441\u0430
 label.available=\u0414\u043e\u0441\u0442\u0443\u043f\u043d\u043e
 label.back=\u041d\u0430\u0437\u0430\u0434
 label.bandwidth=\u041f\u0440\u043e\u043f\u0443\u0441\u043a\u043d\u0430\u044f \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c
-label.basic.mode=\u041f\u0440\u043e\u0441\u0442\u043e \u0440\u0435\u0436\u0438\u043c
+label.basic.mode=\u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0440\u0435\u0436\u0438\u043c
 label.basic=\u041f\u0440\u043e\u0441\u0442\u043e\u0439
 label.bigswitch.controller.address=\u0410\u0434\u0440\u0435\u0441 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 BigSwitch VNC
-label.bootable=\u0417\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c\u044b\u0439
+label.bootable=\u0417\u0430\u0433\u0440\u0443\u0437\u043e\u0447\u043d\u044b\u0439
 label.broadcast.domain.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0448\u0438\u0440\u043e\u043a\u043e\u0432\u0435\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u043c\u0435\u043d\u0430
 label.broadcast.domain.type=\u0422\u0438\u043f \u0448\u0438\u0440\u043e\u043a\u043e\u0432\u0435\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u043c\u0435\u043d\u0430
 label.broadcast.uri=\u0428\u0438\u0440\u043e\u043a\u043e\u0432\u0435\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 URI
 label.broadcat.uri=\u0428\u0438\u0440\u043e\u043a\u043e\u0432\u0435\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 URI
 label.by.account=\u041f\u043e \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438
 label.by.alert.type=\u041f\u043e \u0442\u0438\u043f\u0443 \u0442\u0440\u0435\u0432\u043e\u0433\u0438
-label.by.availability=\u041f\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438
+label.by.availability=\u041f\u043e \u043d\u0430\u043b\u0438\u0447\u0438\u044e
 label.by.date.end=\u041f\u043e \u0434\u0430\u0442\u0435(\u043a\u043e\u043d\u0435\u0446)
 label.by.date.start=\u041f\u043e \u0434\u0430\u0442\u0435(\u043d\u0430\u0447\u0430\u043b\u043e)
-label.by.domain=\u0414\u043e \u0434\u043e\u043c\u0435\u043d\u0443
-label.by.end.date=\u041f\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044e
+label.by.domain=\u041f\u043e \u0434\u043e\u043c\u0435\u043d\u0430\u043c
+label.by.end.date=\u041f\u043e \u0434\u0430\u0442\u0435 \u043e\u043a\u043e\u043d\u0447\u0430\u043d\u0438\u044f
 label.by.event.type=\u041f\u043e \u0442\u0438\u043f\u0443 \u0441\u043e\u0431\u044b\u0442\u0438\u044f
 label.by.level=\u041f\u043e \u0443\u0440\u043e\u0432\u043d\u044e
 label.by.pod=\u041f\u043e \u0441\u0442\u0435\u043d\u0434\u0443
-label.by.role=\u041f\u043e \u0440\u043e\u043b\u0438
-label.by.start.date=\u041f\u043e \u043d\u0430\u0447\u0430\u043b\u0443
+label.by.role=\u041f\u043e \u0440\u043e\u043b\u044f\u043c
+label.by.start.date=\u041f\u043e \u0434\u0430\u0442\u0435 \u043d\u0430\u0447\u0430\u043b\u0430
 label.by.state=\u041f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e
-label.bytes.received=\u0411\u0430\u0439\u0442 \u043f\u043e\u043b\u0443\u0447\u0435\u043d
+label.bytes.received=\u0411\u0430\u0439\u0442 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e
 label.bytes.sent=\u0411\u0430\u0439\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e
 label.by.traffic.type=\u041f\u043e \u0442\u0438\u043f\u0443 \u0442\u0440\u0430\u0444\u0438\u043a\u0430
 label.by.type.id=\u041f\u043e \u0442\u0438\u043f\u0443 ID
 label.by.type=\u041f\u043e \u0442\u0438\u043f\u0443
 label.by.zone=\u041f\u043e \u0437\u043e\u043d\u0435
 label.cancel=\u041e\u0442\u043c\u0435\u043d\u0430
-label.capacity=\u041c\u043e\u0449\u043d\u043e\u0441\u0442\u044c
+label.capacity.bytes=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e Bytes
+label.capacity.iops=\u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e IOPS
+label.capacity=\u0415\u043c\u043a\u043e\u0441\u0442\u044c
 label.certificate=\u0421\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442
-label.change.service.offering=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
+label.change.service.offering=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0440\u0435\u0441\u0443\u0440\u0441 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f
 label.change.value=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435
 label.character=\u0421\u0438\u043c\u0432\u043e\u043b\u043e\u0432
 label.cidr.account=CIDR \u0438\u043b\u0438 \u0443\u0447\u0451\u0442\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c/\u0433\u0440\u0443\u043f\u043f\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438
@@ -386,7 +397,7 @@ label.CIDR.of.destination.network=CIDR \u0441\u0435\u0442\u0438 \u043d\u0430\u04
 label.clean.up=\u041e\u0447\u0438\u0441\u0442\u0438\u0442\u044c
 label.clear.list=\u041e\u0447\u0438\u0441\u0442\u0438\u0442\u044c \u0441\u043f\u0438\u0441\u043e\u043a
 label.close=\u0417\u0430\u043a\u0440\u044b\u0442\u044c
-label.cloud.console=\u041a\u043e\u043d\u0441\u043e\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u043b\u0430\u043a\u043e\u043c
+label.cloud.console=\u041f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u043b\u0430\u043a\u043e\u043c
 label.cloud.managed=\u041f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f
 label.cluster.name=\u0418\u043c\u044f \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430
 label.clusters=\u041a\u043b\u0430\u0441\u0442\u0435\u0440\u044b
@@ -397,9 +408,9 @@ label.code=\u041a\u043e\u0434
 label.community=\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e
 label.compute.and.storage=\u0412\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u044f \u0438 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
 label.compute.offerings=\u0423\u0441\u043b\u0443\u0433\u0438 \u0432\u044b\u0447\u0435\u0441\u043b\u0435\u043d\u0438\u044f
-label.compute.offering=\u0412\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u044c \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0435
+label.compute.offering=\u0423\u0441\u043b\u0443\u0433\u0430 \u0432\u044b\u0447\u0435\u0441\u043b\u0435\u043d\u0438\u044f
 label.compute=\u0412\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0435
-label.configuration=\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f
+label.configuration=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438
 label.configure.network.ACLs=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 ACL \u0441\u0435\u0442\u0438
 label.configure=\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c
 label.configure.vpc=\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c VPC
@@ -407,9 +418,10 @@ label.confirmation=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\
 label.confirm.password=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u043f\u0430\u0440\u043e\u043b\u044c
 label.congratulations=\u041f\u043e\u0437\u0434\u0440\u0430\u0432\u043b\u044f\u0435\u043c\!
 label.conserve.mode=\u042d\u043a\u043e\u043d\u043e\u043c\u0438\u0447\u043d\u044b\u0439 \u0440\u0435\u0436\u0438\u043c
-label.console.proxy=\u041f\u0440\u043e\u043a\u0441\u0438
+label.console.proxy=\u041f\u0440\u043e\u043a\u0441\u0438 \u043a\u043e\u043d\u0441\u043e\u043b\u0438
 label.continue.basic.install=\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c \u043f\u0440\u043e\u0441\u0442\u0443\u044e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443
 label.continue=\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c
+label.copying.iso=\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 ISO
 label.corrections.saved=\u0418\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u044b
 label.cpu.allocated.for.VMs=\u0420\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043e \u0426\u041f\u0423 \u0434\u043b\u044f \u0412\u041c
 label.cpu.allocated=\u0420\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043e \u0426\u041f\u0423
@@ -417,7 +429,7 @@ label.CPU.cap=CPU Cap
 label.cpu=CPU
 label.cpu.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f CPU
 label.cpu.mhz=CPU (\u0432 \u041c\u0433\u0446)
-label.cpu.utilized=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 CPU
+label.cpu.utilized=\u0417\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043e CPU
 label.created.by.system=\u0421\u043e\u0437\u0434\u0430\u043d\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439
 label.created=\u0421\u043e\u0437\u0434\u0430\u043d\u043e
 label.create.project=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u043f\u0440\u043e\u0435\u043a\u0442
@@ -425,18 +437,19 @@ label.create.template=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0448\u0430\u0
 label.create.VPN.connection=\u0421\u043e\u0437\u0434\u0430\u0442\u044c VPN \u043f\u043e\u0434\u043b\u044e\u0447\u0435\u043d\u0438\u0435
 label.cross.zones=\u041e\u0431\u0449\u0438\u0435 \u0434\u043b\u044f \u0437\u043e\u043d
 label.custom.disk.iops=\u0421\u0432\u043e\u0435 \u043a\u043e\u043b-\u0432\u043e IPOS
-label.custom.disk.size=\u0421\u0432\u043e\u0439 \u0440\u0430\u0437\u043c\u0435\u0440 \u0434\u0438\u0441\u043a\u0430
+label.custom.disk.size=\u041f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u043c\u0435\u0440 \u0434\u0438\u0441\u043a\u0430
 label.daily=\u0415\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e
-label.data.disk.offering=\u0414\u0430\u043d\u043d\u044b\u0435 \u0434\u0438\u0441\u043a\u0430
+label.data.disk.offering=\u0423\u0441\u043b\u0443\u0433\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u0438\u0441\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430
 label.date=\u0414\u0430\u0442\u0430
 label.day.of.month=\u0414\u0435\u043d\u044c \u043c\u0435\u0441\u044f\u0446\u0430
 label.day.of.week=\u0414\u0435\u043d\u044c \u043d\u0435\u0434\u0435\u043b\u0438
 label.dead.peer.detection=Dead Peer Detection
 label.decline.invitation=\u041e\u0442\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u0435
 label.dedicated=\u0412\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0439
+label.default.egress.policy=\u0418\u0441\u0445\u043e\u0434\u044f\u0449\u0430\u044f \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e
 label.default=\u041f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e
-label.default.use=\u041f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e
-label.default.view=\u041e\u0431\u044b\u0447\u043d\u044b\u0439 \u0432\u0438\u0434
+label.default.use=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e
+label.default.view=\u0421\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0439 \u0432\u0438\u0434
 label.delete.affinity.group=\u0423\u0434\u0430\u043b\u0438\u0442\u044c affinity group
 label.delete.alerts=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0442\u0440\u0435\u0432\u043e\u0433\u0438
 label.delete.BigSwitchVns=\u0423\u0434\u0430\u043b\u0438\u0442\u044c BigSwitch VNC \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440
@@ -446,6 +459,7 @@ label.delete.gateway=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0448\u043b\u04
 label.delete.NetScaler=\u0423\u0434\u0430\u043b\u0438\u0442\u044c NetScaler
 label.delete.NiciraNvp=\u0423\u0434\u0430\u043b\u0438\u0442\u044c Nvp \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440
 label.delete.PA=\u0423\u0434\u0430\u043b\u0438\u0442\u044c Palo Alto
+label.delete.profile=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u043e\u0444\u0438\u043b\u044c
 label.delete.project=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u043e\u0435\u043a\u0442
 label.delete.SRX=\u0423\u0434\u0430\u043b\u0438\u0442\u044c SRX
 label.delete=\u0423\u0434\u0430\u043b\u0438\u0442\u044c
@@ -460,18 +474,23 @@ label.destination.physical.network.id=ID \u0446\u0435\u043b\u0435\u0432\u043e\u0
 label.destination.zone=\u0426\u0435\u043b\u0435\u0432\u0430\u044f \u0437\u043e\u043d\u0430
 label.destroy.router=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0440\u043e\u0443\u0442\u0435\u0440
 label.destroy=\u0423\u043d\u0438\u0447\u0442\u043e\u0436\u0438\u0442\u044c
-label.detaching.disk=\u041e\u0442\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u0435 \u0434\u0438\u0441\u043a\u0430
+label.detaching.disk=\u041e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0434\u0438\u0441\u043a\u0430
 label.details=\u0414\u0435\u0442\u0430\u043b\u0438
 label.device.id=ID \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430
 label.devices=\u0423\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e
 label.dhcp=DHCP
 label.DHCP.server.type=\u0422\u0438\u043f \u0441\u0435\u0440\u0432\u0435\u0440\u0430 DHCP
+label.direct.attached.public.ip=\u0412\u044b\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 IP
 label.direct.ips=\u041f\u0440\u044f\u043c\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430
+label.disable.autoscale=\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043c\u0430\u0448\u0442\u0430\u0431\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435
 label.disabled=\u0412\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u043e
+label.disable.host=\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0445\u043e\u0441\u0442
+label.disable.network.offering=\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u043b\u0443\u0433\u0438
 label.disable.provider=\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430
+label.disable.vpc.offering=\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 VPC
 label.disable.vpn=\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c VPN
-label.disabling.vpn.access=\u0412\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a VPN
-label.disk.allocated=\u0420\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043e \u0434\u0438\u0441\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430
+label.disabling.vpn.access=\u0414\u0435\u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f VPN \u0434\u043e\u0441\u0442\u0443\u043f\u0430
+label.disk.allocated=\u0417\u0430\u043d\u044f\u0442\u043e \u0434\u0438\u0441\u043a\u043e\u0432\u043e\u0435 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430
 label.disk.bytes.read.rate=\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0447\u0442\u0435\u043d\u0438\u044f \u0434\u0438\u0441\u043a\u0430 (BPS)
 label.disk.bytes.write.rate=\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u0438 \u0434\u0438\u0441\u043a\u0430 (BPS)
 label.disk.iops.max=\u041c\u0430\u043a\u0441. IOPS
@@ -479,13 +498,13 @@ label.disk.iops.min=\u041c\u0438\u043d. IOPS
 label.disk.iops.read.rate=\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u0438 \u0434\u0438\u0441\u043a\u0430 (IOPS)
 label.disk.iops.total=\u0412\u0441\u0435\u0433\u043e IOPS
 label.disk.iops.write.rate=\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u0438 \u0434\u0438\u0441\u043a\u0430 (IOPS)
-label.disk.offering=\u0414\u0438\u0441\u043a\u043e\u0432\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
+label.disk.offering=\u0423\u0441\u043b\u0443\u0433\u0430 \u0434\u0438\u0441\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430
 label.disk.read.bytes=\u041f\u0440\u043e\u0447\u0438\u0442\u0430\u043d\u043e \u0441 \u0434\u0438\u0441\u043a\u0430 (\u0411\u0430\u0439\u0442)
 label.disk.read.io=\u041f\u0440\u043e\u0447\u0438\u0442\u0430\u043d\u043e \u0441 \u0434\u0438\u0441\u043a\u0430 (IO)
 label.disk.size.gb=\u0420\u0430\u0437\u043c\u0435\u0440 \u0434\u0438\u0441\u043a\u0430 (\u0432 \u0413\u0411)
 label.disk.size=\u0420\u0430\u0437\u043c\u0435\u0440 \u0434\u0438\u0441\u043a\u0430
-label.disk.total=\u0412\u0441\u0435\u0433\u043e \u0432 \u0434\u0438\u0441\u043a\u0430\u0445
-label.disk.volume=\u0422\u043e\u043c \u0434\u0438\u0441\u043a\u0430
+label.disk.total=\u0420\u0430\u0437\u043c\u0435\u0440 \u0434\u0438\u0441\u043a\u0430
+label.disk.volume=\u041e\u0431\u044a\u0435\u043c \u0434\u0438\u0441\u043a\u0430
 label.disk.write.bytes=\u0417\u0430\u043f\u0438\u0441\u0430\u043d\u043e \u043d\u0430 \u0434\u0438\u0441\u043a (\u0411\u0430\u0439\u0442)
 label.disk.write.io=\u0417\u0430\u043f\u0438\u0441\u0430\u043d\u043e \u043d\u0430 \u0434\u0438\u0441\u043a (IO)
 label.display.name=\u041e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u043c\u043e\u0435 \u0438\u043c\u044f
@@ -496,35 +515,43 @@ label.dns=DNS
 label.DNS.domain.for.guest.networks=DNS \u0434\u043e\u043c\u0435\u043d \u0434\u043b\u044f \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0441\u0435\u0442\u0438
 label.domain.admin=\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440 \u0434\u043e\u043c\u0435\u043d\u0430
 label.domain.id=ID \u0434\u043e\u043c\u0435\u043d\u0430
+label.domain.lower=\u0414\u043e\u043c\u0435\u043d
 label.domain.name=\u0418\u043c\u044f \u0434\u043e\u043c\u0435\u043d\u0430
 label.domain.router=\u041c\u0430\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440
 label.domain.suffix=\u0421\u0443\u0444\u0444\u0438\u043a\u0441 \u0434\u043e\u043c\u0435\u043d\u0430 DNS (\u043d\u043f\u0440. xyz.com)
 label.domain=\u0414\u043e\u043c\u0435\u043d
 label.done=\u0413\u043e\u0442\u043e\u0432\u043e
-label.double.quotes.are.not.allowed=\u0414\u0432\u043e\u0439\u043d\u044b\u0435 \u043a\u0430\u0432\u044b\u0447\u043a\u0438 \u0437\u0430\u043f\u0440\u0435\u0449\u0435\u043d\u044b
+label.double.quotes.are.not.allowed=\u0414\u0432\u043e\u0439\u043d\u044b\u0435 \u043a\u0430\u0432\u044b\u0447\u043a\u0438 \u043d\u0435 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0442\u0441\u044f
 label.download.progress=\u0421\u0442\u0430\u0442\u0443\u0441 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438
 label.drag.new.position=\u041f\u0435\u0440\u0435\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u043d\u0430 \u043d\u043e\u0432\u0443\u044e \u043f\u043e\u0437\u0438\u0446\u0438\u044e
+label.dynamically.scalable=\u0414\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435
 label.edit.affinity.group=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c affinity group
 label.edit.lb.rule=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c LB \u043f\u0440\u0430\u0432\u0438\u043b\u0430
 label.edit.network.details=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0435\u0442\u0430\u043b\u0438 \u0441\u0435\u0442\u0438
 label.edit.project.details=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0435\u0442\u0430\u043b\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430
+label.edit.region=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0433\u0438\u043e\u043d
 label.edit.tags=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u044d\u0433\u0438
 label.edit.traffic.type=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0442\u0438\u043f \u0442\u0440\u0430\u0444\u0438\u043a\u0430
 label.edit=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c
 label.edit.vpc=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c VPC
 label.egress.default.policy=\u0418\u0441\u0445\u043e\u0434\u044f\u0449\u0430\u044f \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e
 label.egress.rules=\u0418\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430
-label.egress.rule=\u0412\u044b\u0445\u043e\u0434\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
+label.egress.rule=\u0412\u0445\u043e\u0434\u044f\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
 label.elastic.IP=\u0413\u0438\u0431\u043a\u0438\u0439 IP
 label.elastic.LB=\u0413\u0438\u0431\u043a\u0438\u0439 LB
 label.elastic=\u0413\u0438\u0431\u043a\u0438\u0439
 label.email=E-mail
+label.email.lower=E-mail
+label.enable.autoscale=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043c\u0430\u0448\u0442\u0430\u0431\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435
+label.enable.host=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0445\u043e\u0441\u0442
+label.enable.network.offering=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u0443\u0441\u043b\u0443\u0433\u0443
 label.enable.provider=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430
 label.enable.s3=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c S3-\u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
 label.enable.swift=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c Swift
+label.enable.vpc.offering=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 VPC
 label.enable.vpn=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c VPN
-label.enabling.vpn.access=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a VPN
-label.enabling.vpn=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 VPN
+label.enabling.vpn.access=\u0410\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e VPN
+label.enabling.vpn=\u0410\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f VPN
 label.end.IP=\u041a\u043e\u043d\u0435\u0447\u043d\u044b\u0439 IP
 label.endpoint.or.operation=\u041a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0442\u043e\u0447\u043a\u0430 \u0438\u043b\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044f
 label.endpoint=\u041a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0442\u043e\u0447\u043a\u0430
@@ -539,47 +566,51 @@ label.ESP.lifetime=\u0412\u0440\u0435\u043c\u044f \u0436\u0438\u0437\u043d\u0438
 label.ESP.policy=\u041f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 ESP
 label.esx.host=\u0423\u0437\u0435\u043b ESX/ESXi
 label.example=\u041f\u0440\u0438\u043c\u0435\u0440
+label.expunge=\u0423\u0434\u0430\u043b\u0451\u043d
 label.external.link=\u0412\u043d\u0435\u0448\u043d\u0435\u0435 \u043f\u043e\u0434\u043b\u044e\u0447\u0435\u043d\u0438\u0435
 label.extractable=\u0418\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u043c\u044b\u0439
 label.f5=F5
 label.failed=\u041d\u0435\u0443\u0434\u0430\u0447\u043d\u043e
-label.featured=\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439
+label.featured=\u041d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0439
 label.fetch.latest=\u0412\u044b\u0431\u043e\u0440\u043a\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445
 label.filterBy=\u0424\u0438\u043b\u044c\u0442\u0440\u043e\u0432\u0430\u0442\u044c
 label.firewall=\u0424\u0430\u0435\u0440\u0432\u043e\u043b
+label.firstname.lower=\u0418\u043c\u044f
 label.first.name=\u0418\u043c\u044f
 label.format=\u0424\u043e\u0440\u043c\u0430\u0442
 label.friday=\u041f\u044f\u0442\u043d\u0438\u0446\u0430
 label.full.path=\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0443\u0442\u044c
 label.full=\u041f\u043e\u043b\u043d\u044b\u0439
 label.gateway=\u0428\u043b\u044e\u0437
-label.general.alerts=\u041e\u0431\u0449\u0438\u0435 \u0442\u0440\u0435\u0432\u043e\u0433\u0438
-label.generating.url=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 URL
-label.gluster.volume=\u0422\u043e\u043c
+label.general.alerts=\u041e\u0431\u0449\u0438\u0435 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f
+label.generating.url=\u0421\u043e\u0437\u0434\u0430\u0442\u044c URL
+label.gluster.volume=\u0414\u0438\u0441\u043a
 label.go.step.2=\u041f\u0435\u0440\u0435\u0439\u0442\u0438 \u043a \u0448\u0430\u0433\u0443 2
 label.go.step.3=\u041f\u0435\u0440\u0435\u0439\u0442\u0438 \u043a \u0448\u0430\u0433\u0443 3
 label.go.step.4=\u041f\u0435\u0440\u0435\u0439\u0442\u0438 \u043a \u0448\u0430\u0433\u0443 4
 label.go.step.5=\u041f\u0435\u0440\u0435\u0439\u0442\u0438 \u043a \u0448\u0430\u0433\u0443 5
 label.gpu=CPU
-label.group.optional=\u0413\u0440\u0443\u043f\u043f\u0430 (\u043e\u043f\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e)
+label.group.optional=\u0413\u0440\u0443\u043f\u043f\u0430 (\u043f\u043e \u0436\u0435\u043b\u0430\u043d\u0438\u044e)
 label.group=\u0413\u0440\u0443\u043f\u043f\u0430
+label.gslb.lb.details=\u0414\u0435\u0442\u0430\u043b\u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
+label.gslb.lb.rule=\u041f\u0440\u0430\u0432\u0438\u043b\u043e \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
 label.guest.cidr=\u0413\u043e\u0441\u0442\u0435\u0432\u043e\u0439 CIDR
 label.guest.end.ip=\u041a\u043e\u043d\u0435\u0447\u043d\u044b\u0439 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 IP.
 label.guest.gateway=\u0428\u043b\u044e\u0437
-label.guest.ip.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432
-label.guest.ip=\u0413\u043e\u0441\u0442\u0435\u0432\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430
+label.guest.ip.range=\u0413\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0430\u0434\u0440\u0435\u0441\u043e\u0432
+label.guest.ip=\u0413\u043e\u0441\u0442\u0435\u0432\u043e\u0439 IP \u0430\u0434\u0440\u0435\u0441
 label.guest.netmask=\u0413\u043e\u0441\u0442\u0435\u0432\u0430\u044f \u0441\u0435\u0442\u0435\u0432\u0430\u044f \u043c\u0430\u0441\u043a\u0430
 label.guest.networks=\u0413\u043e\u0441\u0442\u0435\u0432\u044b\u0435 \u0441\u0435\u0442\u0438
 label.guest.start.ip=\u041d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 IP
 label.guest.traffic=\u0413\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a
 label.guest.type=\u0422\u0438\u043f \u0433\u043e\u0441\u0442\u044f
 label.guest=\u0413\u043e\u0441\u0442\u044c
-label.ha.enabled=HA \u0432\u043a\u043b\u044e\u0447\u0435\u043d
+label.ha.enabled=\u041e\u0442\u043a\u0430\u0437\u043e\u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u044c \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430
 label.help=\u041f\u043e\u043c\u043e\u0449\u044c
 label.hide.ingress.rule=\u0421\u043a\u0440\u044b\u0442\u044c \u0432\u0445\u043e\u0434\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
 label.hints=\u041f\u043e\u0434\u0441\u043a\u0430\u0437\u043a\u0438
 label.home=\u0413\u043b\u0430\u0432\u043d\u0430\u044f
-label.host.alerts=\u0422\u0440\u0435\u0432\u043e\u0433\u0438 \u0443\u0437\u043b\u0430
+label.host.alerts=\u041e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0443\u0437\u043b\u0430
 label.host.MAC=MAC \u0443\u0437\u043b\u0430
 label.host.name=\u0418\u043c\u044f \u0443\u0437\u043b\u0430
 label.hosts=\u0423\u0437\u043b\u044b
@@ -616,14 +647,14 @@ label.installWizard.addZone.title=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u04
 label.installWizard.click.launch=\u041a\u043b\u0438\u043a\u043d\u0438\u0442\u0435 \u043d\u0430 \u043a\u043d\u043e\u043f\u043a\u0443 \u0437\u0430\u043f\u0443\u0441\u043a\u0430
 label.installWizard.subtitle=\u042d\u0442\u043e \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442 \u0432\u0430\u0448 CloudStack.
 label.installWizard.title=\u0417\u0434\u0440\u0430\u0432\u0441\u0442\u0432\u0443\u0439\u0442\u0435 \u0438 \u0434\u043e\u0431\u0440\u043e \u043f\u043e\u0436\u0430\u043b\u043e\u0432\u0430\u0442\u044c \u0432 CloudStack\!
-label.instance.limits=\u041f\u0440\u0435\u0434\u0435\u043b\u044b \u043c\u0430\u0448\u0438\u043d\u044b
+label.instance.limits=\u041b\u0438\u043c\u0438\u0442 \u043c\u0430\u0448\u0438\u043d
 label.instance.name=\u0418\u043c\u044f \u043c\u0430\u0448\u0438\u043d\u044b
 label.instances=\u041c\u0430\u0448\u0438\u043d\u044b
 label.instance=\u041c\u0430\u0448\u0438\u043d\u0430
 label.internal.dns.1=\u0412\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 DNS 1
 label.internal.dns.2=\u0412\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 DNS 2
 label.internal.name=\u0412\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0435 \u0438\u043c\u044f
-label.interval.type=\u0422\u0438\u043f \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430
+label.interval.type=\u0422\u0438\u043f \u0438\u043d\u0442\u0435\u0440\u0432\u0430\u043b\u0430
 label.introduction.to.cloudstack=\u0412\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0432 CloudStack
 label.invalid.integer=\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u0446\u0435\u043b\u043e\u0435 \u0447\u0438\u0441\u043b\u043e
 label.invalid.number=\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e
@@ -633,12 +664,12 @@ label.invite.to=\u041f\u0440\u0438\u0433\u043b\u0430\u0441\u0438\u0442\u044c
 label.invite=\u041f\u0440\u0438\u0433\u043b\u0430\u0441\u0438\u0442\u044c
 label.ip.address=IP-\u0430\u0434\u0440\u0435\u0441
 label.ipaddress=IP-\u0430\u0434\u0440\u0435\u0441
-label.ip.allocations=\u0420\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f IP
+label.ip.allocations=\u0410\u0434\u0440\u0435\u0441\u043d\u043e\u0435 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u043e
 label.ip=IP
-label.ip.limits=\u041f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 IP
+label.ip.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0445 IP
 label.ip.or.fqdn=IP \u0438\u043b\u0438 FQDN
 label.ip.ranges=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u044b IP
-label.ip.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP
+label.ip.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP \u0430\u0434\u0440\u0435\u0441\u043e\u0432
 label.IPsec.preshared.key=IPsec Preshared-Key
 label.ips=IP
 label.iscsi=iSCSI
@@ -649,11 +680,11 @@ label.isolated.networks=\u0418\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u
 label.isolation.method=\u041c\u0435\u0442\u043e\u0434 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438
 label.isolation.mode=\u0420\u0435\u0436\u0438\u043c \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438
 label.isolation.uri=\u0418\u0437\u043e\u043b\u044f\u0446\u0438\u044f URI
-label.is.redundant.router=\u0420\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0439
-label.is.shared=\u043e\u0431\u0449\u0438\u0435
-label.is.system=\u0415\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0430
+label.is.redundant.router=\u0413\u043e\u0440\u044f\u0447\u0430\u044f \u0437\u0430\u043c\u0435\u043d\u0430
+label.is.shared=\u041e\u0431\u0449\u0438\u0439
+label.is.system=\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435
 label.item.listing=\u0421\u043f\u0438\u0441\u043e\u043a \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432
-label.keep=\u0425\u0440\u0430\u043d\u0438\u0442\u044c
+label.keep=\u0421\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c
 label.keyboard.type=\u0422\u0438\u043f \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b
 label.key=\u041a\u043b\u044e\u0447
 label.kvm.traffic.label=\u041c\u0435\u0442\u043a\u0430 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 KVM
@@ -664,8 +695,9 @@ label.lang.japanese=\u042f\u043f\u043e\u043d\u0441\u043a\u0438\u0439
 label.lang.korean=\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0439
 label.lang.russian=\u0420\u0443\u0441\u0441\u043a\u0438\u0439
 label.lang.spanish=\u0418\u0441\u043f\u0430\u043d\u0441\u043a\u0438\u0439
-label.last.disconnected=\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435
-label.last.name=\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0438\u043c\u044f
+label.last.disconnected=\u0412\u0440\u0435\u043c\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0442\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f
+label.lastname.lower=\u0424\u0430\u043c\u0438\u043b\u0438\u044f
+label.last.name=\u0424\u0430\u043c\u0438\u043b\u0438\u044f
 label.latest.events=\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u044f
 label.launch=\u0417\u0430\u043f\u0443\u0441\u043a
 label.launch.vm=\u0417\u0430\u043f\u0443\u0441\u043a \u0412\u041c
@@ -676,24 +708,26 @@ label.lb.algorithm.source=\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a
 label.LB.isolation=\u0418\u0437\u043e\u043b\u044f\u0446\u0438\u044f LB
 label.level=\u0423\u0440\u043e\u0432\u0435\u043d\u044c
 label.linklocal.ip=\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 IP \u0430\u0434\u0440\u0435\u0441
-label.load.balancer=\u0411\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
+label.load.balancer=\u0411\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
 label.load.balancing.policies=\u041f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
 label.load.balancing=\u0411\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
 label.loading=\u0417\u0430\u0433\u0440\u0443\u0437\u043a\u0430
 label.local.storage.enabled=\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e
 label.local.storage=\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
 label.local=\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439
-label.login=\u0412\u0445\u043e\u0434
-label.logout=\u0412\u044b\u0445\u043e\u0434
+label.login=\u0412\u043e\u0439\u0442\u0438
+label.logout=\u0412\u044b\u0439\u0442\u0438
 label.lun=LUN
 label.LUN.number=LUN \#
 label.make.project.owner=\u0421\u0434\u0435\u043b\u0430\u0442\u044c \u0430\u043a\u043a\u0430\u0443\u043d\u0442 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u043c \u043f\u0440\u043e\u0435\u043a\u0442\u0430
+label.managed=\u0423\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0439
 label.management.ips=\u041f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f IP \u0430\u0434\u0440\u0435\u0441\u0441\u0430\u043c\u0438
+label.management.server=\u0421\u0435\u0440\u0432\u0435\u0440 \u0443\u043f\u0440\u0430\u043b\u0435\u043d\u0438\u044f
 label.management=\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435
 label.manage.resources=\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438
 label.manage=\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435
-label.max.cpus=\u041c\u0430\u043a\u0441. \u044f\u0434\u0435\u0440 \u0426\u041f
-label.max.guest.limit=\u041f\u0440\u0435\u0434\u0435\u043b \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u0433\u043e\u0441\u0442\u0435\u0439
+label.max.cpus=\u041c\u0430\u043a\u0441. \u044f\u0434\u0435\u0440 CPU
+label.max.guest.limit=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u0433\u043e\u0441\u0442\u0435\u0439
 label.maximum=\u041c\u0430\u043a\u0441\u0438\u043c\u0443\u043c
 label.max.memory=\u041c\u0430\u043a\u0441. \u043f\u0430\u043c\u044f\u0442\u0438 (\u0432 \u041c\u0438\u0411)
 label.max.networks=\u041c\u0430\u043a\u0441\u0438\u043c\u0443\u043c \u0441\u0435\u0442\u0435\u0439
@@ -703,56 +737,57 @@ label.max.secondary.storage=\u041c\u0430\u043a\u0441. \u0432\u0442\u043e\u0440\u
 label.max.snapshots=\u041c\u0430\u043a\u0441. \u0441\u043d\u0438\u043c\u043a\u043e\u0432
 label.max.templates=\u041c\u0430\u043a\u0441. \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432
 label.max.vms=\u041c\u0430\u043a\u0441. \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0412\u041c
-label.max.volumes=\u041c\u0430\u043a\u0441. \u0442\u043e\u043c\u043e\u0432
+label.max.volumes=\u041c\u0430\u043a\u0441. \u0434\u0438\u0441\u043a\u043e\u0432
 label.max.vpcs=\u041c\u0430\u043a\u0441. VPC
 label.may.continue=\u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c.
 label.md5.checksum=\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c MD5 \u0441\u0443\u043c\u043c\u0443
-label.memory.allocated=\u0420\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043e \u043f\u0430\u043c\u044f\u0442\u0438
+label.memory.allocated=\u0412\u044b\u0434\u0435\u043b\u0435\u043d\u043e \u043f\u0430\u043c\u044f\u0442\u0438
 label.memory.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 (\u0432 \u041c\u0438\u0411)
 label.memory.mb=\u041f\u0430\u043c\u044f\u0442\u044c (\u0432 \u041c\u0411)
 label.memory.total=\u0412\u0441\u0435\u0433\u043e \u043f\u0430\u043c\u044f\u0442\u0438
 label.memory=\u041f\u0430\u043c\u044f\u0442\u044c
 label.memory.used=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438
 label.menu.accounts=\u0423\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438
-label.menu.alerts=\u0422\u0440\u0435\u0432\u043e\u0433\u0438
+label.menu.alerts=\u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f
 label.menu.all.accounts=\u0412\u0441\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438
 label.menu.all.instances=\u0412\u0441\u0435 \u043c\u0430\u0448\u0438\u043d\u044b
 label.menu.community.isos=ISO-\u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430
 label.menu.community.templates=\u0428\u0430\u0431\u043b\u043e\u043d\u044b \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430
-label.menu.configuration=\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f
-label.menu.dashboard=\u0413\u043b\u0430\u0432\u043d\u0430\u044f
+label.menu.configuration=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438
+label.menu.dashboard=\u041f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f
 label.menu.destroyed.instances=\u0423\u043d\u0438\u0447\u0442\u043e\u0436\u0435\u043d\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b
-label.menu.disk.offerings=\u041f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u0438\u0441\u043a\u043e\u0432
+label.menu.disk.offerings=\u0423\u0441\u043b\u0443\u0433\u0438 \u0434\u0438\u0441\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430
 label.menu.domains=\u0414\u043e\u043c\u0435\u043d\u044b
 label.menu.events=\u0421\u043e\u0431\u044b\u0442\u0438\u044f
 label.menu.featured.isos=\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u044b\u0435 ISO
 label.menu.featured.templates=\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u044b\u0435 \u0448\u0430\u0431\u043b\u043e\u043d\u044b
-label.menu.global.settings=\u0413\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438
-label.menu.infrastructure=\u0418\u043d\u0444\u043e\u0440\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430
+label.menu.global.settings=\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438
+label.menu.infrastructure=\u0418\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430
 label.menu.instances=\u041c\u0430\u0448\u0438\u043d\u044b
-label.menu.ipaddresses=IP-\u0430\u0434\u0440\u0435\u0441\u0430
+label.menu.ipaddresses=IP \u0430\u0434\u0440\u0435\u0441\u0430
 label.menu.isos=ISO
 label.menu.my.accounts=\u041c\u043e\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438
 label.menu.my.instances=\u041c\u043e\u0438 \u043c\u0430\u0448\u0438\u043d\u044b
 label.menu.my.isos=\u041c\u043e\u0438 ISO
 label.menu.my.templates=\u041c\u043e\u0438 \u0448\u0430\u0431\u043b\u043e\u043d\u044b
-label.menu.network.offerings=\u041f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0438
+label.menu.network.offerings=\u0423\u0441\u043b\u0443\u0433\u0438 \u0441\u0435\u0442\u0438
 label.menu.network=\u0421\u0435\u0442\u044c
 label.menu.physical.resources=\u0424\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b
 label.menu.regions=\u0420\u0435\u0433\u0438\u043e\u043d
-label.menu.running.instances=\u0417\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b
-label.menu.security.groups=\u0413\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438
-label.menu.service.offerings=\u0423\u0441\u043b\u0443\u0433\u0438
+label.menu.running.instances=\u0420\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043c\u0430\u0448\u0438\u043d\u044b
+label.menu.security.groups=Security Groups
+label.menu.service.offerings=\u0423\u0441\u043b\u0443\u0433\u0438 \u0441\u043b\u0443\u0436\u0431
 label.menu.snapshots=\u0421\u043d\u0438\u043c\u043a\u0438
 label.menu.stopped.instances=\u041e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b
 label.menu.storage=\u0425\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
 label.menu.system.service.offerings=\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b
 label.menu.system=\u0421\u0438\u0441\u0442\u0435\u043c\u0430
-label.menu.system.vms=\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0412\u041c
+label.menu.system.vms=\u0421\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0435 \u0412\u041c
 label.menu.templates=\u0428\u0430\u0431\u043b\u043e\u043d\u044b
-label.menu.virtual.appliances=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430
+label.menu.virtual.appliances=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430
 label.menu.virtual.resources=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b
-label.menu.volumes=\u0417\u043d\u0430\u0447\u0435\u043d\u0438\u044f
+label.menu.volumes=\u0414\u0438\u0441\u043a\u0438
+label.menu.vpc.offerings=\u0423\u0441\u043b\u0443\u0433\u0438 VPS
 label.migrate.instance.to.host=\u041f\u0435\u0440\u0435\u043d\u043e\u0441 \u043c\u0430\u0448\u0438\u043d\u044b \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u0437\u0435\u043b
 label.migrate.instance.to.ps=\u041f\u0435\u0440\u0435\u043d\u043e\u0441 \u043c\u0430\u0448\u0438\u043d\u044b \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
 label.migrate.instance.to=\u041f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u043c\u0430\u0448\u0438\u043d\u0443 \u0432
@@ -761,11 +796,13 @@ label.migrate.systemvm.to=\u041f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438
 label.migrate.to.host=\u041f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u043d\u0430 \u0443\u0437\u0435\u043b
 label.migrate.to.storage=\u041f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u043d\u0430 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
 label.migrate.volume.to.primary.storage=\u041f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u0442\u043e\u043c \u0432 \u0434\u0440\u0443\u0433\u043e\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
+label.migrate.volume=\u041f\u0435\u0440\u0435\u043d\u043e\u0441 \u0434\u0438\u0441\u043a\u0430
 label.minimum=\u041c\u0438\u043d\u0438\u043c\u0443\u043c
+label.minute.past.hour=\u041c\u0438\u043d\u0443\u0442
 label.mode=\u0420\u0435\u0436\u0438\u043c
 label.monday=\u041f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a
-label.monthly=\u041a\u0430\u0436\u0434\u044b\u0439 \u043c\u0435\u0441\u044f\u0446
-label.more.templates=\u0411\u043e\u043b\u044c\u0448\u0435 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432
+label.monthly=\u0415\u0436\u0435\u043c\u0435\u0441\u044f\u0447\u043d\u043e
+label.more.templates=\u0415\u0449\u0435 \u0448\u0430\u0431\u043b\u043e\u043d\u044b
 label.move.down.row=\u041f\u0435\u0440\u0435\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u043d\u0430 \u043e\u0434\u043d\u0443 \u0441\u0442\u0440\u043e\u043a\u0443 \u043d\u0438\u0436\u0435
 label.move.to.bottom=\u041f\u0435\u0440\u0435\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0432\u043d\u0438\u0437
 label.move.to.top=\u041f\u0435\u0440\u0435\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u043d\u0430 \u0441\u0430\u043c\u044b\u0439 \u0432\u0435\u0440\u0445
@@ -774,27 +811,28 @@ label.my.account=\u041c\u043e\u044f \u0443\u0447\u0451\u0442\u043d\u0430\u044f \
 label.my.network=\u041c\u043e\u044f \u0441\u0435\u0442\u044c
 label.my.templates=\u041c\u043e\u0438 \u0448\u0430\u0431\u043b\u043e\u043d\u044b
 label.name.lower=\u0418\u043c\u044f
-label.name.optional=\u0418\u043c\u044f (\u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e)
+label.name.optional=\u0418\u043c\u044f (\u043f\u043e \u0436\u0435\u043b\u0430\u043d\u0438\u044e)
 label.name=\u0418\u043c\u044f
-label.nat.port.range=NAT \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u043f\u043e\u0440\u0442\u043e\u0432
+label.nat.port.range=\u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u043f\u043e\u0440\u0442\u043e\u0432 NAT
 label.netmask=\u0421\u0435\u0442\u0435\u0432\u0430\u044f \u043c\u0430\u0441\u043a\u0430
 label.netScaler=NetScaler
 label.network.ACL=ACL \u0441\u0435\u0442\u0438
 label.network.ACLs=\u0421\u0435\u0442\u0435\u0432\u044b\u0435 ACL
 label.network.ACL.total=\u0412\u0441\u0435\u0433\u043e ACL \u0441\u0435\u0442\u0438
+label.network.addVM=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0442\u044c \u0432 \u0412\u041c
 label.network.desc=\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438
 label.network.device.type=\u0422\u0438\u043f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430
 label.network.device=\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e
-label.network.domain.text=\u0422\u0435\u043a\u0441\u0442 \u0434\u043e\u043c\u0435\u043d\u0430 \u0441\u0435\u0442\u0438
+label.network.domain.text=\u0414\u043e\u043c\u0435\u043d \u0441\u0435\u0442\u0438
 label.network.domain=\u0414\u043e\u043c\u0435\u043d \u0441\u0435\u0442\u0438
 label.network.id=ID \u0441\u0435\u0442\u0438
 label.networking.and.security=\u0421\u0435\u0442\u044c \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c
 label.network.label.display.for.blank.value=\u0418\u0441\u043f. \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0448\u043b\u044e\u0437
 label.network.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0438
 label.network.name=\u0418\u043c\u044f \u0441\u0435\u0442\u0438
-label.network.offering.display.text=\u0441\u0435\u0442\u044c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u041e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u0442\u0435\u043a\u0441\u0442\u0430
-label.network.offering.id=\u0441\u0435\u0442\u044c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0443\u044e ID
-label.network.offering.name=\u0441\u0435\u0442\u044c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0418\u043c\u044f
+label.network.offering.display.text=\u041e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u043c\u044b\u0439 \u0442\u0435\u043a\u0441\u0442 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0443\u0441\u043b\u0443\u0433\u0438
+label.network.offering.id=ID \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0443\u0441\u043b\u0443\u0433\u0438
+label.network.offering.name=\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0443\u0441\u043b\u0443\u0433\u0438
 label.network.offering=\u0421\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u043b\u0443\u0433\u0438
 label.network.rate.megabytes=\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0441\u0435\u0442\u0438  (MB/s)
 label.network.rate=\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0441\u0435\u0442\u0438
@@ -818,12 +856,12 @@ label.nicira.controller.address=\u0410\u0434\u0440\u0435\u0441 \u043a\u043e\u043
 label.nicira.l3gatewayserviceuuid=L3 Gateway Service Uuid
 label.nicira.transportzoneuuid=Transport Zone Uuid
 label.nics=\u0421\u0435\u0442\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 (NIC)
-label.no.actions=\u041d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439
+label.no.actions=\u041d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439
 label.no.alerts=\u0422\u0440\u0435\u0432\u043e\u0433 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e
 label.no.data=\u041d\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043a\u0430\u0437\u0430
 label.no.errors=\u041e\u0448\u0438\u0431\u043e\u043a \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e
 label.no.isos=\u041d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 ISO
-label.no.items=\u041d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432
+label.no.items=\u041d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043f\u0443\u043d\u043a\u0442\u043e\u0432
 label.none=\u041d\u0435\u0442
 label.no.security.groups=\u041d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0433\u0440\u0443\u043f\u043f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c
 label.not.found=\u041d\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u043e
@@ -833,24 +871,27 @@ label.no=\u041d\u0435\u0442
 label.number.of.clusters=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432
 label.number.of.hosts=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0443\u0437\u043b\u043e\u0432
 label.number.of.pods=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0441\u0442\u0435\u043d\u0434\u043e\u0432
-label.number.of.system.vms=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d
+label.number.of.system.vms=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0412\u041c
 label.number.of.virtual.routers=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432
 label.number.of.zones=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u043e\u043d
-label.num.cpu.cores=\u041a\u043e\u043b. CPU
+label.num.cpu.cores=\u041a\u043e\u043b-\u0432\u043e \u044f\u0434\u0435\u0440 CPU
 label.numretries=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u043f\u044b\u0442\u043e\u043a
 label.ocfs2=OCFS2
-label.offer.ha=\u041f\u0440\u0435\u0434\u043e\u0441\u0442. HA
+label.offer.ha=\u0423\u0441\u043b\u0443\u0433\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u043e\u0439 \u043e\u0442\u043a\u0430\u0437\u043e\u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438
 label.ok=OK
-label.optional=\u041d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e
+label.optional=\u041f\u043e \u0436\u0435\u043b\u0430\u043d\u0438\u044e
 label.order=\u041e\u0447\u0435\u0440\u0435\u0434\u044c
 label.os.preference=\u041f\u0440\u0435\u0434\u043f\u043e\u0447\u0442\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u041e\u0421
 label.os.type=\u0422\u0438\u043f \u041e\u0421
-label.owned.public.ips=\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430
-label.owner.account=\u0423\u0447\u0451\u0442\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430
-label.owner.domain=\u0414\u043e\u043c\u0435\u043d \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430
+label.owned.public.ips=\u041f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0435 IP \u0430\u0434\u0440\u0435\u0441\u0430
+label.owner.account=\u0425\u043e\u0437\u044f\u0438\u043d \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438
+label.owner.domain=\u0425\u043e\u0437\u044f\u0438\u043d \u0434\u043e\u043c\u0435\u043d\u0430
 label.parent.domain=\u0420\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0434\u043e\u043c\u0435\u043d
 label.password.enabled=\u041f\u0430\u0440\u043e\u043b\u044c \u0432\u043a\u043b\u044e\u0447\u0435\u043d
+label.password.lower=\u041f\u0430\u0440\u043e\u043b\u044c
+label.password.reset.confirm=\u041f\u0430\u0440\u043e\u043b\u044c \u0431\u044b\u043b \u0441\u0431\u0440\u043e\u0448\u0435\u043d \u0432
 label.password=\u041f\u0430\u0440\u043e\u043b\u044c
+label.PA=static NAT
 label.path=\u041f\u0443\u0442\u044c
 label.perfect.forward.secrecy=Perfect Forward Secrecy
 label.physical.network.ID=ID \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0442\u0438
@@ -860,33 +901,34 @@ label.PING.CIFS.username=\u0418\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e
 label.PING.dir=\u041a\u0430\u0442\u0430\u043b\u043e\u0433 PING
 label.PING.storage.IP=IP \u0430\u0434\u0440\u0435\u0441 PING-\u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
 label.please.specify.netscaler.info=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 NetScaler
-label.please.wait=\u041f\u043e\u0434\u043e\u0436\u0434\u0438\u0442\u0435
+label.please.wait=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0436\u043e\u0436\u0434\u0438\u0442\u0435
 label.plugin.details=\u0414\u0435\u0442\u0430\u043b\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430
 label.plugins=\u041f\u043b\u0430\u0433\u0438\u043d\u044b
 label.pod.name=\u0418\u043c\u044f \u0441\u0442\u0435\u043d\u0434\u0430
 label.pods=\u0421\u0442\u0435\u043d\u0434\u044b
 label.pod=\u0421\u0442\u0435\u043d\u0434
-label.port.forwarding.policies=\u041f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u043f\u0440\u043e\u0431\u0440\u043e\u0441\u0430 \u043f\u043e\u0440\u0442\u043e\u0432
-label.port.forwarding=\u041f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u043e\u0432
+label.port.forwarding.policies=\u041f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u0440\u0442\u043e\u0432
+label.port.forwarding=\u041f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0440\u0442\u043e\u0432
 label.port.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u043f\u043e\u0440\u0442\u043e\u0432
 label.PreSetup=\u041f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430
 label.previous=\u041f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0439
 label.prev=\u041f\u0440\u0435\u0434\u044b\u0434\u0443\u0448\u0438\u0439
-label.primary.allocated=\u0420\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
+label.primary.allocated=\u0412\u044b\u0434\u0435\u043b\u0435\u043d\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
 label.primary.network=\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u0441\u0435\u0442\u044c
-label.primary.storage.count=\u041f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u0439 \u0430\u0440\u0445\u0438\u0432 \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f
-label.primary.storage.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 (\u0432 \u0413\u0438\u0411)
+label.primary.storage.count=\u041f\u0443\u043b \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
+label.primary.storage.limits=\u041b\u0438\u043c\u0438\u0442 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 (GiB)
 label.primary.storage=\u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
-label.primary.used=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
+label.primary.used=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
 label.private.Gateway=\u0427\u0430\u0441\u0442\u043d\u044b\u0439 \u0448\u043b\u044e\u0437
 label.private.interface=\u0427\u0430\u0441\u0442\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441
-label.private.ip.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0447\u0430\u0441\u0442\u043d\u044b\u0445 IP
+label.private.ip.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0447\u0430\u0441\u0442\u043d\u044b\u0445 IP \u0430\u0434\u0440\u0435\u0441\u043e\u0432
 label.private.ips=\u0427\u0430\u0441\u0442\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430
 label.private.ip=\u0427\u0430\u0441\u0442\u043d\u044b\u0439 IP-\u0430\u0434\u0440\u0435\u0441
 label.privatekey=\u0427\u0430\u0441\u0442\u043d\u044b\u0439 \u043a\u043b\u044e\u0447 PKCS\#8
 label.private.network=\u0427\u0430\u0441\u0442\u043d\u0430\u044f \u0441\u0435\u0442\u044c
 label.private.port=\u0427\u0430\u0441\u0442\u043d\u044b\u0439 \u043f\u043e\u0440\u0442
 label.private.zone=\u0427\u0430\u0441\u0442\u043d\u0430\u044f \u0437\u043e\u043d\u0430
+label.profile=\u041f\u0440\u043e\u0444\u0438\u043b\u044c
 label.project.dashboard=\u041f\u0430\u043d\u0435\u043b\u044c \u043f\u0440\u043e\u0435\u043a\u0442\u0430
 label.project.id=ID \u043f\u0440\u043e\u0435\u043a\u0442\u0430
 label.project.invite=\u041f\u0440\u0438\u0433\u043b\u0430\u0441\u0438\u0442\u044c \u0432 \u043f\u0440\u043e\u0435\u043a\u0442
@@ -896,33 +938,37 @@ label.project=\u041f\u0440\u043e\u0435\u043a\u0442
 label.project.view=\u041f\u0440\u043e\u0435\u043a\u0442\u044b
 label.protocol=\u041f\u0440\u043e\u0442\u043e\u043a\u043e\u043b
 label.providers=\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438
-label.public.interface=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441
+label.provider=\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438
+label.public.interface=\u0412\u043d\u0435\u0448\u043d\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441
 label.public.ips=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430
 label.public.ip=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 IP-\u0430\u0434\u0440\u0435\u0441
 label.public.network=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u0430\u044f \u0441\u0435\u0442\u044c
 label.public.port=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u043f\u043e\u0440\u0442
 label.public.traffic=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a
 label.public=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439
-label.public.zone=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u0430\u044f \u0437\u043e\u043d\u0430
+label.public.zone=\u0412\u043d\u0435\u0448\u043d\u044f\u044f \u0437\u043e\u043d\u0430
 label.purpose=\u041d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435
 label.Pxe.server.type=\u0422\u0438\u043f \u0441\u0435\u0440\u0432\u0435\u0440\u0430 PXE
 label.qos.type=\u0422\u0438\u043f QoS
 label.quickview=\u0411\u044b\u0441\u0442\u0440\u044b\u0439 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440
 label.reboot=\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c
 label.recent.errors=\u041f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438
+label.recover.vm=\u0412\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0412\u041c
 label.redundant.router.capability=\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u0440\u043e\u0443\u0442\u0435\u0440\u0430
 label.redundant.router=\u0420\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0439 \u0440\u043e\u0443\u0442\u0435\u0440
 label.redundant.state=\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0440\u0435\u0437\u0435\u0440\u0432\u0430
 label.refresh=\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c
 label.region=\u0420\u0435\u0433\u0438\u043e\u043d
+label.reinstall.vm=\u041f\u0435\u0440\u0435\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0412\u041c
 label.related=\u0421\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439
 label.remind.later=\u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u0442\u044c \u043f\u043e\u0437\u0436\u0435
 label.remove.ACL=\u0423\u0434\u0430\u043b\u0438\u0442\u044c ACL
-label.remove.egress.rule=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0432\u044b\u0445\u043e\u0434\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
-label.remove.from.load.balancer=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443 \u0441 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
-label.remove.ingress.rule=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0432\u0445\u043e\u0434\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
+label.remove.egress.rule=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
+label.remove.from.load.balancer=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443 \u0438\u0437 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430
+label.remove.ingress.rule=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
 label.remove.ip.range=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP
-label.remove.pf=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u043f\u0440\u043e\u0431\u0440\u043e\u0441\u0430 \u043f\u043e\u0440\u0442\u0430
+label.remove.network.offering=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u0443\u0441\u043b\u0443\u0433\u0443
+label.remove.pf=\u0414\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0440\u0442\u0430
 label.remove.project.account=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u043f\u0440\u043e\u0435\u043a\u0442\u0430
 label.remove.region=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0440\u0435\u0433\u0438\u043e\u043d
 label.remove.rule=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e
@@ -930,17 +976,23 @@ label.remove.static.nat.rule=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u
 label.remove.static.route=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u044b\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442
 label.remove.tier=\u0423\u0434\u0430\u043b\u0438\u0442\u044c tier
 label.remove.vm.from.lb=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0412\u041c \u0441 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
+label.remove.vm.load.balancer=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0412\u041c \u0441 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
+label.remove.vpc.offering=\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 VPC
 label.remove.vpc=\u0423\u0434\u0430\u043b\u0438\u0442\u044c VPC
 label.removing=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435
 label.removing.user=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
 label.required=\u0422\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f
+label.reserved.ip.range=\u0417\u0430\u0440\u0435\u0437\u0435\u0440\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 IP \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d
 label.reserved.system.gateway=\u0417\u0430\u0440\u0435\u0437\u0435\u0440\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0448\u043b\u044e\u0437
 label.reserved.system.ip=\u0417\u0430\u0440\u0435\u0437\u0435\u0440\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 IP
 label.reserved.system.netmask=\u0417\u0430\u0440\u0435\u0437\u0435\u0440\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0430\u044f \u043c\u0430\u0441\u043a\u0430
+label.resetVM=\u0421\u0431\u0440\u043e\u0441 \u0412\u041c
 label.reset.VPN.connection=\u0412\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c VPN \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435
-label.resize.new.offering.id=New Offering
+label.resize.new.offering.id=\u041d\u043e\u0432\u0430\u044f \u0443\u0441\u043b\u0443\u0433\u0430
+label.resize.new.size=\u041d\u043e\u0432\u044b\u0439 \u0440\u0430\u0437\u043c\u0435\u0440 (GB)
 label.resize.shrink.ok=Shrink OK
-label.resource.limits=\u041f\u0440\u0435\u0434\u0435\u043b\u044b \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432
+label.resource.limit.exceeded=\u041f\u0440\u0435\u0432\u044b\u0448\u0435\u043d \u043b\u0438\u043c\u0438\u0442 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432
+label.resource.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432
 label.resource.state=\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432
 label.resources=\u0420\u0435\u0441\u0443\u0440\u0441\u044b
 label.resource=\u0420\u0435\u0441\u0443\u0440\u0441
@@ -951,12 +1003,13 @@ label.restore=\u0412\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c
 label.review=\u041e\u0431\u0437\u043e\u0440
 label.revoke.project.invite=\u041e\u0442\u043e\u0437\u0432\u0430\u0442\u044c \u043f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u0435
 label.role=\u0420\u043e\u043b\u044c
-label.root.disk.controller=\u041a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0433\u043e \u0434\u0438\u0441\u043a\u0430
-label.root.disk.offering=\u0420\u0435\u0441\u0443\u0440\u0441 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0433\u043e \u0434\u0438\u0441\u043a\u0430
+label.root.disk.controller=\u041a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0434\u0438\u0441\u043a\u0430
+label.root.disk.offering=\u0423\u0441\u043b\u0443\u0433\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0434\u0438\u0441\u043a\u0430
 label.root.disk.size=\u0420\u0430\u0437\u043c\u0435\u0440 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0434\u0438\u0441\u043a\u0430
 label.routing=\u041c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u044f
+label.rule.number=\u041d\u043e\u043c\u0435\u0440 \u043f\u0440\u0430\u0432\u0438\u043b\u0430
 label.rules=\u041f\u0440\u0430\u0432\u0438\u043b\u0430
-label.running.vms=\u0417\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u0412\u041c
+label.running.vms=\u0420\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u0412\u041c
 label.s3.access_key=\u041a\u043b\u044e\u0447 \u0434\u043e\u0441\u0442\u0443\u043f\u0430
 label.s3.bucket=Bucket
 label.s3.connection_timeout=\u041f\u0440\u0435\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u044f \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f
@@ -965,18 +1018,18 @@ label.s3.nfs.path=S3 NFS \u043f\u0443\u0442\u044c
 label.s3.nfs.server=S3 NFS \u0421\u0435\u0440\u0432\u0435\u0440
 label.s3.secret_key=\u0421\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0439 \u043a\u043b\u044e\u0447
 label.s3.socket_timeout=\u041f\u0440\u0435\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u044f \u0441\u043e\u043a\u0435\u0442\u0430
-label.s3.use_https=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 HTTPS
+label.s3.use_https=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c HTTPS
 label.saturday=\u0421\u0443\u0431\u0431\u043e\u0442\u0430
 label.save.and.continue=\u0421\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c \u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c
 label.save=\u0421\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c
 label.saving.processing=\u0421\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435...
 label.scope=\u041e\u0445\u0432\u0430\u0442
 label.search=\u041f\u043e\u0438\u0441\u043a
-label.secondary.storage.count=\u0412\u0442\u043e\u0440\u0438\u0447\u043d\u044b\u0439 \u0430\u0440\u0445\u0438\u0432 \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f
-label.secondary.storage.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 (\u0432 \u0413\u0438\u0411)
+label.secondary.storage.count=\u041f\u0443\u043b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
+label.secondary.storage.limits=\u041b\u0438\u043c\u0438\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 (GiB)
 label.secondary.storage=\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
 label.secondary.storage.vm=\u0412\u0442\u043e\u0440\u0438\u0447\u043d\u044b\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440
-label.secondary.used=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
+label.secondary.used=\u0417\u0430\u043d\u044f\u0442\u043e \u043d\u0430 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439
 label.secret.key=\u0421\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0439 \u043a\u043b\u044e\u0447
 label.security.group.name=\u0418\u043c\u044f \u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438
 label.security.groups.enabled=\u0413\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b
@@ -984,11 +1037,13 @@ label.security.groups=\u0413\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u0
 label.security.group=\u0413\u0440\u0443\u043f\u043f\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438
 label.select.a.template=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0448\u0430\u0431\u043b\u043e\u043d
 label.select.a.zone=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0437\u043e\u043d\u0443
-label.select.instance.to.attach.volume.to=\u0412\u044b\u0431\u0438\u0440\u0438\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u044c\u0435\u043c\u0430
-label.select.instance=\u0412\u044b\u0431\u0438\u0440\u0438\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440
+label.select.instance.to.attach.volume.to=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043c\u0430\u0448\u0438\u043d\u0443 \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0438\u0441\u043a\u0430
+label.select.instance=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043c\u0430\u0448\u0438\u043d\u0443
 label.select.iso.or.template=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 ISO \u0438\u043b\u0438 \u0448\u0430\u0431\u043b\u043e\u043d
-label.select.offering=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0435
+label.select.offering=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0443\u0441\u043b\u0443\u0433\u0443
 label.select.project=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043f\u0440\u043e\u0435\u043a\u0442
+label.select.region=\u0412\u044b\u0431\u0440\u0430\u0442\u044c \u0440\u0435\u0433\u0438\u043e\u043d
+label.select.template=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0448\u0430\u0431\u043b\u043e\u043d
 label.select.tier=\u0412\u044b\u0431\u0440\u0430\u0442\u044c Tier
 label.select=\u0412\u044b\u0431\u0440\u0430\u0442\u044c
 label.select-view=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0432\u0438\u0434
@@ -999,19 +1054,24 @@ label.service.capabilities=\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u044
 label.service.offering=\u0421\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
 label.service.state=\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0441\u043b\u0443\u0436\u0431
 label.session.expired=\u0412\u0440\u0435\u043c\u044f \u0441\u0435\u0441\u0441\u0438\u0438 \u0432\u044b\u0448\u043b\u043e
+label.set.default.NIC=\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c NIC \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e
+label.settings=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438
 label.setup.network=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u0435\u0442\u0438
 label.setup=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430
 label.set.up.zone.type=\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0442\u0438\u043f \u0437\u043e\u043d\u044b
 label.setup.zone=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0437\u043e\u043d\u044b
-label.SharedMountPoint=\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f\u0422\u043e\u0447\u043a\u0430\u0414\u043e\u0441\u0442\u0443\u043f\u0430
+label.SharedMountPoint=SharedMountPoint
 label.shared=\u041e\u0431\u0449\u0438\u0439
-label.show.ingress.rule=\u041f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u0445\u043e\u0434\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
+label.show.advanced.settings=\u041f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438
+label.show.ingress.rule=\u041f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e
 label.shutdown.provider=\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430
+label.site.to.site.VPN=Site-to-site VPN
 label.size=\u0420\u0430\u0437\u043c\u0435\u0440
-label.skip.guide=\u042f \u0443\u0436\u0435 \u0432\u0435\u043b\u0438\u043a\u0438\u0439 \u043c\u0430\u0441\u0442\u0435\u0440 CloudStack, \u043f\u0440\u043e\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u043e \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e
-label.snapshot.limits=\u041f\u0440\u0435\u0434\u0435\u043b\u044b \u0441\u043d\u0438\u043c\u043a\u043e\u0432
+label.skip.guide=\u042f \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b CloudStack, \u043f\u0440\u043e\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u043e \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e
+label.snapshot.limits=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0441\u043d\u0438\u043c\u043a\u043e\u0432
 label.snapshot.name=\u0418\u043c\u044f \u0441\u043d\u0438\u043c\u043a\u0430
 label.snapshot.schedule=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u0435\u043c\u044b\u0445 \u0441\u043d\u0438\u043c\u043a\u043e\u0432
+label.snapshot.s=\u0421\u043d\u0438\u043c\u043a\u0438
 label.snapshots=\u0421\u043d\u0438\u043c\u043a\u0438
 label.snapshot=\u0421\u043d\u0438\u043c\u043e\u043a
 label.source.nat=Source NAT
@@ -1041,27 +1101,28 @@ label.step.4=\u0428\u0430\u0433 4
 label.step.5.title=Step 5\: <strong>\u041e\u0431\u0437\u043e\u0440</strong>
 label.step.5=\u0428\u0430\u0433 5
 label.stickiness=\u041b\u0438\u043f\u043a\u0438\u0439
-label.sticky.cookie-name=Cookie \u0438\u043c\u044f
+label.sticky.cookie-name=Cookie name
 label.sticky.domain=\u0414\u043e\u043c\u0435\u043d
 label.sticky.expire=\u0418\u0441\u0442\u0435\u043a\u0430\u0435\u0442
-label.sticky.holdtime=\u0432\u0440\u0435\u043c\u044f \u0443\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u044f
+label.sticky.holdtime=\u0412\u0440\u0435\u043c\u044f \u0443\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u044f
 label.sticky.indirect=\u041a\u043e\u0441\u0432\u0435\u043d\u043d\u044b\u0439
 label.sticky.length=\u0414\u043b\u0438\u043d\u0430
 label.sticky.mode=\u0420\u0435\u0436\u0438\u043c
 label.sticky.nocache=\u041d\u0435\u0442 \u043a\u044d\u0448\u0430
-label.sticky.postonly=\u0421\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0442\u043e\u043b\u044c\u043a\u043e
+label.sticky.postonly=\u0422\u043e\u043b\u044c\u043a\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435
 label.sticky.prefix=\u041f\u0440\u0435\u0444\u0438\u043a\u0441
 label.sticky.request-learn=\u0422\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u0435.
 label.sticky.tablesize=\u0420\u0430\u0437\u043c\u0435\u0440 \u0442\u0430\u0431\u043b\u0438\u0446\u044b
 label.stopped.vms=\u041e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0412\u041c
 label.stop=\u041e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c
+label.storage.pool=\u041f\u0443\u043b \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
 label.storage.tags=\u041c\u0435\u0442\u043a\u0438 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
 label.storage.traffic=\u0422\u0440\u0430\u0444\u0438\u043a \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
 label.storage.type=\u0422\u0438\u043f \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
 label.storage=\u0425\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
 label.subdomain.access=\u0414\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u043e\u0434\u0434\u043e\u043c\u0435\u043d\u0443
 label.submitted.by=[\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043e\: <span id\="submitted_by"></span>]
-label.submit=\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c
+label.submit=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u044c
 label.succeeded=\u0423\u0441\u043f\u0435\u0448\u043d\u043e
 label.sunday=\u0412\u043e\u0441\u043a\u0440\u0435\u0441\u0435\u043d\u044c\u0435
 label.super.cidr.for.guest.networks=Super CIDR \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0441\u0435\u0442\u0438
@@ -1069,18 +1130,19 @@ label.supported.services=\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\
 label.supported.source.NAT.type=\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0442\u0438\u043f\u044b NAT-\u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0430
 label.suspend.project=\u041f\u0440\u0438\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0435\u043a\u0442
 label.switch.type=\u0422\u0438\u043f \u0441\u0432\u0438\u0447\u0430
-label.system.capacity=\u041c\u043e\u0449\u043d\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b
-label.system.offering=\u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f
+label.system.capacity=\u0415\u043c\u043a\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b
+label.system.offering=\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b
 label.system.service.offering=\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441
-label.system.vms=\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0412\u041c
-label.system.vm.type=\u0422\u0438\u043f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0439 \u0412\u041c
-label.system.vm=\u0421\u0438\u0441\u0442\u0435\u043c\u043d\u0430\u044f \u0412\u041c
-label.system.wide.capacity=\u041e\u0431\u0449\u0435\u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u0430
-label.tagged=\u0421 \u043c\u0435\u0442\u043a\u043e\u0439
+label.system.vm.details=\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0441\u0441\u043b\u0443\u0436\u0435\u0431\u043d\u043e\u0439 \u0412\u041c
+label.system.vms=\u0421\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0435 \u0412\u041c
+label.system.vm.type=\u0422\u0438\u043f \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u043e\u0439 \u0412\u041c
+label.system.vm=\u0421\u043b\u0443\u0436\u0435\u0431\u043d\u0430\u044f \u0412\u041c
+label.system.wide.capacity=\u041e\u0431\u0449\u0435\u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0430\u044f \u0435\u043c\u043a\u043e\u0441\u0442\u044c
+label.tagged=\u0422\u044d\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439
 label.tags=\u041c\u0435\u0442\u043a\u0438
 label.target.iqn=\u0426\u0435\u043b\u0435\u0432\u043e\u0439 IQN
 label.task.completed=\u0417\u0430\u0434\u0430\u0447\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0430
-label.template.limits=\u041f\u0440\u0435\u0434\u0435\u043b\u044b \u0448\u0430\u0431\u043b\u043e\u043d\u0430
+label.template.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432
 label.template=\u0428\u0430\u0431\u043b\u043e\u043d
 label.TFTP.dir=\u041a\u0430\u0442\u0430\u043b\u043e\u0433 TFTP
 label.theme.default=\u0421\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u0430\u044f \u0442\u0435\u043c\u0430
@@ -1093,18 +1155,21 @@ label.time=\u0412\u0440\u0435\u043c\u044f
 label.time.zone=\u0427\u0430\u0441\u043e\u0432\u043e\u0439 \u043f\u043e\u044f\u0441
 label.timezone=\u0427\u0430\u0441\u043e\u0432\u043e\u0439 \u043f\u043e\u044f\u0441
 label.token=\u0422\u0430\u043b\u043e\u043d
-label.total.cpu=\u0412\u0441\u0435\u0433\u043e CPU
-label.total.CPU=\u0412\u0441\u0435\u0433\u043e CPU
+label.total.cpu=\u0412\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432
+label.total.CPU=\u0412\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432
 label.total.hosts=\u0412\u0441\u0435\u0433\u043e \u0443\u0437\u043b\u043e\u0432
 label.total.memory=\u0412\u0441\u0435\u0433\u043e \u043f\u0430\u043c\u044f\u0442\u0438
+label.total.of.ip=\u0412\u0441\u0435\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432
 label.total.of.vm=\u0412\u0441\u0435\u0433\u043e \u0412\u041c
-label.total.storage=\u0412\u0441\u0435\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449
+label.total.storage=\u0412\u0441\u0435\u0433\u043e \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f
+label.total.virtual.routers=\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432
 label.total.vms=\u0412\u0441\u0435\u0433\u043e \u0412\u041c
 label.traffic.label=\u0422\u0440\u0430\u0444\u0438\u043a
 label.traffic.types=\u0422\u0438\u043f\u044b \u0442\u0440\u0430\u0444\u0438\u043a\u0430
 label.traffic.type=\u0422\u0438\u043f \u0442\u0440\u0430\u0444\u0438\u043a\u0430
 label.tuesday=\u0412\u0442\u043e\u0440\u043d\u0438\u043a
 label.type.id=ID \u0442\u0438\u043f\u0430
+label.type.lower=\u0422\u0438\u043f
 label.type=\u0422\u0438\u043f
 label.unavailable=\u041d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e
 label.unlimited=\u0411\u0435\u0441\u043a\u043e\u043d\u0435\u0447\u043d\u043e
@@ -1114,46 +1179,52 @@ label.update.ssl.cert= \u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u
 label.update.ssl= \u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b SSL
 label.updating=\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435
 label.upload=\u0417\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c
-label.upload.volume=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043e\u0431\u044a\u0435\u043c
+label.upload.volume=\u0417\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c  \u0434\u0438\u0441\u043a
 label.url=URL
-label.usage.interface=\u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f
+label.usage.interface=\u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438
+label.usage.server=\u0421\u0435\u0440\u0432\u0435\u0440 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438
 label.used=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043e
+label.username.lower=\u0418\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
 label.username=\u0418\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f
 label.users=\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438
 label.user=\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c
+label.use.vm.ips=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0412\u041c IPs
 label.use.vm.ip=\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 IP \u0412\u041c\:
 label.value=\u0417\u043d\u0430\u0447\u0435\u043d\u0438\u0435
-label.vcdcname=\u0418\u043c\u044f vCenter DC
-label.vcenter.cluster=\u041a\u043b\u0430\u0441\u0442\u0435\u0440 vCenter
-label.vcenter.datacenter=\u0426\u041e\u0414 vCenter
-label.vcenter.datastore=\u0425\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 vCenter
-label.vcenter.host=\u0423\u0437\u0435\u043b vCenter
-label.vcenter.password=\u041f\u0430\u0440\u043e\u043b\u044c vCenter
-label.vcenter.username=\u0418\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f vCenter
-label.vcipaddress=vCenter IP \u0410\u0434\u0440\u0435\u0441\u0441
+label.vcdcname=vCenter DC name
+label.vcenter.cluster=vCenter Cluster
+label.vcenter.datacenter=vCenter Datacenter
+label.vcenter.datastore=vCenter Datastore
+label.vcenter.host=vCenter Host
+label.vcenter.password=vCenter Password
+label.vcenter.username=vCenter Username
+label.vcipaddress=vCenter IP Address
 label.version=\u0412\u0435\u0440\u0441\u0438\u044f
+label.vgpu.remaining.capacity=\u041e\u0441\u0442\u0430\u0448\u0438\u0435\u0441\u044f \u0435\u043c\u043a\u043e\u0441\u0442\u044c
 label.view.all=\u041f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0432\u0441\u0451
 label.view.console=\u041f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u043a\u043e\u043d\u0441\u043e\u043b\u044c
 label.viewing=\u041f\u0440\u043e\u0441\u043c\u043e\u0442\u0440
 label.view.more=\u041f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0435
-label.view.secondary.ips=\u041f\u0440\u043e\u0441\u043c\u043e\u0442\u0440 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432
-label.view=\u0412\u0438\u0434
+label.view.secondary.ips=\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430
+label.view=\u041f\u0440\u043e\u0441\u043c\u043e\u0442\u0440
 label.virtual.appliances=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430
 label.virtual.appliance=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e
 label.virtual.machines=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b
+label.virtual.networking=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0430t \u0441\u0435\u0442\u0438
 label.virtual.network=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0430\u044f \u0441\u0435\u0442\u044c
-label.virtual.routers=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0443\u0442\u0435\u0440
+label.virtual.routers=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u043e\u0443\u0442\u0435\u0440\u044b
 label.virtual.router=\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0443\u0442\u0435\u0440
 label.vlan.id=ID VLAN
 label.vlan.only=VLAN
 label.vlan.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d VLAN
 label.vlan=VLAN
 label.vlan.vni.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d VLAN
-label.vm.add=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u044b
+label.vm.add=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
 label.vm.destroy=\u0423\u043d\u0438\u0447\u0442\u043e\u0436\u0438\u0442\u044c
 label.vm.display.name=\u041e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u043c\u043e\u0435 \u0438\u043c\u044f \u0412\u041c
 label.VMFS.datastore=\u0425\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 VMFS
 label.vmfs=VMFS
+label.vm.ip=\u0412\u041c IP-\u0430\u0434\u0440\u0435\u0441
 label.vm.name=\u0418\u043c\u044f VM
 label.vm.reboot=\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c
 label.VMs.in.tier=Tier \u0412\u041c
@@ -1169,12 +1240,17 @@ label.vms=\u0412\u041c
 label.vmware.traffic.label=\u041c\u0435\u0442\u043a\u0430 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 VMware
 label.vnet.id=ID VLAN
 label.vnet=VLAN
-label.volgroup=\u0413\u0440\u0443\u043f\u043f\u0430 \u0442\u043e\u043c\u0430
-label.volume.limits=\u041f\u0440\u0435\u0434\u0435\u043b\u044b \u0442\u043e\u043c\u043e\u0432
+label.volgroup=\u0413\u0440\u0443\u043f\u043f\u0430 \u0434\u0438\u0441\u043a\u0430
+label.volume.details=\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u0434\u0438\u0441\u043a\u0435
+label.volume.limits=\u041b\u0438\u043c\u0438\u0442\u044b \u0434\u0438\u0441\u043a\u043e\u0432
+label.volume.migrated=\u0414\u0438\u0441\u043a \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0451\u043d
 label.volume.name=\u0418\u043c\u044f \u0442\u043e\u043c\u0430
-label.volumes=\u0417\u043d\u0430\u0447\u0435\u043d\u0438\u044f
-label.volume=\u0422\u043e\u043c
+label.volumes=\u0414\u0438\u0441\u043a\u0438
+label.volume=\u0414\u0438\u0441\u043a
 label.vpc.id=VPC ID
+label.VPC.limits=\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f VPC
+label.vpc.offering.details=\u0414\u0435\u0442\u0430\u043b\u0438 \u0443\u0441\u043b\u0443\u0433\u0438 VPC
+label.vpc.offering=\u0423\u0441\u043b\u0443\u0433\u0430 VPC
 label.VPC.router.details=\u0414\u0435\u0442\u0430\u043b\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 VPC
 label.vpc=VPC
 label.VPN.connection=VPN \u043f\u043e\u0434\u043b\u044e\u0447\u0435\u043d\u0438\u0435
@@ -1187,15 +1263,15 @@ label.vsmpktvlanid=\u041f\u0430\u043a\u0435\u0442 VLAN ID
 label.vsmstoragevlanid=\u0425\u0440\u0430\u043d\u0435\u043d\u0438\u0435 VLAN ID
 label.vsphere.managed=\u041e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0435 vSphere
 label.vxlan.id=VXLAN ID
-label.vxlan.range=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d Range
+label.vxlan.range=VXLAN Range
 label.vxlan=VXLAN
 label.waiting=\u041e\u0436\u0438\u0434\u0430\u043d\u0438\u0435
-label.warn=\u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435
+label.warn=\u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435
 label.wednesday=\u0421\u0440\u0435\u0434\u0430
 label.weekly=\u0415\u0436\u0435\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u043e
-label.welcome.cloud.console=\u0414\u043e\u0431\u0440\u043e \u043f\u043e\u0436\u0430\u043b\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f
+label.welcome.cloud.console=\u0414\u043e\u0431\u0440\u043e \u043f\u043e\u0436\u0430\u043b\u043e\u0432\u0430\u0442\u044c \u0432 \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f
 label.welcome=\u0414\u043e\u0431\u0440\u043e \u043f\u043e\u0436\u0430\u043b\u043e\u0432\u0430\u0442\u044c
-label.what.is.cloudstack=\u0427\u0442\u043e \u0442\u0430\u043a\u043e\u0435 CloudStack?
+label.what.is.cloudstack=\u0412\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0432 CloudStack
 label.xenserver.traffic.label=\u041c\u0435\u0442\u043a\u0430 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 XenServer
 label.yes=\u0414\u0430
 label.zone.details=\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0437\u043e\u043d\u044b
@@ -1209,101 +1285,101 @@ label.zone.step.4.title=Step 4\: <strong>\u0414\u043e\u0431\u0430\u0432\u044c\u0
 label.zones=\u0417\u043e\u043d\u044b
 label.zone.type=\u0422\u0438\u043f \u0437\u043e\u043d\u044b
 label.zone=\u0417\u043e\u043d\u0430
-label.zone.wide=\u0412\u0441\u0435\u0439 \u0437\u043e\u043d\u044b
+label.zone.wide=Zone-Wide
 label.zoneWizard.trafficType.guest=\u0413\u043e\u0441\u0442\u0435\u0432\u043e\u0439\: \u0422\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0436\u0434\u0443 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439
 label.zoneWizard.trafficType.management=\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\: \u0422\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0436\u0434\u0443 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c CloudStack, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043b\u044e\u0431\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u0443\u0437\u043b\u044b \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b.
 label.zoneWizard.trafficType.public=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439\: \u0442\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0436\u0434\u0443 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u043e\u043c \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u0432 \u043e\u0431\u043b\u0430\u043a\u0435
-label.zoneWizard.trafficType.storage=\u0425\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435\: \u0422\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0436\u0434\u0443 \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u043c\u0438 \u0438 \u0432\u0442\u043e\u0440\u0438\u0447\u043d\u044b\u043c\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u0448\u0430\u0431\u043b\u043e\u043d\u044b \u0438 \u0441\u043d\u0438\u043c\u043a\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d.
-managed.state=\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f
-message.acquire.ip.nic=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0435\u043b\u0438 \u0431\u044b \u0437\u0430\u043f\u0440\u043e\u0441\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 \u0432\u0442\u043e\u0440\u0438\u0447\u043d\u044b\u0439 IP \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e NIC. <br/>\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435\: \u0412\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043d\u0435\u0434\u0430\u0432\u043d\u043e  \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0439 IP \u0432\u043d\u0443\u0442\u0440\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.
+label.zoneWizard.trafficType.storage=\u0425\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435\: \u0422\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0436\u0434\u0443 \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u043c\u0438 \u0438 \u0432\u0442\u043e\u0440\u0438\u0447\u043d\u044b\u043c\u0438  \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u043b\u0438\u0449\u0430\u043c\u0438, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a \u0448\u0430\u0431\u043b\u043e\u043d\u044b \u0438 \u0441\u043d\u0438\u043c\u043a\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d.
+managed.state=Managed State
+message.acquire.ip.nic=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0435\u043b\u0438 \u0431\u044b \u0437\u0430\u043f\u0440\u043e\u0441\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0439 IP \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u043a\u0430\u0440\u0442\u044b. <br/>\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435\: \u0412\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043d\u0435\u0434\u0430\u0432\u043d\u043e  \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0439 IP \u0432\u043d\u0443\u0442\u0440\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.
 message.acquire.new.ip=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c "\u0431\u0435\u043b\u044b\u0439" IP \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0441\u0435\u0442\u0438.
 message.acquire.new.ip.vpc=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c "\u0431\u0435\u043b\u044b\u0439" IP \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e VPC.
-message.acquire.public.ip=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0437\u043e\u043d\u0443, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u0441\u0442\u0438 \u043d\u043e\u0432\u044b\u0439 IP.
+message.acquire.public.ip=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0437\u043e\u043d\u0443 \u0438\u0437 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c IP \u0430\u0434\u0440\u0435\u0441
 message.action.cancel.maintenance.mode=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043c\u0435\u043d\u0438\u0442\u044c \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f.
-message.action.cancel.maintenance=\u0423\u0437\u0435\u043b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u044b\u0448\u0435\u043b \u0438\u0437 \u0440\u0435\u0436\u0438\u043c\u0430 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f. \u042d\u0442\u043b\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043c\u043e\u0436\u0435\u0442 \u0434\u043b\u0438\u0442\u044c\u0441\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0438\u043d\u0443\u0442.
-message.action.change.service.warning.for.instance=\u0414\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u043e\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430 \u0432\u0430\u0448\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430.
-message.action.change.service.warning.for.router=\u0414\u043b\u044f \u0440\u043e\u0443\u0442\u0435\u0440 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u043e\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430 \u0432\u0430\u0448\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430.
-message.action.delete.cluster=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u043a\u043b\u0430\u0441\u0442\u0435\u0440.
-message.action.delete.disk.offering=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0434\u0438\u0441\u043a\u043e\u0432\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441.
-message.action.delete.domain=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0434\u043e\u043c\u0435\u043d.
-message.action.delete.external.firewall=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0444\u0430\u0435\u0440\u0432\u043e\u043b. \u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435\: \u0435\u0441\u043b\u0438 \u0432\u044b \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442\u0435 \u0432\u0435\u0440\u043d\u0443\u0442\u044c\u0441\u044f \u043a \u044d\u0442\u043e\u043c\u0443 \u0432\u043d\u0435\u0448\u043d\u0435\u043c\u0443 \u0444\u0430\u0435\u0440\u0432\u043e\u043b\u0443 \u043e\u0431\u0440\u0430\u0442\u043d\u043e, \u0432\u0430\u043c \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.
-message.action.delete.external.load.balancer=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0432\u043d\u0435\u0448\u043d\u044e\u044e \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0443 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435\: \u0435\u0441\u043b\u0438 \u0432\u044b \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442\u0435 \u0432\u0435\u0440\u043d\u0443\u0442\u044c\u0441\u044f \u043a \u044d\u0442\u043e\u0439 \u0432\u043d\u0435\u0448\u043d\u0435\u0439 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0435, \u0432\u0430\u043c \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.
-message.action.delete.ingress.rule=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e \u0432\u0445\u043e\u0434\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e.
-message.action.delete.ISO.for.all.zones=\u042d\u0442\u043e ISO, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0432\u0441\u0435\u043c\u0438 \u0437\u043e\u043d\u0430\u043c\u0438. \u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0435\u0433\u043e \u0441\u043e \u0432\u0441\u0435\u0445 \u0437\u043e\u043d.
-message.action.delete.ISO=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 ISO.
-message.action.delete.network=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u0443 \u0441\u0435\u0442\u044c.
-message.action.delete.nexusVswitch=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e nexusVswitch.
-message.action.delete.nic=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 NIC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0442\u0430\u043a\u0436\u0435 \u0443\u0434\u0430\u043b\u0438\u0442 \u0432\u0441\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0438 \u0438\u0437 \u0412\u041c.
-message.action.delete.physical.network=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0435\u0442\u044c
+message.action.cancel.maintenance=\u0412\u0430\u0448 \u0441\u0435\u0440\u0432\u0435\u0440 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0430 \u0432 \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f. \u042d\u0442\u043e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043d\u044f\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0438\u043d\u0443\u0442.
+message.action.change.service.warning.for.instance=\u041f\u0435\u0440\u0435\u0434 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c \u043d\u0430\u0431\u043e\u0440\u0430 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0412\u0430\u0448\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430
+message.action.change.service.warning.for.router=\u0414\u043b\u044f \u0441\u043c\u0435\u043d\u044b \u043d\u0430\u0431\u043e\u0440\u0430 \u0443\u0441\u043b\u0443\u0433 \u0412\u0430\u0448 \u0440\u043e\u0443\u0442\u0435\u0440 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d
+message.action.delete.cluster=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u043a\u043b\u0430\u0441\u0442\u0435\u0440. 
+message.action.delete.disk.offering=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u042b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u0443 \u0443\u0441\u043b\u0443\u0433\u0443 \u0434\u0438\u0441\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430
+message.action.delete.domain=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0434\u043e\u043c\u0435\u043d. 
+message.action.delete.external.firewall=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0444\u0430\u0435\u0440\u0432\u043e\u043b. \u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0435\u043d\u0438\u0435\: \u0415\u0441\u043b\u0438 \u0412\u044b \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c \u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043e\u0431\u0440\u0430\u0442\u043d\u043e \u044d\u0442\u043e\u0442 \u0436\u0435 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0444\u0430\u0435\u0440\u0432\u043e\u043b, \u0412\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u0443\u0434\u0435\u0442\u0435 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 \u044d\u0442\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.
+message.action.delete.external.load.balancer=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0435\u043d\u0438\u0435\: \u0415\u0441\u043b\u0438 \u0412\u044b \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c \u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043e\u0431\u0440\u0430\u0442\u043d\u043e \u044d\u0442\u043e\u0442 \u0436\u0435 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0444\u0430\u0435\u0440\u0432\u043e\u043b, \u0412\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u0443\u0434\u0435\u0442\u0435 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 \u044d\u0442\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435  
+message.action.delete.ingress.rule=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e.
+message.action.delete.ISO.for.all.zones=ISO \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432\u0441\u0435\u043c\u0438 \u0437\u043e\u043d\u0430\u043c\u0438. \u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0435\u0433\u043e \u0438\u0437 \u0432\u0441\u0435\u0445 \u0437\u043e\u043d.
+message.action.delete.ISO=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 ISO. 
+message.action.delete.network=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u043a \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u0443 \u0441\u0435\u0442\u044c.
+message.action.delete.nexusVswitch=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 nexusVswitch.
+message.action.delete.nic=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 NIC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0442\u0430\u043a\u0436\u0435 \u0443\u0434\u0430\u043b\u0438\u0442 \u0432\u0441\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0412\u041c \u0441\u0435\u0442\u0438 .
+message.action.delete.physical.network=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u0443 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0435\u0442\u044c
 message.action.delete.pod=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u0442\u0435\u043d\u0434.
-message.action.delete.primary.storage=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435.
-message.action.delete.secondary.storage=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435.
-message.action.delete.security.group=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u0443 \u0433\u0440\u0443\u043f\u043f\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.
-message.action.delete.service.offering=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441.
-message.action.delete.snapshot=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u043d\u0438\u043c\u043e\u043a.
+message.action.delete.primary.storage=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u043a \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435.
+message.action.delete.secondary.storage=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u043a \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439.
+message.action.delete.security.group=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u043a \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u0443 security group.
+message.action.delete.service.offering=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u042b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u0443 \u0443\u0441\u043b\u0443\u0433\u0443 \u0441\u043b\u0443\u0436\u0431
+message.action.delete.snapshot=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u043a \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u043d\u0438\u043c\u043e\u043a.
 message.action.delete.system.service.offering=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0440\u0435\u0441\u0443\u0440\u0441 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0441\u043b\u0443\u0436\u0431.
-message.action.delete.template.for.all.zones=\u0428\u0430\u0431\u043b\u043e\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432\u043e \u0432\u0441\u0435\u0445 \u0437\u043e\u043d\u0430\u0445. \u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0435\u0433\u043e \u0441\u043e \u0432\u0441\u0435\u0445 \u0437\u043e\u043d.
-message.action.delete.template=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0448\u0430\u0431\u043b\u043e\u043d.
-message.action.delete.volume=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0442\u043e\u043c.
-message.action.delete.zone=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u0443 \u0437\u043e\u043d\u0443.
-message.action.destroy.instance=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u043d\u0438\u0447\u0442\u043e\u0436\u0438\u0442\u044c \u044d\u0442\u0443 \u043c\u0430\u0448\u0438\u043d\u0443.
+message.action.delete.template.for.all.zones=\u042d\u0442\u043e\u0442 \u0448\u0430\u0431\u043b\u043e\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432\u043e \u0432\u0441\u0435\u0445 \u0437\u043e\u043d\u0430\u0445. \u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u043a \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0435\u0433\u043e \u0432\u043e \u0432\u0441\u0435\u0445 \u0437\u043e\u043d\u0430\u0445.
+message.action.delete.template=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u043a \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0448\u0430\u0431\u043b\u043e\u043d.
+message.action.delete.volume=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0442\u044c \u044d\u0442\u043e\u0442 \u0442\u043e\u043c.
+message.action.delete.zone=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0442\u044c \u044d\u0442\u0443 \u0437\u043e\u043d\u0443.
+message.action.destroy.instance=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u043d\u0438\u0447\u0442\u043e\u0436\u0438\u0442\u044c \u044d\u0442\u0443 \u043c\u0430\u0448\u0438\u043d\u0443.
 message.action.destroy.systemvm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435.
-message.action.disable.cluster=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u043a\u043b\u0430\u0441\u0442\u0435\u0440.
-message.action.disable.nexusVswitch=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 nexusVswitch.
+message.action.disable.cluster=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0439 \u043a\u043b\u0430\u0441\u0442\u0435\u0440.
+message.action.disable.nexusVswitch=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u043e nexusVswitch.
 message.action.disable.physical.network=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0435\u0442\u044c.
 message.action.disable.pod=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 \u0437\u043e\u043d\u0443.
-message.action.disable.static.NAT=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u044b\u0439 NAT.
-message.action.disable.zone=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 \u0437\u043e\u043d\u0443
+message.action.disable.static.NAT=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u044e \u0430\u0434\u0440\u0435\u0441\u043e\u0432.
+message.action.disable.zone=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u0443\u044e \u0437\u043e\u043d\u0443.
 message.action.download.iso=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u044d\u0442\u043e\u0442 ISO.
 message.action.download.template=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0448\u0430\u0431\u043b\u043e\u043d.
 message.action.enable.cluster=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u043a\u043b\u0430\u0441\u0442\u0435\u0440.
-message.action.enable.maintenance=\u0423\u0437\u0435\u043b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0448\u0435\u043b \u0432 \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f. \u0414\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u044d\u0442\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0412\u041c \u0432 \u044d\u0442\u043e\u043c \u0443\u0437\u043b\u0435 \u0438 \u043e\u0431\u044b\u0447\u043d\u043e \u0440\u0430\u0432\u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u043c\u0438\u043d\u0443\u0442\u0430\u043c.
-message.action.enable.nexusVswitch=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u043e nexusVswitch.
+message.action.enable.maintenance=\u0412\u0430\u0448 \u0441\u0435\u0440\u0432\u0435\u0440 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d \u0434\u043b\u044f \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f. \u042d\u0442\u043e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043d\u044f\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0438\u043d\u0443\u0442 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043d\u0430 \u043d\u0435\u043c \u0432 \u0434\u0430\u043d\u043d\u043e\u0435 \u0432\u0440\u0435\u043c\u044f.
+message.action.enable.nexusVswitch=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 nexusVswitch.
 message.action.enable.physical.network=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0435\u0442\u044c.
 message.action.enable.pod=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u0442\u0435\u043d\u0434.
 message.action.enable.zone=\u041f\u043e\u0442\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 \u0437\u043e\u043d\u0443
-message.action.force.reconnect=\u0423\u0437\u0435\u043b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0435\u0440\u0435\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u043b\u0441\u044f. \u042d\u0442\u043e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043c\u043e\u0436\u0435\u0442 \u0434\u043b\u0438\u0442\u044c\u0441\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0438\u043d\u0443\u0442.
-message.action.host.enable.maintenance.mode=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0440\u0435\u0436\u0438\u043c\u0430 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0443\u0437\u043b\u0435 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u0443 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0443\u0437\u043b\u044b.
-message.action.instance.reset.password=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c root \u044d\u0442\u043e\u0439 \u0412\u041c.
+message.action.force.reconnect=\u0412\u0430\u0448 \u0441\u0435\u0440\u0432\u0435\u0440 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0433\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f. \u042d\u0442\u043e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043d\u044f\u0442\u044c \u0434\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043c\u0438\u043d\u0443\u0442.
+message.action.host.enable.maintenance.mode=\u0410\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u0440\u0435\u0436\u0438\u043c\u0430 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043c\u0438\u0433\u0440\u0430\u0446\u0438\u0438 \u0432\u0441\u0435\u0445 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043d\u0430 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d.
+message.action.instance.reset.password=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.
 message.action.manage.cluster=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u0432\u0435\u0441\u0442\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440 \u0432 \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f.
-message.action.primarystorage.enable.maintenance.mode=\u0412\u043d\u0438\u043c\u0430\u043d\u0438\u0435\: \u043f\u0440\u0438 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0432 \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f, \u0432\u0441\u0435 \u0412\u041c \u0431\u0443\u0434\u0443\u0442 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b. \u0425\u043e\u0442\u0438\u0442\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c?
-message.action.reboot.instance=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u044d\u0442\u0443 \u043c\u0430\u0448\u0438\u043d\u0443.
+message.action.primarystorage.enable.maintenance.mode=\u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435\: \u043f\u0435\u0440\u0435\u0432\u043e\u0434 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0432 \u0440\u0435\u0436\u0438\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0432\u0441\u0435\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0435\u0433\u043e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d. \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c?
+message.action.reboot.instance=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u044d\u0442\u0443 \u043c\u0430\u0448\u0438\u043d\u0443.
 message.action.reboot.router=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0440\u043e\u0443\u0442\u0435\u0440.
-message.action.reboot.systemvm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0412\u041c.
-message.action.release.ip=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0434\u0438\u0442\u044c \u044d\u0442\u043e\u0442 IP-\u0430\u0434\u0440\u0435\u0441.
+message.action.reboot.systemvm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u044d\u0442\u0443 \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443.
+message.action.release.ip=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0434\u0438\u0442\u044c \u044d\u0442\u043e\u0442 IP \u0430\u0434\u0440\u0435\u0441.
 message.action.remove.host=\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e/\u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435 \u0438 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u0430\u044f \u0435\u0433\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u0443\u043d\u0438\u0447\u0442\u043e\u0436\u0435\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f/\u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0438 \u0441\u0434\u0435\u043b\u0430\u0435 \u0433\u043e\u0441\u0442\u0435\u0432\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u043d\u0435\u043f\u0440\u0438\u0433\u043e\u0434\u043d\u044b\u043c\u0438 \u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e.
 message.action.reset.password.off=\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043c\u0430\u0448\u0438\u043d\u0430 \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u0434\u0430\u043d\u043d\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u044e
-message.action.reset.password.warning=\u041c\u0430\u0448\u0438\u043d\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f  \u043f\u0430\u0440\u043e\u043b\u044f
-message.action.restore.instance=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u0442\u0443 \u043c\u0430\u0448\u0438\u043d\u0443.
+message.action.reset.password.warning=\u041f\u0435\u0440\u0435\u0434 \u043f\u043e\u043f\u044b\u0442\u043a\u043e\u0439 \u0441\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0412\u0430\u0448\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430.
+message.action.restore.instance=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u0442\u0443 \u043c\u0430\u0448\u0438\u043d\u0443.
 message.action.revert.snapshot=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0434\u0438\u0441\u043a \u043a \u044d\u0442\u043e\u043c\u0443 \u0442\u043e\u043c \u0441\u043d\u0438\u043c\u043a\u0443
-message.action.start.instance=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u0443 \u043c\u0430\u0448\u0438\u043d\u0443.
-message.action.start.router=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0440\u043e\u0443\u0442\u0435\u0440.
+message.action.start.instance=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u0443 \u043c\u0430\u0448\u0438\u043d\u0443.
+message.action.start.router=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0440\u043e\u0443\u0442\u0435\u0440.
 message.action.start.systemvm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u0412\u041c.
 message.action.stop.instance=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u0442\u0443 \u043c\u0430\u0448\u0438\u043d\u0443.
 message.action.stop.router=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0440\u043e\u0443\u0442\u0435\u0440.
-message.action.stop.systemvm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u0412\u041c.
-message.action.take.snapshot=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u043d\u0438\u043c\u043e\u043a \u044d\u0442\u043e\u0433\u043e \u0442\u043e\u043c\u0430.
+message.action.stop.systemvm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u0442\u0443 \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443.
+message.action.take.snapshot=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u043d\u0438\u043c\u043e\u043a \u044d\u0442\u043e\u0433\u043e \u0434\u0438\u0441\u043a\u0430.
 message.action.unmanage.cluster=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u0432\u0435\u0441\u0442\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440 \u0432 \u043e\u0431\u044b\u0447\u043d\u044b\u0439 \u0440\u0435\u0436\u0438\u043c.
 message.action.vmsnapshot.delete=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u043d\u0438\u043c\u043e\u043a \u0412\u041c.
 message.action.vmsnapshot.revert=\u0412\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u043d\u0438\u043c\u043e\u043a \u0412\u041c
 message.activate.project=\u0412\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0435\u043a\u0442?
 message.add.cluster=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c \u0434\u043b\u044f \u0437\u043e\u043d\u044b <b><span id\="zone_name"></span></b>, \u043c\u043e\u0434\u0443\u043b\u044c <b><span id\="pod_name"></span></b>
-message.add.cluster.zone=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c \u0434\u043b\u044f \u0437\u043e\u043d\u044b <b><span id\="zone_name"></span></b>
-message.add.disk.offering=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u043e\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0434\u0438\u0441\u043a\u0430
+message.add.cluster.zone=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043a\u043b\u0430\u0441\u0442\u0435\u0440 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u043e\u0432 \u0432 \u0437\u043e\u043d\u0435 <b><span id\="zone_name"></span></b>
+message.add.disk.offering=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u043b\u0443\u0433\u0438 \u0434\u0438\u0441\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430
 message.add.domain=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u043f\u043e\u0434\u0434\u043e\u043c\u0435\u043d, \u0433\u0434\u0435 \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0432\u0430\u0448 \u0434\u043e\u043c\u0435\u043d
 message.add.firewall=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0444\u0430\u0435\u0440\u0432\u043e\u043b \u0432 \u0437\u043e\u043d\u0443
 message.add.guest.network=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0433\u043e\u0441\u0442\u0435\u0432\u0443\u044e \u0441\u0435\u0442\u044c
-message.add.host=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0443\u0437\u043b\u0430.
+message.add.host=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430.
 message.adding.host=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0437\u043b\u0430
 message.adding.Netscaler.device=\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 NetScaler
 message.adding.Netscaler.provider=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c Netscaler
-message.add.ip.range.direct.network=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c IP-\u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 \u0441\u0435\u0442\u0438 <b><span id\="directnetwork_name"></span></b> \u0432 \u0437\u043e\u043d\u0435 <b><span id\="zone_name"></span></b>
+message.add.ip.range.direct.network=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0445 IP \u0430\u0434\u0440\u0435\u0441\u043e\u0432 <b><span id\="directnetwork_name"></span></b> \u0432 \u0437\u043e\u043d\u0435 <b><span id\="zone_name"></span></b>
 message.add.ip.range.to.pod=<p>\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0432 \u0441\u0442\u0435\u043d\u0434\: <b><span id\="pod_name_label"></span></b></p>
-message.add.ip.range=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u0437\u043e\u043d\u044b
-message.additional.networks.desc=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0442\u0438, \u043a\u0443\u0434\u0430 \u0432\u0430\u0448\u044b \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0431\u0443\u0434\u0443\u0442 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u044b.
-message.add.load.balancer=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0443 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432 \u0437\u043e\u043d\u0443
+message.add.ip.range=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0445 IP \u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0432 \u0437\u043e\u043d\u0443
+message.additional.networks.desc=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0442\u0438 \u043a \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0431\u0443\u0434\u0435\u0442 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0412\u0430\u0448\u0430 \u043c\u0430\u0448\u0438\u043d\u0430.
+message.add.load.balancer=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432 \u0437\u043e\u043d\u0443
 message.add.load.balancer.under.ip=\u041f\u0440\u0430\u0432\u0438\u043b\u043e \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0431\u044b\u043b \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d \u0432 IP\:
-message.add.network=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0441\u0435\u0442\u044c \u0434\u043b\u044f \u0437\u043e\u043d\u044b\: <b><span id\="zone_name"></span></b>
+message.add.network=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0441\u0435\u0442\u044c \u0432 \u0437\u043e\u043d\u0443\: <b><span id\="zone_name"></span></b>
 message.add.new.gateway.to.vpc=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0448\u043b\u044e\u0437\u0430 \u0432 VPC
 message.add.pod.during.zone.creation=\u041a\u0430\u0436\u0434\u0430\u044f \u0437\u043e\u043d\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043e\u0434\u0438\u043d \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0435\u043d\u0434\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b \u0441\u0435\u0439\u0447\u0430\u0441 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u0435 \u043f\u0435\u0440\u0432\u044b\u043c. \u0421\u0442\u0435\u043d\u0434 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0443\u0437\u043b\u044b \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u043c \u0448\u0430\u0433\u0435. \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u0430\u0434\u0440\u0435\u0441\u043e\u0432 IP \u0434\u043b\u044f \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0441\u0435\u0442\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 IP \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u0437\u043e\u043d\u044b \u043e\u0431\u043b\u0430\u043a\u0430.
 message.add.pod=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 \u0441\u0442\u0435\u043d\u0434 \u0434\u043b\u044f \u0437\u043e\u043d\u044b <b><span id\="add_pod_zone_name"></span></b>
@@ -1311,25 +1387,25 @@ message.add.primary.storage=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0
 message.add.primary=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430
 message.add.region=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0440\u0435\u0433\u0438\u043e\u043d\u0430.
 message.add.secondary.storage=\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 \u0432 \u0437\u043e\u043d\u0443 <b><span id\="zone_name"></span></b>
-message.add.service.offering=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430.
+message.add.service.offering=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430.
 message.add.system.service.offering=\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0441\u043b\u0443\u0436\u0431.
 message.add.template=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0448\u0430\u0431\u043b\u043e\u043d\u0430
-message.add.volume=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0442\u043e\u043c\u0430
+message.add.volume=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u0432\u0435\u0434\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0434\u0438\u0441\u043a\u0430.
 message.add.VPN.gateway=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c VPN \u0448\u043b\u044e\u0437
-message.advanced.mode.desc=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u044d\u0442\u0443 \u043c\u043e\u0434\u0435\u043b\u044c \u0441\u0435\u0442\u0438, \u0435\u0441\u043b\u0438 \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443 VLAN. \u042d\u0442\u0430 \u0441\u0435\u0442\u0435\u0432\u0430\u044f \u043c\u043e\u0434\u0435\u043b\u044c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u0433\u0438\u0431\u043a\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0441\u0435\u0442\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u044d\u043a\u0440\u0430\u043d, VPN, \u0438\u043b\u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u044f\u043c\u043e\u0435 \u043f\u0440\u043e\u0442\u0438\u0432 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439.
-message.advanced.security.group=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u044d\u0442\u043e\u0442 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440, \u0435\u0441\u043b\u0438 \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u0441\u0435\u0440\u0432\u0435\u0440\u0430.
-message.advanced.virtual=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u044d\u0442\u043e\u0442 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440, \u0435\u0441\u043b\u0438 \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u0435\u0439 \u0437\u043e\u043d\u044b \u0441\u0435\u0442\u0438 VLAN, \u0447\u0442\u043e\u0431\u044b \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u0441\u0435\u0440\u0432\u0435\u0440\u0430.
+message.advanced.mode.desc=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u044d\u0442\u0443 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043c\u043e\u0434\u0435\u043b\u044c \u0435\u0441\u043b\u0438 \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044e VLAN. \u042d\u0442\u0430 \u0441\u0435\u0442\u0435\u0432\u0430\u044f \u043c\u043e\u0434\u0435\u043b\u044c \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0433\u0438\u0431\u043a\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0442\u044c \u0442\u0430\u043a\u0438\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b, \u043a\u0430\u043a \u0444\u0430\u0435\u0440\u0432\u043e\u043b, \u0412\u041f\u041d, \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0430 \u0442\u0430\u043a \u0436\u0435 \u0432\u044b\u0431\u0438\u0440\u0430\u0442\u044c \u043f\u0440\u044f\u043c\u043e\u0435 \u0438\u043b\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437  \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0447\u0430\u0441\u0442\u043d\u044b\u0435 \u0441\u0435\u0442\u0438.
+message.advanced.security.group=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u044d\u0442\u043e, \u0435\u0441\u043b\u0438 \u0445\u043e\u0442\u0438\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c security groups \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u0433\u043e\u0441\u0442\u0435\u0432\u044b\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d.
+message.advanced.virtual=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u044d\u0442\u043e, \u0435\u0441\u043b\u0438 \u0445\u043e\u0442\u0438\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c VLAN \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u0433\u043e\u0441\u0442\u0435\u0432\u044b\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d.
 message.after.enable.s3=S3-\u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043e. \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435\: \u0415\u0441\u043b\u0438 \u0432\u044b \u043f\u043e\u043a\u0438\u043d\u0435\u0442\u0435 \u044d\u0442\u0443 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443, \u0432\u0430\u043c \u043d\u0435 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c S3 \u0441\u043d\u043e\u0432\u0430.
 message.after.enable.swift=Swift \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d. \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435\: \u0415\u0441\u043b\u0438 \u0432\u044b \u043f\u043e\u043a\u0438\u043d\u0435\u0442\u0435 \u044d\u0442\u0443 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443, \u0432\u0430\u043c \u043d\u0435 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c Swift \u0441\u043d\u043e\u0432\u0430
 message.alert.state.detected=\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0441\u0438\u0433\u043d\u0430\u043b \u0442\u0440\u0435\u0432\u043e\u0433\u0438
-message.allow.vpn.access=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u0432\u0435\u0434\u0438\u0442\u0435 \u0438\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u043f\u0430\u0440\u043e\u043b\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u043b\u044f VPN-\u0434\u043e\u0441\u0442\u0443\u043f\u0430.
-message.apply.snapshot.policy=\u041f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u044d\u0442\u043e\u0433\u043e \u0441\u043d\u0438\u043c\u043a\u0430 \u0431\u044b\u043b\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b.
-message.attach.iso.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0440\u0438\u043a\u0440\u0435\u043f\u0438\u0442\u044c ISO \u0432 \u044d\u0442\u043e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440.
+message.allow.vpn.access=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u0432\u0435\u0434\u0438\u0442\u0435 \u0438\u043c\u044f \u0438 \u043f\u0430\u0440\u043e\u043b\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c VPN \u0434\u043e\u0441\u0442\u0443\u043f.
+message.apply.snapshot.policy=\u0412\u044b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0443 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439.
+message.attach.iso.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c ISO \u043a \u044d\u0442\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435.
 message.attach.volume=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0447\u0442\u043e \u0431\u044b \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0442\u044c \u043c\u0435\u0441\u0442\u043e. \u0414\u043b\u044f Windows, \u043d\u0443\u0436\u043d\u043e \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440
-message.basic.mode.desc=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u044d\u0442\u0443 \u043c\u043e\u0434\u0435\u043b\u044c \u0441\u0435\u0442\u0438, \u0435\u0441\u043b\u0438 \u0432\u044b  <b>*<u>not</u>*</b> \u0445\u043e\u0442\u0438\u0442\u0435, \u0447\u0442\u043e\u0431\u044b \u0431\u044b\u043b\u0430 \u043b\u044e\u0431\u0430\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 VLAN. \u0412\u0441\u0435\u043c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c \u043c\u0430\u0448\u0438\u043d\u0430\u043c, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e \u044d\u0442\u043e\u0439 \u043c\u043e\u0434\u0435\u043b\u0438 \u0441\u0435\u0442\u0438 \u0431\u0443\u0434\u0435\u0442 \u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d IP \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0438\u0437 \u0441\u0435\u0442\u0438 \u0438 \u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u0435\u0433\u0440\u0435\u0433\u0430\u0446\u0438\u0438.
-message.change.offering.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u0443 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0433\u043e VM.
+message.basic.mode.desc=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u044d\u0442\u0443 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043c\u043e\u0434\u0435\u043b\u044c, \u0435\u0441\u043b\u0438 \u0412\u044b <b>*<u>\u043d\u0435</u>*</b> \u0445\u043e\u0442\u0438\u0442\u0435 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443 VLAN.  \u0412\u0441\u0435\u043c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u043c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u043c\u043e\u0434\u0435\u043b\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c \u043c\u0430\u0448\u0438\u043d\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u044b\u0439 IP \u0430\u0434\u0440\u0435\u0441. \u0414\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b Security groups.
+message.change.offering.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0438 \u0441\u043b\u0443\u0436\u0431 \u044d\u0442\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.
 message.change.password=\u0418\u0437\u043c\u0435\u043d\u0438\u0442\u0435 \u0432\u0430\u0448 \u043f\u0430\u0440\u043e\u043b\u044c.
-message.configure.all.traffic.types=\u0423 \u0432\u0430\u0441 \u0435\u0441\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0435\u0442\u0435\u0439, \u043f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043c\u0435\u0442\u043a\u0438 \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u043d\u0430\u0436\u0430\u0432 \u043d\u0430 \u043a\u043d\u043e\u043f\u043a\u0443 \u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c.
+message.configure.all.traffic.types=\u0423 \u0432\u0430\u0441 \u0435\u0441\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0435\u0442\u0435\u0439, \u043f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u0442\u0435 \u043c\u0435\u0442\u043a\u0438 \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u0442\u0438\u043f\u0430 \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u043d\u0430\u0436\u0430\u0432 \u043d\u0430 \u043a\u043d\u043e\u043f\u043a\u0443 \u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c.
 message.configuring.guest.traffic=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430
 message.configuring.physical.networks=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0435\u0442\u0435\u0439
 message.configuring.public.traffic=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430
@@ -1345,11 +1421,11 @@ message.confirm.enable.provider=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434
 message.confirm.join.project=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u043a \u043f\u0440\u043e\u0435\u043a\u0442\u0443.
 message.confirm.remove.IP.range=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP.
 message.confirm.shutdown.provider=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430
-message.copy.iso.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c ISO \u0434\u043e
+message.copy.iso.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0412\u0430\u0448 ISO \u0432
 message.copy.template=\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d <b id\="copy_template_name_text">XXX</b> \u0438\u0437 \u0437\u043e\u043d\u044b <b id\="copy_template_source_zone_text"></b> \u0432
-message.create.template=\u0412\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d\u043d?
-message.create.template.vm=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b <b id\="p_name"></b>
-message.create.template.volume=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d \u0434\u0438\u0441\u043a\u0430 \u043e\u0431\u044a\u0435\u043c\u043e\u043c\: <b><span id\="volume_name"></span></b>. \u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0432\u0430\u0440\u044c\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043c\u0438\u043d\u0443\u0442 \u0434\u043e \u0434\u043e\u043b\u044c\u0448\u0435 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0442\u043e\u043c\u0430.
+message.create.template=\u0412\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d?
+message.create.template.vm=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443 \u0438\u0437 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 <b id\="p_name"></b>
+message.create.template.volume=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043f\u0435\u0440\u0435\u0434 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435\u043c \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u0438\u0437 \u0412\u0430\u0448\u0435\u0433\u043e \u0434\u0438\u0441\u043a\u0430\: <b><span id\="volume_name"></span></b>. \u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043d\u044f\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0438\u043d\u0443\u0442 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0412\u0430\u0448\u0435\u0433\u043e \u0434\u0438\u0441\u043a\u0430.
 message.creating.cluster=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430
 message.creating.guest.network=\u0421\u043e\u0437\u0434\u0430\u0442\u044c \u0433\u043e\u0441\u0442\u0435\u0432\u0443\u044e \u0441\u0435\u0442\u044c
 message.creating.physical.networks=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0435\u0442\u0435\u0439
@@ -1375,33 +1451,34 @@ message.desc.primary.storage=\u041a\u0430\u0436\u0434\u0430\u044f \u0433\u0440\u
 message.desc.secondary.storage=\u041a\u0430\u0436\u0434\u0430\u044f \u0437\u043e\u043d\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u043e\u0431\u043b\u0430\u0434\u0430\u0442\u044c \u0445\u043e\u0442\u044f \u0431\u044b \u043e\u0434\u043d\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c NFS \u0438\u043b\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435\u043c \u0438 \u0438\u0445 \u043d\u0430\u0434\u043e \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c. \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043e \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432 \u0412\u041c, \u043e\u0431\u0440\u0430\u0437\u043e\u0432 ISO \u0438 \u0441\u043d\u0438\u043c\u043a\u043e\u0432 \u0412\u041c. \u042d\u0442\u043e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0443\u0437\u043b\u043e\u0432 \u0437\u043e\u043d\u044b.<br/><br/>\u041f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c IP-\u0430\u0434\u0440\u0435\u0441 \u0438 \u043f\u0443\u0442\u044c.
 message.desc.zone=layer 3
 message.detach.disk=\u0412\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0434\u0438\u0441\u043a?
-message.detach.iso.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u0434\u0435\u043b\u0438\u0442\u044c ISO \u043e\u0442 \u044d\u0442\u043e\u0433\u043e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430.
-message.disable.account=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c. \u041f\u0440\u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430, \u0432\u0441\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0438\u043c\u0435\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0432\u043e\u0438\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u043e\u0431\u043b\u0430\u043a\u0430. \u0412\u0441\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u0431\u0443\u0434\u0443\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0437\u0430\u043a\u0440\u044b\u0442\u044b.
-message.disable.snapshot.policy=\u041f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u044d\u0442\u043e\u0433\u043e \u0441\u043d\u0438\u043c\u043a\u0430 \u0431\u044b\u043b\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u044b.
+message.detach.iso.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c ISO \u043e\u0442 \u044d\u0442\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.
+message.disable.account=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c. \u0414\u0435\u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u0432\u0441\u0435\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043a \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u041e\u0431\u043b\u0430\u043a\u0430. \u0412\u0441\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u0431\u0443\u0434\u0443\u0442 \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b.
+message.disable.snapshot.policy=\u0412\u044b \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0443 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439.
 message.disable.user=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.
-message.disable.vpn.access=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c VPN \u0434\u043e\u0441\u0442\u0443\u043f
+message.disable.vpn.access=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c VPN \u0434\u043e\u0441\u0442\u0443\u043f.
 message.disable.vpn=\u0412\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c VPN?
-message.download.ISO=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043d\u0430\u0436\u043c\u0438\u0442\u0435 <a href\="\#">00000</a> \u0441\u043a\u0430\u0447\u0430\u0442\u044c \u043e\u0431\u0440\u0430\u0437
-message.download.template=\u041d\u0430\u0436\u043c\u0438\u0442\u0435 <a href\="\#">00000</a>\u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438
-message.download.volume=\u041d\u0430\u0436\u043c\u0438\u0442\u0435 <a href\="\#">00000</a> \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0442\u043e\u043c\u0430
+message.download.ISO=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043d\u0430\u0436\u043c\u0438\u0442\u0435 <a href\="\#">00000</a> \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 ISO
+message.download.template=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043d\u0430\u0436\u043c\u0438\u0442\u0435 <a href\="\#">00000</a> \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0448\u0430\u0431\u043b\u043e\u043d\u0430
+message.download.volume.confirm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0434\u0438\u0441\u043a
+message.download.volume=\u041d\u0430\u0436\u043c\u0438\u0442\u0435 <a href\="\#">00000</a> \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u0438\u0441\u043a\u0430
 message.edit.account=\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c (\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 "-1" \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u0430)
 message.edit.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u043d\u0430\u0436\u0430\u0442\u044c "\u0421\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u044c".
-message.edit.limits=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0434\u043b\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432.  \u0417\u043d\u0430\u0447\u0435\u043d\u0438\u0435 "-1" \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043f\u0440\u0435\u0434\u0435\u043b\u0430 \u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430.
-message.edit.traffic.type=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0442\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0442\u043a\u0438 \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u044d\u0442\u0438\u043c \u0442\u0438\u043f\u043e\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u0430.
-message.enable.account=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c.
+message.edit.limits=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. "-1" \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439.
+message.edit.traffic.type=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u043c\u0435\u0442\u043a\u0438 \u0442\u0440\u0430\u0444\u0438\u043a\u0430  \u0432\u044b \u0445\u043e\u0442\u0438\u0442\u0435, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u044d\u0442\u0438\u043c \u0442\u0438\u043f\u043e\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u0430.
+message.enable.account=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c.
 message.enabled.vpn.ip.sec=\u0412\u0430\u0448 IPSec pre-shared \u043a\u043b\u044e\u0447
 message.enabled.vpn=\u0412\u0430\u0448 VPN \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0447\u0435\u0440\u0435\u0437 IP
 message.enable.user=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.
-message.enable.vpn.access=\u0421\u0435\u0439\u0447\u0430\u0441 VPN \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e IP-a\u0434\u0440\u0435\u0441\u0430 \u0432\u044b\u043a\u043b\u044e\u0447\u0435\u043d.  \u0416\u0435\u043b\u0430\u0435\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c VPN-\u0434\u043e\u0441\u0442\u0443\u043f?
+message.enable.vpn.access=VPN \u0432 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e IP \u0430\u0434\u0440\u0435\u0441\u0430. \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c VPN?
 message.enable.vpn=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a VPN \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430.
-message.enabling.security.group.provider=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u0437\u0430\u0441\u0438\u0449\u0435\u043d\u043e\u0439 \u0441\u0435\u0442\u0438
+message.enabling.security.group.provider=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u0433\u0440\u0443\u043f\u043f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438
 message.enabling.zone=\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0437\u043e\u043d\u0443
 message.enter.token=\u0412\u0432\u0435\u0434\u0438\u0442\u0435 \u043a\u043b\u044e\u0447, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0432 \u043f\u0440\u0438\u0433\u043b\u0430\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u043c \u043f\u0438\u0441\u044c\u043c\u0435
 message.generate.keys=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.
-message.guest.traffic.in.advanced.zone=\u0413\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0441\u0435\u0442\u0438 \u0441\u0432\u044f\u0437\u0438 \u043c\u0435\u0436\u0434\u0443 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d. \u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 VLAN \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0433\u043e\u0441\u0442\u044f \u0442\u0440\u0430\u0444\u0438\u043a \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0442\u0438.
+message.guest.traffic.in.advanced.zone=\u0413\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0434\u043b\u044f \u0441\u0432\u044f\u0437\u0438 \u043c\u0435\u0436\u0434\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d. \u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 VLAN \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0442\u0438.
 message.guest.traffic.in.basic.zone=\u0413\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043e\u0431\u0449\u0435\u043d\u0438\u0438 \u043c\u0435\u0436\u0434\u0443 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438. \u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0430\u0434\u0440\u0435\u0441\u043e\u0432 IP, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 CloudStack \u0441\u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0434\u0435\u043b\u0438\u0442\u044c \u0434\u043b\u044f \u0412\u041c. \u0423\u0431\u0435\u0434\u0438\u0442\u0435\u0441\u044c, \u0447\u0442\u043e \u044d\u0442\u043e\u0442 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u043d\u0435 \u043f\u0435\u0440\u0435\u043a\u0440\u0435\u0449\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0441 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u043e\u043c \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u0430\u0434\u0440\u0435\u0441\u043e\u0432.
 message.installWizard.click.retry=\u041a\u043b\u0438\u043a\u043d\u0438\u0442\u0435, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0432\u0442\u043e\u0440\u0438\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a.
-message.installWizard.copy.whatIsACluster=\u041a\u043b\u0430\u0441\u0442\u0435\u0440 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0433\u0440\u0443\u043f\u043f\u044b \u0443\u0437\u043b\u043e\u0432. \u0423\u0437\u043b\u044b \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435 \u0438\u043c\u0435\u044e\u0442 \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e\u0435 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435, \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u044b \u0432 \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e\u043c \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u0435\u0440\u0435, \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u043e\u0434\u043d\u043e\u0439 \u043f\u043e\u0434\u0441\u0435\u0442\u0438 \u0438 \u0438\u043c\u0435\u044e\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0434\u043d\u043e\u043c\u0443 \u0438 \u0442\u043e\u043c\u0443 \u0436\u0435 \u043e\u0431\u0449\u0435\u043c\u0443 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0443. \u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0435\u043d\u044b "\u0432\u0436\u0438\u0432\u0443\u044e" \u0441 \u043e\u0434\u043d\u043e\u0433\u043e \u0443\u0437\u043b\u0430 \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0439 \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430, \u0431\u0435\u0437 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0441\u043b\u0443\u0436\u0431 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u041a\u043b\u0430\u0441\u0442\u0435\u0440 - \u0442\u0440\u0435\u0442\u044c\u044f \u043f\u043e \u0440\u0430\u0437\u043c\u0435\u0440\u043d\u043e\u0441\u0442\u0438 \u0435\u0434\u0438\u043d\u0438\u0446\u0430 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 CloudStack&\#8482;. \u041a\u043b\u0430\u0441\u0442\u0435\u0440\u044b \u0440\u0430\u0441\u043f\u043e\u043e\u0433\u0430\u044e\u0442\u0441\u044f \u0432 \u0441\u0442\u0435\u043d\u0434\u0430\u0445, \u0430 \u0441\u0442\u0435\u043d\u0434\u044b - \u0432 \u0437\u043e\u043d\u0430\u0445. <br/><br/>CloudStack&\#8482; \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u043d\u043e \u043f\u0440\u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u044d\u0442\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442.
+message.installWizard.copy.whatIsACluster=\u041a\u043b\u0430\u0441\u0442\u0435\u0440 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0433\u0440\u0443\u043f\u043f\u044b \u0443\u0437\u043b\u043e\u0432. \u0423\u0437\u043b\u044b \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435 \u0438\u043c\u0435\u044e\u0442 \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e\u0435 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435, \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u044b \u0432 \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e\u043c \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u0435\u0440\u0435, \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u043e\u0434\u043d\u043e\u0439 \u043f\u043e\u0434\u0441\u0435\u0442\u0438 \u0438 \u0438\u043c\u0435\u044e\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0434\u043d\u043e\u043c\u0443 \u043e\u0431\u0449\u0435\u043c\u0443 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0443. \u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b (\u0412\u041c) \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0435\u043d\u044b "\u0432\u0436\u0438\u0432\u0443\u044e" \u0441 \u043e\u0434\u043d\u043e\u0433\u043e \u0443\u0437\u043b\u0430 \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0439 \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430, \u0431\u0435\u0437 \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u041a\u043b\u0430\u0441\u0442\u0435\u0440 - \u0442\u0440\u0435\u0442\u044c\u044f \u043f\u043e \u0440\u0430\u0437\u043c\u0435\u0440\u043d\u043e\u0441\u0442\u0438 \u0435\u0434\u0438\u043d\u0438\u0446\u0430 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 CloudStack&\#8482. \u041a\u043b\u0430\u0441\u0442\u0435\u0440\u044b \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442\u0441\u044f \u0432 \u0441\u0442\u0435\u043d\u0434\u0430\u0445, \u0430 \u0441\u0442\u0435\u043d\u0434\u044b - \u0432 \u0437\u043e\u043d\u0430\u0445. <br/><br/>CloudStack&\#8482; \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u043d\u043e \u043f\u0440\u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u044d\u0442\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442.
 message.installWizard.copy.whatIsAHost=\u0423\u0437\u0435\u043b - \u044d\u0442\u043e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440. \u0423\u0437\u043b\u044b \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0433\u043e\u0441\u0442\u0435\u0432\u044b\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d. \u041a\u0430\u0436\u0434\u044b\u0439 \u0443\u0437\u0435\u043b \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0412\u041c (\u043a\u0440\u043e\u043c\u0435 \u0443\u0437\u043b\u043e\u0432 BareMetal, \u043e\u043d\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c \u0438\u0437 \u043f\u0440\u0430\u0432\u0438\u043b \u0438 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u043e\u043c \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u043f\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435). \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u044d\u0442\u043e Linux-\u0441\u0435\u0440\u0432\u0435\u0440 \u0441 KVM, \u0441\u0435\u0440\u0432\u0435\u0440 Citrix XenServer \u0438\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440 ESXI. \u041f\u0440\u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0432\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0434\u0438\u043d \u0443\u0437\u0435\u043b \u0441 XenServer.<br/><br/>\u0423\u0437\u0435\u043b - \u044d\u0442\u043e \u043d\u0430\u0438\u043c\u0435\u043d\u044c\u0448\u0430\u044f \u0435\u0434\u0438\u043d\u0438\u0446\u0430 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 CloudStack&\#8482;, \u0434\u0430\u043b\u0435\u0435 \u0443\u0437\u043b\u044b \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0433\u0430\u044e\u0442\u0441\u044f \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430\u0445, \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b - \u0432 \u0441\u0442\u0435\u043d\u0434\u0430\u0445, \u0441\u0442\u0435\u043d\u0434\u044b - \u0432 \u0437\u043e\u043d\u0430\u0445.
 message.installWizard.copy.whatIsAPod=\u0421\u0442\u0435\u043d\u0434, \u043a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043e\u0434\u043d\u0443 \u0441\u0442\u043e\u0439\u043a\u0443 \u0441 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438. \u0423\u0437\u043b\u044b \u0432 \u043e\u0434\u043d\u043e\u043c \u0441\u0442\u0435\u043d\u0434\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u043e\u0434\u043d\u043e\u0439 \u043f\u043e\u0434\u0441\u0435\u0442\u0438.<br/><br/>\u0421\u0442\u0435\u043d\u0434 - \u0432\u0442\u043e\u0440\u0430\u044f \u043f\u043e \u0440\u0430\u0437\u043c\u0435\u0440\u043d\u043e\u0441\u0442\u0438 \u0435\u0434\u0438\u043d\u0438\u0446\u0430 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 CloudStack&\#8482;. \u0421\u0442\u0435\u043d\u0434\u044b \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0433\u0430\u044e\u0442\u0441\u044f \u0432 \u0437\u043e\u043d\u0430\u0445. \u041a\u0430\u0436\u0434\u0430\u044f \u0437\u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0442\u0435\u043d\u0434\u043e\u0432, \u043d\u043e \u043f\u0440\u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0432 \u0437\u043e\u043d\u0435 \u043c\u043e\u0436\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043b\u0438\u0448\u044c \u043e\u0434\u0438\u043d \u0441\u0442\u0435\u043d\u0434.
 message.installWizard.copy.whatIsAZone=\u0417\u043e\u043d\u0430 - \u044d\u0442\u043e \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0443\u043f\u043d\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0435\u0434\u0438\u043d\u0438\u0446\u0430 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 CloudStack&\#8482;. \u0417\u043e\u043d\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0435\u0434\u0438\u043d\u0438\u0447\u043d\u043e\u043c\u0443 \u0426\u041e\u0414, \u0445\u043e\u0442\u044f \u0438\u043c\u0435\u0435\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0437\u043e\u043d \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u043e\u0434\u043d\u043e\u0433\u043e \u0426\u041e\u0414. \u041e\u0441\u043d\u043e\u0432\u043d\u044b\u043c \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u043c \u043f\u043e\u0441\u0442\u0440\u043e\u0435\u043d\u0438\u044f \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u043e\u043d \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0438\u0437\u0431\u044b\u0442\u043e\u0447\u043d\u043e\u0441\u0442\u0438. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a\u0430\u0436\u0434\u0430\u044f \u0437\u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0438\u043c\u0435\u0442\u044c \u0441\u0432\u043e\u0439 \u0431\u043b\u043e\u043a \u043f\u0438\u0442\u0430\u043d\u0438\u044f \u0438 \u0441\u0435\u0442\u044c, \u0430 \u0441\u0430\u043c\u0438 \u0437\u043e\u043d\u044b \u043c\u043e\u0433\u0443\u0442 \u0448\u0438\u0440\u043e\u043a\u043e \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0433\u0435\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438.
@@ -1430,26 +1507,26 @@ message.installWizard.tooltip.addZone.internaldns2=\u042d\u0442\u043e c\u0435\u0
 message.installWizard.tooltip.addZone.name=\u0418\u043c\u044f \u0437\u043e\u043d\u044b
 message.installWizard.tooltip.configureGuestTraffic.description=\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u0441\u0435\u0442\u0438
 message.installWizard.tooltip.configureGuestTraffic.guestEndIp=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0433\u043e\u0441\u0442\u0435\u0439 \u044d\u0442\u043e\u0439 \u0437\u043e\u043d\u044b. \u041f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043e\u0434\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 (NIC) \u044d\u0442\u0438 \u0430\u0434\u0440\u0435\u0441\u0430 \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u0432 \u043f\u043e\u0434\u0441\u0435\u0442\u0438 (CIDR) \u0441\u0442\u0435\u043d\u0434\u0430.
-message.installWizard.tooltip.configureGuestTraffic.guestGateway=\u0428\u043b\u044e\u0437 \u0434\u043b\u044f \u0433\u043e\u0441\u0442\u044f\u043c\u0438
+message.installWizard.tooltip.configureGuestTraffic.guestGateway=\u0428\u043b\u044e\u0437 \u0434\u043b\u044f \u0433\u043e\u0441\u0442\u0435\u0439
 message.installWizard.tooltip.configureGuestTraffic.guestNetmask=\u0421\u0435\u0442\u0435\u0432\u0430\u044f \u043c\u0430\u0441\u043a\u0430 \u043f\u043e\u0434\u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u0433\u043e\u0441\u0442\u0435\u0439.
 message.installWizard.tooltip.configureGuestTraffic.guestStartIp=\u0414\u0438\u0430\u043f\u0430\u0437\u043e\u043d IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0433\u043e\u0441\u0442\u0435\u0439 \u044d\u0442\u043e\u0439 \u0437\u043e\u043d\u044b. \u041f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043e\u0434\u043d\u043e\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 (NIC) \u044d\u0442\u0438 \u0430\u0434\u0440\u0435\u0441\u0430 \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u0432 \u043f\u043e\u0434\u0441\u0435\u0442\u0438 (CIDR) \u0441\u0442\u0435\u043d\u0434\u0430.
 message.installWizard.tooltip.configureGuestTraffic.name=\u0418\u043c\u044f \u044d\u0442\u043e\u0439 \u0441\u0435\u0442\u0438
 message.instanceWizard.noTemplates=\u0412\u044b \u043d\u0435 \u0438\u043c\u0435\u0435\u0442\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432; \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u0448\u0438\u043d\u044b \u0434\u043e\u0431\u0430\u0432\u044c\u0442\u0435 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u0432\u044b\u0439 \u0448\u0430\u0431\u043b\u043e\u043d.
 message.ip.address.changed=\u0412\u0430\u0448\u0438 IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u044b, \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u043f\u0438\u0441\u043e\u043a \u0430\u0434\u0440\u0435\u0441\u043e\u0432? \u041f\u043e\u043c\u043d\u0438\u0442\u0435, \u0447\u0442\u043e \u0432 \u044d\u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u0431\u043b\u0430\u0441\u0442\u044c \u0434\u0435\u0442\u0430\u043b\u0435\u0439 \u0431\u0443\u0434\u0435\u0442 \u0437\u0430\u043a\u0440\u044b\u0442\u0430.
-message.iso.desc=\u041e\u0431\u0440\u0430\u0437 \u0434\u0438\u0441\u043a\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u0447\u043d\u044b\u0435 \u0438\u043b\u0438 \u043d\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043e\u0447\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u041e\u0421.
+message.iso.desc=\u041e\u0431\u0440\u0430\u0437 \u0434\u0438\u0441\u043a\u0430, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u0447\u043d\u044b\u0439 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c \u0434\u043b\u044f \u041e\u0421
 message.join.project=\u0422\u0435\u043f\u0435\u0440\u044c \u0432\u044b \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u043a \u043f\u0440\u043e\u0435\u043a\u0442\u0443. \u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 "\u041f\u0440\u043e\u0435\u043a\u0442\u043d\u044b\u0439 \u0432\u0438\u0434" \u0434\u043b\u044f \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043f\u0440\u043e\u0435\u043a\u0442\u0430.
-message.launch.vm.on.private.network=\u0425\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0412\u041c \u0432 \u0432\u0430\u0448\u0435\u0439 \u0447\u0430\u0441\u0442\u043d\u043e\u0439 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438?
+message.launch.vm.on.private.network=\u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0432 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0412\u0430\u043c \u0447\u0430\u0441\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u0438? 
 message.launch.zone=\u0417\u043e\u043d\u0430 \u0433\u043e\u0442\u043e\u0432\u0430 \u043a \u0437\u0430\u043f\u0443\u0441\u043a\u0443, \u043f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c\u0443 \u0448\u0430\u0433\u0443.
-message.lock.account=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c.  \u0412\u0441\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432 \u0442\u0430\u043a\u0438\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u044f\u0445 \u043f\u043e\u0442\u0435\u0440\u044f\u044e\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u0432\u043e\u0438\u043c\u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438.  \u042d\u0442\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043e\u0441\u0442\u0430\u043d\u0443\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439.
-message.migrate.instance.confirm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443.
+message.lock.account=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u043a\u044e \u0437\u0430\u043f\u0438\u0441\u044c. \u041f\u043e\u0441\u043b\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432\u0441\u0435 \u0435\u0451 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u0435 \u0441\u043c\u043e\u0433\u0443\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u0432\u043e\u0438\u043c\u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438. \u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043e\u0441\u0442\u0430\u043d\u0443\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438.
+message.migrate.instance.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443.
 message.migrate.instance.to.host=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u043c\u0430\u0448\u0438\u043d\u0443 \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u0437\u0435\u043b.
 message.migrate.instance.to.ps=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u043c\u0430\u0448\u0438\u043d\u0443 \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435.
 message.migrate.router.confirm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u0440\u043e\u0443\u0442\u0435\u0440 \u0432 \u0443\u0437\u0435\u043b
 message.migrate.systemvm.confirm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u0440\u043e\u0443\u0442\u0435\u0440 \u0432 \u0443\u0437\u0435\u043b
 message.migrate.volume=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u0442\u043e\u043c \u0432 \u0434\u0440\u0443\u0433\u043e\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435.
-message.new.user=\u0412\u0432\u0435\u0434\u0438\u0442\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c.
+message.new.user=\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c.
 message.no.affinity.groups=\u0412\u044b \u043d\u0435 \u0438\u043c\u0435\u0435\u0442\u0435 affinity groups. \u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c\u0443 \u0448\u0430\u0433\u0443.
-message.no.network.support.configuration.not.true=\u041d\u0438 \u0432 \u043e\u0434\u043d\u043e\u0439 \u0437\u043e\u043d\u0435 \u043d\u0435\u0442 \u0433\u0440\u0443\u043f\u043f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b. \u041f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u043a \u0448\u0430\u0433\u0443 5.
+message.no.network.support.configuration.not.true=\u0424\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b security group \u043d\u0435 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0438 \u0432 \u043e\u0434\u043d\u043e\u0439 \u0437\u043e\u043d\u0435. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438. \u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u043a \u0448\u0430\u0433\u0443 5.
 message.no.network.support=\u0412\u044b\u0431\u0440\u0430\u043d\u043d\u044b\u0439 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440 (vSphere) \u043d\u0435 \u043e\u0431\u043b\u0430\u0434\u0430\u0435\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0434\u043d\u043e\u0441\u0442\u044f\u043c\u0438. \u041f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u043a \u0448\u0430\u0433\u0443 5.
 message.no.projects.adminOnly=\u0423 \u0432\u0430\u0441 \u043d\u0435\u0442 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432.<br/>\u041e\u0431\u0440\u0430\u0442\u0438\u0442\u0435\u0441\u044c \u043a \u0432\u0430\u0448\u0435\u043c\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0443 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0435\u043a\u0442\u0430.
 message.no.projects=\u0423 \u0432\u0430\u0441 \u043d\u0435\u0442 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432.<br/>\u0421\u043e\u0437\u0434\u0430\u0439\u0442\u0435 \u043d\u043e\u0432\u044b\u0439 \u043f\u0440\u043e\u0435\u043a\u0442 \u0432 \u0441\u0435\u043a\u0446\u0438\u0438 "\u041f\u0440\u043e\u0435\u043a\u0442\u044b"
@@ -1459,7 +1536,7 @@ message.number.pods=<h2><span> \# of </span> \u0421\u0442\u0435\u043d\u0434\u044
 message.number.storage=<h2><span> \# of </span> \u0422\u043e\u043c\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430</h2>
 message.number.zones=<h2><span> \# of </span> \u0417\u043e\u043d\u044b</h2>
 message.pending.projects.1=\u0412 \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f\:
-message.pending.projects.2=\u0414\u043b\u044f \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u043a \u0440\u0430\u0437\u0434\u0435\u043b \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432, \u0434\u0430\u043b\u0435\u0435 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f \u0438\u0437 \u0432\u044b\u043f\u0430\u0434\u0430\u044e\u0449\u0435\u0433\u043e \u043c\u0435\u043d\u044e.
+message.pending.projects.2=\u0414\u043b\u044f \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u0432 \u0440\u0430\u0437\u0434\u0435\u043b \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432, \u0434\u0430\u043b\u0435\u0435 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f \u0438\u0437 \u0432\u044b\u043f\u0430\u0434\u0430\u044e\u0449\u0435\u0433\u043e \u043c\u0435\u043d\u044e.
 message.please.add.at.lease.one.traffic.range=\u0414\u043e\u0431\u0430\u0432\u044c\u0442\u0435 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e\u0434\u0438\u043d \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0434\u043b\u044f \u0442\u0440\u0430\u0444\u0438\u043a\u0430
 message.please.proceed=\u041f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c\u0443 \u0448\u0430\u0433\u0443
 message.please.select.a.configuration.for.your.zone=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0432\u0430\u0448\u0435\u0439 \u0437\u043e\u043d\u044b
@@ -1467,40 +1544,42 @@ message.please.select.a.different.public.and.management.network.before.removing=
 message.please.select.networks=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b
 message.please.wait.while.zone.is.being.created=\u041f\u043e\u0434\u043e\u0436\u0434\u0438\u0442\u0435, \u0441\u043e\u0437\u0434\u0430\u0435\u0442\u0441\u044f \u0437\u043e\u043d\u0430. \u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043d\u044f\u0442\u044c \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u0440\u0435\u043c\u044f...
 message.project.invite.sent=\u041f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u0435 \u0431\u044b\u043b\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e; \u043e\u043d \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d \u0432 \u043f\u0440\u043e\u0435\u043a\u0442 \u043f\u043e\u0441\u043b\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f.
-message.public.traffic.in.advanced.zone=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0412\u041c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443. \u041f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 IP \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u044b. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CloudStack UI \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f IP \u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f NAT, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0434\u0443 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0439 \u0441\u0435\u0442\u044c\u044e. <br/><br/>\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e\u0434\u0438\u043d \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0434\u043b\u044f \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0442\u0440\u0430\u0444\u0438\u043a\u0430.
+message.public.traffic.in.advanced.zone=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0412\u041c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443. \u041f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 IP \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u044b. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CloudStack UI \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f IP \u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f NAT, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0434\u0443 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0439 \u0441\u0435\u0442\u044c\u044e. <br/><br/>\u0423\u043a\u0430\u0436\u0438\u0442\u0435 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e\u0434\u0438\u043d \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0434\u043b\u044f \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0442\u0440\u0430\u0444\u0438\u043a\u0430.
 message.public.traffic.in.basic.zone=\u041f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0412\u041c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u0438\u043b\u0438 \u043f\u0440\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0441\u043b\u0443\u0436\u0431 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.  \u041f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 IP \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u044b. \u041f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u0412\u041c, \u0430\u0434\u0440\u0435\u0441 \u0438\u0437 \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 Ip \u043f\u0440\u0438\u0432\u044f\u0436\u0435\u0442\u0441\u044f \u043a \u043c\u0430\u0448\u0438\u043d\u0435 \u0432 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0433\u043e \u0430\u0434\u0440\u0435\u0441\u0430 IP. \u0421\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 1-1 NAT \u0434\u043e\u043b\u0436\u0435\u043d \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c\u0441\u044f \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u043c\u0435\u0436\u0434\u0443 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0439 \u0438 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0441\u0435\u0442\u044c\u044e. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c CloudStack UI \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e NAT \u043c\u0435\u0436\u0434\u0443 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0439 \u0441\u0435\u0442\u044c\u044e.
+message.recover.vm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0432\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u0442\u0443 \u0412\u041c
 message.redirecting.region=\u041f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u0440\u0435\u0433\u0438\u043e\u043d
+message.reinstall.vm=\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435\: C\u043e\u0431\u043b\u044e\u0434\u0430\u0439\u0442\u0435 \u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u043e\u0441\u0442\u044c.  \u0412\u041c \u0431\u0443\u0434\u0435\u0442 \u043f\u0435\u0440\u0435\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 \u0438\u0437 \u0448\u0430\u0431\u043b\u043e\u043d\u0430; \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0434\u0438\u0441\u043a\u0435 \u0431\u0443\u0434\u0443\u0442 \u043f\u043e\u0442\u0435\u0440\u044f\u043d\u044b. \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0434\u0438\u0441\u043a\u0438, \u0435\u0441\u043b\u0438 \u0442\u0430\u043a\u043e\u0432\u044b\u0435 \u0438\u043c\u0435\u044e\u0442\u0441\u044f, \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b.
 message.remove.region=\u0412\u044b \u0443\u0432\u0435\u0440\u0435\u043d\u044b, \u0447\u0442\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u0440\u0435\u0433\u0438\u043e\u043d \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f?
 message.remove.vpc=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u044d\u0442\u043e\u0442 VPC
-message.remove.vpn.access=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a VPN \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.
+message.remove.vpn.access=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c VPN \u0434\u043e\u0441\u0442\u0443\u043f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e.
 message.reset.password.warning.notPasswordEnabled=\u0428\u0430\u0431\u043b\u043e\u043d \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b \u0441\u043e\u0437\u0434\u0430\u043d \u0431\u0435\u0437 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u044f
 message.reset.password.warning.notStopped=\u0414\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
 message.reset.VPN.connection=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u043e VPN \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435.
-message.restart.mgmt.server=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440(\u044b) \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u0438\u043d\u044f\u0442\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a.
-message.restart.mgmt.usage.server=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043b\u044f \u0432\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u0432 \u0441\u0438\u043b\u0443.
+message.restart.mgmt.server=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440(\u044b) \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u0432 \u0441\u0438\u043b\u0443.
+message.restart.mgmt.usage.server=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0438 \u0434\u043b\u044f \u0432\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u0432 \u0441\u0438\u043b\u0443.
 message.restart.network=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u0435\u0442\u044c.
 message.restart.vpc=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c VPC
-message.security.group.usage=(\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 <strong>Ctrl-\u043a\u043b\u0438\u043a</strong>, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u0432\u0441\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438)
+message.security.group.usage=(\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 <strong>Ctrl-click</strong> \u0434\u043b\u044f \u0432\u044b\u0431\u043e\u0440\u0430 \u0432\u0441\u0435\u0445 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u044b\u0445 security groups)
 message.select.affinity.groups=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043b\u044e\u0431\u044b\u0435 affinity groups, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0438\u0442 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0430\u044f \u043c\u0430\u0448\u0438\u043d\u0430\:
-message.select.a.zone=\u0417\u043e\u043d\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0435\u0434\u0438\u043d\u0438\u0447\u043d\u043e\u043c\u0443 \u0446\u0435\u043d\u0442\u0440\u0443 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445. \u041d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0437\u043e\u043d\u044b\u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0435 \u043e\u0431\u043b\u0430\u043a\u0430, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u0438 \u0438\u0437\u0431\u044b\u0442\u043e\u0447\u043d\u043e\u0441\u0442\u044c.
-message.select.instance=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440.
+message.select.a.zone=\u0417\u043e\u043d\u0430 \u043e\u0431\u044b\u0447\u043d\u043e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0435\u0434\u0438\u043d\u0438\u0447\u043d\u043e\u043c\u0443 \u0446\u0435\u043d\u0442\u0440\u0443 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445. \u041d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0437\u043e\u043d \u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0435 \u043e\u0431\u043b\u0430\u043a\u0430, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u0438 \u0438\u0437\u0431\u044b\u0442\u043e\u0447\u043d\u043e\u0441\u0442\u044c.
+message.select.instance=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043c\u0430\u0448\u0438\u043d\u0443.
 message.select.iso=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043e\u0431\u0440\u0430\u0437 ISO \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 \u0412\u041c
 message.select.item=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u044d\u043b\u0435\u043c\u0435\u043d\u0442
 message.select.security.groups=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0433\u0440\u0443\u043f\u043f\u0443/\u0433\u0440\u0443\u043f\u043f\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 \u0412\u041c
 message.select.template=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0448\u0430\u0431\u043b\u043e\u043d \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 \u0412\u041c
-message.setup.physical.network.during.zone.creation.basic=\u041f\u0440\u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u0437\u043e\u043d\u0443, \u0432\u044b \u043c\u043e\u0436\u0438\u0442\u0435 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043e\u0434\u043d\u0443 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0435\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u043e\u0442\u0432\u0435\u0441\u0442\u0432\u0443\u0435\u0442 NIC \u043d\u0430 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440. \u0421\u0435\u0442\u044c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0438\u0434\u043e\u0432 \u0442\u0440\u0430\u0444\u0438\u043a\u0430.<br/><br/>\u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0442\u0430\u043a\u0436\u0435 \u043f\u0435\u0440\u0435\u0442\u0430\u0441\u043a\u0438\u0432\u0430\u0442\u044c <strong>drag and drop</strong> \u0434\u0440\u0443\u0433\u0438\u0435 \u0442\u0438\u043f\u044b \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043d\u0430 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0435\u0442\u0438.
+message.setup.physical.network.during.zone.creation.basic=\u0412\u043e \u0432\u0440\u0435\u043c\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0437\u043e\u043d\u044b, \u0432\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u043e\u0434\u0438\u043d \u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0435\u0442\u0435\u0439. \u041a\u0430\u0436\u0434\u0430\u044f \u0441\u0435\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0441\u0435\u0442\u0435\u0432\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430. \u041a\u0430\u043a\u0436\u0434\u0430\u044f \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0435\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0432\u0438\u0434\u043e\u0432 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0441 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f\u043c\u0438 \u043f\u0440\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0438 \u0432\u0438\u0434\u043e\u0432 \u0442\u0440\u0430\u0444\u0438\u043a\u0430.<br/><br/><strong>\u041f\u0435\u0440\u0435\u0442\u0430\u0449\u0438\u0442\u0435 \u043e\u0434\u0438\u043d \u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0438\u0434\u043e\u0432 \u0442\u0440\u0430\u0444\u0438\u043a\u0430</strong> \u043a \u043a\u0430\u0436\u0434\u043e\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0442\u0438.
 message.setup.physical.network.during.zone.creation=\u0412\u043e \u0432\u0440\u0435\u043c\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0437\u043e\u043d\u044b, \u0432\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u043e\u0434\u0438\u043d \u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0435\u0442\u0435\u0439. \u041a\u0430\u0436\u0434\u0430\u044f \u0441\u0435\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0441\u0435\u0442\u0435\u0432\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430. \u041a\u0430\u043a\u0436\u0434\u0430\u044f \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0435\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0432\u0438\u0434\u043e\u0432 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0441 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f\u043c\u0438 \u043f\u0440\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0438 \u0432\u0438\u0434\u043e\u0432 \u0442\u0440\u0430\u0444\u0438\u043a\u0430.<br/><br/><strong>\u041f\u0435\u0440\u0435\u0442\u0430\u0449\u0438\u0442\u0435 \u043e\u0434\u0438\u043d \u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0438\u0434\u043e\u0432 \u0442\u0440\u0430\u0444\u0438\u043a\u0430</strong> \u043a \u043a\u0430\u0436\u0434\u043e\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0442\u0438.
 message.setup.successful=\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043e\u0431\u043b\u0430\u043a\u0430 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0430\!
-message.snapshot.schedule=\u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u044e\u0449\u0438\u0435\u0441\u044f \u0441\u043d\u0438\u043c\u043e\u043a\u0438, \u0432\u044b\u0431\u0438\u0440\u0430\u044f \u0438\u0437 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u043d\u0438\u0436\u0435 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0432 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0442\u0435\u043d\u0438\u044f
+message.snapshot.schedule=\u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0433\u0440\u0430\u0444\u0438\u043a \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439, \u0432\u044b\u0431\u0438\u0440\u0430\u044f \u0438\u0437 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u043d\u0438\u0436\u0435
 message.specify.url=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0443\u043a\u0430\u0436\u0438\u0442\u0435 URL
-message.step.1.continue=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0448\u0430\u0431\u043b\u043e\u043d \u0438\u043b\u0438 ISO \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f.
-message.step.1.desc=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0448\u0430\u0431\u043b\u043e\u043d \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u043f\u0443\u0441\u0442\u043e\u0439 \u0448\u0430\u0431\u043b\u043e\u043d, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437 ISO \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u043d\u0430.
-message.step.2.continue=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f.
+message.step.1.continue=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0448\u0430\u0431\u043b\u043e\u043d \u0438\u043b\u0438 ISO \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f.
+message.step.1.desc=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0448\u0430\u0431\u043b\u043e\u043d \u0434\u043b\u044f \u0412\u0430\u0448\u0435\u0439 \u043d\u043e\u0432\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b. \u0412\u044b \u0442\u0430\u043a \u0436\u0435 \u043c\u043e\u0436\u0435\u0442\u0435 \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u043f\u0443\u0441\u0442\u043e\u0439 \u0448\u0430\u0431\u043b\u043e\u043d \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438\u0437 \u043e\u0431\u0440\u0430\u0437\u0430 ISO.
+message.step.2.continue=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0443\u0441\u043b\u0443\u0433\u0443 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f
 message.step.2.desc=
-message.step.3.continue=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0434\u0438\u0441\u043a\u043e\u0432\u044b\u0439 \u0440\u0435\u0441\u0443\u0440\u0441 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f.
+message.step.3.continue=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0440\u0430\u0437\u043c\u0435\u0440 \u0434\u0438\u0441\u043a\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f
 message.step.3.desc=
-message.step.4.continue=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0445\u043e\u0442\u044f \u0431\u044b \u043e\u0434\u043d\u0443 \u0441\u0435\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f.
-message.step.4.desc=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u0441\u0435\u0442\u044c, \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u0443\u0434\u0435\u0442 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u0430.
+message.step.4.continue=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e\u0434\u043d\u0443 \u0441\u0435\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u044f.
+message.step.4.desc=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u0443\u0434\u0435\u0442 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0412\u0430\u0448\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0430\u044f \u043c\u0430\u0448\u0438\u043d\u0430.
 message.storage.traffic=\u0422\u0440\u0430\u0444\u0438\u043a \u043c\u0435\u0436\u0434\u0443 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438 CloudStack, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u0441\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u0443\u0437\u043b\u044b \u0438 CloudStack \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0412\u041c. \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u0442\u0435 \u0442\u0440\u0430\u0444\u0438\u043a \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0437\u0434\u0435\u0441\u044c.
 message.suspend.project=\u0412\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0440\u0438\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0435\u043a\u0442?
 message.template.desc=\u041e\u0431\u0440\u0430\u0437 \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u0447\u043d\u043e\u0439 \u0432 \u0412\u041c
@@ -1513,38 +1592,39 @@ message.tooltip.pod.name=\u0418\u043c\u044f \u0434\u043b\u044f \u0441\u0442\u043
 message.tooltip.reserved.system.gateway=\u0428\u043b\u044e\u0437 \u0434\u043b\u044f \u0443\u0437\u043b\u043e\u0432 \u044d\u0442\u043e\u0433\u043e \u0441\u0442\u0435\u043d\u0434\u0430
 message.tooltip.reserved.system.netmask=\u041f\u0440\u0435\u0444\u0438\u043a\u0441 \u0441\u0435\u0442\u0438, \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u044e\u0449\u0438\u0439 \u043f\u043e\u0434\u0441\u0435\u0442\u044c \u0441\u0442\u0435\u043d\u0434\u0430. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CIDR.
 message.tooltip.zone.name=\u0418\u043c\u044f \u0434\u043b\u044f \u0437\u043e\u043d\u044b
-message.update.os.preference=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u041e\u0421 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0445\u043e\u0441\u0442\u0430. \u0412\u0441\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0441 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0442\u0435\u043d\u0438\u044f\u043c\u0438 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043e \u043d\u0430 \u044d\u0442\u043e\u0442 \u0443\u0437\u0435\u043b, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0443\u044e.
+message.update.os.preference=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0442\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u041e\u0421 \u0434\u043b\u044f \u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0412\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0439 \u041e\u0421 \u0431\u0443\u0434\u0443\u0442 \u043f\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u044d\u0442\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435. 
 message.update.resource.count=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0447\u0435\u0442\u0447\u0438\u043a \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430.
-message.update.ssl=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043e\u0442\u043f\u0440\u0430\u0432\u044c\u0442\u0435 \u043d\u043e\u0432\u044b\u0439 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u044b\u0439 X.509 SSL \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0434\u043b\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u043e\u043a\u0441\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440\:
+message.update.ssl=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0432\u044c\u0442\u0435 \u043d\u043e\u0432\u044b\u0439 X.509 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u044b\u0439 SSL \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0434\u043b\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0430 \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0438\u0445 \u0437\u0430 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\:
 message.validate.instance.name=\u0418\u043c\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u043b\u0438\u043d\u0435\u0435 63 \u0441\u0438\u043c\u0432\u043e\u043b\u0430. \u0422\u043e\u043b\u044c\u043a\u043e ASCII, \u0431\u0443\u043a\u0432\u044b a~z, A~Z, \u0446\u044b\u0444\u0440\u044b 0~9, \u0434\u0435\u0444\u0438\u0441 \u043d\u0435 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f. \u0414\u043e\u043b\u0436\u043d\u0430 \u043d\u0430\u0447\u0438\u043d\u0430\u0442\u044c\u0441\u044f \u0441 \u0431\u0443\u043a\u0432\u044b \u0438 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u0431\u0443\u043a\u0432\u043e\u0439 \u0438\u043b\u0438 \u0446\u0438\u0444\u0440\u043e\u0439.
 message.validate.invalid.characters=\u041d\u0430\u0439\u0434\u0435\u043d\u044b \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u044b; \u043f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u043e\u043f\u0440\u0430\u0432\u044c\u0442\u0435.
-message.virtual.network.desc=\u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u0432\u0430\u0448\u0435\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438. \u0428\u0438\u0440\u043e\u043a\u043e\u0432\u0435\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u043c\u0435\u043d \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432\u043d\u0443\u0442\u0440\u0438 VLAN \u0438 \u0432\u0435\u0441\u044c \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430.
-message.vm.create.template.confirm=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442 \u0412\u041c
-message.vm.review.launch=\u041f\u0440\u043e\u0432\u0435\u0440\u044c\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438 \u0443\u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u044c\u0442\u0435\u0441\u044c \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0432\u0430\u0448\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e.
+message.virtual.network.desc=\u0412\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u0434\u043b\u044f \u0412\u0430\u0448\u0435\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0430\u044f \u0441\u0435\u0442\u044c. \u0428\u0438\u0440\u043e\u043a\u043e\u0432\u0435\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u043c\u0435\u043d \u0412\u0430\u0448\u0435\u0433\u043e VLAN \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u043c. 
+message.vm.create.template.confirm=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0432\u0438\u0440\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b
+message.vm.review.launch=\u041f\u0440\u043e\u0432\u0435\u0440\u044c\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438 \u0443\u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u044c\u0442\u0435\u0441\u044c \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0432\u0430\u0448\u0430 \u043c\u0430\u0448\u0438\u043d\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u0430 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e.
 message.volume.create.template.confirm=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0448\u0430\u0431\u043b\u043e\u043d \u044d\u0442\u043e\u0433\u043e \u0442\u043e\u043c\u0430.  \u042d\u0442\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0434\u043b\u0438\u0442\u044c\u0441\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0438\u043d\u0443\u0442 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0442\u043e\u043c\u0430.
 message.you.must.have.at.least.one.physical.network=\u0414\u043e\u0431\u0430\u0432\u044c\u0442\u0435 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043e\u0434\u043d\u0443 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0441\u0435\u0442\u044c
 message.Zone.creation.complete=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0437\u043e\u043d\u044b \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u043e
 message.zone.creation.complete.would.you.like.to.enable.this.zone=\u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0437\u043e\u043d\u044b \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u043e. \u0425\u043e\u0442\u0438\u0442\u0435 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u044d\u0442\u0443 \u0437\u043e\u043d\u0443?
 message.zone.no.network.selection=\u0412\u044b\u0431\u0440\u0430\u043d\u043d\u0430\u044f \u0437\u043e\u043d\u0430 \u043d\u0435 \u0438\u043c\u0435\u0435\u0442 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0432\u044b\u0431\u043e\u0440\u0430 \u0441\u0435\u0442\u0438.
-message.zone.step.1.desc=\u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0442\u0438\u043f \u0441\u0435\u0442\u0438 \u044d\u0442\u043e\u0439 \u0437\u043e\u043d\u044b.
-message.zone.step.2.desc=\u0412\u0432\u0435\u0434\u0438\u0442\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0439 \u0437\u043e\u043d\u044b
-message.zone.step.3.desc=\u0412\u0432\u0435\u0434\u0438\u0442\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u043e\u0433\u043e \u0441\u0442\u0435\u043d\u0434\u0430
+message.zone.step.1.desc=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043c\u043e\u0434\u0435\u043b\u044c \u0434\u043b\u044f \u0412\u0430\u0448\u0435\u0439 \u0437\u043e\u043d\u044b.
+message.zone.step.2.desc=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u0432\u0435\u0434\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u043e\u043d\u044b
+message.zone.step.3.desc=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u0432\u0432\u0435\u0434\u0438\u0442\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0421\u0442\u0435\u043d\u0434\u0430
 mode=\u0420\u0435\u0436\u0438\u043c
-network.rate=\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0441\u0435\u0442\u0438
+network.rate=\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0441\u0435\u0442\u0438
 notification.reboot.instance=\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
 notification.start.instance=\u0417\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
 notification.stop.instance=\u041e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443
 side.by.side=\u0411\u043e\u043a-\u043e-\u0411\u043e\u043a
 state.Accepted=\u041f\u0440\u0438\u043d\u044f\u0442\u043e
 state.Active=\u0412\u043a\u043b\u044e\u0447\u0435\u043d
-state.Allocated=\u0420\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043e
+state.Allocated=\u0412\u044b\u0434\u0435\u043b\u0435\u043d\u043e
 state.Allocating=\u0412\u044b\u0434\u0435\u043b\u0435\u043d\u0438\u0435
-state.BackedUp=\u0417\u0430\u0440\u0435\u0437\u0435\u0440\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043e
+state.BackedUp=\u0420\u0435\u0437\u0435\u0440\u0432\u043d\u0430\u044f \u043a\u043e\u043f\u0438\u044f
 state.BackingUp=\u0420\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0435 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435
 state.Completed=\u0417\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u043e
 state.Creating=\u0421\u043e\u0437\u0434\u0430\u0435\u0442\u0441\u044f
 state.Declined=\u041e\u0442\u043a\u043b\u043e\u043d\u0435\u043d\u043e
 state.Destroyed=\u0423\u043d\u0438\u0447\u0442\u043e\u0436\u0435\u043d\u043e
+state.detached=\u041e\u0442\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u043e
 state.Disabled=\u0412\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u043e
 state.enabled=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u043e
 state.Enabled=\u0412\u043a\u043b\u044e\u0447\u0435\u043d\u043e

From 2ed9539c29b3d679e76c4ec38daed8fec1c30dd0 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Tue, 4 Aug 2015 00:38:37 +0530
Subject: [PATCH 033/115] travis: don't force M2_HOME, let Travis use the
 bundled maven3

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #652
---
 tools/travis/before_script.sh | 1 -
 tools/travis/install.sh       | 1 -
 2 files changed, 2 deletions(-)

diff --git a/tools/travis/before_script.sh b/tools/travis/before_script.sh
index cba50e005f..566241f64e 100755
--- a/tools/travis/before_script.sh
+++ b/tools/travis/before_script.sh
@@ -37,7 +37,6 @@ fi
 
 export CATALINA_BASE=/opt/tomcat
 export CATALINA_HOME=/opt/tomcat
-export M2_HOME="/usr/local/maven-3.2.1/"
 export MAVEN_OPTS="-Xmx1024m -XX:MaxPermSize=500m"
 
 mvn -Dsimulator -pl :cloud-client-ui jetty:run 2>&1 > /dev/null &
diff --git a/tools/travis/install.sh b/tools/travis/install.sh
index ea89cd7b54..cafc512b2d 100755
--- a/tools/travis/install.sh
+++ b/tools/travis/install.sh
@@ -36,7 +36,6 @@ fi
 
 export CATALINA_BASE=/opt/tomcat
 export CATALINA_HOME=/opt/tomcat
-export M2_HOME="/usr/local/maven-3.2.1/"
 export MAVEN_OPTS="-Xmx1024m -XX:MaxPermSize=500m"
 
 if [ $TEST_SEQUENCE_NUMBER -eq 1 ]; then

From 58c6a8d1a38f65dc472a6c35ede2f01e608a1a7a Mon Sep 17 00:00:00 2001
From: Boris Schrijver <boris@pcextreme.nl>
Date: Mon, 3 Aug 2015 17:10:05 +0200
Subject: [PATCH 034/115] CLOUDSTACK-8703: Fixed issue when listing directory
 on S3, it would only return objectSummaries when the anwser from the S3
 System was truncated.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #651
---
 utils/src/com/cloud/utils/S3Utils.java | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/utils/src/com/cloud/utils/S3Utils.java b/utils/src/com/cloud/utils/S3Utils.java
index ae7a453d48..532b2eb547 100644
--- a/utils/src/com/cloud/utils/S3Utils.java
+++ b/utils/src/com/cloud/utils/S3Utils.java
@@ -343,10 +343,15 @@ private static List<S3ObjectSummary> listDirectory(final String bucketName, fina
         ListObjectsRequest listObjectsRequest = new ListObjectsRequest().withBucketName(bucketName).withPrefix(directory + SEPARATOR);
 
         ObjectListing ol = client.listObjects(listObjectsRequest);
-        while (ol != null && ol.isTruncated()) {
+        if(ol.isTruncated()) {
+            do {
+                objects.addAll(ol.getObjectSummaries());
+                listObjectsRequest.setMarker(ol.getNextMarker());
+                ol = client.listObjects(listObjectsRequest);
+            } while (ol.isTruncated());
+        }
+        else {
             objects.addAll(ol.getObjectSummaries());
-            listObjectsRequest.setMarker(ol.getNextMarker());
-            ol = client.listObjects(listObjectsRequest);
         }
 
         if (objects.isEmpty()) {

From 17366f2b182aaa0943be451c79dac36fc08e221b Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Thu, 6 Aug 2015 12:13:01 +0530
Subject: [PATCH 035/115] CLOUDSTACK-8301: Enable configuring local storage use
 for system VMs at zone level

Backported from #263 for 4.5 branch, original bugfix by @koushik-das et al

More information on:
https://issues.apache.org/jira/browse/CLOUDSTACK-8301
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Enable+configuring+local+storage+use+for+system+VMs+at+zone+level

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #661
---
 api/src/com/cloud/dc/DataCenter.java          |   4 -
 .../classes/resources/messages.properties     |   3 +-
 .../cloud/service/dao/ServiceOfferingDao.java |  14 +-
 .../service/dao/ServiceOfferingDaoImpl.java   |  53 ++
 .../lb/ElasticLoadBalancerManagerImpl.java    |  20 +-
 .../network/lb/LoadBalanceRuleHandler.java    |  16 +-
 .../lb/InternalLoadBalancerVMManagerImpl.java |  24 +-
 .../InternalLBVMManagerTest.java              |   7 +-
 .../InternalLBVMServiceTest.java              |   9 +-
 .../src/com/cloud/configuration/Config.java   |   1 -
 .../ConfigurationManagerImpl.java             |  45 +-
 .../consoleproxy/ConsoleProxyManagerImpl.java |  39 +-
 .../deploy/DeploymentPlanningManagerImpl.java |  35 +-
 .../VirtualNetworkApplianceManagerImpl.java   |  15 +-
 ...VpcVirtualNetworkApplianceManagerImpl.java |   7 +-
 .../com/cloud/storage/StorageManagerImpl.java |  14 +-
 .../element/VirtualRouterElementTest.java     |   3 +
 .../SecondaryStorageManagerImpl.java          |  35 +-
 .../test_zone_level_local_storage_setting.py  | 734 ++++++++++++++++++
 ui/dictionary2.jsp                            |   3 +-
 ui/scripts/zoneWizard.js                      |  94 ++-
 21 files changed, 998 insertions(+), 177 deletions(-)
 create mode 100644 test/integration/component/maint/test_zone_level_local_storage_setting.py

diff --git a/api/src/com/cloud/dc/DataCenter.java b/api/src/com/cloud/dc/DataCenter.java
index 6cd054e28b..5b3d3c01f3 100644
--- a/api/src/com/cloud/dc/DataCenter.java
+++ b/api/src/com/cloud/dc/DataCenter.java
@@ -20,7 +20,6 @@
 import org.apache.cloudstack.acl.InfrastructureEntity;
 import org.apache.cloudstack.api.Identity;
 import org.apache.cloudstack.api.InternalIdentity;
-import org.apache.cloudstack.framework.config.ConfigKey;
 
 import java.util.Map;
 
@@ -28,9 +27,6 @@
  *
  */
 public interface DataCenter extends InfrastructureEntity, Grouping, Identity, InternalIdentity {
-    public static final String SystemVMUseLocalStorageCK = "system.vm.use.local.storage";
-    public static final ConfigKey<Boolean> UseSystemVMLocalStorage = new ConfigKey<Boolean>(Boolean.class, SystemVMUseLocalStorageCK, "Advanced", "false",
-            "Indicates whether to use local storage pools or shared storage pools for system VMs.", true, ConfigKey.Scope.Zone, null);
 
     public enum NetworkType {
         Basic, Advanced,
diff --git a/client/WEB-INF/classes/resources/messages.properties b/client/WEB-INF/classes/resources/messages.properties
index 7223552961..f5e058855d 100644
--- a/client/WEB-INF/classes/resources/messages.properties
+++ b/client/WEB-INF/classes/resources/messages.properties
@@ -753,7 +753,8 @@ label.load.balancer=Load Balancer
 label.load.balancing.policies=Load balancing policies
 label.load.balancing=Load Balancing
 label.loading=Loading
-label.local.storage.enabled=Local storage enabled
+label.local.storage.enabled=Enable local storage for User VMs
+label.local.storage.enabled.system.vms=Enable local storage for System VMs
 label.local.storage=Local Storage
 label.local=Local
 label.login=Login
diff --git a/engine/schema/src/com/cloud/service/dao/ServiceOfferingDao.java b/engine/schema/src/com/cloud/service/dao/ServiceOfferingDao.java
index ab818538d2..586fcd0f79 100644
--- a/engine/schema/src/com/cloud/service/dao/ServiceOfferingDao.java
+++ b/engine/schema/src/com/cloud/service/dao/ServiceOfferingDao.java
@@ -16,11 +16,13 @@
 // under the License.
 package com.cloud.service.dao;
 
-import java.util.List;
-import java.util.Map;
-
 import com.cloud.service.ServiceOfferingVO;
+import com.cloud.storage.Storage;
 import com.cloud.utils.db.GenericDao;
+import com.cloud.vm.VirtualMachine;
+
+import java.util.List;
+import java.util.Map;
 
 /*
  * Data Access Object for service_offering table
@@ -28,6 +30,10 @@
 public interface ServiceOfferingDao extends GenericDao<ServiceOfferingVO, Long> {
     ServiceOfferingVO findByName(String name);
 
+    List<ServiceOfferingVO> createSystemServiceOfferings(String name, String uniqueName, int cpuCount, int ramSize, int cpuSpeed,
+                                                         Integer rateMbps, Integer multicastRateMbps, boolean offerHA, String displayText, Storage.ProvisioningType provisioningType,
+                                                         boolean recreatable, String tags, boolean systemUse, VirtualMachine.Type vmType, boolean defaultUse);
+
     ServiceOfferingVO persistSystemServiceOffering(ServiceOfferingVO vo);
 
     List<ServiceOfferingVO> findPublicServiceOfferings();
@@ -49,4 +55,6 @@ public interface ServiceOfferingDao extends GenericDao<ServiceOfferingVO, Long>
     boolean isDynamic(long serviceOfferingId);
 
     ServiceOfferingVO getcomputeOffering(ServiceOfferingVO serviceOffering, Map<String, String> customParameters);
+
+    ServiceOfferingVO findDefaultSystemOffering(String offeringName, Boolean useLocalStorage);
 }
diff --git a/engine/schema/src/com/cloud/service/dao/ServiceOfferingDaoImpl.java b/engine/schema/src/com/cloud/service/dao/ServiceOfferingDaoImpl.java
index a3ff45ca3a..280a4ba7c7 100644
--- a/engine/schema/src/com/cloud/service/dao/ServiceOfferingDaoImpl.java
+++ b/engine/schema/src/com/cloud/service/dao/ServiceOfferingDaoImpl.java
@@ -25,6 +25,8 @@
 import javax.inject.Inject;
 import javax.persistence.EntityExistsException;
 
+import com.cloud.storage.Storage;
+import com.cloud.vm.VirtualMachine;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
 
@@ -110,6 +112,13 @@ public ServiceOfferingVO persistSystemServiceOffering(ServiceOfferingVO offering
                 vo.setSpeed(500);
                 update(vo.getId(), vo);
             }
+            if (!vo.getUniqueName().endsWith("-Local")) {
+                if (vo.getUseLocalStorage()) {
+                    vo.setUniqueName(vo.getUniqueName() + "-Local");
+                    vo.setName(vo.getName() + " - Local Storage");
+                    update(vo.getId(), vo);
+                }
+            }
             return vo;
         }
         try {
@@ -238,4 +247,48 @@ public ServiceOfferingVO getcomputeOffering(ServiceOfferingVO serviceOffering, M
 
         return dummyoffering;
     }
+
+    @Override
+    public List<ServiceOfferingVO> createSystemServiceOfferings(String name, String uniqueName, int cpuCount, int ramSize, int cpuSpeed,
+                                                                Integer rateMbps, Integer multicastRateMbps, boolean offerHA, String displayText, Storage.ProvisioningType provisioningType,
+                                                                boolean recreatable, String tags, boolean systemUse, VirtualMachine.Type vmType, boolean defaultUse) {
+        List<ServiceOfferingVO> list = new ArrayList<ServiceOfferingVO>();
+        ServiceOfferingVO offering = new ServiceOfferingVO(name, cpuCount, ramSize, cpuSpeed, rateMbps, multicastRateMbps, offerHA, displayText,
+                provisioningType, false, recreatable, tags, systemUse, vmType, defaultUse);
+        offering.setUniqueName(uniqueName);
+        offering = persistSystemServiceOffering(offering);
+        if (offering != null) {
+            list.add(offering);
+        }
+
+        boolean useLocal = true;
+        if (offering.getUseLocalStorage()) { // if 1st one is already local then 2nd needs to be shared
+            useLocal = false;
+        }
+
+        offering = new ServiceOfferingVO(name + (useLocal ? " - Local Storage" : ""), cpuCount, ramSize, cpuSpeed, rateMbps, multicastRateMbps, offerHA, displayText,
+                provisioningType, useLocal, recreatable, tags, systemUse, vmType, defaultUse);
+        offering.setUniqueName(uniqueName + (useLocal ? "-Local" : ""));
+        offering = persistSystemServiceOffering(offering);
+        if (offering != null) {
+            list.add(offering);
+        }
+
+        return list;
+    }
+
+    @Override
+    public ServiceOfferingVO findDefaultSystemOffering(String offeringName, Boolean useLocalStorage) {
+        String name = offeringName;
+        if (useLocalStorage != null && useLocalStorage.booleanValue()) {
+            name += "-Local";
+        }
+        ServiceOfferingVO serviceOffering = findByName(name);
+        if (serviceOffering == null) {
+            String message = "System service offering " + name + " not found";
+            s_logger.error(message);
+            throw new CloudRuntimeException(message);
+        }
+        return serviceOffering;
+    }
 }
diff --git a/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java b/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
index d853299eef..11da736d1d 100644
--- a/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
+++ b/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
@@ -148,7 +148,6 @@ public class ElasticLoadBalancerManagerImpl extends ManagerBase implements Elast
     TrafficType _frontendTrafficType = TrafficType.Guest;
 
     Account _systemAcct;
-    ServiceOfferingVO _elasticLbVmOffering;
     ScheduledExecutorService _gcThreadPool;
     String _mgmtCidr;
 
@@ -290,16 +289,19 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
         }
         _mgmtCidr = _configDao.getValue(Config.ManagementNetwork.key());
 
-        boolean useLocalStorage = Boolean.parseBoolean(configs.get(DataCenter.SystemVMUseLocalStorageCK));
-
         _elasticLbVmRamSize = NumbersUtil.parseInt(configs.get(Config.ElasticLoadBalancerVmMemory.key()), DEFAULT_ELB_VM_RAMSIZE);
         _elasticLbvmCpuMHz = NumbersUtil.parseInt(configs.get(Config.ElasticLoadBalancerVmCpuMhz.key()), DEFAULT_ELB_VM_CPU_MHZ);
         _elasticLbvmNumCpu = NumbersUtil.parseInt(configs.get(Config.ElasticLoadBalancerVmNumVcpu.key()), 1);
-        _elasticLbVmOffering = new ServiceOfferingVO("System Offering For Elastic LB VM", _elasticLbvmNumCpu,
-                _elasticLbVmRamSize, _elasticLbvmCpuMHz, 0, 0, true, null, Storage.ProvisioningType.THIN, useLocalStorage,
-                true, null, true, VirtualMachine.Type.ElasticLoadBalancerVm, true);
-        _elasticLbVmOffering.setUniqueName(ServiceOffering.elbVmDefaultOffUniqueName);
-        _elasticLbVmOffering = _serviceOfferingDao.persistSystemServiceOffering(_elasticLbVmOffering);
+
+        List<ServiceOfferingVO> offerings = _serviceOfferingDao.createSystemServiceOfferings("System Offering For Elastic LB VM",
+                ServiceOffering.elbVmDefaultOffUniqueName, _elasticLbvmNumCpu, _elasticLbVmRamSize, _elasticLbvmCpuMHz, 0, 0, true, null,
+                Storage.ProvisioningType.THIN, true, null, true, VirtualMachine.Type.ElasticLoadBalancerVm, true);
+        // this can sometimes happen, if DB is manually or programmatically manipulated
+        if (offerings == null || offerings.size() < 2) {
+            String msg = "Data integrity problem : System Offering For Elastic LB VM has been removed?";
+            s_logger.error(msg);
+            throw new ConfigurationException(msg);
+        }
 
         String enabled = _configDao.getValue(Config.ElasticLoadBalancerEnabled.key());
         _enabled = (enabled == null) ? false : Boolean.parseBoolean(enabled);
@@ -322,7 +324,7 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
             _itMgr.registerGuru(VirtualMachine.Type.ElasticLoadBalancerVm, this);
         }
 
-        loadBalanceRuleHandler = new LoadBalanceRuleHandler(_elasticLbVmOffering, _instance, _systemAcct);
+        loadBalanceRuleHandler = new LoadBalanceRuleHandler(_instance, _systemAcct);
 
         return true;
     }
diff --git a/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/LoadBalanceRuleHandler.java b/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/LoadBalanceRuleHandler.java
index 32292cddd4..848b91a416 100644
--- a/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/LoadBalanceRuleHandler.java
+++ b/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/LoadBalanceRuleHandler.java
@@ -27,6 +27,9 @@
 
 import javax.inject.Inject;
 
+import com.cloud.configuration.ConfigurationManagerImpl;
+import com.cloud.offering.ServiceOffering;
+import com.cloud.service.dao.ServiceOfferingDao;
 import org.apache.cloudstack.api.command.user.loadbalancer.CreateLoadBalancerRuleCmd;
 import org.apache.cloudstack.context.CallContext;
 import org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService;
@@ -140,15 +143,15 @@ public class LoadBalanceRuleHandler {
     private PhysicalNetworkServiceProviderDao _physicalProviderDao;
     @Inject
     private VirtualRouterProviderDao _vrProviderDao;
+    @Inject
+    private ServiceOfferingDao _serviceOfferingDao;
 
     static final private String ELB_VM_NAME_PREFIX = "l";
 
-    private final ServiceOfferingVO _elasticLbVmOffering;
     private final String _instance;
     private final Account _systemAcct;
 
-    public LoadBalanceRuleHandler(ServiceOfferingVO elasticLbVmOffering, String instance, Account systemAcct) {
-        this._elasticLbVmOffering = elasticLbVmOffering;
+    public LoadBalanceRuleHandler(String instance, Account systemAcct) {
         this._instance = instance;
         this._systemAcct = systemAcct;
     }
@@ -272,12 +275,13 @@ private DomainRouterVO deployELBVm(Network guestNetwork, DeployDestination dest,
                     throw new CloudRuntimeException("Cannot find virtual router provider " + typeString + " as service provider " + provider.getId());
                 }
 
-                elbVm = new DomainRouterVO(id, _elasticLbVmOffering.getId(), vrProvider.getId(), VirtualMachineName.getSystemVmName(id, _instance, ELB_VM_NAME_PREFIX),
+                ServiceOfferingVO elasticLbVmOffering = _serviceOfferingDao.findDefaultSystemOffering(ServiceOffering.elbVmDefaultOffUniqueName, ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dest.getDataCenter().getId()));
+                elbVm = new DomainRouterVO(id, elasticLbVmOffering.getId(), vrProvider.getId(), VirtualMachineName.getSystemVmName(id, _instance, ELB_VM_NAME_PREFIX),
                         template.getId(), template.getHypervisorType(), template.getGuestOSId(), owner.getDomainId(), owner.getId(), false, 0, false, RedundantState.UNKNOWN,
-                        _elasticLbVmOffering.getOfferHA(), false, VirtualMachine.Type.ElasticLoadBalancerVm, null);
+                        elasticLbVmOffering.getOfferHA(), false, VirtualMachine.Type.ElasticLoadBalancerVm, null);
                 elbVm.setRole(Role.LB);
                 elbVm = _routerDao.persist(elbVm);
-                _itMgr.allocate(elbVm.getInstanceName(), template, _elasticLbVmOffering, networks, plan, null);
+                _itMgr.allocate(elbVm.getInstanceName(), template, elasticLbVmOffering, networks, plan, null);
                 elbVm = _routerDao.findById(elbVm.getId());
                 //TODO: create usage stats
             }
diff --git a/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java b/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
index cf7715071f..eee1f12261 100644
--- a/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
+++ b/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
@@ -27,6 +27,7 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.configuration.ConfigurationManagerImpl;
 import org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService;
 import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
 import org.apache.cloudstack.lb.ApplicationLoadBalancerRuleVO;
@@ -376,15 +377,15 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
 
         //if offering wasn't set, try to get the default one
         if (_internalLbVmOfferingId == 0L) {
-            boolean useLocalStorage = Boolean.parseBoolean(configs.get(DataCenter.SystemVMUseLocalStorageCK));
-            ServiceOfferingVO newOff =
-                new ServiceOfferingVO("System Offering For Internal LB VM", 1, InternalLoadBalancerVMManager.DEFAULT_INTERNALLB_VM_RAMSIZE,
+            List<ServiceOfferingVO> offerings = _serviceOfferingDao.createSystemServiceOfferings("System Offering For Internal LB VM",
+                    ServiceOffering.internalLbVmDefaultOffUniqueName, 1, InternalLoadBalancerVMManager.DEFAULT_INTERNALLB_VM_RAMSIZE,
                     InternalLoadBalancerVMManager.DEFAULT_INTERNALLB_VM_CPU_MHZ, null, null, true, null,
-                    Storage.ProvisioningType.THIN, useLocalStorage, true, null, true,
-                    VirtualMachine.Type.InternalLoadBalancerVm, true);
-            newOff.setUniqueName(ServiceOffering.internalLbVmDefaultOffUniqueName);
-            newOff = _serviceOfferingDao.persistSystemServiceOffering(newOff);
-            _internalLbVmOfferingId = newOff.getId();
+                    Storage.ProvisioningType.THIN, true, null, true, VirtualMachine.Type.InternalLoadBalancerVm, true);
+            if (offerings == null || offerings.size() < 2) {
+                String msg = "Data integrity problem : System Offering For Internal LB VM has been removed?";
+                s_logger.error(msg);
+                throw new ConfigurationException(msg);
+            }
         }
 
         _itMgr.registerGuru(VirtualMachine.Type.InternalLoadBalancerVm, this);
@@ -616,9 +617,14 @@ protected List<DomainRouterVO> findOrDeployInternalLbVm(Network guestNetwork, Ip
             }
 
             LinkedHashMap<Network, List<? extends NicProfile>> networks = createInternalLbVmNetworks(guestNetwork, plan, requestedGuestIp);
+            long internalLbVmOfferingId = _internalLbVmOfferingId;
+            if (internalLbVmOfferingId == 0L) {
+                ServiceOfferingVO serviceOffering = _serviceOfferingDao.findDefaultSystemOffering(ServiceOffering.internalLbVmDefaultOffUniqueName, ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dest.getDataCenter().getId()));
+                internalLbVmOfferingId = serviceOffering.getId();
+            }
             //Pass startVm=false as we are holding the network lock that needs to be released at the end of vm allocation
             DomainRouterVO internalLbVm =
-                deployInternalLbVm(owner, dest, plan, params, internalLbProviderId, _internalLbVmOfferingId, guestNetwork.getVpcId(), networks, false);
+                deployInternalLbVm(owner, dest, plan, params, internalLbProviderId, internalLbVmOfferingId, guestNetwork.getVpcId(), networks, false);
             if (internalLbVm != null) {
                 _internalLbVmDao.addRouterToGuestNetwork(internalLbVm, guestNetwork);
                 internalLbVms.add(internalLbVm);
diff --git a/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java b/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
index 375ba5e593..5b5d65a3cd 100644
--- a/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
+++ b/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMManagerTest.java
@@ -121,7 +121,12 @@ public void setUp() {
         ServiceOfferingVO off = new ServiceOfferingVO("alena", 1, 1,
                 1, 1, 1, false, "alena", Storage.ProvisioningType.THIN, false, false, null, false, VirtualMachine.Type.InternalLoadBalancerVm, false);
         off = setId(off, 1);
-        Mockito.when(_svcOffDao.persistSystemServiceOffering(Matchers.any(ServiceOfferingVO.class))).thenReturn(off);
+        List<ServiceOfferingVO> list = new ArrayList<ServiceOfferingVO>();
+        list.add(off);
+        list.add(off);
+        Mockito.when(_svcOffDao.createSystemServiceOfferings(Matchers.anyString(), Matchers.anyString(), Matchers.anyInt(), Matchers.anyInt(), Matchers.anyInt(),
+                Matchers.anyInt(), Matchers.anyInt(), Matchers.anyBoolean(), Matchers.anyString(), Matchers.any(Storage.ProvisioningType.class), Matchers.anyBoolean(),
+                Matchers.anyString(), Matchers.anyBoolean(), Matchers.any(VirtualMachine.Type.class), Matchers.anyBoolean())).thenReturn(list);
 
         ComponentContext.initComponentsLifeCycle();
 
diff --git a/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMServiceTest.java b/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMServiceTest.java
index 11a0bed8e8..ec636fa797 100644
--- a/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMServiceTest.java
+++ b/plugins/network-elements/internal-loadbalancer/test/org/apache/cloudstack/internallbvmmgr/InternalLBVMServiceTest.java
@@ -17,6 +17,8 @@
 package org.apache.cloudstack.internallbvmmgr;
 
 import java.lang.reflect.Field;
+import java.util.ArrayList;
+import java.util.List;
 
 import javax.inject.Inject;
 
@@ -91,7 +93,12 @@ public void setUp() {
         ServiceOfferingVO off = new ServiceOfferingVO("alena", 1, 1,
                 1, 1, 1, false, "alena", Storage.ProvisioningType.THIN, false, false, null, false, VirtualMachine.Type.InternalLoadBalancerVm, false);
         off = setId(off, 1);
-        Mockito.when(_svcOffDao.persistSystemServiceOffering(Matchers.any(ServiceOfferingVO.class))).thenReturn(off);
+        List<ServiceOfferingVO> list = new ArrayList<ServiceOfferingVO>();
+        list.add(off);
+        list.add(off);
+        Mockito.when(_svcOffDao.createSystemServiceOfferings(Matchers.anyString(), Matchers.anyString(), Matchers.anyInt(), Matchers.anyInt(), Matchers.anyInt(),
+                Matchers.anyInt(), Matchers.anyInt(), Matchers.anyBoolean(), Matchers.anyString(), Matchers.any(Storage.ProvisioningType.class), Matchers.anyBoolean(),
+                Matchers.anyString(), Matchers.anyBoolean(), Matchers.any(VirtualMachine.Type.class), Matchers.anyBoolean())).thenReturn(list);
 
         ComponentContext.initComponentsLifeCycle();
 
diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index 0d6a4e66f4..d4a77976c4 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -684,7 +684,6 @@ public enum Config {
             "/var/cloudstack/mnt",
             "The mount point on the Management Server for Secondary Storage.",
             null),
-//    UpgradeURL("Advanced", ManagementServer.class, String.class, "upgrade.url", "http://example.com:8080/client/agent/update.zip", "The upgrade URL is the URL of the management server that agents will connect to in order to automatically upgrade.", null),
     SystemVMAutoReserveCapacity(
             "Advanced",
             ManagementServer.class,
diff --git a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
index 89027c1240..89e0428bad 100755
--- a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
+++ b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
@@ -37,6 +37,7 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import org.apache.cloudstack.framework.config.Configurable;
 import org.apache.log4j.Logger;
 
 import org.apache.cloudstack.acl.SecurityChecker;
@@ -214,8 +215,11 @@
 import com.cloud.vm.dao.NicSecondaryIpDao;
 
 @Local(value = {ConfigurationManager.class, ConfigurationService.class})
-public class ConfigurationManagerImpl extends ManagerBase implements ConfigurationManager, ConfigurationService {
+public class ConfigurationManagerImpl extends ManagerBase implements ConfigurationManager, ConfigurationService, Configurable {
     public static final Logger s_logger = Logger.getLogger(ConfigurationManagerImpl.class);
+    public static final String SystemVMUseLocalStorageCK = "system.vm.use.local.storage";
+    public static final ConfigKey<Boolean> SystemVMUseLocalStorage = new ConfigKey<Boolean>(Boolean.class, SystemVMUseLocalStorageCK, "Advanced", "false",
+            "Indicates whether to use local storage pools or shared storage pools for system VMs.", true, ConfigKey.Scope.Zone, null);
 
     @Inject
     EntityManager _entityMgr;
@@ -570,35 +574,7 @@ public String updateConfiguration(long userId, String name, String category, Str
             } catch (Throwable e) {
                 throw new CloudRuntimeException("Failed to update storage.network.device2 in host_details due to exception ", e);
             }
-        } else if (DataCenter.SystemVMUseLocalStorageCK.equalsIgnoreCase(name)) {
-            if (s_logger.isDebugEnabled()) {
-                s_logger.debug("Config 'system.vm.use.local.storage' changed to value:" + value + ", need to update System VM offerings");
-            }
-            boolean useLocalStorage = Boolean.parseBoolean(_configDao.getValue(DataCenter.SystemVMUseLocalStorageCK));
-            ServiceOfferingVO serviceOffering = _serviceOfferingDao.findByName(ServiceOffering.consoleProxyDefaultOffUniqueName);
-            if (serviceOffering != null) {
-                serviceOffering.setUseLocalStorage(useLocalStorage);
-                if (!_serviceOfferingDao.update(serviceOffering.getId(), serviceOffering)) {
-                    throw new CloudRuntimeException("Failed to update ConsoleProxy offering's use_local_storage option to value:" + useLocalStorage);
-                }
-            }
-
-            serviceOffering = _serviceOfferingDao.findByName(ServiceOffering.routerDefaultOffUniqueName);
-            if (serviceOffering != null) {
-                serviceOffering.setUseLocalStorage(useLocalStorage);
-                if (!_serviceOfferingDao.update(serviceOffering.getId(), serviceOffering)) {
-                    throw new CloudRuntimeException("Failed to update SoftwareRouter offering's use_local_storage option to value:" + useLocalStorage);
-                }
-            }
-
-            serviceOffering = _serviceOfferingDao.findByName(ServiceOffering.ssvmDefaultOffUniqueName);
-            if (serviceOffering != null) {
-                serviceOffering.setUseLocalStorage(useLocalStorage);
-                if (!_serviceOfferingDao.update(serviceOffering.getId(), serviceOffering)) {
-                    throw new CloudRuntimeException("Failed to update SecondaryStorage offering's use_local_storage option to value:" + useLocalStorage);
-                }
-            }
-        }else if (Config.SecStorageSecureCopyCert.key().equalsIgnoreCase(name)) {
+        } else if (Config.SecStorageSecureCopyCert.key().equalsIgnoreCase(name)) {
             //FIXME - Ideally there should be a listener model to listen to global config changes and be able to take action gracefully.
             //Expire the download urls
             String sqlTemplate = "update template_store_ref set download_url_created=?";
@@ -5081,4 +5057,13 @@ public void setSecChecker(List<SecurityChecker> secChecker) {
         _secChecker = secChecker;
     }
 
+    @Override
+    public String getConfigComponentName() {
+        return ConfigurationManagerImpl.class.getSimpleName();
+    }
+
+    @Override
+    public ConfigKey<?>[] getConfigKeys() {
+        return new ConfigKey<?>[] {SystemVMUseLocalStorage};
+    }
 }
diff --git a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
index 3fd35437a7..df338c441d 100755
--- a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@@ -30,6 +30,7 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.configuration.ConfigurationManagerImpl;
 import org.apache.log4j.Logger;
 
 import com.google.gson.Gson;
@@ -225,7 +226,6 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
     private int _capacityPerProxy = ConsoleProxyManager.DEFAULT_PROXY_CAPACITY;
     private int _standbyCapacity = ConsoleProxyManager.DEFAULT_STANDBY_CAPACITY;
 
-    private boolean _useLvm;
     private boolean _useStorageVm;
     private boolean _disableRpFilter = false;
     private String _instance;
@@ -716,13 +716,18 @@ protected Map<String, Object> createProxyInstance(long dataCenterId, VMTemplateV
             networks.put(_networkMgr.setupNetwork(systemAcct, offering, plan, null, null, false).get(0), new ArrayList<NicProfile>());
         }
 
+        ServiceOfferingVO serviceOffering = _serviceOffering;
+        if (serviceOffering == null) {
+            serviceOffering = _offeringDao.findDefaultSystemOffering(ServiceOffering.consoleProxyDefaultOffUniqueName, ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dataCenterId));
+        }
+
         ConsoleProxyVO proxy =
-            new ConsoleProxyVO(id, _serviceOffering.getId(), name, template.getId(), template.getHypervisorType(), template.getGuestOSId(), dataCenterId,
-                systemAcct.getDomainId(), systemAcct.getId(), 0, _serviceOffering.getOfferHA());
+            new ConsoleProxyVO(id, serviceOffering.getId(), name, template.getId(), template.getHypervisorType(), template.getGuestOSId(), dataCenterId,
+                systemAcct.getDomainId(), systemAcct.getId(), 0, serviceOffering.getOfferHA());
         proxy.setDynamicallyScalable(template.isDynamicallyScalable());
         proxy = _consoleProxyDao.persist(proxy);
         try {
-            _itMgr.allocate(name, template, _serviceOffering, networks, plan, null);
+            _itMgr.allocate(name, template, serviceOffering, networks, plan, null);
         } catch (InsufficientCapacityException e) {
             s_logger.warn("InsufficientCapacity", e);
             throw new CloudRuntimeException("Insufficient capacity exception", e);
@@ -951,7 +956,12 @@ public boolean isZoneReady(Map<Long, ZoneHostInfo> zoneHostInfoMap, long dataCen
             TemplateDataStoreVO templateHostRef = _vmTemplateStoreDao.findByTemplateZoneDownloadStatus(template.getId(), dataCenterId, Status.DOWNLOADED);
 
             if (templateHostRef != null) {
-                List<Pair<Long, Integer>> l = _consoleProxyDao.getDatacenterStoragePoolHostInfo(dataCenterId, _useLvm);
+                boolean useLocalStorage = false;
+                Boolean useLocal = ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dataCenterId);
+                if (useLocal != null) {
+                    useLocalStorage = useLocal;
+                }
+                List<Pair<Long, Integer>> l = _consoleProxyDao.getDatacenterStoragePoolHostInfo(dataCenterId, useLocalStorage);
                 if (l != null && l.size() > 0 && l.get(0).second().intValue() > 0) {
                     return true;
                 } else {
@@ -1208,11 +1218,6 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
             _disableRpFilter = true;
         }
 
-        value = configs.get(DataCenter.SystemVMUseLocalStorageCK);
-        if (value != null && value.equalsIgnoreCase("true")) {
-            _useLvm = true;
-        }
-
         value = configs.get("secondary.storage.vm");
         if (value != null && value.equalsIgnoreCase("true")) {
             _useStorageVm = true;
@@ -1238,8 +1243,6 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
 
         _itMgr.registerGuru(VirtualMachine.Type.ConsoleProxy, this);
 
-        boolean useLocalStorage = Boolean.parseBoolean(configs.get(DataCenter.SystemVMUseLocalStorageCK));
-
         //check if there is a default service offering configured
         String cpvmSrvcOffIdStr = configs.get(Config.ConsoleProxyServiceOffering.key());
         if (cpvmSrvcOffIdStr != null) {
@@ -1259,15 +1262,13 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
         if (_serviceOffering == null || !_serviceOffering.getSystemUse()) {
             int ramSize = NumbersUtil.parseInt(_configDao.getValue("console.ram.size"), DEFAULT_PROXY_VM_RAMSIZE);
             int cpuFreq = NumbersUtil.parseInt(_configDao.getValue("console.cpu.mhz"), DEFAULT_PROXY_VM_CPUMHZ);
-            _serviceOffering =
-                new ServiceOfferingVO("System Offering For Console Proxy", 1, ramSize, cpuFreq, 0, 0, false, null,
-                    Storage.ProvisioningType.THIN, useLocalStorage, true, null, true,
-                    VirtualMachine.Type.ConsoleProxy, true);
-            _serviceOffering.setUniqueName(ServiceOffering.consoleProxyDefaultOffUniqueName);
-            _serviceOffering = _offeringDao.persistSystemServiceOffering(_serviceOffering);
+
+            List<ServiceOfferingVO> offerings = _offeringDao.createSystemServiceOfferings("System Offering For Console Proxy",
+                    ServiceOffering.consoleProxyDefaultOffUniqueName, 1, ramSize, cpuFreq, 0, 0, false, null,
+                    Storage.ProvisioningType.THIN, true, null, true, VirtualMachine.Type.ConsoleProxy, true);
 
             // this can sometimes happen, if DB is manually or programmatically manipulated
-            if (_serviceOffering == null) {
+            if (offerings == null || offerings.size() < 2) {
                 String msg = "Data integrity problem : System Offering For Console Proxy has been removed?";
                 s_logger.error(msg);
                 throw new ConfigurationException(msg);
diff --git a/server/src/com/cloud/deploy/DeploymentPlanningManagerImpl.java b/server/src/com/cloud/deploy/DeploymentPlanningManagerImpl.java
index c290e9c796..7637a3aa17 100755
--- a/server/src/com/cloud/deploy/DeploymentPlanningManagerImpl.java
+++ b/server/src/com/cloud/deploy/DeploymentPlanningManagerImpl.java
@@ -31,6 +31,7 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.configuration.ConfigurationManagerImpl;
 import com.cloud.utils.fsm.StateMachine2;
 import org.apache.log4j.Logger;
 
@@ -46,8 +47,6 @@
 import org.apache.cloudstack.engine.subsystem.api.storage.DataStoreManager;
 import org.apache.cloudstack.engine.subsystem.api.storage.StoragePoolAllocator;
 import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
-import org.apache.cloudstack.framework.config.ConfigKey;
-import org.apache.cloudstack.framework.config.Configurable;
 import org.apache.cloudstack.framework.messagebus.MessageBus;
 import org.apache.cloudstack.framework.messagebus.MessageSubscriber;
 import org.apache.cloudstack.managed.context.ManagedContextTimerTask;
@@ -134,7 +133,7 @@
 
 @Local(value = {DeploymentPlanningManager.class})
 public class DeploymentPlanningManagerImpl extends ManagerBase implements DeploymentPlanningManager, Manager, Listener,
-StateListener<State, VirtualMachine.Event, VirtualMachine>, Configurable {
+StateListener<State, VirtualMachine.Event, VirtualMachine> {
 
     private static final Logger s_logger = Logger.getLogger(DeploymentPlanningManagerImpl.class);
     @Inject
@@ -755,16 +754,6 @@ public Boolean doInTransaction(TransactionStatus status) {
         return false;
     }
 
-    @Override
-    public String getConfigComponentName() {
-        return DeploymentPlanningManagerImpl.class.getSimpleName();
-    }
-
-    @Override
-    public ConfigKey<?>[] getConfigKeys() {
-        return new ConfigKey<?>[] {DataCenter.UseSystemVMLocalStorage};
-    }
-
     class HostReservationReleaseChecker extends ManagedContextTimerTask {
         @Override
         protected void runInContext() {
@@ -1294,21 +1283,13 @@ protected Pair<Map<Volume, List<StoragePool>>, List<Volume>> findSuitablePoolsFo
             boolean useLocalStorage = false;
             if (vmProfile.getType() != VirtualMachine.Type.User) {
                 DataCenterVO zone = _dcDao.findById(plan.getDataCenterId());
-                // It should not happen to have a "null" zone here. There can be NO instance if there is NO zone,
-                // so this part of the code would never be reached if no zone has been created.
-                // Added the check and the comment just to make it clear.
-                boolean zoneUsesLocalStorage = zone != null ? zone.isLocalStorageEnabled() : false;
-                boolean ssvmUseLocalStorage = DataCenter.UseSystemVMLocalStorage.value();
-                if (zone != null) {
-                    ssvmUseLocalStorage = DataCenter.UseSystemVMLocalStorage.valueIn(plan.getDataCenterId());
-                }
-                s_logger.debug("Checking if we need local storage for systemvms is needed for zone id=" + plan.getDataCenterId() + " with system.vm.use.local.storage=" + ssvmUseLocalStorage);
-                // Local storage is used for the NON User VMs if, and only if, the Zone is marked to use local storage AND
-                // the global settings (ssvmUseLocalStorage) is set to true. Otherwise, the global settings won't be applied.
-                if (ssvmUseLocalStorage && zoneUsesLocalStorage) {
-                    useLocalStorage = true;
-                    s_logger.debug("SystemVMs will use local storage for zone id=" + plan.getDataCenterId());
+                assert (zone != null) : "Invalid zone in deployment plan";
+                Boolean useLocalStorageForSystemVM = ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(zone.getId());
+                if (useLocalStorageForSystemVM != null) {
+                    useLocalStorage = useLocalStorageForSystemVM.booleanValue();
+                    s_logger.debug("System VMs will use " + (useLocalStorage ? "local" : "shared") + " storage for zone id=" + plan.getDataCenterId());
                 }
+
             } else {
                 useLocalStorage = diskOffering.getUseLocalStorage();
 
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index e0d1edb5f8..73aa94c83d 100755
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -72,6 +72,7 @@
 import com.cloud.cluster.dao.ManagementServerHostDao;
 import com.cloud.configuration.Config;
 import com.cloud.configuration.ConfigurationManager;
+import com.cloud.configuration.ConfigurationManagerImpl;
 import com.cloud.configuration.ZoneConfig;
 import com.cloud.dc.ClusterVO;
 import com.cloud.dc.DataCenter;
@@ -737,14 +738,11 @@ public boolean configure(final String name, final Map<String, Object> params) th
 
         _agentMgr.registerForHostEvents(new SshKeysDistriMonitor(_agentMgr, _hostDao, _configDao), true, false, false);
 
-        final boolean useLocalStorage = Boolean.parseBoolean(configs.get(DataCenter.SystemVMUseLocalStorageCK));
-        _offering = new ServiceOfferingVO("System Offering For Software Router", 1, _routerRamSize, _routerCpuMHz, null,
-                null, true, null, ProvisioningType.THIN, useLocalStorage, true, null, true, VirtualMachine.Type.DomainRouter, true);
-        _offering.setUniqueName(ServiceOffering.routerDefaultOffUniqueName);
-        _offering = _serviceOfferingDao.persistSystemServiceOffering(_offering);
-
+        List<ServiceOfferingVO> offerings = _serviceOfferingDao.createSystemServiceOfferings("System Offering For Software Router",
+                ServiceOffering.routerDefaultOffUniqueName, 1, _routerRamSize, _routerCpuMHz, null,
+                null, true, null, ProvisioningType.THIN, true, null, true, VirtualMachine.Type.DomainRouter, true);
         // this can sometimes happen, if DB is manually or programmatically manipulated
-        if (_offering == null) {
+        if (offerings == null || offerings.size() < 2) {
             final String msg = "Data integrity problem : System Offering For Software router VM has been removed?";
             s_logger.error(msg);
             throw new ConfigurationException(msg);
@@ -1676,7 +1674,8 @@ protected List<DomainRouterVO> findOrDeployVirtualRouterInGuestNetwork(final Net
 
                 Long offeringId = _networkOfferingDao.findById(guestNetwork.getNetworkOfferingId()).getServiceOfferingId();
                 if (offeringId == null) {
-                    offeringId = _offering.getId();
+                    ServiceOfferingVO serviceOffering = _serviceOfferingDao.findDefaultSystemOffering(ServiceOffering.routerDefaultOffUniqueName, ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dest.getDataCenter().getId()));
+                    offeringId = serviceOffering.getId();
                 }
 
                 PublicIp sourceNatIp = null;
diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
index 97cbf623b6..2791e3a034 100644
--- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
@@ -32,6 +32,9 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.configuration.ConfigurationManagerImpl;
+import com.cloud.offering.ServiceOffering;
+import com.cloud.service.ServiceOfferingVO;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
 
@@ -210,8 +213,10 @@ protected List<DomainRouterVO> findOrDeployVirtualRouterInVpc(Vpc vpc, DeployDes
 
             Long offeringId = _vpcOffDao.findById(vpc.getVpcOfferingId()).getServiceOfferingId();
             if (offeringId == null) {
-                offeringId = _offering.getId();
+                ServiceOfferingVO serviceOffering = _serviceOfferingDao.findDefaultSystemOffering(ServiceOffering.routerDefaultOffUniqueName, ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dest.getDataCenter().getId()));
+                offeringId = serviceOffering.getId();
             }
+
             //3) Deploy Virtual Router
             List<? extends PhysicalNetwork> pNtwks = _pNtwkDao.listByZone(vpc.getZoneId());
 
diff --git a/server/src/com/cloud/storage/StorageManagerImpl.java b/server/src/com/cloud/storage/StorageManagerImpl.java
index 9c442acd54..aeb0bb5f59 100755
--- a/server/src/com/cloud/storage/StorageManagerImpl.java
+++ b/server/src/com/cloud/storage/StorageManagerImpl.java
@@ -41,6 +41,7 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.configuration.ConfigurationManagerImpl;
 import com.cloud.hypervisor.Hypervisor;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
@@ -536,11 +537,20 @@ public boolean stop() {
     @DB
     @Override
     public DataStore createLocalStorage(Host host, StoragePoolInfo pInfo) throws ConnectionException {
-
         DataCenterVO dc = _dcDao.findById(host.getDataCenterId());
-        if (dc == null || !dc.isLocalStorageEnabled()) {
+        if (dc == null) {
+            return null;
+        }
+
+        boolean useLocalStorageForSystemVM = false;
+        Boolean isLocal = ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dc.getId());
+        if (isLocal != null) {
+            useLocalStorageForSystemVM = isLocal.booleanValue();
+        }
+        if (!(dc.isLocalStorageEnabled() || useLocalStorageForSystemVM)) {
             return null;
         }
+
         DataStore store;
         try {
             String hostAddress = pInfo.getHost();
diff --git a/server/test/com/cloud/network/element/VirtualRouterElementTest.java b/server/test/com/cloud/network/element/VirtualRouterElementTest.java
index d6eb24fb39..0f79f56f28 100644
--- a/server/test/com/cloud/network/element/VirtualRouterElementTest.java
+++ b/server/test/com/cloud/network/element/VirtualRouterElementTest.java
@@ -31,6 +31,7 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.InjectMocks;
+import org.mockito.Matchers;
 import org.mockito.Mock;
 import org.mockito.runners.MockitoJUnitRunner;
 
@@ -268,6 +269,8 @@ private void mockDAOs(NetworkVO network, NetworkOfferingVO offering) {
                 VirtualMachine.Type.DomainRouter,
                 /* defaultUse */ false);
         when(_serviceOfferingDao.findById(0L)).thenReturn(svcoff);
+        when(_serviceOfferingDao.findByName(Matchers.anyString())).thenReturn(svcoff);
+        when(_serviceOfferingDao.findDefaultSystemOffering(Matchers.anyString(), Matchers.anyBoolean())).thenReturn(svcoff);
         DomainRouterVO router = new DomainRouterVO(/* id */ 1L,
                 /* serviceOfferingId */ 1L,
                 /* elementId */ 0L,
diff --git a/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java b/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
index 9d89b07cca..7b6e868051 100755
--- a/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
+++ b/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
@@ -31,6 +31,7 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.configuration.ConfigurationManagerImpl;
 import org.apache.cloudstack.config.ApiServiceConfiguration;
 
 import org.apache.cloudstack.context.CallContext;
@@ -242,7 +243,6 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
     private int _secStorageVmMtuSize;
 
     private String _instance;
-    private boolean _useLocalStorage;
     private boolean _useSSlCopy;
     private String _httpProxy;
     private String _allowedInternalSites;
@@ -573,13 +573,17 @@ protected Map<String, Object> createSecStorageVmInstance(long dataCenterId, Seco
             throw new CloudRuntimeException("Not able to find the System templates or not downloaded in zone " + dataCenterId);
         }
 
+        ServiceOfferingVO serviceOffering = _serviceOffering;
+        if (serviceOffering == null) {
+            serviceOffering = _offeringDao.findDefaultSystemOffering(ServiceOffering.ssvmDefaultOffUniqueName, ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dataCenterId));
+        }
         SecondaryStorageVmVO secStorageVm =
-            new SecondaryStorageVmVO(id, _serviceOffering.getId(), name, template.getId(), template.getHypervisorType(), template.getGuestOSId(), dataCenterId,
-                systemAcct.getDomainId(), systemAcct.getId(), role, _serviceOffering.getOfferHA());
+            new SecondaryStorageVmVO(id, serviceOffering.getId(), name, template.getId(), template.getHypervisorType(), template.getGuestOSId(), dataCenterId,
+                systemAcct.getDomainId(), systemAcct.getId(), role, serviceOffering.getOfferHA());
         secStorageVm.setDynamicallyScalable(template.isDynamicallyScalable());
         secStorageVm = _secStorageVmDao.persist(secStorageVm);
         try {
-            _itMgr.allocate(name, template, _serviceOffering, networks, plan, null);
+            _itMgr.allocate(name, template, serviceOffering, networks, plan, null);
             secStorageVm = _secStorageVmDao.findById(secStorageVm.getId());
         } catch (InsufficientCapacityException e) {
             s_logger.warn("InsufficientCapacity", e);
@@ -759,14 +763,20 @@ public boolean isZoneReady(Map<Long, ZoneHostInfo> zoneHostInfoMap, long dataCen
                 return false;
             }
 
-            List<Pair<Long, Integer>> l = _storagePoolHostDao.getDatacenterStoragePoolHostInfo(dataCenterId, !_useLocalStorage);
+            boolean useLocalStorage = false;
+            Boolean useLocal = ConfigurationManagerImpl.SystemVMUseLocalStorage.valueIn(dataCenterId);
+            if (useLocal != null) {
+                useLocalStorage = useLocal.booleanValue();
+            }
+            List<Pair<Long, Integer>> l = _storagePoolHostDao.getDatacenterStoragePoolHostInfo(dataCenterId, !useLocalStorage);
+
             if (l != null && l.size() > 0 && l.get(0).second().intValue() > 0) {
                 return true;
             } else {
                 if (s_logger.isDebugEnabled()) {
                     s_logger.debug("Primary storage is not ready, wait until it is ready to launch secondary storage vm. dcId: " + dataCenterId +
-                        " system.vm.use.local.storage: " + _useLocalStorage +
-                        "If you want to use local storage to start ssvm, need to set system.vm.use.local.storage to true");
+                        ", " + ConfigurationManagerImpl.SystemVMUseLocalStorage.key() + ": " + useLocalStorage + ". " +
+                        "If you want to use local storage to start SSVM, need to set " + ConfigurationManagerImpl.SystemVMUseLocalStorage.key() + " to true");
                 }
             }
 
@@ -871,15 +881,12 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
         if(_serviceOffering == null || !_serviceOffering.getSystemUse()){
             int ramSize = NumbersUtil.parseInt(_configDao.getValue("ssvm.ram.size"), DEFAULT_SS_VM_RAMSIZE);
             int cpuFreq = NumbersUtil.parseInt(_configDao.getValue("ssvm.cpu.mhz"), DEFAULT_SS_VM_CPUMHZ);
-            _useLocalStorage = Boolean.parseBoolean(configs.get(DataCenter.SystemVMUseLocalStorageCK));
-            _serviceOffering =
-                new ServiceOfferingVO("System Offering For Secondary Storage VM", 1, ramSize, cpuFreq, null, null, false, null,
-                        Storage.ProvisioningType.THIN,  _useLocalStorage, true, null, true, VirtualMachine.Type.SecondaryStorageVm, true);
-            _serviceOffering.setUniqueName(ServiceOffering.ssvmDefaultOffUniqueName);
-            _serviceOffering = _offeringDao.persistSystemServiceOffering(_serviceOffering);
+            List<ServiceOfferingVO> offerings = _offeringDao.createSystemServiceOfferings("System Offering For Secondary Storage VM",
+                    ServiceOffering.ssvmDefaultOffUniqueName, 1, ramSize, cpuFreq, null, null, false, null,
+                    Storage.ProvisioningType.THIN, true, null, true, VirtualMachine.Type.SecondaryStorageVm, true);
 
             // this can sometimes happen, if DB is manually or programmatically manipulated
-            if (_serviceOffering == null) {
+            if (offerings == null || offerings.size() < 2) {
                 String msg = "Data integrity problem : System Offering For Secondary Storage VM has been removed?";
                 s_logger.error(msg);
                 throw new ConfigurationException(msg);
diff --git a/test/integration/component/maint/test_zone_level_local_storage_setting.py b/test/integration/component/maint/test_zone_level_local_storage_setting.py
new file mode 100644
index 0000000000..466f1f9fd4
--- /dev/null
+++ b/test/integration/component/maint/test_zone_level_local_storage_setting.py
@@ -0,0 +1,734 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+"""
+Test cases for zone level settings "system.vm.use.local.storage"
+"""
+# Import Local Modules
+from marvin.cloudstackTestCase import *
+from marvin.lib.utils import *
+from marvin.lib.base import *
+from marvin.lib.common import *
+from marvin.codes import FAILED, PASS
+from requests.exceptions import ConnectionError
+
+import time
+from nose.plugins.attrib import attr
+from ddt import ddt, data
+
+
+def destroy_systemvm(self, type):
+    """
+    Destroy system vms
+    #1-List  system vms for current zone
+    #2-Destroy system vm
+    #3-Check if system vm came up after destroy
+    #4-check  system vm storage type in disk offering
+    """
+    list_response = list_ssvms(
+        self.apiclient,
+        systemvmtype=type,
+        zoneid=self.zone.id
+    )
+
+    self.assertEqual(
+        validateList(list_response)[0],
+        PASS,
+        "Check List ssvm response for  %s" %
+        type)
+
+    response = list_response[0]
+    self.debug("Destroying CPVM: %s" % response.id)
+    cmd = destroySystemVm.destroySystemVmCmd()
+    cmd.id = response.id
+    self.apiclient.destroySystemVm(cmd)
+
+    timeout = self.testdata["timeout"]
+    while True:
+        time.sleep(self.testdata["sleep"])
+        list_response = list_ssvms(
+            self.apiclient,
+            systemvmtype=type,
+            zoneid=self.zone.id
+        )
+        if validateList(list_response)[0] == PASS:
+            if list_response[0].state == 'Running':
+                break
+        if timeout == 0:
+            raise Exception("List %s call failed!" % type)
+        timeout = timeout - 1
+
+
+def storage_check(self, type, value):
+    """test if system vms are using local or shared storage
+    #1-Get zone id from db using self.zone.id
+    #2-Get service offering id from vm_instance table for running system vms
+    #3-Get use_local_storage value from disk_offering table
+    #4-Verify storage type"""
+    query_zone_id = self.dbclient.execute(
+        "select id from data_center where uuid= '%s';" % self.zone.id
+    )
+    query_so_id = self.dbclient.execute(
+        "select service_offering_id from vm_instance where type='%s'and "
+        "state='Running' and data_center_id= '%s';" %
+        (type, query_zone_id[0][0]))
+
+    query_disk_offering = self.dbclient.execute(
+        "select use_local_storage from disk_offering  where id= '%s';" %
+        query_so_id[0][0])
+
+    if value == 1:
+        self.assertEqual(query_disk_offering[0][0],
+                         1,
+                         "system vm is not using local storage"
+                         )
+    elif value == 0:
+        self.assertEqual(query_disk_offering[0][0],
+                         0,
+                         "system vm is not using shared storage"
+                         )
+    else:
+        # evil ValueError that doesn't tell you what the wrong value was
+        raise ValueError
+
+
+def create_system_so(self, offering_type, storage_type):
+    """Create system offerings """
+    self.testdata["service_offerings"]["issystem"] = "true"
+    self.testdata["service_offerings"]["systemvmtype"] = offering_type
+    self.testdata["service_offerings"]["storagetype"] = storage_type
+
+    service_offering = ServiceOffering.create(
+        self.apiclient,
+        self.testdata["service_offerings"]
+    )
+
+    if service_offering is None:
+        raise Exception("service offering not created")
+
+    list_service_response = list_service_offering(
+        self.apiclient,
+        id=service_offering.id,
+        issystem='true'
+    )
+    self.assertEqual(
+        validateList(list_service_response)[0],
+        PASS,
+        "Check List srvice offering response for  %s" %
+        type)
+
+    self.debug(
+        "Created service offering with ID: %s" %
+        service_offering.id)
+
+    self.assertEqual(
+        list_service_response[0].cpunumber,
+        self.testdata["service_offerings"]["cpunumber"],
+        "Check server id in createServiceOffering"
+    )
+    self.assertEqual(
+        list_service_response[0].cpuspeed,
+        self.testdata["service_offerings"]["cpuspeed"],
+        "Check cpuspeed in createServiceOffering"
+    )
+    self.assertEqual(
+        list_service_response[0].displaytext,
+        self.testdata["service_offerings"]["displaytext"],
+        "Check server displaytext in createServiceOfferings"
+    )
+    self.assertEqual(
+        list_service_response[0].memory,
+        self.testdata["service_offerings"]["memory"],
+        "Check memory in createServiceOffering"
+    )
+    self.assertEqual(
+        list_service_response[0].name,
+        self.testdata["service_offerings"]["name"],
+        "Check name in createServiceOffering"
+    )
+    self.assertEqual(
+        list_service_response[0].storagetype,
+        self.testdata["service_offerings"]["storagetype"],
+        "Check storagetype in createServiceOffering"
+    )
+    self._cleanup.append(service_offering)
+    return service_offering.id
+
+
+def restart_ms(self):
+    """Restart MS
+    #1-ssh into m/c running MS
+    #2-restart ms
+    #3-verify the response
+    #4-loop unitl you get list_zone api answer """
+    sshClient = SshClient(
+        self.mgtSvrDetails["mgtSvrIp"],
+        22,
+        self.mgtSvrDetails["user"],
+        self.mgtSvrDetails["passwd"]
+    )
+    command = "service cloudstack-management restart"
+    ms_restart_response = sshClient.execute(command)
+    self.assertEqual(
+        validateList(ms_restart_response)[0],
+        PASS,
+        "Check the MS restart response")
+    self.assertEqual(
+        ms_restart_response[0],
+        'Stopping cloudstack-management:[  OK  ]',
+        "MS i not stopped"
+    )
+    self.assertEqual(
+        ms_restart_response[1],
+        'Starting cloudstack-management: [  OK  ]',
+        "MS not started"
+    )
+    timeout = self.testdata["timeout"]
+    while True:
+        time.sleep(self.testdata["sleep"])
+        try:
+            list_response = Zone.list(
+                self.apiclient
+            )
+            if validateList(list_response)[0] == PASS:
+                break
+        except ConnectionError as e:
+            self.debug("list zone response is not available due to  %s" % e)
+
+        if timeout == 0:
+            raise Exception("Ms is not comming up !")
+        timeout = timeout - 1
+
+
+def update_global_settings(self, value, name, zoneid=None):
+    """Update Gloabal/zonelevel settings and verify
+    #1-Update configuration
+    #2-Restart ms if zone id is None"""
+    Configurations.update(self.apiclient,
+                          name=name,
+                          zoneid=zoneid,
+                          value=value
+                          )
+    if zoneid is None:
+        restart_ms(self)
+
+    list_conf = Configurations.list(self.apiclient,
+                                    name=name,
+                                    zoneid=zoneid)
+
+    self.assertEqual(
+        validateList(list_conf)[0],
+        PASS,
+        "Check List configuration  response for  %s" % name)
+
+    self.assertEqual(
+        str(list_conf[0].value),
+        str(value),
+        "Check if configuration values are equal"
+    )
+
+
+def str_to_bool(s):
+    """Converts str "True/False to Boolean TRUE/FALSE"""
+    if s == 'true':
+        return True
+    elif s == 'false':
+        return False
+    else:
+        # evil ValueError that doesn't tell you what the wrong value was
+        raise ValueError
+
+
+@ddt
+class TestSystemVmLocalStorage(cloudstackTestCase):
+
+    @classmethod
+    def setUpClass(cls):
+        testClient = super(TestSystemVmLocalStorage, cls).getClsTestClient()
+        cls.apiclient = testClient.getApiClient()
+        cls.dbclient = cls.testClient.getDbConnection()
+        cls.mgtSvrDetails = cls.config.__dict__["mgtSvr"][0].__dict__
+        cls.testdata = testClient.getParsedTestDataConfig()
+        # Get Zone, and template Domain
+        cls.domain = get_domain(cls.apiclient)
+        cls.zone = get_zone(cls.apiclient)
+        cls.testdata["mode"] = cls.zone.networktype
+        cls.hypervisor = testClient.getHypervisorInfo()
+        cls._cleanup = []
+
+        list_local_storage_pool = StoragePool.list(
+            cls.apiclient,
+            scope='HOST',
+            zoneid=cls.zone.id,
+
+        )
+
+        if list_local_storage_pool is None:
+
+            Configurations.update(
+                cls.apiclient,
+                value='true',
+                name='system.vm.use.local.storage',
+                zoneid=cls.zone.id
+            )
+
+            # Restart MS
+            sshClient = SshClient(
+                cls.mgtSvrDetails["mgtSvrIp"],
+                22,
+                cls.mgtSvrDetails["user"],
+                cls.mgtSvrDetails["passwd"]
+            )
+            command = "service cloudstack-management restart"
+            ms_restart_response = sshClient.execute(command)
+
+            if validateList(ms_restart_response)[0] != PASS:
+                raise Exception("Check the MS restart response")
+            if ms_restart_response[
+                    0] != 'Stopping cloudstack-management:[  OK  ]':
+                raise Exception("MS i not stopped")
+
+            if ms_restart_response[
+                    1] != 'Starting cloudstack-management: [  OK  ]':
+                raise Exception("MS not started")
+
+            timeout = cls.testdata["timeout"]
+            while True:
+                # time.sleep(cls.testdata["sleep"])
+                try:
+                    list_response = Zone.list(
+                        cls.apiclient
+                    )
+                    if validateList(list_response)[0] == PASS:
+                        break
+                except ConnectionError as e:
+                    cls.debug(
+                        "list zone response is not available due to  %s" %
+                        e)
+
+                if timeout == 0:
+                    raise Exception("Ms is not comming up !")
+
+                time.sleep(cls.testdata["sleep"])
+                timeout = timeout - 1
+
+            list_local_storage_pool = StoragePool.list(
+                cls.apiclient,
+                scope='HOST',
+                zoneid=cls.zone.id,
+
+            )
+            if list_local_storage_pool is None:
+                raise Exception("Could not discover local storage pool")
+
+        try:
+            cls.account = Account.create(cls.apiclient,
+                                         cls.testdata["account"],
+                                         domainid=cls.domain.id
+                                         )
+            cls._cleanup.append(cls.account)
+
+        except Exception as e:
+            cls.tearDownClass()
+            raise e
+
+        return
+
+    @classmethod
+    def tearDownClass(cls):
+        try:
+            cleanup_resources(cls.apiclient, cls._cleanup)
+        except Exception as e:
+            raise Exception("Warning:Exception during cleanup: %s" % e)
+
+    @attr(tags=["advanced", "basic"])
+    @data(
+        'consoleproxy',
+        'secondarystoragevm',
+        'domainrouter',
+        'internalloadbalancervm')
+    def test_01_list_system_offerngs(self, value):
+        """List service offerings for systemvms and verify there should be two
+        (local and shared) SO  for each system vm"""
+
+        list_custom_so = ServiceOffering.list(self.apiclient,
+                                              issystem='true',
+                                              listall='true',
+                                              systemvmtype=value
+                                              )
+
+        self.assertEqual(
+            validateList(list_custom_so)[0],
+            PASS,
+            "Check List service offerings response for  %s" %
+            value)
+
+        local_custom_so = []
+        for item in list_custom_so:
+            if(str(item.defaultuse) == 'True'):
+                local_custom_so.append(item.storagetype)
+
+        self.assertEqual(
+            len(local_custom_so),
+            2,
+            "Check default system offering for system vm type %s" % value)
+        if 'local' in local_custom_so and 'shared' in local_custom_so:
+            self.debug(
+                "there are exactly to Service offerings{share,local} are "
+                "there for system vm %s" %
+                value)
+        else:
+            raise Exception(
+                "check local and shared service offerings for %s" %
+                value)
+
+    @attr(tags=["advanced", "basic"])
+    @data('consoleproxy', 'secondarystoragevm')
+    def test_02_system_vm_storage(self, value):
+        """ Check if system vms are honouring zone level setting
+        system.vm.use.local.storage
+        1-List zone level config
+        2-update the zone level config with service offering uuid
+        3-destroy system vms
+        4-check used storage by system vms
+        """
+        # 1 List zone level config
+        if value == "consoleproxy":
+            update_global_settings(
+                self,
+                value=None,
+                name="consoleproxy.service.offering")
+
+        if value == "secondarystoragevm":
+            update_global_settings(
+                self,
+                value=None,
+                name="secstorage.service.offering")
+
+        list_conf = Configurations.list(self.apiclient,
+                                        name="system.vm.use.local.storage",
+                                        zoneid=self.zone.id)
+        self.assertEqual(
+            validateList(list_conf)[0],
+            PASS,
+            "Check List configuration response for "
+            "system.vm.use.local.storage")
+
+        val = str_to_bool(list_conf[0].value)
+        # 2 update the zone level config with service offering uuid
+        update_global_settings(self,
+                               value=((str(not(val)).lower())),
+                               name='system.vm.use.local.storage',
+                               zoneid=self.zone.id)
+
+        # 3,4 for cpvm
+        destroy_systemvm(self, value)
+        storage_check(self, value, int(not(val)))
+
+        # 2 update the zone level config with service offering uuid
+        update_global_settings(
+            self,
+            value=(
+                str(val).lower()),
+            name='system.vm.use.local.storage',
+            zoneid=self.zone.id)
+        # 3,4 for cpvm
+        destroy_systemvm(self, value)
+        storage_check(self, value, int(val))
+
+        # 1 List zone level config
+        if value == "consoleproxy":
+            update_global_settings(
+                self,
+                value=None,
+                name="consoleproxy.service.offering")
+
+        if value == "secondarystoragevm":
+            update_global_settings(
+                self,
+                value=None,
+                name="secstorage.service.offering")
+
+    @attr(tags=["advanced", "basic"])
+    @data('consoleproxy', 'secondarystoragevm')
+    def test_03_custom_so(self, value):
+        """
+        update global setting with system offering and check if it is being
+        honoured
+        1-update zone level settings "system.vm.use.local.storage={true,false}}
+        to use local storage
+        2-create system offerings{shared,local}
+        3-update global settings with system offering uuid and restart ms
+        4-destroy system vms
+        5-Check if new system vms are using offering  updated in global
+        settings
+        """
+
+        # 1-update zone level settings "system.vm.use.local.storage"
+        # to use local storage
+        update_global_settings(
+            self,
+            value='true',
+            name='system.vm.use.local.storage',
+            zoneid=self.zone.id)
+        # 2-create system offerings
+
+        created_so_id = create_system_so(self, value, "shared")
+
+        if value == "consoleproxy":
+            name = "consoleproxy.service.offering"
+        elif value == 'secondarystoragevm':
+            name = 'secstorage.service.offering'
+        else:
+            raise Exception(
+                "type paramter is not correct it should be  system vm "
+                "type{console proxy,secsroragevm}")
+
+        # 3-update global settings with system offering uuid
+        update_global_settings(self, value=created_so_id, name=name)
+
+        # 4-destroy system vms
+        destroy_systemvm(self, value)
+
+        # 5-Check if new system vms are using offering  updated in global
+        # settings
+
+        query_zone_id = self.dbclient.execute(
+            "select id from data_center where uuid= '%s';" % self.zone.id
+        )
+        query_so_id = self.dbclient.execute(
+            "select service_offering_id from vm_instance where type='%s'and "
+            "state='Running' and data_center_id= '%s';" %
+            (value, query_zone_id[0][0]))
+        query_disk_offering = self.dbclient.execute(
+            "select uuid from disk_offering  where id= '%s';" %
+            query_so_id[0][0])
+
+        self.assertEqual(
+            created_so_id,
+            query_disk_offering[0][0],
+            "system vms are not using service offering mentioned in "
+            "global settings")
+
+        # 6-repeate 1 with system.vm.use.local.storage=false
+        update_global_settings(
+            self,
+            value='false',
+            name='system.vm.use.local.storage',
+            zoneid=self.zone.id)
+        # 7-repeate 2 with storage type local
+        created_so_id = create_system_so(self, value, "local")
+        # 8-repeate 3
+        update_global_settings(self, value=created_so_id, name=name)
+
+        # 9-repeate 4
+        destroy_systemvm(self, value)
+        # repeate 5
+        query_zone_id = self.dbclient.execute(
+            "select id from data_center where uuid= '%s';" % self.zone.id
+        )
+        query_so_id = self.dbclient.execute(
+            "select service_offering_id from vm_instance where type='%s'and "
+            "state='Running' and data_center_id= '%s';" %
+            (value, query_zone_id[0][0]))
+        query_disk_offering = self.dbclient.execute(
+            "select uuid from disk_offering  where id= '%s';" %
+            query_so_id[0][0])
+
+        self.assertEqual(
+            created_so_id,
+            query_disk_offering[0][0],
+            "system vms are not using service offering mentioned in"
+            " global settings")
+
+    @attr(tags=["advanced"])
+    def test_04_router_vms(self):
+        """ Check if router  vm is honouring zone level setting
+        system.vm.use.local.storage"""
+
+        # 1-list configurations
+        list_conf = Configurations.list(self.apiclient,
+                                        name="system.vm.use.local.storage",
+                                        zoneid=self.zone.id)
+        self.assertEqual(
+            validateList(list_conf)[0],
+            PASS,
+            "Check List configuration response for "
+            "system.vm.use.local.storage")
+
+        # 2-create network offering
+        self.network_offering = NetworkOffering.create(
+            self.apiclient,
+            self.testdata["network_offering"],
+            ispersistent='true'
+        )
+
+        # 3-list netwrok offerings
+        list_nw_of = NetworkOffering.list(self.apiclient,
+                                          id=self.network_offering.id)
+        self.assertEqual(
+            validateList(list_nw_of)[0],
+            PASS,
+            "Check the list network response"
+        )
+        self.assertEqual(
+            str(list_nw_of[0].id),
+            str(self.network_offering.id),
+            "Check the created network offering id and "
+            "listed network offering id"
+        )
+        self._cleanup.append(self.network_offering)
+
+        # 4-Enable network offering
+        self.network_offering.update(self.apiclient, state='Enabled')
+
+        # 5-List network offering
+        list_nw_of1 = NetworkOffering.list(self.apiclient,
+                                           id=self.network_offering.id)
+        self.assertEqual(
+            validateList(list_nw_of1)[0],
+            PASS,
+            "Check the list network response"
+        )
+        self.assertEqual(
+            str(list_nw_of1[0].state),
+            "Enabled",
+            "Check the created network state"
+        )
+
+        # 6-crete network using network offering
+        self.network = Network.create(
+            self.apiclient,
+            self.testdata["network"],
+            networkofferingid=self.network_offering.id,
+            zoneid=self.zone.id,
+            accountid=self.account.name,
+            domainid=self.account.domainid
+        )
+        # 7-List network
+        list_network = Network.list(self.apiclient,
+                                    accountid=self.account.name,
+                                    domainid=self.account.domainid,
+                                    id=self.network.id)
+        self.assertEqual(validateList(list_network)[0],
+                         PASS,
+                         "check list netwok response ")
+        self.assertEqual(
+            list_network[0].id,
+            self.network.id,
+            "List network id %s and created network id %s  does not match" %
+            (list_network[0].id,
+             self.network.id))
+
+        # 8-List router
+        list_router = Router.list(self.apiclient,
+                                  networkid=self.network.id,
+                                  accountid=self.account.name,
+                                  domainid=self.account.domainid)
+
+        self.assertEqual(
+            validateList(list_router)[0],
+            PASS,
+            "check list router response")
+
+        # 9-List service offerings
+        list_so = ServiceOffering.list(self.apiclient,
+                                       issystem='true',
+                                       id=list_router[0].serviceofferingid
+                                       )
+        self.assertEqual(
+            validateList(list_so)[0],
+            PASS,
+            "check list service offering response")
+        if list_conf[0].value == 'true':
+            storage_type = 'local'
+            value1 = 'false'
+        elif list_conf[0].value == 'false':
+            storage_type = 'shared'
+            value1 = 'true'
+        else:
+            raise Exception("check list_conf[0].value")
+        self.assertEqual(
+            list_so[0].storagetype,
+            storage_type,
+            "Check VR storage type and zone level settig"
+        )
+
+        # 10-Update zone level setting
+        update_global_settings(
+            self,
+            value=value1,
+            name="system.vm.use.local.storage",
+            zoneid=self.zone.id)
+
+        # 11-List configurations
+        list_conf1 = Configurations.list(self.apiclient,
+                                         name="system.vm.use.local.storage",
+                                         zoneid=self.zone.id)
+        self.assertEqual(
+            validateList(list_conf1)[0],
+            PASS,
+            "Check List configuration response for "
+            "system.vm.use.local.storage")
+
+        self.assertEqual(
+            list_conf1[0].value,
+            value1,
+            "Check the system.vm.use.local.storage value"
+        )
+        self.network.restart(self.apiclient,
+                             cleanup='true'
+                             )
+        # 12-List network
+        list_network1 = Network.list(self.apiclient,
+                                     accountid=self.account.name,
+                                     domainid=self.account.domainid,
+                                     id=self.network.id)
+        self.assertEqual(validateList(list_network1)[0],
+                         PASS,
+                         "check list netwok response ")
+
+        # 13-list VR
+        list_router1 = Router.list(self.apiclient,
+                                   networkid=list_network1[0].id,
+                                   accountid=self.account.name,
+                                   domainid=self.account.domainid)
+        self.assertEqual(
+            validateList(list_router1)[0],
+            PASS,
+            "check list router response"
+        )
+        # 14-list service offerings
+        list_so1 = ServiceOffering.list(self.apiclient,
+                                        issystem='true',
+                                        id=list_router1[0].serviceofferingid
+                                        )
+        self.assertEqual(
+            validateList(list_so1)[0],
+            PASS,
+            "check list service offering response"
+        )
+        if list_conf1[0].value == 'true':
+            storage_type1 = 'local'
+        elif list_conf1[0].value == 'false':
+            storage_type1 = 'shared'
+        else:
+            raise Exception("check list_conf[0].value")
+        self.assertEqual(
+            list_so1[0].storagetype,
+            storage_type1,
+            "Check VR storage type and zone level settings"
+        )
diff --git a/ui/dictionary2.jsp b/ui/dictionary2.jsp
index 862468e3df..20f698f987 100644
--- a/ui/dictionary2.jsp
+++ b/ui/dictionary2.jsp
@@ -1014,6 +1014,7 @@ $.extend(dictionary, {
 'state.detached': '<fmt:message key="state.detached" />',
 'label.na': '<fmt:message key="label.na" />',
 'label.added.network.offering': '<fmt:message key="label.added.network.offering" />',
-'label.no': '<fmt:message key="label.no" />'
+'label.no': '<fmt:message key="label.no" />',
+'label.local.storage.enabled.system.vms': '<fmt:message key="label.local.storage.enabled.system.vms" />'
 });
 </script>
diff --git a/ui/scripts/zoneWizard.js b/ui/scripts/zoneWizard.js
index 700904d8a5..5f898af0fa 100755
--- a/ui/scripts/zoneWizard.js
+++ b/ui/scripts/zoneWizard.js
@@ -379,7 +379,10 @@
             },
 
             addPrimaryStorage: function(args) {
-                return args.data.localstorageenabled != 'on';
+                if(args.data.localstorageenabled == 'on' && args.data.localstorageenabledforsystemvm == 'on') {
+                    return false; //skip step only when both localstorage and localstorage for system vm are checked
+                }
+                return true;
             }
         },
 
@@ -665,23 +668,13 @@
                         label: 'label.local.storage.enabled',
                         isBoolean: true,
                         onChange: function(args) {
-                            var $checkbox = args.$checkbox;
-
-                            if ($checkbox.is(':checked')) {
-                                cloudStack.dialog.confirm({
-                                    message: 'message.zoneWizard.enable.local.storage',
-                                    action: function() {
-                                        $checkbox.attr('checked', true);
-                                    },
-                                    cancelAction: function() {
-                                        $checkbox.attr('checked', false);
-                                    }
-                                });
-
-                                return false;
-                            }
+                        }
+                    },
 
-                            return true;
+                    localstorageenabledforsystemvm: {
+                        label: 'label.local.storage.enabled.system.vms',
+                        isBoolean: true,
+                        onChange: function(args) {
                         }
                     }
                 }
@@ -2242,9 +2235,9 @@
             }
         },
 
-        action: function(args) {      	
-        	var $wizard = args.wizard;
-        	        	
+        action: function(args) {
+            var $wizard = args.wizard;
+            var formData = args.data;
             var advZoneConfiguredVirtualRouterCount = 0; //for multiple physical networks in advanced zone. Each physical network has 2 virtual routers: regular one and VPC one.
 
             var success = args.response.success;
@@ -4419,29 +4412,50 @@
                         });
                     }
 
-                    $.ajax({
-                        url: createURL("addHost"),
-                        type: "POST",
-                        data: data,
-                        success: function(json) {
-                            stepFns.addPrimaryStorage({
-                                data: $.extend(args.data, {
-                                    returnedHost: json.addhostresponse.host[0]
-                                })
-                            });
-                        },
-                        error: function(XMLHttpResponse) {
-                            var errorMsg = parseXMLHttpResponse(XMLHttpResponse);
-                            error('addHost', errorMsg, {
-                                fn: 'addHost',
-                                args: args
-                            });
-                        }
-                    });
+                    var addHostAjax = function() {
+                        $.ajax({
+                            url: createURL("addHost"),
+                            type: "POST",
+                            data: data,
+                            success: function(json) {
+                                stepFns.addPrimaryStorage({
+                                    data: $.extend(args.data, {
+                                        returnedHost: json.addhostresponse.host[0]
+                                    })
+                                });
+                            },
+                            error: function(XMLHttpResponse) {
+                                var errorMsg = parseXMLHttpResponse(XMLHttpResponse);
+                                error('addHost', errorMsg, {
+                                    fn: 'addHost',
+                                    args: args
+                                });
+                            }
+                        });
+                    };
+
+                    if(args.data.zone.localstorageenabledforsystemvm == 'on') {
+                        $.ajax({
+                            url: createURL("updateConfiguration&name=system.vm.use.local.storage&value=true&zoneid=" + args.data.returnedZone.id),
+                            dataType: "json",
+                            success: function(json) {
+                                addHostAjax();
+                            },
+                            error: function(XMLHttpResponse) {
+                               var errorMsg = parseXMLHttpResponse(XMLHttpResponse);
+                               error('addHost', errorMsg, {
+                                   fn: 'addHost',
+                                   args: args
+                               });
+                            }
+                        });
+                    } else {
+                        addHostAjax();
+                    }
                 },
 
                 addPrimaryStorage: function(args) {
-                    if (args.data.zone.localstorageenabled == 'on') { //use local storage, don't need primary storage. So, skip this step.
+                    if (args.data.zone.localstorageenabled == 'on' && args.data.zone.localstorageenabledforsystemvm == 'on') { //use local storage, don't need primary storage. So, skip
                         stepFns.addSecondaryStorage({
                             data: args.data
                         });

From 3a48171bd8a70c6012afce32c7636afffc1d2f7d Mon Sep 17 00:00:00 2001
From: John Burwell <john.burwell@shapeblue.com>
Date: Tue, 21 Jul 2015 15:36:01 -0400
Subject: [PATCH 036/115] CLOUDSTACK-8566: Strips the username and password
 credentials from host details

... map returned by the following API calls by filtering these fields from the
details attribute in the HostResponse class:

  * listHosts
  * addHost
  * cancelHostMaintenance
  * listHosts
  * prepareHostForMaintenance
  * reconnectHost
  * updateHost

This fix addresses CVE 2015-3251.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../cloudstack/api/response/HostResponse.java | 39 ++++++---
 .../api/response/HostResponseTest.java        | 80 +++++++++++++++++++
 2 files changed, 109 insertions(+), 10 deletions(-)
 create mode 100644 api/test/org/apache/cloudstack/api/response/HostResponseTest.java

diff --git a/api/src/org/apache/cloudstack/api/response/HostResponse.java b/api/src/org/apache/cloudstack/api/response/HostResponse.java
index 9cb0fcb0a4..c6697fbe30 100644
--- a/api/src/org/apache/cloudstack/api/response/HostResponse.java
+++ b/api/src/org/apache/cloudstack/api/response/HostResponse.java
@@ -16,20 +16,19 @@
 // under the License.
 package org.apache.cloudstack.api.response;
 
-import java.util.Date;
-import java.util.List;
-import java.util.Map;
-
+import com.cloud.host.Host;
+import com.cloud.host.Status;
+import com.cloud.hypervisor.Hypervisor.HypervisorType;
+import com.cloud.serializer.Param;
 import com.google.gson.annotations.SerializedName;
-
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseResponse;
 import org.apache.cloudstack.api.EntityReference;
 
-import com.cloud.host.Host;
-import com.cloud.host.Status;
-import com.cloud.hypervisor.Hypervisor.HypervisorType;
-import com.cloud.serializer.Param;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
 
 @EntityReference(value = Host.class)
 public class HostResponse extends BaseResponse {
@@ -217,6 +216,12 @@ public class HostResponse extends BaseResponse {
     @Param(description = "Host details in key/value pairs.", since = "4.5")
     private Map details;
 
+
+    // Default visibility to support accessing the details from unit tests
+    Map getDetails() {
+        return details;
+    }
+
     @Override
     public String getObjectId() {
         return this.getId();
@@ -423,7 +428,21 @@ public void setHaHost(Boolean haHost) {
     }
 
     public void setDetails(Map details) {
-        this.details = details;
+
+        if (details == null) {
+            return;
+        }
+
+        final Map detailsCopy = new HashMap(details);
+
+        // Fix for CVE ID 2015-3251
+        // Remove sensitive host credential information from
+        // the details to prevent leakage through API calls
+        detailsCopy.remove("username");
+        detailsCopy.remove("password");
+
+        this.details = detailsCopy;
+
     }
 
 }
diff --git a/api/test/org/apache/cloudstack/api/response/HostResponseTest.java b/api/test/org/apache/cloudstack/api/response/HostResponseTest.java
new file mode 100644
index 0000000000..523b3de9e3
--- /dev/null
+++ b/api/test/org/apache/cloudstack/api/response/HostResponseTest.java
@@ -0,0 +1,80 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.response;
+
+import junit.framework.TestCase;
+import org.apache.commons.collections.map.HashedMap;
+import org.junit.Test;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public final class HostResponseTest extends TestCase {
+
+    private static final String VALID_KEY = "validkey";
+    private static final String VALID_VALUE = "validvalue";
+
+    @Test
+    public void testSetDetailsNull() {
+
+        final HostResponse hostResponse = new HostResponse();
+        hostResponse.setDetails(null);
+
+        assertEquals(null, hostResponse.getDetails());
+
+    }
+
+    @Test
+    public void testSetDetailsWithRootCredentials() {
+
+        final HostResponse hostResponse = new HostResponse();
+        final Map details = new HashMap<>();
+
+        details.put(VALID_KEY, VALID_VALUE);
+        details.put("username", "test");
+        details.put("password", "password");
+
+        final Map expectedDetails = new HashedMap();
+        expectedDetails.put(VALID_KEY, VALID_VALUE);
+
+        hostResponse.setDetails(details);
+        final Map actualDetails = hostResponse.getDetails();
+
+        assertTrue(details != actualDetails);
+        assertEquals(expectedDetails, actualDetails);
+
+    }
+
+    @Test
+    public void testSetDetailsWithoutRootCredentials() {
+
+        final HostResponse hostResponse = new HostResponse();
+        final Map details = new HashMap<>();
+
+        details.put(VALID_KEY, VALID_VALUE);
+
+        final Map expectedDetails = new HashedMap();
+        expectedDetails.put(VALID_KEY, VALID_VALUE);
+
+        hostResponse.setDetails(details);
+        final Map actualDetails = hostResponse.getDetails();
+
+        assertTrue(details != actualDetails);
+        assertEquals(expectedDetails, actualDetails);
+
+    }
+}

From cb2aca751630ea60ad2fffed3d12e3fa2a5e93b5 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 12 Aug 2015 21:03:11 +0530
Subject: [PATCH 037/115] CLOUDSTACK-8613, CLOUDSTACK-6301: Dump KVM domain XML
 with secure flag

When dumping XML use appropriate flags:

1, VIR_DOMAIN_XML_SECURE (dump security sensitive information too)
8, VIR_DOMAIN_XML_MIGRATABLE (dump XML suitable for migration)

Source:
https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainXMLFlags

This fixes CVE 2015-3252: VNC password lost during VM migration across KVM
hosts. The issue is also seen when a VM is rebooted.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../kvm/resource/LibvirtComputingResource.java       | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index 4ceccaaae1..acd5e94795 100755
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -3094,8 +3094,13 @@ private Answer execute(MigrateCommand cmd) {
                 description for the instance to be used on the target host.
 
                 This is supported by libvirt-java from version 0.50.0
+
+                CVE-2015-3252: Get XML with sensitive information suitable for migration by using
+                               VIR_DOMAIN_XML_MIGRATABLE flag (value = 8)
+                               https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainXMLFlags
+
              */
-            xmlDesc = dm.getXMLDesc(0).replace(_privateIp, cmd.getDestinationIp());
+            xmlDesc = dm.getXMLDesc(8).replace(_privateIp, cmd.getDestinationIp());
 
             dconn = new Connect("qemu+tcp://" + cmd.getDestinationIp() + "/system");
 
@@ -4510,7 +4515,10 @@ protected String rebootVM(Connect conn, String vmName) {
         String msg = null;
         try {
             dm = conn.domainLookupByName(vmName);
-            String vmDef = dm.getXMLDesc(0);
+            // Get XML Dump including the secure information such as VNC password
+            // By passing 1, or VIR_DOMAIN_XML_SECURE flag
+            // https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainXMLFlags
+            String vmDef = dm.getXMLDesc(1);
             LibvirtDomainXMLParser parser = new LibvirtDomainXMLParser();
             parser.parseDomainXML(vmDef);
             for (InterfaceDef nic : parser.getInterfaces()) {

From cb7dd7b27dff1408cc41d69152a644c5b8842bfe Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 3 Aug 2015 14:34:20 +0530
Subject: [PATCH 038/115] CLOUDSTACK-8702: Add/refactor sessionkey checking
 code to HttpUtils

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 server/src/com/cloud/api/ApiServlet.java |  8 +-------
 utils/src/com/cloud/utils/HttpUtils.java | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/server/src/com/cloud/api/ApiServlet.java b/server/src/com/cloud/api/ApiServlet.java
index d9e77bd3c6..070545ddbc 100644
--- a/server/src/com/cloud/api/ApiServlet.java
+++ b/server/src/com/cloud/api/ApiServlet.java
@@ -237,13 +237,7 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
                 userId = (Long)session.getAttribute("userid");
                 final String account = (String) session.getAttribute("account");
                 final Object accountObj = session.getAttribute("accountobj");
-                final String sessionKey = (String) session.getAttribute(ApiConstants.SESSIONKEY);
-                final String sessionKeyFromCookie = HttpUtils.findCookie(req.getCookies(), ApiConstants.SESSIONKEY);
-                final String[] sessionKeyFromParams = (String[]) params.get(ApiConstants.SESSIONKEY);
-                if ((sessionKey == null)
-                        || (sessionKeyFromParams == null && sessionKeyFromCookie == null)
-                        || (sessionKeyFromParams != null && !sessionKey.equals(sessionKeyFromParams[0]))
-                        || (sessionKeyFromCookie != null && !sessionKey.equals(sessionKeyFromCookie))) {
+                if (!HttpUtils.validateSessionKey(session, params, req.getCookies(), ApiConstants.SESSIONKEY)) {
                     try {
                         session.invalidate();
                     } catch (final IllegalStateException ise) {
diff --git a/utils/src/com/cloud/utils/HttpUtils.java b/utils/src/com/cloud/utils/HttpUtils.java
index 6077c44da4..379b117000 100644
--- a/utils/src/com/cloud/utils/HttpUtils.java
+++ b/utils/src/com/cloud/utils/HttpUtils.java
@@ -23,7 +23,9 @@
 
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 import java.io.IOException;
+import java.util.Map;
 
 public class HttpUtils {
 
@@ -89,4 +91,18 @@ public static void writeHttpResponse(final HttpServletResponse resp, final Strin
             }
         }
     }
+
+    public static boolean validateSessionKey(final HttpSession session, final Map<String, Object[]> params, final Cookie[] cookies, final String sessionKeyString) {
+        final String sessionKey = (String) session.getAttribute(sessionKeyString);
+        final String sessionKeyFromCookie = HttpUtils.findCookie(cookies, sessionKeyString);
+        final String[] sessionKeyFromParams = (String[]) params.get(sessionKeyString);
+        if ((sessionKey == null)
+                || (sessionKeyFromParams == null && sessionKeyFromCookie == null)
+                || (sessionKeyFromParams != null && !sessionKey.equals(sessionKeyFromParams[0]))
+                || (sessionKeyFromCookie != null && !sessionKey.equals(sessionKeyFromCookie))) {
+            return false;
+        }
+        return true;
+    }
+
 }

From 1065661cd50c8d43bf65644a13d164b96732b011 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 3 Aug 2015 12:36:14 +0530
Subject: [PATCH 039/115] CLOUDSTACK-8701: Allow SAML users to switch accounts

SAML authorized accounts might be across various domains, this allows for
switching of accounts only in case of SAML authenticated user accounts across
other accounts with the same SAML uid/username.

Moves the previous switch account logic to its own ui-custom module

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 client/tomcatconf/commands.properties.in      |   1 +
 .../GetServiceProviderMetaDataCmd.java        |   2 +-
 .../command/ListAndSwitchSAMLAccountCmd.java  | 195 ++++++++++++++++++
 .../cloudstack/api/command/ListIdpsCmd.java   |   2 +-
 .../SAML2LoginAPIAuthenticatorCmd.java        |  36 +---
 .../api/response/SamlUserAccountResponse.java |  99 +++++++++
 .../cloudstack/saml/SAML2AuthManagerImpl.java |   2 +
 .../saml/SAML2UserAuthenticator.java          |  22 +-
 .../org/apache/cloudstack/saml/SAMLUtils.java |  18 ++
 ui/css/cloudstack3.css                        |   6 +-
 ui/index.jsp                                  |   8 +-
 ui/scripts/ui-custom/login.js                 |   8 +-
 ui/scripts/ui-custom/saml.js                  |  96 +++++++++
 13 files changed, 424 insertions(+), 71 deletions(-)
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java
 create mode 100644 plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/SamlUserAccountResponse.java
 create mode 100644 ui/scripts/ui-custom/saml.js

diff --git a/client/tomcatconf/commands.properties.in b/client/tomcatconf/commands.properties.in
index a66a3dce48..a69605c1ea 100644
--- a/client/tomcatconf/commands.properties.in
+++ b/client/tomcatconf/commands.properties.in
@@ -29,6 +29,7 @@ getSPMetadata=15
 listIdps=15
 authorizeSamlSso=7
 listSamlAuthorization=7
+listAndSwitchSamlAccount=15
 
 ### Account commands
 createAccount=7
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
index ffaad7af75..bed594fed3 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
@@ -266,7 +266,7 @@ public void setAuthenticators(List<PluggableAPIAuthenticator> authenticators) {
             }
         }
         if (_samlAuthManager == null) {
-            s_logger.error("No suitable Pluggable Authentication Manager found for SAML2 Login Cmd");
+            s_logger.error("No suitable Pluggable Authentication Manager found for SAML2 getSPMetadata Cmd");
         }
     }
 }
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java
new file mode 100644
index 0000000000..db0d6dc737
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java
@@ -0,0 +1,195 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command;
+
+import com.cloud.api.response.ApiResponseSerializer;
+import com.cloud.domain.Domain;
+import com.cloud.domain.dao.DomainDao;
+import com.cloud.user.Account;
+import com.cloud.user.User;
+import com.cloud.user.UserAccount;
+import com.cloud.user.UserAccountVO;
+import com.cloud.user.dao.UserAccountDao;
+import com.cloud.user.dao.UserDao;
+import com.cloud.utils.HttpUtils;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiErrorCode;
+import org.apache.cloudstack.api.ApiServerService;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.auth.APIAuthenticationType;
+import org.apache.cloudstack.api.auth.APIAuthenticator;
+import org.apache.cloudstack.api.auth.PluggableAPIAuthenticator;
+import org.apache.cloudstack.api.response.DomainResponse;
+import org.apache.cloudstack.api.response.ListResponse;
+import org.apache.cloudstack.api.response.LoginCmdResponse;
+import org.apache.cloudstack.api.response.SamlUserAccountResponse;
+import org.apache.cloudstack.api.response.SuccessResponse;
+import org.apache.cloudstack.api.response.UserResponse;
+import org.apache.cloudstack.saml.SAML2AuthManager;
+import org.apache.cloudstack.saml.SAMLUtils;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+@APICommand(name = "listAndSwitchSamlAccount", description = "Lists and switches to other SAML accounts owned by the SAML user", responseObject = SuccessResponse.class, requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
+public class ListAndSwitchSAMLAccountCmd extends BaseCmd implements APIAuthenticator {
+    public static final Logger s_logger = Logger.getLogger(ListAndSwitchSAMLAccountCmd.class.getName());
+    private static final String s_name = "listandswitchsamlaccountresponse";
+
+    @Inject
+    ApiServerService _apiServer;
+
+    @Inject
+    private UserAccountDao _userAccountDao;
+    @Inject
+    private UserDao _userDao;
+    @Inject
+    private DomainDao _domainDao;
+
+    SAML2AuthManager _samlAuthManager;
+
+    /////////////////////////////////////////////////////
+    //////////////// API parameters /////////////////////
+    /////////////////////////////////////////////////////
+
+    @Parameter(name = ApiConstants.USER_ID, type = CommandType.UUID, entityType = UserResponse.class, required = false, description = "User uuid")
+    private Long userId;
+
+    @Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.UUID, entityType = DomainResponse.class, required = false, description = "Domain uuid")
+    private Long domainId;
+
+    @Override
+    public String getCommandName() {
+        return s_name;
+    }
+
+    @Override
+    public long getEntityOwnerId() {
+        return Account.ACCOUNT_ID_SYSTEM;
+    }
+
+    @Override
+    public void execute() {
+        throw new ServerApiException(ApiErrorCode.METHOD_NOT_ALLOWED, "This is an authentication plugin api, cannot be used directly");
+    }
+
+    @Override
+    public String authenticate(final String command, final Map<String, Object[]> params, final HttpSession session, final String remoteAddress, final String responseType, final StringBuilder auditTrailSb, final HttpServletRequest req, final HttpServletResponse resp) throws ServerApiException {
+        if (session == null || session.isNew()) {
+            throw new ServerApiException(ApiErrorCode.UNAUTHORIZED, _apiServer.getSerializedApiError(ApiErrorCode.UNAUTHORIZED.getHttpCode(),
+                    "Only authenticated saml users can request this API",
+                    params, responseType));
+        }
+
+        if (!HttpUtils.validateSessionKey(session, params, req.getCookies(), ApiConstants.SESSIONKEY)) {
+            throw new ServerApiException(ApiErrorCode.UNAUTHORIZED, _apiServer.getSerializedApiError(ApiErrorCode.UNAUTHORIZED.getHttpCode(),
+                    "Unauthorized session, please re-login",
+                    params, responseType));
+        }
+
+        final long currentUserId = (Long) session.getAttribute("userid");
+        final UserAccount currentUserAccount = _accountService.getUserAccountById(currentUserId);
+        if (currentUserAccount == null || currentUserAccount.getSource() != User.Source.SAML2) {
+            throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
+                    "Only authenticated saml users can request this API",
+                    params, responseType));
+        }
+
+        String userUuid = null;
+        String domainUuid = null;
+        if (params.containsKey(ApiConstants.USER_ID)) {
+            userUuid = ((String[])params.get(ApiConstants.USER_ID))[0];
+        }
+        if (params.containsKey(ApiConstants.DOMAIN_ID)) {
+            domainUuid = ((String[])params.get(ApiConstants.DOMAIN_ID))[0];
+        }
+
+        if (userUuid != null && domainUuid != null) {
+            final User user = _userDao.findByUuid(userUuid);
+            final Domain domain = _domainDao.findByUuid(domainUuid);
+            final UserAccount nextUserAccount = _accountService.getUserAccountById(user.getId());
+            if (!nextUserAccount.getUsername().equals(currentUserAccount.getUsername())
+                    || !nextUserAccount.getExternalEntity().equals(currentUserAccount.getExternalEntity())
+                    || (nextUserAccount.getDomainId() != domain.getId())
+                    || (nextUserAccount.getSource() != User.Source.SAML2)) {
+                throw new ServerApiException(ApiErrorCode.PARAM_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(),
+                        "User account is not allowed to switch to the requested account",
+                        params, responseType));
+            }
+            try {
+                if (_apiServer.verifyUser(nextUserAccount.getId())) {
+                    final LoginCmdResponse loginResponse = (LoginCmdResponse) _apiServer.loginUser(session, nextUserAccount.getUsername(), nextUserAccount.getUsername() + nextUserAccount.getSource().toString(),
+                            nextUserAccount.getDomainId(), null, remoteAddress, params);
+                    SAMLUtils.setupSamlUserCookies(loginResponse, resp);
+                    resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
+                    return ApiResponseSerializer.toSerializedString(loginResponse, responseType);
+                }
+            } catch (final Exception ignored) {
+            }
+        } else {
+            List<UserAccountVO> switchableAccounts = _userAccountDao.getAllUsersByNameAndEntity(currentUserAccount.getUsername(), currentUserAccount.getExternalEntity());
+            if (switchableAccounts != null && switchableAccounts.size() > 0 && currentUserId != User.UID_SYSTEM) {
+                List<SamlUserAccountResponse> accountResponses = new ArrayList<SamlUserAccountResponse>();
+                for (UserAccountVO userAccount: switchableAccounts) {
+                    User user = _userDao.getUser(userAccount.getId());
+                    Domain domain = _domainService.getDomain(userAccount.getDomainId());
+                    SamlUserAccountResponse accountResponse = new SamlUserAccountResponse();
+                    accountResponse.setUserId(user.getUuid());
+                    accountResponse.setUserName(user.getUsername());
+                    accountResponse.setDomainId(domain.getUuid());
+                    accountResponse.setDomainName(domain.getName());
+                    accountResponse.setAccountName(userAccount.getAccountName());
+                    accountResponse.setIdpId(user.getExternalEntity());
+                    accountResponses.add(accountResponse);
+                }
+                ListResponse<SamlUserAccountResponse> response = new ListResponse<SamlUserAccountResponse>();
+                response.setResponses(accountResponses);
+                response.setResponseName(getCommandName());
+                return ApiResponseSerializer.toSerializedString(response, responseType);
+            }
+        }
+        throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
+                "Unable to switch to requested SAML account. Please make sure your user/account is enabled. Please contact your administrator.",
+                params, responseType));
+    }
+
+    @Override
+    public APIAuthenticationType getAPIType() {
+        return APIAuthenticationType.READONLY_API;
+    }
+
+    @Override
+    public void setAuthenticators(List<PluggableAPIAuthenticator> authenticators) {
+        for (PluggableAPIAuthenticator authManager: authenticators) {
+            if (authManager != null && authManager instanceof SAML2AuthManager) {
+                _samlAuthManager = (SAML2AuthManager) authManager;
+            }
+        }
+        if (_samlAuthManager == null) {
+            s_logger.error("No suitable Pluggable Authentication Manager found for SAML2 listAndSwitchSamlAccount Cmd");
+        }
+    }
+}
\ No newline at end of file
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
index 43ecfc591c..47713420df 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListIdpsCmd.java
@@ -111,4 +111,4 @@ public void setAuthenticators(List<PluggableAPIAuthenticator> authenticators) {
             s_logger.error("No suitable Pluggable Authentication Manager found for SAML2 Login Cmd");
         }
     }
-}
\ No newline at end of file
+}
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index d4940ecb83..188eb6b2d7 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -17,13 +17,11 @@
 package org.apache.cloudstack.api.command;
 
 import com.cloud.api.response.ApiResponseSerializer;
-import com.cloud.exception.CloudAuthenticationException;
 import com.cloud.user.Account;
 import com.cloud.user.DomainManager;
 import com.cloud.user.UserAccount;
 import com.cloud.user.UserAccountVO;
 import com.cloud.user.dao.UserAccountDao;
-import com.cloud.utils.HttpUtils;
 import com.cloud.utils.db.EntityManager;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
@@ -64,14 +62,12 @@
 import org.xml.sax.SAXException;
 
 import javax.inject.Inject;
-import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.stream.FactoryConfigurationError;
 import java.io.IOException;
-import java.net.URLEncoder;
 import java.util.List;
 import java.util.Map;
 
@@ -195,7 +191,6 @@ public String authenticate(final String command, final Map<String, Object[]> par
                 }
 
                 String username = null;
-                Long domainId = null;
                 Issuer issuer = processedSAMLResponse.getIssuer();
                 SAMLProviderMetadata spMetadata = _samlAuthManager.getSPMetadata();
                 SAMLProviderMetadata idpMetadata = _samlAuthManager.getIdPMetadata(issuer.getValue());
@@ -204,9 +199,6 @@ public String authenticate(final String command, final Map<String, Object[]> par
                 s_logger.debug("Received SAMLResponse in response to id=" + responseToId);
                 SAMLTokenVO token = _samlAuthManager.getToken(responseToId);
                 if (token != null) {
-                    if (token.getDomainId() != null) {
-                        domainId = token.getDomainId();
-                    }
                     if (!(token.getEntity().equalsIgnoreCase(issuer.getValue()))) {
                         throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
                                 "The SAML response contains Issuer Entity ID that is different from the original SAML request",
@@ -298,17 +290,9 @@ public String authenticate(final String command, final Map<String, Object[]> par
                 UserAccount userAccount = null;
                 List<UserAccountVO> possibleUserAccounts = _userAccountDao.getAllUsersByNameAndEntity(username, issuer.getValue());
                 if (possibleUserAccounts != null && possibleUserAccounts.size() > 0) {
-                    if (possibleUserAccounts.size() == 1) {
-                        userAccount = possibleUserAccounts.get(0);
-                    } else if (possibleUserAccounts.size() > 1) {
-                        if (domainId != null) {
-                            userAccount = _userAccountDao.getUserAccount(username, domainId);
-                        } else {
-                            throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
-                                    "You have accounts in multiple domains, please re-login by specifying the domain you want to log into.",
-                                    params, responseType));
-                        }
-                    }
+                    // By default, log into the first user account
+                    // Users can switch to other allowed accounts later
+                    userAccount = possibleUserAccounts.get(0);
                 }
 
                 if (userAccount == null || userAccount.getExternalEntity() == null || !_samlAuthManager.isUserAuthorized(userAccount.getId(), issuer.getValue())) {
@@ -322,21 +306,11 @@ public String authenticate(final String command, final Map<String, Object[]> par
                         if (_apiServer.verifyUser(userAccount.getId())) {
                             LoginCmdResponse loginResponse = (LoginCmdResponse) _apiServer.loginUser(session, userAccount.getUsername(), userAccount.getUsername() + userAccount.getSource().toString(),
                                     userAccount.getDomainId(), null, remoteAddress, params);
-                            resp.addCookie(new Cookie("userid", URLEncoder.encode(loginResponse.getUserId(), HttpUtils.UTF_8)));
-                            resp.addCookie(new Cookie("domainid", URLEncoder.encode(loginResponse.getDomainId(), HttpUtils.UTF_8)));
-                            resp.addCookie(new Cookie("role", URLEncoder.encode(loginResponse.getType(), HttpUtils.UTF_8)));
-                            resp.addCookie(new Cookie("username", URLEncoder.encode(loginResponse.getUsername(), HttpUtils.UTF_8)));
-                            resp.addCookie(new Cookie("account", URLEncoder.encode(loginResponse.getAccount(), HttpUtils.UTF_8)));
-                            String timezone = loginResponse.getTimeZone();
-                            if (timezone != null) {
-                                resp.addCookie(new Cookie("timezone", URLEncoder.encode(timezone, HttpUtils.UTF_8)));
-                            }
-                            resp.addCookie(new Cookie("userfullname", URLEncoder.encode(loginResponse.getFirstName() + " " + loginResponse.getLastName(), HttpUtils.UTF_8).replace("+", "%20")));
-                            resp.addHeader("SET-COOKIE", String.format("%s=%s;HttpOnly", ApiConstants.SESSIONKEY, loginResponse.getSessionKey()));
+                            SAMLUtils.setupSamlUserCookies(loginResponse, resp);
                             resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
                             return ApiResponseSerializer.toSerializedString(loginResponse, responseType);
                         }
-                    } catch (final CloudAuthenticationException ignored) {
+                    } catch (final Exception ignored) {
                     }
                 }
             }
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/SamlUserAccountResponse.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/SamlUserAccountResponse.java
new file mode 100644
index 0000000000..f0927e3f6d
--- /dev/null
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/response/SamlUserAccountResponse.java
@@ -0,0 +1,99 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.response;
+
+import com.cloud.serializer.Param;
+import com.google.gson.annotations.SerializedName;
+
+public class SamlUserAccountResponse extends AuthenticationCmdResponse {
+    @SerializedName("userId")
+    @Param(description = "The User Id")
+    private String userId;
+
+    @SerializedName("domainId")
+    @Param(description = "The Domain Id")
+    private String domainId;
+
+    @SerializedName("userName")
+    @Param(description = "The User Name")
+    private String userName;
+
+    @SerializedName("accountName")
+    @Param(description = "The Account Name")
+    private String accountName;
+
+    @SerializedName("domainName")
+    @Param(description = "The Domain Name")
+    private String domainName;
+
+    @SerializedName("idpId")
+    @Param(description = "The IDP ID")
+    private String idpId;
+
+    public SamlUserAccountResponse() {
+        super();
+        setObjectName("samluseraccount");
+    }
+
+    public String getUserId() {
+        return userId;
+    }
+
+    public void setUserId(String userId) {
+        this.userId = userId;
+    }
+
+    public String getDomainId() {
+        return domainId;
+    }
+
+    public void setDomainId(String domainId) {
+        this.domainId = domainId;
+    }
+
+    public String getUserName() {
+        return userName;
+    }
+
+    public void setUserName(String userName) {
+        this.userName = userName;
+    }
+
+    public String getAccountName() {
+        return accountName;
+    }
+
+    public void setAccountName(String accountName) {
+        this.accountName = accountName;
+    }
+
+    public String getDomainName() {
+        return domainName;
+    }
+
+    public void setDomainName(String domainName) {
+        this.domainName = domainName;
+    }
+
+    public String getIdpId() {
+        return idpId;
+    }
+
+    public void setIdpId(String idpId) {
+        this.idpId = idpId;
+    }
+}
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java
index 7232ac9e07..46b1c407b5 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2AuthManagerImpl.java
@@ -26,6 +26,7 @@
 import org.apache.cloudstack.api.auth.PluggableAPIAuthenticator;
 import org.apache.cloudstack.api.command.AuthorizeSAMLSSOCmd;
 import org.apache.cloudstack.api.command.GetServiceProviderMetaDataCmd;
+import org.apache.cloudstack.api.command.ListAndSwitchSAMLAccountCmd;
 import org.apache.cloudstack.api.command.ListIdpsCmd;
 import org.apache.cloudstack.api.command.ListSamlAuthorizationCmd;
 import org.apache.cloudstack.api.command.SAML2LoginAPIAuthenticatorCmd;
@@ -491,6 +492,7 @@ public List<Class<?>> getAuthCommands() {
         cmdList.add(SAML2LogoutAPIAuthenticatorCmd.class);
         cmdList.add(GetServiceProviderMetaDataCmd.class);
         cmdList.add(ListIdpsCmd.class);
+        cmdList.add(ListAndSwitchSAMLAccountCmd.class);
         return cmdList;
     }
 
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java
index 5c8a39088a..65a7959d99 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java
@@ -23,18 +23,9 @@
 import com.cloud.utils.Pair;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.log4j.Logger;
-import org.opensaml.DefaultBootstrap;
-import org.opensaml.saml2.core.Response;
-import org.opensaml.saml2.core.StatusCode;
-import org.opensaml.xml.ConfigurationException;
-import org.opensaml.xml.io.UnmarshallingException;
-import org.xml.sax.SAXException;
 
 import javax.ejb.Local;
 import javax.inject.Inject;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.stream.FactoryConfigurationError;
-import java.io.IOException;
 import java.util.Map;
 
 @Local(value = {UserAuthenticator.class})
@@ -63,18 +54,7 @@ public Pair<Boolean, ActionOnFailedAuthentication> authenticate(String username,
             return new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
         } else {
             User user = _userDao.getUser(userAccount.getId());
-            if (user != null && requestParameters != null && requestParameters.containsKey(SAMLPluginConstants.SAML_RESPONSE)) {
-                final String samlResponse = ((String[])requestParameters.get(SAMLPluginConstants.SAML_RESPONSE))[0];
-                Response responseObject = null;
-                try {
-                    DefaultBootstrap.bootstrap();
-                    responseObject = SAMLUtils.decodeSAMLResponse(samlResponse);
-                } catch (ConfigurationException | FactoryConfigurationError | ParserConfigurationException | SAXException | IOException | UnmarshallingException e) {
-                    return new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
-                }
-                if (!responseObject.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
-                    return new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
-                }
+            if (user != null && user.getSource() == User.Source.SAML2 && user.getExternalEntity() != null) {
                 return new Pair<Boolean, ActionOnFailedAuthentication>(true, null);
             }
         }
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
index 0216ad7eb6..fb2d960f57 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAMLUtils.java
@@ -20,6 +20,8 @@
 package org.apache.cloudstack.saml;
 
 import com.cloud.utils.HttpUtils;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.response.LoginCmdResponse;
 import org.apache.log4j.Logger;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.x509.X509V1CertificateGenerator;
@@ -62,6 +64,8 @@
 import org.xml.sax.SAXException;
 
 import javax.security.auth.x500.X500Principal;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletResponse;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
@@ -351,4 +355,18 @@ public static X509Certificate generateRandomX509Certificate(KeyPair keyPair) thr
         return certGen.generate(keyPair.getPrivate(), "BC");
     }
 
+    public static void setupSamlUserCookies(final LoginCmdResponse loginResponse, final HttpServletResponse resp) throws IOException {
+        resp.addCookie(new Cookie("userid", URLEncoder.encode(loginResponse.getUserId(), HttpUtils.UTF_8)));
+        resp.addCookie(new Cookie("domainid", URLEncoder.encode(loginResponse.getDomainId(), HttpUtils.UTF_8)));
+        resp.addCookie(new Cookie("role", URLEncoder.encode(loginResponse.getType(), HttpUtils.UTF_8)));
+        resp.addCookie(new Cookie("username", URLEncoder.encode(loginResponse.getUsername(), HttpUtils.UTF_8)));
+        resp.addCookie(new Cookie("account", URLEncoder.encode(loginResponse.getAccount(), HttpUtils.UTF_8)));
+        String timezone = loginResponse.getTimeZone();
+        if (timezone != null) {
+            resp.addCookie(new Cookie("timezone", URLEncoder.encode(timezone, HttpUtils.UTF_8)));
+        }
+        resp.addCookie(new Cookie("userfullname", URLEncoder.encode(loginResponse.getFirstName() + " " + loginResponse.getLastName(), HttpUtils.UTF_8).replace("+", "%20")));
+        resp.addHeader("SET-COOKIE", String.format("%s=%s;HttpOnly", ApiConstants.SESSIONKEY, loginResponse.getSessionKey()));
+    }
+
 }
diff --git a/ui/css/cloudstack3.css b/ui/css/cloudstack3.css
index ef33deae82..06abbb8b15 100644
--- a/ui/css/cloudstack3.css
+++ b/ui/css/cloudstack3.css
@@ -9651,7 +9651,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
 }
 
 /*** View switcher (drop-down)*/
-.project-switcher {
+.project-switcher, .domain-switcher {
   float: left;
   width: 223px;
   padding: 9px 17px 0 19px;
@@ -9662,7 +9662,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
   border-radius: 4px;
 }
 
-.project-switcher label {
+.project-switcher label, .domain-switcher label {
   top: 29px;
   color: #FFFFFF;
   font-size: 13px;
@@ -9671,7 +9671,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
   margin-top: 5px;
 }
 
-.project-switcher select {
+.project-switcher select, .domain-switcher select {
   width: 70%;
   float: left;
   margin-top: 0px;
diff --git a/ui/index.jsp b/ui/index.jsp
index c3bae19a54..60f3cc3832 100644
--- a/ui/index.jsp
+++ b/ui/index.jsp
@@ -75,13 +75,6 @@
                             </div>
                         </div>
 
-                        <div id="saml-login">
-                            <div class="field domain">
-                                <label for="saml-domain"><fmt:message key="label.domain"/></label>
-                                <input id="saml-domain" type="text" name="saml-domain" />
-                            </div>
-                        </div>
-
                         <div id="login-submit">
                             <!-- Submit (login) -->
                             <input id="login-submit" type="submit" value="<fmt:message key="label.login"/>" />
@@ -1805,6 +1798,7 @@
         <script type="text/javascript" src="scripts/docs.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/vm_snapshots.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/projectSelect.js?t=<%=now%>"></script>
+        <script type="text/javascript" src="scripts/ui-custom/saml.js?t=<%=now%>"></script>
 
         <!-- Plugin/module API -->
         <script type="text/javascript" src="scripts/ui-custom/pluginListing.js?t=<%=now%>"></script>
diff --git a/ui/scripts/ui-custom/login.js b/ui/scripts/ui-custom/login.js
index e112958345..58255297a4 100644
--- a/ui/scripts/ui-custom/login.js
+++ b/ui/scripts/ui-custom/login.js
@@ -122,8 +122,7 @@
             } else if (selectedLogin === 'saml') {
                 // SAML
                 args.samlLoginAction({
-                    data: {'idpid': $login.find('#login-options').find(':selected').val(),
-                          'domain': $login.find('#saml-domain').val()}
+                    data: {'idpid': $login.find('#login-options').find(':selected').val()}
                 });
             }
             return false;
@@ -133,16 +132,13 @@
         var toggleLoginView = function (selectedOption) {
             $login.find('#login-submit').show();
             if (selectedOption === '') {
-                    $login.find('#saml-login').hide();
                     $login.find('#cloudstack-login').hide();
                     $login.find('#login-submit').hide();
                     selectedLogin = 'none';
             } else if (selectedOption === 'cloudstack-login') {
-                    $login.find('#saml-login').hide();
                     $login.find('#cloudstack-login').show();
                     selectedLogin = 'cloudstack';
             } else {
-                    $login.find('#saml-login').show();
                     $login.find('#cloudstack-login').hide();
                     selectedLogin = 'saml';
             }
@@ -160,14 +156,12 @@
         $login.find('#login-dropdown').hide();
         $login.find('#login-submit').show();
         $login.find('#cloudstack-login').show();
-        $login.find('#saml-login').hide();
 
         // If any IdP servers were set, SAML is enabled
         if (g_idpList && g_idpList.length > 0) {
             $login.find('#login-dropdown').show();
             $login.find('#login-submit').hide();
             $login.find('#cloudstack-login').hide();
-            $login.find('#saml-login').hide();
 
             $login.find('#login-options')
                 .append($('<option>', {
diff --git a/ui/scripts/ui-custom/saml.js b/ui/scripts/ui-custom/saml.js
new file mode 100644
index 0000000000..391e7f885c
--- /dev/null
+++ b/ui/scripts/ui-custom/saml.js
@@ -0,0 +1,96 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+(function($, cloudStack) {
+    $(window).bind('cloudStack.ready', function() {
+        var showSamlDomainSwitcher = false;
+        if (g_idpList) {
+            showSamlDomainSwitcher = true;
+        }
+        if (!showSamlDomainSwitcher) {
+            return;
+        }
+
+        var $label = $('<label>').html('Domain:');
+        var $header = $('#header .controls');
+        var $domainSwitcher = $('<div>').addClass('domain-switcher');
+        var $domainSelect = $('<select>');
+        $domainSwitcher.append($label, $domainSelect);
+
+        var switchAccount = function(userId, domainId) {
+            var toReload = true;
+            $.ajax({
+                url: createURL('listAndSwitchSamlAccount'),
+                type: 'POST',
+                async: false,
+                data: {
+                    userid: userId,
+                    domainid: domainId
+                },
+                success: function(data, textStatus) {
+                    document.location.reload(true);
+                },
+                error: function(data) {
+                    cloudStack.dialog.notice({
+                        message: parseXMLHttpResponse(data)
+                    });
+                    if (data.status !== 200) {
+                        toReload = false;
+                    }
+                },
+                complete: function() {
+                    if (toReload) {
+                        document.location.reload(true);
+                    }
+                    toReload = true;
+                }
+            });
+        };
+
+        $domainSelect.change(function() {
+            var selectedOption = $domainSelect.val();
+            var userId = selectedOption.split('/')[0];
+            var domainId = selectedOption.split('/')[1];
+            switchAccount(userId, domainId);
+        });
+
+        $.ajax({
+            url: createURL('listAndSwitchSamlAccount'),
+            success: function(json) {
+                var accounts = json.listandswitchsamlaccountresponse.samluseraccount;
+                if (accounts.length < 2) {
+                    return;
+                };
+                $domainSelect.empty();
+                for (var i = 0; i < accounts.length; i++) {
+                    var option = $('<option>');
+                    option.data("userId", accounts[i].userId);
+                    option.data("domainId", accounts[i].domainId);
+                    option.val(accounts[i].userId + '/' + accounts[i].domainId);
+                    option.html(accounts[i].accountName + "/" + accounts[i].domainName);
+                    option.appendTo($domainSelect);
+                }
+                var currentAccountDomain = g_userid + '/' + g_domainid;
+                $domainSelect.find('option[value="' + currentAccountDomain + '"]').attr("selected", "selected");
+                $domainSwitcher.insertAfter($header.find('.region-switcher'));
+            },
+            error: function(data) {
+                // if call fails, the logged in user in not a SAML authenticated user
+            }
+        });
+    });
+}(jQuery, cloudStack));

From 1e3e67451489789949e1b50e1f0732bcba0596b5 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Sun, 9 Aug 2015 00:13:51 +0530
Subject: [PATCH 040/115] CLOUDSTACK-8701: Add administrative contact block as
 per SAML IDP expectations

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../api/command/GetServiceProviderMetaDataCmd.java | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
index bed594fed3..80d38fd97a 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
@@ -205,16 +205,28 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
         spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
         spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
 
-        ContactPerson contactPerson = new ContactPersonBuilder().buildObject();
+        // Add technical contact
         GivenName givenName = new GivenNameBuilder().buildObject();
         givenName.setName(spMetadata.getContactPersonName());
         EmailAddress emailAddress = new EmailAddressBuilder().buildObject();
         emailAddress.setAddress(spMetadata.getContactPersonEmail());
+        ContactPerson contactPerson = new ContactPersonBuilder().buildObject();
         contactPerson.setType(ContactPersonTypeEnumeration.TECHNICAL);
         contactPerson.setGivenName(givenName);
         contactPerson.getEmailAddresses().add(emailAddress);
         spEntityDescriptor.getContactPersons().add(contactPerson);
 
+        // Add administrative/support contact
+        GivenName givenNameAdmin = new GivenNameBuilder().buildObject();
+        givenNameAdmin.setName(spMetadata.getContactPersonName());
+        EmailAddress emailAddressAdmin = new EmailAddressBuilder().buildObject();
+        emailAddressAdmin.setAddress(spMetadata.getContactPersonEmail());
+        ContactPerson contactPersonAdmin = new ContactPersonBuilder().buildObject();
+        contactPersonAdmin.setType(ContactPersonTypeEnumeration.ADMINISTRATIVE);
+        contactPersonAdmin.setGivenName(givenNameAdmin);
+        contactPersonAdmin.getEmailAddresses().add(emailAddressAdmin);
+        spEntityDescriptor.getContactPersons().add(contactPersonAdmin);
+
         Organization organization = new OrganizationBuilder().buildObject();
         OrganizationName organizationName = new OrganizationNameBuilder().buildObject();
         organizationName.setName(new LocalizedString(spMetadata.getOrganizationName(), Locale.getDefault().getLanguage()));

From 0fcd9cad1e4a687c275095d6e27bdfb3eff4add8 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 12 Aug 2015 14:02:57 +0530
Subject: [PATCH 041/115] utils: add HttpUtils test

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 utils/src/com/cloud/utils/HttpUtils.java      | 32 ++++---
 utils/test/com/cloud/utils/HttpUtilsTest.java | 94 +++++++++++++++++++
 2 files changed, 113 insertions(+), 13 deletions(-)
 create mode 100644 utils/test/com/cloud/utils/HttpUtilsTest.java

diff --git a/utils/src/com/cloud/utils/HttpUtils.java b/utils/src/com/cloud/utils/HttpUtils.java
index 379b117000..d2e844a23e 100644
--- a/utils/src/com/cloud/utils/HttpUtils.java
+++ b/utils/src/com/cloud/utils/HttpUtils.java
@@ -52,18 +52,6 @@ public static void addSecurityHeaders(final HttpServletResponse resp) {
         }
     }
 
-    public static String findCookie(final Cookie[] cookies, final String key) {
-        if (cookies == null || key == null || key.isEmpty()) {
-            return null;
-        }
-        for (Cookie cookie: cookies) {
-            if (cookie != null && cookie.getName().equals(key)) {
-                return cookie.getValue();
-            }
-        }
-        return null;
-    }
-
     public static void writeHttpResponse(final HttpServletResponse resp, final String response,
                                          final Integer responseCode, final String responseType, final String jsonContentType) {
         try {
@@ -92,10 +80,28 @@ public static void writeHttpResponse(final HttpServletResponse resp, final Strin
         }
     }
 
+    public static String findCookie(final Cookie[] cookies, final String key) {
+        if (cookies == null || key == null || key.isEmpty()) {
+            return null;
+        }
+        for (Cookie cookie: cookies) {
+            if (cookie != null && cookie.getName().equals(key)) {
+                return cookie.getValue();
+            }
+        }
+        return null;
+    }
+
     public static boolean validateSessionKey(final HttpSession session, final Map<String, Object[]> params, final Cookie[] cookies, final String sessionKeyString) {
+        if (session == null || sessionKeyString == null) {
+            return false;
+        }
         final String sessionKey = (String) session.getAttribute(sessionKeyString);
         final String sessionKeyFromCookie = HttpUtils.findCookie(cookies, sessionKeyString);
-        final String[] sessionKeyFromParams = (String[]) params.get(sessionKeyString);
+        String[] sessionKeyFromParams = null;
+        if (params != null) {
+            sessionKeyFromParams = (String[]) params.get(sessionKeyString);
+        }
         if ((sessionKey == null)
                 || (sessionKeyFromParams == null && sessionKeyFromCookie == null)
                 || (sessionKeyFromParams != null && !sessionKey.equals(sessionKeyFromParams[0]))
diff --git a/utils/test/com/cloud/utils/HttpUtilsTest.java b/utils/test/com/cloud/utils/HttpUtilsTest.java
new file mode 100644
index 0000000000..e10a5a36b2
--- /dev/null
+++ b/utils/test/com/cloud/utils/HttpUtilsTest.java
@@ -0,0 +1,94 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.utils;
+
+import org.junit.Test;
+import org.springframework.mock.web.MockHttpSession;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpSession;
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+public class HttpUtilsTest {
+
+    @Test
+    public void findCookieTest() {
+        Cookie[] cookies = null;
+        String cookieName = null;
+
+        // null test
+        assertNull(HttpUtils.findCookie(cookies, cookieName));
+        cookieName = "";
+        assertNull(HttpUtils.findCookie(cookies, cookieName));
+
+        // value test
+        cookieName = "daakuBandar";
+        cookies = new Cookie[]{new Cookie(cookieName, "someValue")};
+        assertNull(HttpUtils.findCookie(cookies, "aalasiLangur"));
+        assertNotNull(HttpUtils.findCookie(cookies, cookieName));
+    }
+
+    @Test
+    public void validateSessionKeyTest() {
+        HttpSession session = null;
+        Map<String, Object[]> params = null;
+        String sessionKeyString = null;
+        Cookie[] cookies = null;
+        final String sessionKeyValue = "randomUniqueSessionID";
+
+        // session and sessionKeyString null test
+        assertFalse(HttpUtils.validateSessionKey(session, params, cookies, sessionKeyString));
+        sessionKeyString =  "sessionkey";
+        assertFalse(HttpUtils.validateSessionKey(session, params, cookies, sessionKeyString));
+
+        // param and cookie null test
+        session = new MockHttpSession();
+        session.setAttribute(sessionKeyString, sessionKeyValue);
+        assertFalse(HttpUtils.validateSessionKey(session, params, cookies, sessionKeyString));
+
+        // param null, cookies not null test
+        params = null;
+        cookies = new Cookie[]{new Cookie(sessionKeyString, sessionKeyValue)};
+        assertFalse(HttpUtils.validateSessionKey(session, params, cookies, "randomString"));
+        assertTrue(HttpUtils.validateSessionKey(session, params, cookies, sessionKeyString));
+
+        // param not null, cookies null test
+        params = new HashMap<String, Object[]>();
+        params.put(sessionKeyString, new String[]{"randomString"});
+        cookies = null;
+        assertFalse(HttpUtils.validateSessionKey(session, params, cookies, sessionKeyString));
+        params.put(sessionKeyString, new String[]{sessionKeyValue});
+        assertTrue(HttpUtils.validateSessionKey(session, params, cookies, sessionKeyString));
+
+        // both param and cookies not null test
+        params = new HashMap<String, Object[]>();
+        cookies = new Cookie[]{new Cookie(sessionKeyString, sessionKeyValue)};
+        params.put(sessionKeyString, new String[]{"incorrectValue"});
+        assertFalse(HttpUtils.validateSessionKey(session, params, cookies, sessionKeyString));
+        params.put(sessionKeyString, new String[]{sessionKeyValue});
+        assertTrue(HttpUtils.validateSessionKey(session, params, cookies, sessionKeyString));
+    }
+}

From 3c9d1fdf5de5b9bcf62a1f2bfbfbcf458a0f31b6 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 12 Aug 2015 14:03:17 +0530
Subject: [PATCH 042/115] engine: fix accountState setter name

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 engine/schema/src/com/cloud/user/UserAccountVO.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engine/schema/src/com/cloud/user/UserAccountVO.java b/engine/schema/src/com/cloud/user/UserAccountVO.java
index 80ee873f3e..5ce0eb79d6 100644
--- a/engine/schema/src/com/cloud/user/UserAccountVO.java
+++ b/engine/schema/src/com/cloud/user/UserAccountVO.java
@@ -251,7 +251,7 @@ public String getAccountState() {
         return accountState;
     }
 
-    public void setAccountDisabled(String accountState) {
+    public void setAccountState(String accountState) {
         this.accountState = accountState;
     }
 

From b30977911dbfb1eae86d53ff1b848c5812b68c07 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 12 Aug 2015 14:04:08 +0530
Subject: [PATCH 043/115] CLOUDSTACK-8701: Add listandswitchsamlaccount API
 test and add boundary checks

- Adds unit test for ListAndSwitchSAMLAccountCmd
- Checks and logs in user only if they are enabled
- If saml user switches to a locked account, send appropriate error message

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../command/ListAndSwitchSAMLAccountCmd.java  |  14 +-
 .../SAML2LoginAPIAuthenticatorCmd.java        |  31 +--
 .../ListAndSwitchSAMLAccountCmdTest.java      | 201 ++++++++++++++++++
 3 files changed, 231 insertions(+), 15 deletions(-)
 create mode 100644 plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmdTest.java

diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java
index db0d6dc737..80aee1b4e6 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java
@@ -19,6 +19,7 @@
 import com.cloud.api.response.ApiResponseSerializer;
 import com.cloud.domain.Domain;
 import com.cloud.domain.dao.DomainDao;
+import com.cloud.exception.CloudAuthenticationException;
 import com.cloud.user.Account;
 import com.cloud.user.User;
 import com.cloud.user.UserAccount;
@@ -50,6 +51,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
+import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
@@ -131,7 +133,14 @@ public String authenticate(final String command, final Map<String, Object[]> par
             final User user = _userDao.findByUuid(userUuid);
             final Domain domain = _domainDao.findByUuid(domainUuid);
             final UserAccount nextUserAccount = _accountService.getUserAccountById(user.getId());
-            if (!nextUserAccount.getUsername().equals(currentUserAccount.getUsername())
+            if (nextUserAccount != null && !nextUserAccount.getAccountState().equals(Account.State.enabled.toString())) {
+                throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(),
+                        "The requested user account is locked and cannot be switched to, please contact your administrator.",
+                        params, responseType));
+            }
+            if (nextUserAccount == null
+                    || !nextUserAccount.getAccountState().equals(Account.State.enabled.toString())
+                    || !nextUserAccount.getUsername().equals(currentUserAccount.getUsername())
                     || !nextUserAccount.getExternalEntity().equals(currentUserAccount.getExternalEntity())
                     || (nextUserAccount.getDomainId() != domain.getId())
                     || (nextUserAccount.getSource() != User.Source.SAML2)) {
@@ -147,7 +156,8 @@ public String authenticate(final String command, final Map<String, Object[]> par
                     resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
                     return ApiResponseSerializer.toSerializedString(loginResponse, responseType);
                 }
-            } catch (final Exception ignored) {
+            } catch (CloudAuthenticationException | IOException exception) {
+                s_logger.debug("Failed to switch to request SAML user account due to: " + exception.getMessage());
             }
         } else {
             List<UserAccountVO> switchableAccounts = _userAccountDao.getAllUsersByNameAndEntity(currentUserAccount.getUsername(), currentUserAccount.getExternalEntity());
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index 188eb6b2d7..2c1b292e6e 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -17,6 +17,7 @@
 package org.apache.cloudstack.api.command;
 
 import com.cloud.api.response.ApiResponseSerializer;
+import com.cloud.exception.CloudAuthenticationException;
 import com.cloud.user.Account;
 import com.cloud.user.DomainManager;
 import com.cloud.user.UserAccount;
@@ -290,28 +291,32 @@ public String authenticate(final String command, final Map<String, Object[]> par
                 UserAccount userAccount = null;
                 List<UserAccountVO> possibleUserAccounts = _userAccountDao.getAllUsersByNameAndEntity(username, issuer.getValue());
                 if (possibleUserAccounts != null && possibleUserAccounts.size() > 0) {
-                    // By default, log into the first user account
+                    // Log into the first enabled user account
                     // Users can switch to other allowed accounts later
-                    userAccount = possibleUserAccounts.get(0);
+                    for (UserAccountVO possibleUserAccount: possibleUserAccounts) {
+                        if (possibleUserAccount.getAccountState().equals(Account.State.enabled.toString())) {
+                            userAccount = possibleUserAccount;
+                            break;
+                        }
+                    }
                 }
 
                 if (userAccount == null || userAccount.getExternalEntity() == null || !_samlAuthManager.isUserAuthorized(userAccount.getId(), issuer.getValue())) {
                     throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.ACCOUNT_ERROR.getHttpCode(),
-                            "Your authenticated user is not authorized, please contact your administrator",
+                            "Your authenticated user is not authorized for SAML Single Sign-On, please contact your administrator",
                             params, responseType));
                 }
 
-                if (userAccount != null) {
-                    try {
-                        if (_apiServer.verifyUser(userAccount.getId())) {
-                            LoginCmdResponse loginResponse = (LoginCmdResponse) _apiServer.loginUser(session, userAccount.getUsername(), userAccount.getUsername() + userAccount.getSource().toString(),
-                                    userAccount.getDomainId(), null, remoteAddress, params);
-                            SAMLUtils.setupSamlUserCookies(loginResponse, resp);
-                            resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
-                            return ApiResponseSerializer.toSerializedString(loginResponse, responseType);
-                        }
-                    } catch (final Exception ignored) {
+                try {
+                    if (_apiServer.verifyUser(userAccount.getId())) {
+                        LoginCmdResponse loginResponse = (LoginCmdResponse) _apiServer.loginUser(session, userAccount.getUsername(), userAccount.getUsername() + userAccount.getSource().toString(),
+                                userAccount.getDomainId(), null, remoteAddress, params);
+                        SAMLUtils.setupSamlUserCookies(loginResponse, resp);
+                        resp.sendRedirect(SAML2AuthManager.SAMLCloudStackRedirectionUrl.value());
+                        return ApiResponseSerializer.toSerializedString(loginResponse, responseType);
                     }
+                } catch (CloudAuthenticationException | IOException exception) {
+                    s_logger.debug("SAML Login failed to log in the user due to: " + exception.getMessage());
                 }
             }
         } catch (IOException e) {
diff --git a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmdTest.java b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmdTest.java
new file mode 100644
index 0000000000..1423243cfe
--- /dev/null
+++ b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmdTest.java
@@ -0,0 +1,201 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cloudstack.api.command;
+
+import com.cloud.domain.DomainVO;
+import com.cloud.domain.dao.DomainDao;
+import com.cloud.user.Account;
+import com.cloud.user.AccountService;
+import com.cloud.user.User;
+import com.cloud.user.UserAccountVO;
+import com.cloud.user.UserVO;
+import com.cloud.user.dao.UserAccountDao;
+import com.cloud.user.dao.UserDao;
+import com.cloud.utils.HttpUtils;
+import junit.framework.TestCase;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiErrorCode;
+import org.apache.cloudstack.api.ApiServerService;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.auth.APIAuthenticationType;
+import org.apache.cloudstack.api.response.LoginCmdResponse;
+import org.apache.cloudstack.saml.SAML2AuthManager;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.runners.MockitoJUnitRunner;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.lang.reflect.Field;
+import java.util.HashMap;
+import java.util.Map;
+
+@RunWith(MockitoJUnitRunner.class)
+public class ListAndSwitchSAMLAccountCmdTest extends TestCase {
+    @Mock
+    ApiServerService apiServer;
+
+    @Mock
+    SAML2AuthManager samlAuthManager;
+
+    @Mock
+    AccountService accountService;
+
+    @Mock
+    UserAccountDao userAccountDao;
+
+    @Mock
+    UserDao userDao;
+
+    @Mock
+    DomainDao domainDao;
+
+    @Mock
+    HttpSession session;
+
+    @Mock
+    HttpServletResponse resp;
+
+    @Mock
+    HttpServletRequest req;
+
+    @Test
+    public void testListAndSwitchSAMLAccountCmd() throws Exception {
+        // Setup
+        final Map<String, Object[]> params = new HashMap<String, Object[]>();
+        final String sessionKeyValue = "someSessionIDValue";
+        Mockito.when(session.getAttribute(ApiConstants.SESSIONKEY)).thenReturn(sessionKeyValue);
+        Mockito.when(session.getAttribute("userid")).thenReturn(2L);
+        params.put(ApiConstants.USER_ID, new String[]{"2"});
+        params.put(ApiConstants.DOMAIN_ID, new String[]{"1"});
+        Mockito.when(userDao.findByUuid(Mockito.anyString())).thenReturn(new UserVO(2L));
+        Mockito.when(domainDao.findByUuid(Mockito.anyString())).thenReturn(new DomainVO());
+
+        // Mock/field setup
+        ListAndSwitchSAMLAccountCmd cmd = new ListAndSwitchSAMLAccountCmd();
+        Field apiServerField = ListAndSwitchSAMLAccountCmd.class.getDeclaredField("_apiServer");
+        apiServerField.setAccessible(true);
+        apiServerField.set(cmd, apiServer);
+
+        Field managerField = ListAndSwitchSAMLAccountCmd.class.getDeclaredField("_samlAuthManager");
+        managerField.setAccessible(true);
+        managerField.set(cmd, samlAuthManager);
+
+        Field accountServiceField = BaseCmd.class.getDeclaredField("_accountService");
+        accountServiceField.setAccessible(true);
+        accountServiceField.set(cmd, accountService);
+
+        Field userAccountDaoField = ListAndSwitchSAMLAccountCmd.class.getDeclaredField("_userAccountDao");
+        userAccountDaoField.setAccessible(true);
+        userAccountDaoField.set(cmd, userAccountDao);
+
+        Field userDaoField = ListAndSwitchSAMLAccountCmd.class.getDeclaredField("_userDao");
+        userDaoField.setAccessible(true);
+        userDaoField.set(cmd, userDao);
+
+        Field domainDaoField = ListAndSwitchSAMLAccountCmd.class.getDeclaredField("_domainDao");
+        domainDaoField.setAccessible(true);
+        domainDaoField.set(cmd, domainDao);
+
+        // invalid session test
+        try {
+            cmd.authenticate("command", params, null, "random", HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp);
+        } catch (ServerApiException exception) {
+            assertEquals(exception.getErrorCode(), ApiErrorCode.UNAUTHORIZED);
+        } finally {
+            Mockito.verify(accountService, Mockito.times(0)).getUserAccountById(Mockito.anyLong());
+        }
+
+        // invalid sessionkey value test
+        params.put(ApiConstants.SESSIONKEY, new String[]{"someOtherValue"});
+        try {
+            Mockito.when(session.isNew()).thenReturn(false);
+            cmd.authenticate("command", params, session, "random", HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp);
+        } catch (ServerApiException exception) {
+            assertEquals(exception.getErrorCode(), ApiErrorCode.UNAUTHORIZED);
+        } finally {
+            Mockito.verify(accountService, Mockito.times(0)).getUserAccountById(Mockito.anyLong());
+        }
+
+        // valid sessionkey value test
+        params.put(ApiConstants.SESSIONKEY, new String[]{sessionKeyValue});
+        try {
+            cmd.authenticate("command", params, session, "random", HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp);
+        } catch (ServerApiException exception) {
+            assertEquals(exception.getErrorCode(), ApiErrorCode.ACCOUNT_ERROR);
+        } finally {
+            Mockito.verify(accountService, Mockito.times(1)).getUserAccountById(Mockito.anyLong());
+        }
+
+        // valid sessionkey, invalid useraccount type (non-saml) value test
+        UserAccountVO mockedUserAccount = new UserAccountVO();
+        mockedUserAccount.setId(2L);
+        mockedUserAccount.setAccountState(Account.State.enabled.toString());
+        mockedUserAccount.setUsername("someUsername");
+        mockedUserAccount.setExternalEntity("some IDP ID");
+        mockedUserAccount.setDomainId(0L);
+        mockedUserAccount.setSource(User.Source.UNKNOWN);
+        Mockito.when(accountService.getUserAccountById(Mockito.anyLong())).thenReturn(mockedUserAccount);
+        try {
+            cmd.authenticate("command", params, session, "random", HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp);
+        } catch (ServerApiException exception) {
+            assertEquals(exception.getErrorCode(), ApiErrorCode.ACCOUNT_ERROR);
+        } finally {
+            // accountService should have been called twice by now, for this case and the case above
+            Mockito.verify(accountService, Mockito.times(2)).getUserAccountById(Mockito.anyLong());
+        }
+
+        // all valid test
+        mockedUserAccount.setSource(User.Source.SAML2);
+        Mockito.when(accountService.getUserAccountById(Mockito.anyLong())).thenReturn(mockedUserAccount);
+        Mockito.when(apiServer.verifyUser(Mockito.anyLong())).thenReturn(true);
+        LoginCmdResponse loginCmdResponse = new LoginCmdResponse();
+        loginCmdResponse.setUserId("1");
+        loginCmdResponse.setDomainId("1");
+        loginCmdResponse.setType("1");
+        loginCmdResponse.setUsername("userName");
+        loginCmdResponse.setAccount("someAccount");
+        loginCmdResponse.setFirstName("firstName");
+        loginCmdResponse.setLastName("lastName");
+        loginCmdResponse.setSessionKey("newSessionKeyString");
+        Mockito.when(apiServer.loginUser(Mockito.any(HttpSession.class), Mockito.anyString(), Mockito.anyString(),
+                Mockito.anyLong(), Mockito.anyString(), Mockito.anyString(), Mockito.anyMap())).thenReturn(loginCmdResponse);
+        try {
+            cmd.authenticate("command", params, session, "random", HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp);
+        } catch (ServerApiException exception) {
+            fail("SAML list and switch account API failed to pass for all valid data: " + exception.getMessage());
+        } finally {
+            // accountService should have been called 4 times by now, for this case twice and 2 for cases above
+            Mockito.verify(accountService, Mockito.times(4)).getUserAccountById(Mockito.anyLong());
+            Mockito.verify(resp, Mockito.times(1)).sendRedirect(Mockito.anyString());
+        }
+    }
+
+    @Test
+    public void testGetAPIType() {
+        Assert.assertTrue(new ListAndSwitchSAMLAccountCmd().getAPIType() == APIAuthenticationType.READONLY_API);
+    }
+
+}

From 5f06ef77d8275602a45285c64854314d5ec9dbf5 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Fri, 14 Aug 2015 11:44:47 +0530
Subject: [PATCH 044/115] CLOUDSTACK-8701: Add unit test for
 SAML2AuthManagerImpl

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../cloudstack/SAML2AuthManagerImplTest.java  | 174 ++++++++++++++++++
 1 file changed, 174 insertions(+)
 create mode 100644 plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAML2AuthManagerImplTest.java

diff --git a/plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAML2AuthManagerImplTest.java b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAML2AuthManagerImplTest.java
new file mode 100644
index 0000000000..b06a1372a8
--- /dev/null
+++ b/plugins/user-authenticators/saml2/test/org/apache/cloudstack/SAML2AuthManagerImplTest.java
@@ -0,0 +1,174 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cloudstack;
+
+import com.cloud.user.DomainManager;
+import com.cloud.user.User;
+import com.cloud.user.UserVO;
+import com.cloud.user.dao.UserDao;
+import junit.framework.TestCase;
+import org.apache.cloudstack.framework.security.keystore.KeystoreDao;
+import org.apache.cloudstack.saml.SAML2AuthManagerImpl;
+import org.apache.cloudstack.saml.SAMLTokenDao;
+import org.apache.cloudstack.saml.SAMLTokenVO;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.runners.MockitoJUnitRunner;
+
+import java.lang.reflect.Field;
+
+@RunWith(MockitoJUnitRunner.class)
+public class SAML2AuthManagerImplTest extends TestCase {
+    @Mock
+    private KeystoreDao ksDao;
+
+    @Mock
+    private SAMLTokenDao samlTokenDao;
+
+    @Mock
+    private UserDao userDao;
+
+    @Mock
+    DomainManager domainMgr;
+
+    SAML2AuthManagerImpl saml2AuthManager;
+
+    @Override
+    @Before
+    public void setUp() throws NoSuchFieldException, IllegalAccessException {
+        saml2AuthManager = Mockito.spy(new SAML2AuthManagerImpl());
+
+        Field ksDaoField = SAML2AuthManagerImpl.class.getDeclaredField("_ksDao");
+        ksDaoField.setAccessible(true);
+        ksDaoField.set(saml2AuthManager, ksDao);
+
+        Field samlTokenDaoField = SAML2AuthManagerImpl.class.getDeclaredField("_samlTokenDao");
+        samlTokenDaoField.setAccessible(true);
+        samlTokenDaoField.set(saml2AuthManager, samlTokenDao);
+
+        Field userDaoField = SAML2AuthManagerImpl.class.getDeclaredField("_userDao");
+        userDaoField.setAccessible(true);
+        userDaoField.set(saml2AuthManager, userDao);
+
+        Field domainMgrField = SAML2AuthManagerImpl.class.getDeclaredField("_domainMgr");
+        domainMgrField.setAccessible(true);
+        domainMgrField.set(saml2AuthManager, domainMgr);
+
+        // enable the plugin
+        Mockito.doReturn(true).when(saml2AuthManager).isSAMLPluginEnabled();
+    }
+
+    @Test
+    public void testIsUserAuthorized() {
+        final String entityID = "some IDP ID";
+
+        // Test unauthorized user
+        UserVO user = new UserVO(200L);
+        user.setUsername("someuser");
+        user.setSource(User.Source.UNKNOWN);
+        user.setExternalEntity(entityID);
+        Mockito.when(userDao.getUser(Mockito.anyLong())).thenReturn(user);
+        assertFalse(saml2AuthManager.isUserAuthorized(user.getId(), "someID"));
+
+        // Test authorized user with wrong IDP
+        user.setSource(User.Source.SAML2);
+        Mockito.when(userDao.getUser(Mockito.anyLong())).thenReturn(user);
+        assertFalse(saml2AuthManager.isUserAuthorized(user.getId(), "someID"));
+
+        // Test authorized user with wrong IDP
+        user.setSource(User.Source.SAML2);
+        Mockito.when(userDao.getUser(Mockito.anyLong())).thenReturn(user);
+        assertTrue(saml2AuthManager.isUserAuthorized(user.getId(), entityID));
+    }
+
+    @Test
+    public void testAuthorizeUser() {
+        // Test invalid user
+        Mockito.when(userDao.getUser(Mockito.anyLong())).thenReturn(null);
+        assertFalse(saml2AuthManager.authorizeUser(1L, "someID", true));
+
+        // Test valid user
+        UserVO user = new UserVO(200L);
+        user.setUsername("someuser");
+        Mockito.when(userDao.getUser(Mockito.anyLong())).thenReturn(user);
+        assertTrue(saml2AuthManager.authorizeUser(1L, "someID", true));
+        Mockito.verify(userDao, Mockito.atLeastOnce()).update(Mockito.anyLong(), Mockito.any(user.getClass()));
+    }
+
+
+
+    @Test
+    public void testSaveToken() {
+        // duplicate token test
+        Mockito.when(samlTokenDao.findByUuid(Mockito.anyString())).thenReturn(new SAMLTokenVO());
+        saml2AuthManager.saveToken("someAuthnID", null, "https://idp.bhaisaab.org/profile/shibboleth");
+        Mockito.verify(samlTokenDao, Mockito.times(0)).persist(Mockito.any(SAMLTokenVO.class));
+
+        // valid test
+        Mockito.when(samlTokenDao.findByUuid(Mockito.anyString())).thenReturn(null);
+        saml2AuthManager.saveToken("someAuthnID", null, "https://idp.bhaisaab.org/profile/shibboleth");
+        Mockito.verify(samlTokenDao, Mockito.times(1)).persist(Mockito.any(SAMLTokenVO.class));
+    }
+
+    @Test
+    public void testGetToken() {
+        SAMLTokenVO randomToken = new SAMLTokenVO("uuid", 1L, "someIDPDI");
+        Mockito.when(samlTokenDao.findByUuid(Mockito.anyString())).thenReturn(randomToken);
+        assertEquals(saml2AuthManager.getToken("someAuthnID"), randomToken);
+    }
+
+    @Test
+    public void testExpireToken() {
+        saml2AuthManager.expireTokens();
+        Mockito.verify(samlTokenDao, Mockito.atLeast(1)).expireTokens();
+    }
+
+    @Test
+    public void testPluginEnabled() {
+        assertTrue(saml2AuthManager.isSAMLPluginEnabled());
+    }
+
+    @Test
+    public void testPluginComponentName() {
+        assertEquals(saml2AuthManager.getConfigComponentName(), "SAML2-PLUGIN");
+    }
+
+    @Test
+    public void testGetCommands() {
+        // Plugin enabled
+        assertTrue(saml2AuthManager.getCommands().size() > 0);
+        assertTrue(saml2AuthManager.getAuthCommands().size() > 0);
+
+        // Plugin disabled
+        Mockito.doReturn(false).when(saml2AuthManager).isSAMLPluginEnabled();
+        assertTrue(saml2AuthManager.getCommands().size() == 0);
+        assertTrue(saml2AuthManager.getAuthCommands().size() == 0);
+        // Re-enable the plugin
+        Mockito.doReturn(true).when(saml2AuthManager).isSAMLPluginEnabled();
+    }
+
+    @Test
+    public void testConfigKeys() {
+        assertTrue(saml2AuthManager.getConfigKeys().length > 0);
+    }
+}

From 7055b2280f9cc7b20d7ab66cebade705b2a105b8 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Fri, 14 Aug 2015 13:12:29 +0530
Subject: [PATCH 045/115] CLOUDSTACK-8696: Port Rajani's regions fix to
 451to452 sql upgrade path

Upgrade paths from 4.5.1 exists to both 4.5.2, and 4.6.0. Since 4.5.2 and 4.6.0
are not release, and the bug affects 4.5 branch; this patch aims to port that
fix from master to both 4.5/master branches.

Ported from commit b6a7804

(cherry picked from commit a8af6f3658ded6e1c3538082fb4abeb7f30c420d)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 setup/db/db/schema-451to452.sql | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/setup/db/db/schema-451to452.sql b/setup/db/db/schema-451to452.sql
index 5c89008a83..d0aeabf3d1 100644
--- a/setup/db/db/schema-451to452.sql
+++ b/setup/db/db/schema-451to452.sql
@@ -33,3 +33,7 @@ CREATE TABLE `cloud`.`saml_token` (
   PRIMARY KEY (`id`),
   CONSTRAINT `fk_saml_token__domain_id` FOREIGN KEY(`domain_id`) REFERENCES `domain`(`id`) ON DELETE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+SET foreign_key_checks = 0;
+ALTER TABLE `cloud`.`region` MODIFY `id` int unsigned UNIQUE NOT NULL;
+SET foreign_key_checks = 1;

From f54d266c8b6c6e0333eeaa0021861b28e1ea2360 Mon Sep 17 00:00:00 2001
From: Kishan Kavala <kishan@apache.org>
Date: Thu, 2 Jul 2015 16:52:46 +0530
Subject: [PATCH 046/115] BUG-ID:CLOUDSTACK-7472: kvmclock fix for LXC is not
 required after fixing CLOUDSTACK-8177

This closes #557

(cherry picked from commit 3a19a8916eb7840302882cddd8465ac56150d32d)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
---
 .../hypervisor/kvm/resource/LibvirtComputingResource.java      | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index acd5e94795..ae48783ee6 100755
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -817,9 +817,6 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
         value = (String) params.get("kvmclock.disable");
         if (Boolean.parseBoolean(value)) {
             _noKvmClock = true;
-        } else if(HypervisorType.LXC.equals(_hypervisorType) && (value == null)){
-            //Disable kvmclock by default for LXC
-            _noKvmClock = true;
         }
 
         LibvirtConnection.initialize(_hypervisorURI);

From cc63611cc24f67fcfa8d8cd13e9da445d9220c1e Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Fri, 14 Aug 2015 13:54:06 +0530
Subject: [PATCH 047/115] tools: fix build_asf.sh release script to remove
 -SNAPSHOT from bunch of files

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 tools/build/build_asf.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tools/build/build_asf.sh b/tools/build/build_asf.sh
index 45b07aa158..5b49ebd6d5 100755
--- a/tools/build/build_asf.sh
+++ b/tools/build/build_asf.sh
@@ -96,6 +96,11 @@ perl -pi -e "s/<cs.xapi.version>6.2.0-1-SNAPSHOT<\/cs.xapi.version>/<cs.xapi.ver
 perl -pi -e "s/-SNAPSHOT//" tools/checkstyle/pom.xml
 perl -pi -e "s/-SNAPSHOT//" deps/XenServerJava/pom.xml
 perl -pi -e "s/-SNAPSHOT//" tools/apidoc/pom.xml
+perl -pi -e "s/-SNAPSHOT//" Dockerfile
+perl -pi -e "s/-SNAPSHOT//" build/replace.properties
+perl -pi -e "s/-SNAPSHOT//" services/console-proxy/plugin/pom.xml
+perl -pi -e "s/-SNAPSHOT//" tools/marvin/setup.py
+perl -pi -e "s/-SNAPSHOT//" tools/marvin/marvin/deployAndRun.py
 case "$currentversion" in 
   *-SNAPSHOT*)
     perl -pi -e 's/-SNAPSHOT//' debian/rules

From 9866e9707cc5fba95f242720b114b35c2880bceb Mon Sep 17 00:00:00 2001
From: Milamber <milamber@apache.org>
Date: Wed, 12 Aug 2015 20:43:38 +0100
Subject: [PATCH 048/115] =?UTF-8?q?Add=20missing=20localization=20for=20so?=
 =?UTF-8?q?me=20labels=20in=20Web=20UI=20-=20on=20the=20zone=20configurati?=
 =?UTF-8?q?on=20wizard=20for=20the=20"Next"=20button=20-=20on=20templates,?=
 =?UTF-8?q?=20Shared,=20extratable=20and=20Dynamically=20Scalable=20-=20Im?=
 =?UTF-8?q?prove=20some=20French=20translations=20("T=C3=A9l=C3=A9verser"?=
 =?UTF-8?q?=20for=20"Upload")=20-=20update=20French=20messages=20propertie?=
 =?UTF-8?q?s=20from=20transifex=20(4.5=20branch)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #687
---
 .../classes/resources/messages_fr_FR.properties  |  7 ++++---
 ui/scripts/templates.js                          | 16 ++++++++--------
 ui/scripts/ui-custom/zoneWizard.js               |  2 +-
 3 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/client/WEB-INF/classes/resources/messages_fr_FR.properties b/client/WEB-INF/classes/resources/messages_fr_FR.properties
index d8a26e5483..04c19d4672 100644
--- a/client/WEB-INF/classes/resources/messages_fr_FR.properties
+++ b/client/WEB-INF/classes/resources/messages_fr_FR.properties
@@ -878,7 +878,8 @@ label.load.balancing.policies=R\u00e8gles de r\u00e9partition de charge
 label.load.balancing=R\u00e9partition de charge
 label.loading=Chargement en cours
 label.local=Local
-label.local.storage.enabled=Stockage local activ\u00e9
+label.local.storage.enabled=Activer le stockage local pour les VMs Utilisateurs
+label.local.storage.enabled.system.vms=Activer le stockage local pour les VMs Syst\u00e8mes
 label.local.storage=Stockage local
 label.login=Connexion
 label.logout=D\u00e9connexion
@@ -1448,8 +1449,8 @@ label.update.ssl= Certificat SSL
 label.updating=Mise \u00e0 jour
 label.upgrade.required=Une mise \u00e0 jour est n\u00e9cessaire
 label.upgrade.router.newer.template=Mette \u00e0 jour le routeur pour utiliser le mod\u00e8le le plus r\u00e9cent
-label.upload=Charger
-label.upload.volume=Charger un volume
+label.upload=T\u00e9l\u00e9verser
+label.upload.volume=T\u00e9l\u00e9verser un volume
 label.url=URL
 label.usage.interface=Interface Utilisation
 label.usage.sanity.result=R\u00e9sultat de sant\u00e9 Usage
diff --git a/ui/scripts/templates.js b/ui/scripts/templates.js
index 1cb613b267..f0b8103afe 100644
--- a/ui/scripts/templates.js
+++ b/ui/scripts/templates.js
@@ -44,7 +44,7 @@
                             label: 'ui.listView.filters.mine'
                         },
                         shared: {
-                            label: 'Shared'
+                            label: 'label.shared'
                         },
                         featured: {
                             label: 'label.featured'
@@ -435,7 +435,7 @@
                                     },
 
                                     isExtractable: {
-                                        label: "extractable",
+                                        label: "label.extractable",
                                         docID: 'helpRegisterTemplateExtractable',
                                         isBoolean: true
                                     },
@@ -1318,7 +1318,7 @@
                                                     }
                                                 },
                                                 isextractable: {
-                                                    label: 'extractable',
+                                                    label: 'label.extractable',
                                                     isBoolean: true,
                                                     isEditable: function() {
                                                         if (isAdmin())
@@ -1335,7 +1335,7 @@
                                                     converter: cloudStack.converters.toBooleanText
                                                 },
                                                 isdynamicallyscalable: {
-                                                    label: 'Dynamically Scalable',
+                                                    label: 'label.dynamically.scalable',
                                                     isBoolean: true,
                                                     isEditable: true,
                                                     converter: cloudStack.converters.toBooleanText
@@ -1469,7 +1469,7 @@
                             label: 'ui.listView.filters.mine'
                         },
                         shared: {
-                            label: 'Shared'
+                            label: 'label.shared'
                         },
                         featured: {
                             label: 'label.featured'
@@ -1600,7 +1600,7 @@
                                     },
 
                                     isExtractable: {
-                                        label: "extractable",
+                                        label: "label.extractable",
                                         docID: 'helpRegisterISOExtractable',
                                         isBoolean: true
                                     },
@@ -2228,7 +2228,7 @@
                                                 }
                                             }, {
                                                 id: {
-                                                    label: 'ID'
+                                                    label: 'label.id'
                                                 },
                                                 zonename: {
                                                     label: 'label.zone.name'
@@ -2261,7 +2261,7 @@
                                                     }
                                                 },
                                                 isextractable: {
-                                                    label: 'extractable',
+                                                    label: 'label.extractable',
                                                     isBoolean: true,
                                                     isEditable: function() {
                                                         if (isAdmin())
diff --git a/ui/scripts/ui-custom/zoneWizard.js b/ui/scripts/ui-custom/zoneWizard.js
index 2c17f604ba..58ae3ff0a0 100644
--- a/ui/scripts/ui-custom/zoneWizard.js
+++ b/ui/scripts/ui-custom/zoneWizard.js
@@ -1206,7 +1206,7 @@
                 }
 
                 var $nextButton = $wizard.find('.button.next');
-                $nextButton.find('span').html('Next');
+                $nextButton.find('span').html(_l('label.next'));
                 $nextButton.removeClass('final post-launch');
 
                 // Show launch button if last step

From 606afe341dce93b7efe88d0989029848947f25aa Mon Sep 17 00:00:00 2001
From: Milamber <milamber@apache.org>
Date: Mon, 22 Jun 2015 21:44:03 +0000
Subject: [PATCH 049/115] Improve debug message when the scheduler prepare to
 snapshot (volume 'id' and add volume name)

Signed-off-by: Milamber <milamber@apache.org>
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #676
---
 .../src/com/cloud/storage/snapshot/SnapshotSchedulerImpl.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/src/com/cloud/storage/snapshot/SnapshotSchedulerImpl.java b/server/src/com/cloud/storage/snapshot/SnapshotSchedulerImpl.java
index 2fedeefd35..4ce2bba498 100644
--- a/server/src/com/cloud/storage/snapshot/SnapshotSchedulerImpl.java
+++ b/server/src/com/cloud/storage/snapshot/SnapshotSchedulerImpl.java
@@ -254,7 +254,8 @@ protected void scheduleSnapshots() {
                 if (s_logger.isDebugEnabled()) {
                     final Date scheduledTimestamp = snapshotToBeExecuted.getScheduledTimestamp();
                     displayTime = DateUtil.displayDateInTimezone(DateUtil.GMT_TIMEZONE, scheduledTimestamp);
-                    s_logger.debug("Scheduling 1 snapshot for volume " + volumeId + " for schedule id: " + snapshotToBeExecuted.getId() + " at " + displayTime);
+                    s_logger.debug("Scheduling 1 snapshot for volume id " + volumeId + " (volume name:" +
+                            volume.getName() + ") for schedule id: " + snapshotToBeExecuted.getId() + " at " + displayTime);
                 }
 
                 tmpSnapshotScheduleVO = _snapshotScheduleDao.acquireInLockTable(snapshotScheId);

From 35d522653f1c2ed2a00e9b35490c3f7de3bc38d8 Mon Sep 17 00:00:00 2001
From: Milamber <milamber@apache.org>
Date: Fri, 14 Aug 2015 10:40:21 +0100
Subject: [PATCH 050/115] Update L10N resource files on 4.5 branch with 4.5
 translation strings from Transifex (20150814)

---
 client/WEB-INF/classes/resources/messages_ar.properties    | 1 -
 client/WEB-INF/classes/resources/messages_de_DE.properties | 2 +-
 client/WEB-INF/classes/resources/messages_hu.properties    | 2 +-
 client/WEB-INF/classes/resources/messages_it_IT.properties | 1 -
 client/WEB-INF/classes/resources/messages_ja_JP.properties | 1 -
 client/WEB-INF/classes/resources/messages_ko_KR.properties | 1 -
 client/WEB-INF/classes/resources/messages_nl_NL.properties | 1 -
 client/WEB-INF/classes/resources/messages_pl.properties    | 1 -
 client/WEB-INF/classes/resources/messages_pt_BR.properties | 7 ++++++-
 client/WEB-INF/classes/resources/messages_ru_RU.properties | 1 -
 client/WEB-INF/classes/resources/messages_zh_CN.properties | 1 -
 11 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/client/WEB-INF/classes/resources/messages_ar.properties b/client/WEB-INF/classes/resources/messages_ar.properties
index de90c43610..334e8ea4e4 100644
--- a/client/WEB-INF/classes/resources/messages_ar.properties
+++ b/client/WEB-INF/classes/resources/messages_ar.properties
@@ -100,7 +100,6 @@ label.isolation.uri=\u0639\u0632\u0644 \u0627\u0644\u0631\u0627\u0628\u0637
 label.keyboard.type=\u0646\u0648\u0639 \u0644\u0648\u062d\u0629 \u0627\u0644\u0645\u0641\u0627\u062a\u064a\u062d
 label.lb.algorithm.leastconn=\u0623\u0642\u0644 \u0627\u0644\u0625\u062a\u0635\u0627\u0644\u0627\u062a
 label.lb.algorithm.source=\u0645\u0635\u062f\u0631
-label.local.storage.enabled=\u062a\u0645\u0643\u064a\u0646 \u0627\u0644\u062a\u062e\u0632\u064a\u0646 \u0627\u0644\u0645\u062d\u0644\u064a
 label.make.project.owner=\u062c\u0639\u0644 \u0627\u0644\u062d\u0633\u0627\u0628 \u0645\u0627\u0644\u0643 \u0644\u0644\u0645\u0634\u0631\u0648\u0639
 label.max.guest.limit=\u0627\u0644\u062d\u062f \u0627\u0644\u0623\u0642\u0635\u0627\u0621 \u0644\u0636\u064a\u0641
 label.memory.mb=\u0627\u0644\u0630\u0627\u0643\u0631\u0629 ( \u0628\u0627\u0644\u0645\u064a\u062c\u0627\u0628\u0627\u064a\u0628\u062a)
diff --git a/client/WEB-INF/classes/resources/messages_de_DE.properties b/client/WEB-INF/classes/resources/messages_de_DE.properties
index 7255e8ca76..b45349769a 100644
--- a/client/WEB-INF/classes/resources/messages_de_DE.properties
+++ b/client/WEB-INF/classes/resources/messages_de_DE.properties
@@ -269,6 +269,7 @@ label.add.ip.range=IP Bereich hinzuf\u00fcgen
 label.add.isolated.guest.network=Isoliertes Gastnetzwerk hinzuf\u00fcgen
 label.add.isolated.network=Isoliertes Netzwerk hinzuf\u00fcgen
 label.additional.networks=Zus\u00e4tzliche Networks
+label.add.LDAP.account=LDAP-Konto hinzuf\u00fcgen
 label.add.list.name=ACL-Listename
 label.add.load.balancer=Serverlastverteilung hinzuf\u00fcgen
 label.add.more=Mehr hinzuf\u00fcgen
@@ -707,7 +708,6 @@ label.load.balancer.type=Lastverteilungstyp
 label.load.balancing=Lastverteilung
 label.loading=Laden
 label.local=Lokal
-label.local.storage.enabled=Lokaler Speicher aktiviert
 label.local.storage=Lokaler Speicher
 label.login=Login
 label.logout=Abmelden
diff --git a/client/WEB-INF/classes/resources/messages_hu.properties b/client/WEB-INF/classes/resources/messages_hu.properties
index b91687e8f8..153d4fedfc 100644
--- a/client/WEB-INF/classes/resources/messages_hu.properties
+++ b/client/WEB-INF/classes/resources/messages_hu.properties
@@ -293,6 +293,7 @@ label.add.ip.range=IP c\u00edmtartom\u00e1ny felv\u00e9tele
 label.add.isolated.guest.network=Izol\u00e1lt vend\u00e9g h\u00e1l\u00f3zat felv\u00e9tele
 label.add.isolated.network=Izol\u00e1lt h\u00e1l\u00f3zat felv\u00e9tele
 label.additional.networks=Tov\u00e1bbi h\u00e1l\u00f3zatok
+label.add.LDAP.account=LDAP sz\u00e1mla felv\u00e9tele
 label.add.list.name=ACL lista n\u00e9v
 label.add.load.balancer=Terhel\u00e9seloszt\u00f3 felv\u00e9tele
 label.add.more=Tov\u00e1bbi felv\u00e9tele
@@ -876,7 +877,6 @@ label.load.balancing.policies=Terhel\u00e9seloszt\u00f3 szab\u00e1lyok
 label.load.balancing=Terhel\u00e9seloszt\u00e1s
 label.loading=Bet\u00f6lt\u00e9s
 label.local=Helyi
-label.local.storage.enabled=Helyi t\u00e1r bekapcsolva
 label.local.storage=Helyi t\u00e1r
 label.login=Bel\u00e9p\u00e9s
 label.logout=Kijelentkez\u00e9s
diff --git a/client/WEB-INF/classes/resources/messages_it_IT.properties b/client/WEB-INF/classes/resources/messages_it_IT.properties
index d445b9b328..eecccb708a 100644
--- a/client/WEB-INF/classes/resources/messages_it_IT.properties
+++ b/client/WEB-INF/classes/resources/messages_it_IT.properties
@@ -410,7 +410,6 @@ label.lb.algorithm.source=Sorgente
 label.LB.isolation=Isolamento di LB
 label.load.balancing=Bilanciamento di Carico
 label.load.balancing.policies=Politiche di Bilanciamento di Carico
-label.local.storage.enabled=Local storage abilitato
 label.local.storage=Storage locale
 label.LUN.number=LUN \#
 label.management=Gestione
diff --git a/client/WEB-INF/classes/resources/messages_ja_JP.properties b/client/WEB-INF/classes/resources/messages_ja_JP.properties
index cf3f07a936..a54ec89380 100644
--- a/client/WEB-INF/classes/resources/messages_ja_JP.properties
+++ b/client/WEB-INF/classes/resources/messages_ja_JP.properties
@@ -874,7 +874,6 @@ label.load.balancer=\u30ed\u30fc\u30c9 \u30d0\u30e9\u30f3\u30b5\u30fc
 label.load.balancing.policies=\u8ca0\u8377\u5206\u6563\u30dd\u30ea\u30b7\u30fc
 label.load.balancing=\u8ca0\u8377\u5206\u6563
 label.loading=\u30ed\u30fc\u30c9\u3057\u3066\u3044\u307e\u3059
-label.local.storage.enabled=\u30ed\u30fc\u30ab\u30eb \u30b9\u30c8\u30ec\u30fc\u30b8\u3092\u6709\u52b9\u306b\u3059\u308b
 label.local.storage=\u30ed\u30fc\u30ab\u30eb \u30b9\u30c8\u30ec\u30fc\u30b8
 label.local=\u30ed\u30fc\u30ab\u30eb
 label.login=\u30ed\u30b0\u30aa\u30f3
diff --git a/client/WEB-INF/classes/resources/messages_ko_KR.properties b/client/WEB-INF/classes/resources/messages_ko_KR.properties
index d96a217bbc..539ec42b60 100644
--- a/client/WEB-INF/classes/resources/messages_ko_KR.properties
+++ b/client/WEB-INF/classes/resources/messages_ko_KR.properties
@@ -642,7 +642,6 @@ label.load.balancer=\ub124\ud2b8\uc6cc\ud06c \ub85c\ub4dc \uacf5\uc720 \uc7a5\uc
 label.load.balancing.policies=\ub124\ud2b8\uc6cc\ud06c \ub85c\ub4dc \uacf5\uc720 \uc815\ucc45
 label.load.balancing=\ub124\ud2b8\uc6cc\ud06c \ub85c\ub4dc \uacf5\uc720
 label.loading=\ub85c\ub4dc \ud558\ub294 \uc911
-label.local.storage.enabled=\ub85c\uceec \uc2a4\ud1a0\ub9ac\uc9c0\ub294 \uc720\ud6a8
 label.local.storage=\ub85c\uceec \uc2a4\ud1a0\ub9ac\uc9c0
 label.local=\ub85c\uceec
 label.login=\ub85c\uadf8\uc778
diff --git a/client/WEB-INF/classes/resources/messages_nl_NL.properties b/client/WEB-INF/classes/resources/messages_nl_NL.properties
index 58ee3b1277..1fd0a53505 100644
--- a/client/WEB-INF/classes/resources/messages_nl_NL.properties
+++ b/client/WEB-INF/classes/resources/messages_nl_NL.properties
@@ -817,7 +817,6 @@ label.load.balancing=Load Balancing
 label.load.balancing.policies=Load balancing policies
 label.loading=Laden
 label.local=Lokaal
-label.local.storage.enabled=Lokale opslag ingeschakeld
 label.local.storage=Lokale Opslag
 label.login=Login
 label.logout=Log uit
diff --git a/client/WEB-INF/classes/resources/messages_pl.properties b/client/WEB-INF/classes/resources/messages_pl.properties
index ecfaad4f63..186fb8a8f3 100644
--- a/client/WEB-INF/classes/resources/messages_pl.properties
+++ b/client/WEB-INF/classes/resources/messages_pl.properties
@@ -286,7 +286,6 @@ label.lb.algorithm.leastconn=Ostatnie po\u0142\u0105czenie
 label.level=Poziom
 label.loading=Wczytywanie
 label.local=Lokalne
-label.local.storage.enabled=Pami\u0119\u0107 lokalna w\u0142\u0105czona
 label.local.storage=Pami\u0119\u0107 lokalna
 label.login=Zaloguj
 label.logout=Wyloguj
diff --git a/client/WEB-INF/classes/resources/messages_pt_BR.properties b/client/WEB-INF/classes/resources/messages_pt_BR.properties
index 6d4e168fef..682ff2597c 100644
--- a/client/WEB-INF/classes/resources/messages_pt_BR.properties
+++ b/client/WEB-INF/classes/resources/messages_pt_BR.properties
@@ -68,6 +68,7 @@ label.action.cancel.maintenance.mode.processing=Cancelando Modo de Manuten\u00e7
 label.action.change.password=Troca de Senha
 label.action.change.service.processing=Trocando de Plano....
 label.action.change.service=Trocar Plano
+label.action.configure.samlauthorization=Configurar Autoriza\u00e7\u00e3o SAML SSO
 label.action.copy.ISO=Copiar ISO
 label.action.copy.ISO.processing=Copiando ISO...
 label.action.copy.template=Copiar Template
@@ -293,6 +294,7 @@ label.add.ip.range=Adicionar Range de IP
 label.add.isolated.guest.network=Adiciona Rede Guest Isolada
 label.add.isolated.network=Adiciona Rede Isolada
 label.additional.networks=Redes Adicionais
+label.add.LDAP.account=Adicionar Conta LDAP
 label.add.list.name=Nome de Lista ACL
 label.add.load.balancer=Adicionar Balanceador de Carga
 label.add.more=Adicionar Mais
@@ -876,7 +878,8 @@ label.load.balancing=Balanceamento de Carga
 label.load.balancing.policies=Pol\u00edticas de balanceamento de carga
 label.loading=Carregando
 label.local=Local
-label.local.storage.enabled=Storage local habilitada
+label.local.storage.enabled=Habilitar storage local para VMs de usu\u00e1rios
+label.local.storage.enabled.system.vms=Habilitar storage local para VMs de Sistema
 label.local.storage=Storage Local
 label.login=Entrar
 label.logout=Sair
@@ -1249,6 +1252,8 @@ label.s3.nfs.server=Servidor NFS S3
 label.s3.secret_key=Chave Secreta
 label.s3.socket_timeout=Tempo limite no socket
 label.s3.use_https=Use HTTPS
+label.saml.enable=Autorizar SAML SSO
+label.saml.entity=Provedor de Identidade
 label.saturday=S\u00e1bado
 label.save.and.continue=Salvar e continuar
 label.save=Salvar
diff --git a/client/WEB-INF/classes/resources/messages_ru_RU.properties b/client/WEB-INF/classes/resources/messages_ru_RU.properties
index ae1ed000e9..270e5af40f 100644
--- a/client/WEB-INF/classes/resources/messages_ru_RU.properties
+++ b/client/WEB-INF/classes/resources/messages_ru_RU.properties
@@ -712,7 +712,6 @@ label.load.balancer=\u0411\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432
 label.load.balancing.policies=\u041f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
 label.load.balancing=\u0411\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438
 label.loading=\u0417\u0430\u0433\u0440\u0443\u0437\u043a\u0430
-label.local.storage.enabled=\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e
 label.local.storage=\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435
 label.local=\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439
 label.login=\u0412\u043e\u0439\u0442\u0438
diff --git a/client/WEB-INF/classes/resources/messages_zh_CN.properties b/client/WEB-INF/classes/resources/messages_zh_CN.properties
index a4af8f70ec..718e415ccd 100644
--- a/client/WEB-INF/classes/resources/messages_zh_CN.properties
+++ b/client/WEB-INF/classes/resources/messages_zh_CN.properties
@@ -867,7 +867,6 @@ label.load.balancer=\u8d1f\u8f7d\u5e73\u8861\u5668
 label.load.balancing.policies=\u8d1f\u8f7d\u5e73\u8861\u7b56\u7565
 label.load.balancing=\u8d1f\u8f7d\u5e73\u8861
 label.loading=\u6b63\u5728\u52a0\u8f7d
-label.local.storage.enabled=\u5df2\u542f\u7528\u672c\u5730\u5b58\u50a8
 label.local.storage=\u672c\u5730\u5b58\u50a8
 label.local=\u672c\u5730
 label.login=\u767b\u5f55

From b655104b77286889cc849a5bad4fcceb38234606 Mon Sep 17 00:00:00 2001
From: Remi Bergsma <github@remi.nl>
Date: Fri, 7 Aug 2015 13:55:36 +0200
Subject: [PATCH 051/115] CLOUDSTACK-8709 No out of band migrate alert for
 non-routers

(cherry picked from commit daa30c472201e69c4f932ab504352e195b535199)
Signed-off-by: Remi Bergsma <github@remi.nl>
---
 .../network/router/VirtualNetworkApplianceManagerImpl.java      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index 73aa94c83d..2b94aaff98 100755
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -4480,7 +4480,7 @@ public boolean postStateTransitionEvent(StateMachine2.Transition<State, VirtualM
                 s_logger.info("Schedule a router reboot task as router " + vo.getId() + " is powered-on out-of-band. we need to reboot to refresh network rules");
                 _executor.schedule(new RebootTask(vo.getId()), 1000, TimeUnit.MICROSECONDS);
         } else {
-            if (isOutOfBandMigrated(opaque)) {
+            if (isOutOfBandMigrated(opaque) && (vo.getType() == VirtualMachine.Type.DomainRouter)) {
                 final String title = "Router has been migrated out of band: " + vo.getInstanceName();
                 final String context =
                         "An out of band migration of router " + vo.getInstanceName() + "(" + vo.getUuid() + ") was detected. No automated action was performed.";

From 7385441807ba3fde3d45c226df6b1bdd2f36ae26 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 19 Aug 2015 14:42:54 +0530
Subject: [PATCH 052/115] Updating pom.xml version numbers for release 4.5.2

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 Dockerfile                                                  | 2 +-
 agent/pom.xml                                               | 2 +-
 api/pom.xml                                                 | 2 +-
 awsapi/pom.xml                                              | 2 +-
 build/replace.properties                                    | 2 +-
 client/pom.xml                                              | 2 +-
 core/pom.xml                                                | 2 +-
 debian/changelog                                            | 6 ++++++
 developer/pom.xml                                           | 2 +-
 engine/api/pom.xml                                          | 2 +-
 engine/components-api/pom.xml                               | 2 +-
 engine/network/pom.xml                                      | 2 +-
 engine/orchestration/pom.xml                                | 2 +-
 engine/pom.xml                                              | 2 +-
 engine/schema/pom.xml                                       | 2 +-
 engine/service/pom.xml                                      | 2 +-
 engine/storage/cache/pom.xml                                | 2 +-
 engine/storage/datamotion/pom.xml                           | 2 +-
 engine/storage/image/pom.xml                                | 2 +-
 engine/storage/integration-test/pom.xml                     | 2 +-
 engine/storage/pom.xml                                      | 2 +-
 engine/storage/snapshot/pom.xml                             | 2 +-
 engine/storage/volume/pom.xml                               | 2 +-
 framework/cluster/pom.xml                                   | 2 +-
 framework/config/pom.xml                                    | 2 +-
 framework/db/pom.xml                                        | 2 +-
 framework/events/pom.xml                                    | 2 +-
 framework/ipc/pom.xml                                       | 2 +-
 framework/jobs/pom.xml                                      | 2 +-
 framework/managed-context/pom.xml                           | 2 +-
 framework/pom.xml                                           | 2 +-
 framework/rest/pom.xml                                      | 2 +-
 framework/security/pom.xml                                  | 2 +-
 framework/spring/lifecycle/pom.xml                          | 2 +-
 framework/spring/module/pom.xml                             | 2 +-
 maven-standard/pom.xml                                      | 2 +-
 plugins/acl/static-role-based/pom.xml                       | 2 +-
 .../affinity-group-processors/explicit-dedication/pom.xml   | 2 +-
 .../affinity-group-processors/host-anti-affinity/pom.xml    | 2 +-
 plugins/alert-handlers/snmp-alerts/pom.xml                  | 2 +-
 plugins/alert-handlers/syslog-alerts/pom.xml                | 2 +-
 plugins/api/discovery/pom.xml                               | 2 +-
 plugins/api/rate-limit/pom.xml                              | 2 +-
 plugins/api/solidfire-intg-test/pom.xml                     | 2 +-
 plugins/database/mysql-ha/pom.xml                           | 2 +-
 plugins/dedicated-resources/pom.xml                         | 2 +-
 plugins/deployment-planners/implicit-dedication/pom.xml     | 2 +-
 plugins/deployment-planners/user-concentrated-pod/pom.xml   | 2 +-
 plugins/deployment-planners/user-dispersing/pom.xml         | 2 +-
 plugins/event-bus/inmemory/pom.xml                          | 2 +-
 plugins/event-bus/rabbitmq/pom.xml                          | 2 +-
 plugins/file-systems/netapp/pom.xml                         | 2 +-
 plugins/ha-planners/skip-heurestics/pom.xml                 | 2 +-
 plugins/host-allocators/random/pom.xml                      | 2 +-
 plugins/hypervisors/baremetal/pom.xml                       | 2 +-
 plugins/hypervisors/hyperv/pom.xml                          | 2 +-
 plugins/hypervisors/kvm/pom.xml                             | 2 +-
 plugins/hypervisors/ovm/pom.xml                             | 2 +-
 plugins/hypervisors/simulator/pom.xml                       | 2 +-
 plugins/hypervisors/ucs/pom.xml                             | 2 +-
 plugins/hypervisors/vmware/pom.xml                          | 2 +-
 plugins/hypervisors/xenserver/pom.xml                       | 2 +-
 plugins/network-elements/bigswitch-vns/pom.xml              | 2 +-
 plugins/network-elements/brocade-vcs/pom.xml                | 2 +-
 plugins/network-elements/cisco-vnmc/pom.xml                 | 2 +-
 plugins/network-elements/dns-notifier/pom.xml               | 2 +-
 plugins/network-elements/elastic-loadbalancer/pom.xml       | 2 +-
 plugins/network-elements/f5/pom.xml                         | 2 +-
 plugins/network-elements/globodns/pom.xml                   | 2 +-
 plugins/network-elements/internal-loadbalancer/pom.xml      | 2 +-
 plugins/network-elements/juniper-contrail/pom.xml           | 2 +-
 plugins/network-elements/juniper-srx/pom.xml                | 2 +-
 plugins/network-elements/midonet/pom.xml                    | 2 +-
 plugins/network-elements/netscaler/pom.xml                  | 2 +-
 plugins/network-elements/nicira-nvp/pom.xml                 | 2 +-
 plugins/network-elements/nuage-vsp/pom.xml                  | 2 +-
 plugins/network-elements/opendaylight/pom.xml               | 2 +-
 plugins/network-elements/ovs/pom.xml                        | 2 +-
 plugins/network-elements/palo-alto/pom.xml                  | 2 +-
 plugins/network-elements/stratosphere-ssp/pom.xml           | 2 +-
 plugins/network-elements/vxlan/pom.xml                      | 2 +-
 plugins/pom.xml                                             | 2 +-
 plugins/storage-allocators/random/pom.xml                   | 2 +-
 plugins/storage/image/default/pom.xml                       | 2 +-
 plugins/storage/image/s3/pom.xml                            | 2 +-
 plugins/storage/image/sample/pom.xml                        | 2 +-
 plugins/storage/image/swift/pom.xml                         | 2 +-
 plugins/storage/volume/cloudbyte/pom.xml                    | 2 +-
 plugins/storage/volume/default/pom.xml                      | 2 +-
 plugins/storage/volume/nexenta/pom.xml                      | 2 +-
 plugins/storage/volume/sample/pom.xml                       | 2 +-
 plugins/storage/volume/solidfire/pom.xml                    | 2 +-
 plugins/user-authenticators/ldap/pom.xml                    | 2 +-
 plugins/user-authenticators/md5/pom.xml                     | 2 +-
 plugins/user-authenticators/pbkdf2/pom.xml                  | 2 +-
 plugins/user-authenticators/plain-text/pom.xml              | 2 +-
 plugins/user-authenticators/saml2/pom.xml                   | 2 +-
 plugins/user-authenticators/sha256salted/pom.xml            | 2 +-
 pom.xml                                                     | 2 +-
 quickcloud/pom.xml                                          | 2 +-
 server/pom.xml                                              | 2 +-
 services/console-proxy-rdp/rdpconsole/pom.xml               | 2 +-
 services/console-proxy/plugin/pom.xml                       | 2 +-
 services/console-proxy/pom.xml                              | 2 +-
 services/console-proxy/server/pom.xml                       | 2 +-
 services/pom.xml                                            | 2 +-
 services/secondary-storage/controller/pom.xml               | 2 +-
 services/secondary-storage/pom.xml                          | 2 +-
 services/secondary-storage/server/pom.xml                   | 2 +-
 systemvm/pom.xml                                            | 2 +-
 test/pom.xml                                                | 2 +-
 tools/apidoc/pom.xml                                        | 2 +-
 tools/checkstyle/pom.xml                                    | 2 +-
 tools/devcloud-kvm/pom.xml                                  | 2 +-
 tools/devcloud/pom.xml                                      | 2 +-
 tools/marvin/marvin/deployAndRun.py                         | 2 +-
 tools/marvin/pom.xml                                        | 2 +-
 tools/marvin/setup.py                                       | 2 +-
 tools/pom.xml                                               | 2 +-
 tools/wix-cloudstack-maven-plugin/pom.xml                   | 2 +-
 usage/pom.xml                                               | 2 +-
 utils/pom.xml                                               | 2 +-
 vmware-base/pom.xml                                         | 2 +-
 123 files changed, 128 insertions(+), 122 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ee0fc01827..32e2c74e53 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -30,7 +30,7 @@ RUN (/usr/bin/mysqld_safe &); \
     sleep 3; \
     mvn -Pdeveloper -pl developer -Ddeploydb; \
     mvn -Pdeveloper -pl developer -Ddeploydb-simulator; \
-    pip install tools/marvin/dist/Marvin-4.5.2-SNAPSHOT.tar.gz
+    pip install tools/marvin/dist/Marvin-4.5.2.tar.gz
 
 EXPOSE 8080
 
diff --git a/agent/pom.xml b/agent/pom.xml
index b8d24f97a7..9a427a3783 100644
--- a/agent/pom.xml
+++ b/agent/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/api/pom.xml b/api/pom.xml
index eaccd7d2dd..595de1811a 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/awsapi/pom.xml b/awsapi/pom.xml
index 9366ccbd9d..371b17d342 100644
--- a/awsapi/pom.xml
+++ b/awsapi/pom.xml
@@ -26,7 +26,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/build/replace.properties b/build/replace.properties
index 791334d3c3..76732191c0 100644
--- a/build/replace.properties
+++ b/build/replace.properties
@@ -27,4 +27,4 @@ MSMNTDIR=/mnt
 COMPONENTS-SPEC=components.xml
 AWSAPILOG=awsapi.log
 REMOTEHOST=localhost
-COMMONLIBDIR=client/target/cloud-client-ui-4.5.2-SNAPSHOT/WEB-INF/lib/
+COMMONLIBDIR=client/target/cloud-client-ui-4.5.2/WEB-INF/lib/
diff --git a/client/pom.xml b/client/pom.xml
index db9d384107..13e1411b97 100644
--- a/client/pom.xml
+++ b/client/pom.xml
@@ -17,7 +17,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/core/pom.xml b/core/pom.xml
index a212558c58..39dc04ca1c 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/debian/changelog b/debian/changelog
index 1f0980da88..2843055070 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+cloudstack (4.5.2) unstable; urgency=low
+
+  * Update the version to 4.5.2
+
+ -- the Apache CloudStack project <dev@cloudstack.apache.org>  Wed, 19 Aug 2015 14:42:53 +0530
+
 cloudstack (4.5.1) unstable; urgency=low
 
   * Update the version to 4.5.1
diff --git a/developer/pom.xml b/developer/pom.xml
index 6717a6242a..8612e12e78 100644
--- a/developer/pom.xml
+++ b/developer/pom.xml
@@ -18,7 +18,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/engine/api/pom.xml b/engine/api/pom.xml
index effee4e00d..293110473c 100644
--- a/engine/api/pom.xml
+++ b/engine/api/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/components-api/pom.xml b/engine/components-api/pom.xml
index 6a47a6861d..645e1f1930 100644
--- a/engine/components-api/pom.xml
+++ b/engine/components-api/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/network/pom.xml b/engine/network/pom.xml
index 43cc15659e..c9a17550e5 100644
--- a/engine/network/pom.xml
+++ b/engine/network/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/orchestration/pom.xml b/engine/orchestration/pom.xml
index aa1e137634..e1bb541b48 100755
--- a/engine/orchestration/pom.xml
+++ b/engine/orchestration/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/pom.xml b/engine/pom.xml
index 727f003cef..8de7223c5e 100644
--- a/engine/pom.xml
+++ b/engine/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/engine/schema/pom.xml b/engine/schema/pom.xml
index bc405f0220..ed8cb59959 100644
--- a/engine/schema/pom.xml
+++ b/engine/schema/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/service/pom.xml b/engine/service/pom.xml
index f110a32e63..6673a5e2cf 100644
--- a/engine/service/pom.xml
+++ b/engine/service/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <artifactId>cloud-engine-service</artifactId>
   <packaging>war</packaging>
diff --git a/engine/storage/cache/pom.xml b/engine/storage/cache/pom.xml
index b1b60b934e..f35c6ba7b3 100644
--- a/engine/storage/cache/pom.xml
+++ b/engine/storage/cache/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/datamotion/pom.xml b/engine/storage/datamotion/pom.xml
index 434bca5612..d83d3eb24e 100644
--- a/engine/storage/datamotion/pom.xml
+++ b/engine/storage/datamotion/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/image/pom.xml b/engine/storage/image/pom.xml
index 9c0ae50892..b9a31b70cf 100644
--- a/engine/storage/image/pom.xml
+++ b/engine/storage/image/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/integration-test/pom.xml b/engine/storage/integration-test/pom.xml
index 3890a14ca9..a864e36e38 100644
--- a/engine/storage/integration-test/pom.xml
+++ b/engine/storage/integration-test/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/pom.xml b/engine/storage/pom.xml
index f78785da33..5cc7f4e790 100644
--- a/engine/storage/pom.xml
+++ b/engine/storage/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/snapshot/pom.xml b/engine/storage/snapshot/pom.xml
index 190db5ded5..a2e74382f4 100644
--- a/engine/storage/snapshot/pom.xml
+++ b/engine/storage/snapshot/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/volume/pom.xml b/engine/storage/volume/pom.xml
index 21d2375f9f..af575429e6 100644
--- a/engine/storage/volume/pom.xml
+++ b/engine/storage/volume/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/cluster/pom.xml b/framework/cluster/pom.xml
index b0ad835662..6725eaa312 100644
--- a/framework/cluster/pom.xml
+++ b/framework/cluster/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/config/pom.xml b/framework/config/pom.xml
index 4bd8519f26..70852167e7 100644
--- a/framework/config/pom.xml
+++ b/framework/config/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/db/pom.xml b/framework/db/pom.xml
index f61e321a5c..175f4273bf 100644
--- a/framework/db/pom.xml
+++ b/framework/db/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/events/pom.xml b/framework/events/pom.xml
index e8b8e34c70..879fd014d5 100644
--- a/framework/events/pom.xml
+++ b/framework/events/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/ipc/pom.xml b/framework/ipc/pom.xml
index 8350cb0173..eaf4512a8b 100644
--- a/framework/ipc/pom.xml
+++ b/framework/ipc/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/jobs/pom.xml b/framework/jobs/pom.xml
index 745c3c6669..f36d5d17a3 100644
--- a/framework/jobs/pom.xml
+++ b/framework/jobs/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>  
   <dependencies>
diff --git a/framework/managed-context/pom.xml b/framework/managed-context/pom.xml
index 886d93a761..79dca68f78 100644
--- a/framework/managed-context/pom.xml
+++ b/framework/managed-context/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-maven-standard</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../maven-standard/pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/pom.xml b/framework/pom.xml
index 42206929f4..84a4469daa 100644
--- a/framework/pom.xml
+++ b/framework/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <build>
     <defaultGoal>install</defaultGoal>
diff --git a/framework/rest/pom.xml b/framework/rest/pom.xml
index d18d8593eb..381b638f65 100644
--- a/framework/rest/pom.xml
+++ b/framework/rest/pom.xml
@@ -22,7 +22,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <artifactId>cloud-framework-rest</artifactId>
diff --git a/framework/security/pom.xml b/framework/security/pom.xml
index 631da2e036..2088080bab 100644
--- a/framework/security/pom.xml
+++ b/framework/security/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/spring/lifecycle/pom.xml b/framework/spring/lifecycle/pom.xml
index 842e0be86e..c648d2604c 100644
--- a/framework/spring/lifecycle/pom.xml
+++ b/framework/spring/lifecycle/pom.xml
@@ -16,7 +16,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloud-maven-standard</artifactId>
-        <version>4.5.2-SNAPSHOT</version>
+        <version>4.5.2</version>
         <relativePath>../../../maven-standard/pom.xml</relativePath>
     </parent>
     <dependencies>
diff --git a/framework/spring/module/pom.xml b/framework/spring/module/pom.xml
index 44d305218b..868b5f41ca 100644
--- a/framework/spring/module/pom.xml
+++ b/framework/spring/module/pom.xml
@@ -24,7 +24,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloud-maven-standard</artifactId>
-        <version>4.5.2-SNAPSHOT</version>
+        <version>4.5.2</version>
         <relativePath>../../../maven-standard/pom.xml</relativePath>
     </parent>
     <dependencies>
diff --git a/maven-standard/pom.xml b/maven-standard/pom.xml
index ed1d8c4eda..9288f99e39 100644
--- a/maven-standard/pom.xml
+++ b/maven-standard/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/acl/static-role-based/pom.xml b/plugins/acl/static-role-based/pom.xml
index f68ce46b01..24235abcd2 100644
--- a/plugins/acl/static-role-based/pom.xml
+++ b/plugins/acl/static-role-based/pom.xml
@@ -26,7 +26,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/affinity-group-processors/explicit-dedication/pom.xml b/plugins/affinity-group-processors/explicit-dedication/pom.xml
index 30d0760e75..3e8708e146 100644
--- a/plugins/affinity-group-processors/explicit-dedication/pom.xml
+++ b/plugins/affinity-group-processors/explicit-dedication/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/affinity-group-processors/host-anti-affinity/pom.xml b/plugins/affinity-group-processors/host-anti-affinity/pom.xml
index b57127e1c1..70a6a5f459 100644
--- a/plugins/affinity-group-processors/host-anti-affinity/pom.xml
+++ b/plugins/affinity-group-processors/host-anti-affinity/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/alert-handlers/snmp-alerts/pom.xml b/plugins/alert-handlers/snmp-alerts/pom.xml
index c46015e09d..2dfbb08c04 100644
--- a/plugins/alert-handlers/snmp-alerts/pom.xml
+++ b/plugins/alert-handlers/snmp-alerts/pom.xml
@@ -22,7 +22,7 @@
   <parent>
     <artifactId>cloudstack-plugins</artifactId>
     <groupId>org.apache.cloudstack</groupId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
diff --git a/plugins/alert-handlers/syslog-alerts/pom.xml b/plugins/alert-handlers/syslog-alerts/pom.xml
index 747b0abf96..ffab04aaa4 100644
--- a/plugins/alert-handlers/syslog-alerts/pom.xml
+++ b/plugins/alert-handlers/syslog-alerts/pom.xml
@@ -22,7 +22,7 @@
   <parent>
     <artifactId>cloudstack-plugins</artifactId>
     <groupId>org.apache.cloudstack</groupId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
diff --git a/plugins/api/discovery/pom.xml b/plugins/api/discovery/pom.xml
index 9018d7330e..280426e557 100644
--- a/plugins/api/discovery/pom.xml
+++ b/plugins/api/discovery/pom.xml
@@ -26,7 +26,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/api/rate-limit/pom.xml b/plugins/api/rate-limit/pom.xml
index 03032a06e7..7e084d0a35 100644
--- a/plugins/api/rate-limit/pom.xml
+++ b/plugins/api/rate-limit/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/api/solidfire-intg-test/pom.xml b/plugins/api/solidfire-intg-test/pom.xml
index 76459c26d4..dd41153e44 100644
--- a/plugins/api/solidfire-intg-test/pom.xml
+++ b/plugins/api/solidfire-intg-test/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/database/mysql-ha/pom.xml b/plugins/database/mysql-ha/pom.xml
index 1a3c2dea76..4d7eb4fd1c 100644
--- a/plugins/database/mysql-ha/pom.xml
+++ b/plugins/database/mysql-ha/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/dedicated-resources/pom.xml b/plugins/dedicated-resources/pom.xml
index 859e136991..95c4399d9a 100644
--- a/plugins/dedicated-resources/pom.xml
+++ b/plugins/dedicated-resources/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/deployment-planners/implicit-dedication/pom.xml b/plugins/deployment-planners/implicit-dedication/pom.xml
index 0d833a5793..17064ac3b6 100644
--- a/plugins/deployment-planners/implicit-dedication/pom.xml
+++ b/plugins/deployment-planners/implicit-dedication/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/deployment-planners/user-concentrated-pod/pom.xml b/plugins/deployment-planners/user-concentrated-pod/pom.xml
index dce8043577..7bc823740b 100644
--- a/plugins/deployment-planners/user-concentrated-pod/pom.xml
+++ b/plugins/deployment-planners/user-concentrated-pod/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/deployment-planners/user-dispersing/pom.xml b/plugins/deployment-planners/user-dispersing/pom.xml
index 2ea14ca21b..90b455b351 100644
--- a/plugins/deployment-planners/user-dispersing/pom.xml
+++ b/plugins/deployment-planners/user-dispersing/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/event-bus/inmemory/pom.xml b/plugins/event-bus/inmemory/pom.xml
index f1a784eb98..fffdd1f0aa 100644
--- a/plugins/event-bus/inmemory/pom.xml
+++ b/plugins/event-bus/inmemory/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/event-bus/rabbitmq/pom.xml b/plugins/event-bus/rabbitmq/pom.xml
index 931d37203d..0bf1ab2a6e 100644
--- a/plugins/event-bus/rabbitmq/pom.xml
+++ b/plugins/event-bus/rabbitmq/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/file-systems/netapp/pom.xml b/plugins/file-systems/netapp/pom.xml
index 43fb2814c8..be74372835 100644
--- a/plugins/file-systems/netapp/pom.xml
+++ b/plugins/file-systems/netapp/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/ha-planners/skip-heurestics/pom.xml b/plugins/ha-planners/skip-heurestics/pom.xml
index 4c85903170..9294e92bdc 100644
--- a/plugins/ha-planners/skip-heurestics/pom.xml
+++ b/plugins/ha-planners/skip-heurestics/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/host-allocators/random/pom.xml b/plugins/host-allocators/random/pom.xml
index 11cb98eaac..3b5ed705f0 100644
--- a/plugins/host-allocators/random/pom.xml
+++ b/plugins/host-allocators/random/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/hypervisors/baremetal/pom.xml b/plugins/hypervisors/baremetal/pom.xml
index f2be2c2e94..92e85c1266 100755
--- a/plugins/hypervisors/baremetal/pom.xml
+++ b/plugins/hypervisors/baremetal/pom.xml
@@ -21,7 +21,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <artifactId>cloud-plugin-hypervisor-baremetal</artifactId>
diff --git a/plugins/hypervisors/hyperv/pom.xml b/plugins/hypervisors/hyperv/pom.xml
index 89764a2596..d93b70c5a6 100644
--- a/plugins/hypervisors/hyperv/pom.xml
+++ b/plugins/hypervisors/hyperv/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <properties>
diff --git a/plugins/hypervisors/kvm/pom.xml b/plugins/hypervisors/kvm/pom.xml
index 43695a2950..a7c04aac98 100644
--- a/plugins/hypervisors/kvm/pom.xml
+++ b/plugins/hypervisors/kvm/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/hypervisors/ovm/pom.xml b/plugins/hypervisors/ovm/pom.xml
index 921fceab68..4046407ce9 100644
--- a/plugins/hypervisors/ovm/pom.xml
+++ b/plugins/hypervisors/ovm/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/hypervisors/simulator/pom.xml b/plugins/hypervisors/simulator/pom.xml
index 67d85d5ebe..e021d32184 100644
--- a/plugins/hypervisors/simulator/pom.xml
+++ b/plugins/hypervisors/simulator/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloudstack-plugins</artifactId>
-        <version>4.5.2-SNAPSHOT</version>
+        <version>4.5.2</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <artifactId>cloud-plugin-hypervisor-simulator</artifactId>
diff --git a/plugins/hypervisors/ucs/pom.xml b/plugins/hypervisors/ucs/pom.xml
index 80405e48be..52eee87dcb 100755
--- a/plugins/hypervisors/ucs/pom.xml
+++ b/plugins/hypervisors/ucs/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <artifactId>cloud-plugin-hypervisor-ucs</artifactId>
diff --git a/plugins/hypervisors/vmware/pom.xml b/plugins/hypervisors/vmware/pom.xml
index 48f362cc1a..c73028c305 100644
--- a/plugins/hypervisors/vmware/pom.xml
+++ b/plugins/hypervisors/vmware/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/hypervisors/xenserver/pom.xml b/plugins/hypervisors/xenserver/pom.xml
index 8385eff06d..b9c2d33d0d 100644
--- a/plugins/hypervisors/xenserver/pom.xml
+++ b/plugins/hypervisors/xenserver/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/bigswitch-vns/pom.xml b/plugins/network-elements/bigswitch-vns/pom.xml
index 4b6fac9b2a..0c0638fcbb 100644
--- a/plugins/network-elements/bigswitch-vns/pom.xml
+++ b/plugins/network-elements/bigswitch-vns/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/brocade-vcs/pom.xml b/plugins/network-elements/brocade-vcs/pom.xml
index c325987dab..112c1a564b 100644
--- a/plugins/network-elements/brocade-vcs/pom.xml
+++ b/plugins/network-elements/brocade-vcs/pom.xml
@@ -16,7 +16,7 @@
 	<parent>
 		<groupId>org.apache.cloudstack</groupId>
 		<artifactId>cloudstack-plugins</artifactId>
-		<version>4.5.2-SNAPSHOT</version>
+		<version>4.5.2</version>
 		<relativePath>../../pom.xml</relativePath>
 	</parent>
 
diff --git a/plugins/network-elements/cisco-vnmc/pom.xml b/plugins/network-elements/cisco-vnmc/pom.xml
index 4e4373d7aa..6671077e8e 100644
--- a/plugins/network-elements/cisco-vnmc/pom.xml
+++ b/plugins/network-elements/cisco-vnmc/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/dns-notifier/pom.xml b/plugins/network-elements/dns-notifier/pom.xml
index 32988d0aa1..7b4602e539 100644
--- a/plugins/network-elements/dns-notifier/pom.xml
+++ b/plugins/network-elements/dns-notifier/pom.xml
@@ -22,7 +22,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <artifactId>cloud-plugin-example-dns-notifier</artifactId>
diff --git a/plugins/network-elements/elastic-loadbalancer/pom.xml b/plugins/network-elements/elastic-loadbalancer/pom.xml
index 12fa8a6f44..bb1b79fc21 100644
--- a/plugins/network-elements/elastic-loadbalancer/pom.xml
+++ b/plugins/network-elements/elastic-loadbalancer/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/f5/pom.xml b/plugins/network-elements/f5/pom.xml
index e0165d25e1..3a24d865e5 100644
--- a/plugins/network-elements/f5/pom.xml
+++ b/plugins/network-elements/f5/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/globodns/pom.xml b/plugins/network-elements/globodns/pom.xml
index abea5f83aa..a3df2e4746 100644
--- a/plugins/network-elements/globodns/pom.xml
+++ b/plugins/network-elements/globodns/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/internal-loadbalancer/pom.xml b/plugins/network-elements/internal-loadbalancer/pom.xml
index 22d32c9be4..46d62c01c3 100644
--- a/plugins/network-elements/internal-loadbalancer/pom.xml
+++ b/plugins/network-elements/internal-loadbalancer/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/network-elements/juniper-contrail/pom.xml b/plugins/network-elements/juniper-contrail/pom.xml
index 53b349efc3..482aa72dad 100644
--- a/plugins/network-elements/juniper-contrail/pom.xml
+++ b/plugins/network-elements/juniper-contrail/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <repositories>
diff --git a/plugins/network-elements/juniper-srx/pom.xml b/plugins/network-elements/juniper-srx/pom.xml
index 3c357dd89f..1f29632fad 100644
--- a/plugins/network-elements/juniper-srx/pom.xml
+++ b/plugins/network-elements/juniper-srx/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/midonet/pom.xml b/plugins/network-elements/midonet/pom.xml
index 9c5e815ae9..ae5d319440 100644
--- a/plugins/network-elements/midonet/pom.xml
+++ b/plugins/network-elements/midonet/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 <repositories>
diff --git a/plugins/network-elements/netscaler/pom.xml b/plugins/network-elements/netscaler/pom.xml
index 496c11fa2f..a57cbde376 100644
--- a/plugins/network-elements/netscaler/pom.xml
+++ b/plugins/network-elements/netscaler/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/nicira-nvp/pom.xml b/plugins/network-elements/nicira-nvp/pom.xml
index f0fea41b13..7d91277738 100644
--- a/plugins/network-elements/nicira-nvp/pom.xml
+++ b/plugins/network-elements/nicira-nvp/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/plugins/network-elements/nuage-vsp/pom.xml b/plugins/network-elements/nuage-vsp/pom.xml
index b2b2223a6f..4afd4cd7c8 100644
--- a/plugins/network-elements/nuage-vsp/pom.xml
+++ b/plugins/network-elements/nuage-vsp/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/network-elements/opendaylight/pom.xml b/plugins/network-elements/opendaylight/pom.xml
index ebd32e3ff5..a4510d26a3 100644
--- a/plugins/network-elements/opendaylight/pom.xml
+++ b/plugins/network-elements/opendaylight/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/plugins/network-elements/ovs/pom.xml b/plugins/network-elements/ovs/pom.xml
index 8dfb68db3b..6ef13e6af8 100644
--- a/plugins/network-elements/ovs/pom.xml
+++ b/plugins/network-elements/ovs/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/palo-alto/pom.xml b/plugins/network-elements/palo-alto/pom.xml
index e36f7ab711..a24e13a7de 100644
--- a/plugins/network-elements/palo-alto/pom.xml
+++ b/plugins/network-elements/palo-alto/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/stratosphere-ssp/pom.xml b/plugins/network-elements/stratosphere-ssp/pom.xml
index 8a46e34695..4843fa7765 100644
--- a/plugins/network-elements/stratosphere-ssp/pom.xml
+++ b/plugins/network-elements/stratosphere-ssp/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/vxlan/pom.xml b/plugins/network-elements/vxlan/pom.xml
index be3d886d93..e65905840b 100644
--- a/plugins/network-elements/vxlan/pom.xml
+++ b/plugins/network-elements/vxlan/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/pom.xml b/plugins/pom.xml
index d2aa80e25c..6c826600c4 100755
--- a/plugins/pom.xml
+++ b/plugins/pom.xml
@@ -17,7 +17,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
 
   <build>
diff --git a/plugins/storage-allocators/random/pom.xml b/plugins/storage-allocators/random/pom.xml
index feadda0c23..38f7687713 100644
--- a/plugins/storage-allocators/random/pom.xml
+++ b/plugins/storage-allocators/random/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/image/default/pom.xml b/plugins/storage/image/default/pom.xml
index 36544c7067..4041b75bfe 100644
--- a/plugins/storage/image/default/pom.xml
+++ b/plugins/storage/image/default/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/image/s3/pom.xml b/plugins/storage/image/s3/pom.xml
index 989a8d2bac..59b5a04887 100644
--- a/plugins/storage/image/s3/pom.xml
+++ b/plugins/storage/image/s3/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/image/sample/pom.xml b/plugins/storage/image/sample/pom.xml
index 01d1f945ca..8df6fa2750 100644
--- a/plugins/storage/image/sample/pom.xml
+++ b/plugins/storage/image/sample/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/image/swift/pom.xml b/plugins/storage/image/swift/pom.xml
index 3ab5d8cc62..1c1f28296f 100644
--- a/plugins/storage/image/swift/pom.xml
+++ b/plugins/storage/image/swift/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/cloudbyte/pom.xml b/plugins/storage/volume/cloudbyte/pom.xml
index 8e67c8a65d..161317797b 100755
--- a/plugins/storage/volume/cloudbyte/pom.xml
+++ b/plugins/storage/volume/cloudbyte/pom.xml
@@ -26,7 +26,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/default/pom.xml b/plugins/storage/volume/default/pom.xml
index 0bfc99857d..43c21b1de4 100644
--- a/plugins/storage/volume/default/pom.xml
+++ b/plugins/storage/volume/default/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/nexenta/pom.xml b/plugins/storage/volume/nexenta/pom.xml
index 280a0c7271..ca5085747f 100644
--- a/plugins/storage/volume/nexenta/pom.xml
+++ b/plugins/storage/volume/nexenta/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/sample/pom.xml b/plugins/storage/volume/sample/pom.xml
index 896baeecf4..12d813e8ec 100644
--- a/plugins/storage/volume/sample/pom.xml
+++ b/plugins/storage/volume/sample/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/solidfire/pom.xml b/plugins/storage/volume/solidfire/pom.xml
index 0ade5996d0..622c18c6b0 100644
--- a/plugins/storage/volume/solidfire/pom.xml
+++ b/plugins/storage/volume/solidfire/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/user-authenticators/ldap/pom.xml b/plugins/user-authenticators/ldap/pom.xml
index 40a425072d..eacf498cd2 100644
--- a/plugins/user-authenticators/ldap/pom.xml
+++ b/plugins/user-authenticators/ldap/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/plugins/user-authenticators/md5/pom.xml b/plugins/user-authenticators/md5/pom.xml
index 53e8d0215c..0b479675d9 100644
--- a/plugins/user-authenticators/md5/pom.xml
+++ b/plugins/user-authenticators/md5/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/user-authenticators/pbkdf2/pom.xml b/plugins/user-authenticators/pbkdf2/pom.xml
index 77a7bd1e60..1568a08b37 100644
--- a/plugins/user-authenticators/pbkdf2/pom.xml
+++ b/plugins/user-authenticators/pbkdf2/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/user-authenticators/plain-text/pom.xml b/plugins/user-authenticators/plain-text/pom.xml
index 3d3fa3091e..5c6f28a4ad 100644
--- a/plugins/user-authenticators/plain-text/pom.xml
+++ b/plugins/user-authenticators/plain-text/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/user-authenticators/saml2/pom.xml b/plugins/user-authenticators/saml2/pom.xml
index c83b1900c5..44f7316ae1 100644
--- a/plugins/user-authenticators/saml2/pom.xml
+++ b/plugins/user-authenticators/saml2/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/user-authenticators/sha256salted/pom.xml b/plugins/user-authenticators/sha256salted/pom.xml
index 7ea6e026b4..7611da710e 100644
--- a/plugins/user-authenticators/sha256salted/pom.xml
+++ b/plugins/user-authenticators/sha256salted/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/pom.xml b/pom.xml
index 0726340409..2a508b50c6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -19,7 +19,7 @@
 
   <groupId>org.apache.cloudstack</groupId>
   <artifactId>cloudstack</artifactId>
-  <version>4.5.2-SNAPSHOT</version>
+  <version>4.5.2</version>
   <packaging>pom</packaging>
   <name>Apache CloudStack</name>
   <description>Apache CloudStack is an IaaS (“Infrastructure as a Service”) cloud orchestration platform.</description>
diff --git a/quickcloud/pom.xml b/quickcloud/pom.xml
index 4b54f9a9bb..50d8e25941 100644
--- a/quickcloud/pom.xml
+++ b/quickcloud/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-maven-standard</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../maven-standard/pom.xml</relativePath>
   </parent>
 </project>
diff --git a/server/pom.xml b/server/pom.xml
index 63c03e5eda..9f40b67838 100644
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/services/console-proxy-rdp/rdpconsole/pom.xml b/services/console-proxy-rdp/rdpconsole/pom.xml
index 0a91dbbac1..fb1566aea5 100755
--- a/services/console-proxy-rdp/rdpconsole/pom.xml
+++ b/services/console-proxy-rdp/rdpconsole/pom.xml
@@ -27,7 +27,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-services</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/services/console-proxy/plugin/pom.xml b/services/console-proxy/plugin/pom.xml
index c8fad92701..42b7f8a48d 100644
--- a/services/console-proxy/plugin/pom.xml
+++ b/services/console-proxy/plugin/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-console-proxy</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/services/console-proxy/pom.xml b/services/console-proxy/pom.xml
index ada8e1b2e7..e37adaf8bf 100644
--- a/services/console-proxy/pom.xml
+++ b/services/console-proxy/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-services</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/services/console-proxy/server/pom.xml b/services/console-proxy/server/pom.xml
index ed3522b747..ce1682b8e6 100644
--- a/services/console-proxy/server/pom.xml
+++ b/services/console-proxy/server/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-console-proxy</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/services/pom.xml b/services/pom.xml
index 7482266090..973a7f794a 100644
--- a/services/pom.xml
+++ b/services/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/services/secondary-storage/controller/pom.xml b/services/secondary-storage/controller/pom.xml
index 968e87b62f..017cca5f4a 100644
--- a/services/secondary-storage/controller/pom.xml
+++ b/services/secondary-storage/controller/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-secondary-storage</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/services/secondary-storage/pom.xml b/services/secondary-storage/pom.xml
index ab841e859a..1c90640d5e 100644
--- a/services/secondary-storage/pom.xml
+++ b/services/secondary-storage/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-services</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <modules>
diff --git a/services/secondary-storage/server/pom.xml b/services/secondary-storage/server/pom.xml
index 6d3597f9ca..91f0fb6e3c 100644
--- a/services/secondary-storage/server/pom.xml
+++ b/services/secondary-storage/server/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-secondary-storage</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
     <properties>
diff --git a/systemvm/pom.xml b/systemvm/pom.xml
index 01f06ec2c6..bf9aa37175 100644
--- a/systemvm/pom.xml
+++ b/systemvm/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <properties>
diff --git a/test/pom.xml b/test/pom.xml
index aef6c81e60..989b1e90dd 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -23,7 +23,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloudstack</artifactId>
-        <version>4.5.2-SNAPSHOT</version>
+        <version>4.5.2</version>
     </parent>
     <dependencies>
         <dependency>
diff --git a/tools/apidoc/pom.xml b/tools/apidoc/pom.xml
index f885222809..80f9620673 100644
--- a/tools/apidoc/pom.xml
+++ b/tools/apidoc/pom.xml
@@ -17,7 +17,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloud-tools</artifactId>
-        <version>4.5.2-SNAPSHOT</version>
+        <version>4.5.2</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <properties>
diff --git a/tools/checkstyle/pom.xml b/tools/checkstyle/pom.xml
index 9a67c79ef2..29c5cf6d44 100644
--- a/tools/checkstyle/pom.xml
+++ b/tools/checkstyle/pom.xml
@@ -24,7 +24,7 @@
     <name>Apache CloudStack Developer Tools - Checkstyle Configuration</name>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>checkstyle</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <build>
       <plugins>
         <plugin>
diff --git a/tools/devcloud-kvm/pom.xml b/tools/devcloud-kvm/pom.xml
index d71ee77e8f..f1b6f42bd0 100644
--- a/tools/devcloud-kvm/pom.xml
+++ b/tools/devcloud-kvm/pom.xml
@@ -17,7 +17,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-tools</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/tools/devcloud/pom.xml b/tools/devcloud/pom.xml
index fe29d889d9..5d761f46bd 100644
--- a/tools/devcloud/pom.xml
+++ b/tools/devcloud/pom.xml
@@ -17,7 +17,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-tools</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/tools/marvin/marvin/deployAndRun.py b/tools/marvin/marvin/deployAndRun.py
index e393c9e395..84c079c41b 100644
--- a/tools/marvin/marvin/deployAndRun.py
+++ b/tools/marvin/marvin/deployAndRun.py
@@ -163,7 +163,7 @@ class ShellColor(object):
     END = '\033[0m'
     ITALICS = '\x1B[3m'
 
-#VERSION = "4.5.2-SNAPSHOT"
+#VERSION = "4.5.2"
 
 
 class MarvinCli(cmd.Cmd, object):
diff --git a/tools/marvin/pom.xml b/tools/marvin/pom.xml
index 1b8c62c1cc..34839684cf 100644
--- a/tools/marvin/pom.xml
+++ b/tools/marvin/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-tools</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/tools/marvin/setup.py b/tools/marvin/setup.py
index b1c4f69cad..b277c22978 100644
--- a/tools/marvin/setup.py
+++ b/tools/marvin/setup.py
@@ -27,7 +27,7 @@
         raise RuntimeError("python setuptools is required to build Marvin")
 
 
-VERSION = "4.5.2-SNAPSHOT"
+VERSION = "4.5.2"
 
 setup(name="Marvin",
       version=VERSION,
diff --git a/tools/pom.xml b/tools/pom.xml
index bfb08b56bc..ef96501704 100644
--- a/tools/pom.xml
+++ b/tools/pom.xml
@@ -27,7 +27,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloudstack</artifactId>
-        <version>4.5.2-SNAPSHOT</version>
+        <version>4.5.2</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <build>
diff --git a/tools/wix-cloudstack-maven-plugin/pom.xml b/tools/wix-cloudstack-maven-plugin/pom.xml
index b584589130..bf8ce2f763 100644
--- a/tools/wix-cloudstack-maven-plugin/pom.xml
+++ b/tools/wix-cloudstack-maven-plugin/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/usage/pom.xml b/usage/pom.xml
index b9bb04b4d9..3e60921d71 100644
--- a/usage/pom.xml
+++ b/usage/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/utils/pom.xml b/utils/pom.xml
index b92319a41b..916aa78197 100755
--- a/utils/pom.xml
+++ b/utils/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/vmware-base/pom.xml b/vmware-base/pom.xml
index f0cbbb743c..090711fdb4 100644
--- a/vmware-base/pom.xml
+++ b/vmware-base/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.2</version>
   </parent>
   <dependencies>
     <dependency>

From 0062ff2672e257f2a4290e054e23ef4333a34983 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 19 Aug 2015 15:31:37 +0530
Subject: [PATCH 053/115] CLOUDSTACK-8748: VM UUID accessible in
 CreateVMSnapshotCommand and RevertToVMSnapshotCommand

This patch makes it possible to expose VM UUID to subsystems, this can be
useful for implementing VM Snapshots for KVM in future.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../com/cloud/agent/api/CreateVMSnapshotCommand.java |  8 +++++++-
 .../cloud/agent/api/RevertToVMSnapshotCommand.java   | 12 +++++++++---
 .../vmsnapshot/DefaultVMSnapshotStrategy.java        |  4 ++--
 .../storage/helper/HypervisorHelperImpl.java         |  2 +-
 4 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/core/src/com/cloud/agent/api/CreateVMSnapshotCommand.java b/core/src/com/cloud/agent/api/CreateVMSnapshotCommand.java
index ab4edafa48..1455145be0 100644
--- a/core/src/com/cloud/agent/api/CreateVMSnapshotCommand.java
+++ b/core/src/com/cloud/agent/api/CreateVMSnapshotCommand.java
@@ -25,8 +25,14 @@
 
 
 public class CreateVMSnapshotCommand extends VMSnapshotBaseCommand {
+    private String vmUuid;
 
-    public CreateVMSnapshotCommand(String vmName, VMSnapshotTO snapshot, List<VolumeObjectTO> volumeTOs, String guestOSType) {
+    public CreateVMSnapshotCommand(String vmName, String vmUuid, VMSnapshotTO snapshot, List<VolumeObjectTO> volumeTOs, String guestOSType) {
         super(vmName, snapshot, volumeTOs, guestOSType);
+        this.vmUuid = vmUuid;
+    }
+
+    public String getVmUuid() {
+        return vmUuid;
     }
 }
diff --git a/core/src/com/cloud/agent/api/RevertToVMSnapshotCommand.java b/core/src/com/cloud/agent/api/RevertToVMSnapshotCommand.java
index 7a7d3d43cb..fc8ba08433 100644
--- a/core/src/com/cloud/agent/api/RevertToVMSnapshotCommand.java
+++ b/core/src/com/cloud/agent/api/RevertToVMSnapshotCommand.java
@@ -25,16 +25,18 @@
 
 public class RevertToVMSnapshotCommand extends VMSnapshotBaseCommand {
 
-    public RevertToVMSnapshotCommand(String vmName, VMSnapshotTO snapshot, List<VolumeObjectTO> volumeTOs, String guestOSType) {
+    public RevertToVMSnapshotCommand(String vmName, String vmUuid, VMSnapshotTO snapshot, List<VolumeObjectTO> volumeTOs, String guestOSType) {
         super(vmName, snapshot, volumeTOs, guestOSType);
+        this.vmUuid = vmUuid;
     }
 
-    public RevertToVMSnapshotCommand(String vmName, VMSnapshotTO snapshot, List<VolumeObjectTO> volumeTOs, String guestOSType, boolean reloadVm) {
-        this(vmName, snapshot, volumeTOs, guestOSType);
+    public RevertToVMSnapshotCommand(String vmName, String vmUuid, VMSnapshotTO snapshot, List<VolumeObjectTO> volumeTOs, String guestOSType, boolean reloadVm) {
+        this(vmName, vmUuid, snapshot, volumeTOs, guestOSType);
         setReloadVm(reloadVm);
     }
 
     private boolean reloadVm = false;
+    private String vmUuid;
 
     public boolean isReloadVm() {
         return reloadVm;
@@ -43,4 +45,8 @@ public boolean isReloadVm() {
     public void setReloadVm(boolean reloadVm) {
         this.reloadVm = reloadVm;
     }
+
+    public String getVmUuid() {
+        return vmUuid;
+    }
 }
diff --git a/engine/storage/snapshot/src/org/apache/cloudstack/storage/vmsnapshot/DefaultVMSnapshotStrategy.java b/engine/storage/snapshot/src/org/apache/cloudstack/storage/vmsnapshot/DefaultVMSnapshotStrategy.java
index c204d29c29..13fd54cf8f 100644
--- a/engine/storage/snapshot/src/org/apache/cloudstack/storage/vmsnapshot/DefaultVMSnapshotStrategy.java
+++ b/engine/storage/snapshot/src/org/apache/cloudstack/storage/vmsnapshot/DefaultVMSnapshotStrategy.java
@@ -137,7 +137,7 @@ public VMSnapshot takeVMSnapshot(VMSnapshot vmSnapshot) {
             HostVO host = hostDao.findById(hostId);
             GuestOSHypervisorVO guestOsMapping = guestOsHypervisorDao.findByOsIdAndHypervisor(guestOS.getId(), host.getHypervisorType().toString(), host.getHypervisorVersion());
 
-            CreateVMSnapshotCommand ccmd = new CreateVMSnapshotCommand(userVm.getInstanceName(), target, volumeTOs, guestOS.getDisplayName());
+            CreateVMSnapshotCommand ccmd = new CreateVMSnapshotCommand(userVm.getInstanceName(), userVm.getUuid(), target, volumeTOs, guestOS.getDisplayName());
             if (guestOsMapping == null) {
                 ccmd.setPlatformEmulator(null);
             } else {
@@ -350,7 +350,7 @@ public boolean revertVMSnapshot(VMSnapshot vmSnapshot) {
                     snapshot.getCurrent(), parent, true);
             Long hostId = vmSnapshotHelper.pickRunningHost(vmSnapshot.getVmId());
             GuestOSVO guestOS = guestOSDao.findById(userVm.getGuestOSId());
-            RevertToVMSnapshotCommand revertToSnapshotCommand = new RevertToVMSnapshotCommand(vmInstanceName, vmSnapshotTO, volumeTOs, guestOS.getDisplayName());
+            RevertToVMSnapshotCommand revertToSnapshotCommand = new RevertToVMSnapshotCommand(vmInstanceName, userVm.getUuid(), vmSnapshotTO, volumeTOs, guestOS.getDisplayName());
             HostVO host = hostDao.findById(hostId);
             GuestOSHypervisorVO guestOsMapping = guestOsHypervisorDao.findByOsIdAndHypervisor(guestOS.getId(), host.getHypervisorType().toString(), host.getHypervisorVersion());
             if (guestOsMapping == null) {
diff --git a/engine/storage/src/org/apache/cloudstack/storage/helper/HypervisorHelperImpl.java b/engine/storage/src/org/apache/cloudstack/storage/helper/HypervisorHelperImpl.java
index e90770e8e3..9b7007dc4d 100644
--- a/engine/storage/src/org/apache/cloudstack/storage/helper/HypervisorHelperImpl.java
+++ b/engine/storage/src/org/apache/cloudstack/storage/helper/HypervisorHelperImpl.java
@@ -124,7 +124,7 @@ public VMSnapshotTO quiesceVm(VirtualMachine virtualMachine) {
         GuestOSVO guestOS = guestOSDao.findById(virtualMachine.getGuestOSId());
         List<VolumeObjectTO> volumeTOs = vmSnapshotHelper.getVolumeTOList(virtualMachine.getId());
         CreateVMSnapshotCommand ccmd =
-            new CreateVMSnapshotCommand(virtualMachine.getInstanceName(), vmSnapshotTO, volumeTOs, guestOS.getDisplayName());
+            new CreateVMSnapshotCommand(virtualMachine.getInstanceName(), virtualMachine.getUuid(), vmSnapshotTO, volumeTOs, guestOS.getDisplayName());
         HostVO host = hostDao.findById(hostId);
         GuestOSHypervisorVO guestOsMapping = guestOsHypervisorDao.findByOsIdAndHypervisor(guestOS.getId(), host.getHypervisorType().toString(), host.getHypervisorVersion());
         ccmd.setPlatformEmulator(guestOsMapping.getGuestOsName());

From 74f697a2dd6e2630fa1fa5949e41c7d539015fbf Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 19 Aug 2015 15:38:31 +0530
Subject: [PATCH 054/115] CLOUDSTACK-8749: KVM - cleanup linklocal interface
 based on names

This tries to avoid cleaning by a device name.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #718
---
 .../src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
index aaf75ff921..dbc079dee5 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
@@ -287,7 +287,7 @@ private void deleteExitingLinkLocalRouteTable(String linkLocalBr) {
             for (String line : lines) {
                 String[] tokens = line.split(" ");
                 if (!tokens[2].equalsIgnoreCase(linkLocalBr)) {
-                    Script.runSimpleBashScript("ip route del " + NetUtils.getLinkLocalCIDR());
+                    Script.runSimpleBashScript("ip route del " + NetUtils.getLinkLocalCIDR() + " dev " + tokens[2]);
                 } else {
                     foundLinkLocalBr = true;
                 }

From 91cfb6068a2f64df7dc352699b86c35835912d58 Mon Sep 17 00:00:00 2001
From: Remi Bergsma <github@remi.nl>
Date: Wed, 19 Aug 2015 16:20:20 +0200
Subject: [PATCH 055/115] fixing white space and formatting

(cherry picked from commit 14013d5d1b1e802ca06ef29028706cbb54d7af1a)
Signed-off-by: Remi Bergsma <github@remi.nl>
---
 scripts/vm/hypervisor/kvm/setup-cgroups.sh | 38 ++++++++++------------
 1 file changed, 17 insertions(+), 21 deletions(-)

diff --git a/scripts/vm/hypervisor/kvm/setup-cgroups.sh b/scripts/vm/hypervisor/kvm/setup-cgroups.sh
index 4d6e755550..d3342c076f 100755
--- a/scripts/vm/hypervisor/kvm/setup-cgroups.sh
+++ b/scripts/vm/hypervisor/kvm/setup-cgroups.sh
@@ -6,9 +6,9 @@
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
-# 
+#
 #   http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -21,20 +21,17 @@
 # Script to fix cgroups co-mounted issue
 # Applies to RHEL7 versions only
 # Detect if cpu,cpuacct cgroups are co-mounted
-# If co-mounted, unmount and mount them seperately 
+# If co-mounted, unmount and mount them seperately
 
 #set -x
 
-#Check distribution version for RHEL 
-if [ -f '/etc/redhat-release' ];
-then
-    #Check RHEL version for 7 
-   if grep 'Red Hat Enterprise Linux Server release 7' /etc/redhat-release > /dev/null
-   then
-        # Check if cgroups if co-mounted 
-        if [ -d '/sys/fs/cgroup/cpu,cpuacct' ];
-        then
-   	    # cgroups co-mounted. Requires remount
+# Check distribution version for RHEL
+if [ -f '/etc/redhat-release' ]; then
+    # Check RHEL version for 7
+    if grep 'Red Hat Enterprise Linux Server release 7' /etc/redhat-release > /dev/null; then
+        # Check if cgroups if co-mounted
+        if [ -d '/sys/fs/cgroup/cpu,cpuacct' ]; then
+            # cgroups co-mounted. Requires remount
             umount /sys/fs/cgroup/cpu,cpuacct
             rm /sys/fs/cgroup/cpu
             rm /sys/fs/cgroup/cpuacct
@@ -43,14 +40,13 @@ then
             mkdir -p /sys/fs/cgroup/cpuacct
             mount -t cgroup -o cpu cpu "/sys/fs/cgroup/cpu"
             mount -t cgroup -o cpuacct cpuacct "/sys/fs/cgroup/cpuacct"
-            # Verify that cgroups are not co-mounted 
-            if [ -d '/sys/fs/cgroup/cpu,cpuacct' ];
-            then
-   	        echo "cgroups still co-mounted"
-		exit 1;
-	    fi
-	fi    
-   fi
+            # Verify that cgroups are not co-mounted
+            if [ -d '/sys/fs/cgroup/cpu,cpuacct' ]; then
+               echo "cgroups still co-mounted"
+               exit 1;
+            fi
+        fi
+    fi
 fi
 
 exit 0

From 43dabb611da87c5f9022ec41be6a1bdba1508c0f Mon Sep 17 00:00:00 2001
From: Remi Bergsma <github@remi.nl>
Date: Wed, 19 Aug 2015 16:26:48 +0200
Subject: [PATCH 056/115] RHEL 7 and CentOS 7 need the same fix

(cherry picked from commit d1cb4c7d501eb7e37d04bc99b0482c28c8bec38b)
Signed-off-by: Remi Bergsma <github@remi.nl>
---
 scripts/vm/hypervisor/kvm/setup-cgroups.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/vm/hypervisor/kvm/setup-cgroups.sh b/scripts/vm/hypervisor/kvm/setup-cgroups.sh
index d3342c076f..6b00b02831 100755
--- a/scripts/vm/hypervisor/kvm/setup-cgroups.sh
+++ b/scripts/vm/hypervisor/kvm/setup-cgroups.sh
@@ -19,7 +19,7 @@
 
 
 # Script to fix cgroups co-mounted issue
-# Applies to RHEL7 versions only
+# Applies to RHEL 7 versions (and family member CentOS 7) only
 # Detect if cpu,cpuacct cgroups are co-mounted
 # If co-mounted, unmount and mount them seperately
 
@@ -28,7 +28,7 @@
 # Check distribution version for RHEL
 if [ -f '/etc/redhat-release' ]; then
     # Check RHEL version for 7
-    if grep 'Red Hat Enterprise Linux Server release 7' /etc/redhat-release > /dev/null; then
+    if grep -E 'Red Hat Enterprise Linux Server release 7|CentOS Linux release 7' /etc/redhat-release > /dev/null; then
         # Check if cgroups if co-mounted
         if [ -d '/sys/fs/cgroup/cpu,cpuacct' ]; then
             # cgroups co-mounted. Requires remount

From 363cc7bc1f15a76724482d28a4f806146996170a Mon Sep 17 00:00:00 2001
From: Remi Bergsma <github@remi.nl>
Date: Wed, 19 Aug 2015 19:47:25 +0200
Subject: [PATCH 057/115] Improve cloud-install-sys-tmplt to work in dev
 environment again

Backported PR #678 to 4.5

This I changed:
 ``jasypt='/usr/share/cloudstack-common/lib/jasypt-1.9.0.jar'``
in master it is 1.9.2. I changed it to 1.9.0 here, to match the original script.

Original commit IDs:
  2f858a7d088f4a41c35bf1c0577f922a51fc3ca2
  ee9b644e28f8c1bab6afb94311054f2cd2f2e3d9
  8a1e79f518eadd772913d01c66a98414867fc8a6

Signed-off-by: Remi Bergsma <github@remi.nl>
---
 .../storage/secondary/cloud-install-sys-tmplt | 130 ++++++++++--------
 1 file changed, 72 insertions(+), 58 deletions(-)

diff --git a/scripts/storage/secondary/cloud-install-sys-tmplt b/scripts/storage/secondary/cloud-install-sys-tmplt
index 160c874708..c4cd431b5a 100755
--- a/scripts/storage/secondary/cloud-install-sys-tmplt
+++ b/scripts/storage/secondary/cloud-install-sys-tmplt
@@ -8,9 +8,9 @@
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
-# 
+#
 #   http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -37,48 +37,49 @@ templateId=
 hyper=
 msKey=password
 DISKSPACE=2120000  #free disk space required in kilobytes
-dbHost=
-dbUser=
+dbHost="localhost"
+dbUser="root"
 dbPassword=
-dbPort=
+dbPort=3306
 jasypt='/usr/share/cloudstack-common/lib/jasypt-1.9.0.jar'
 while getopts 'm:h:f:u:Ft:e:s:o:r:d:p:'# OPTION
 do
   case $OPTION in
-  m)	mflag=1
-		mntpoint="$OPTARG"
-		;;
-  f)	fflag=1
-		tmpltimg="$OPTARG"
-		;;
-  u)	uflag=1
-		url="$OPTARG"
-		;;
-  F)	Fflag=1 ;;
+  m)    mflag=1
+        mntpoint="$OPTARG"
+        ;;
+  f)    fflag=1
+        tmpltimg="$OPTARG"
+        ;;
+  u)    uflag=1
+        url="$OPTARG"
+        ;;
+  F)    Fflag=1
+        ;;
   t)    templateId="$OPTARG"
-  		;;
+        ;;
   e)    ext="$OPTARG"
-  		;;
+        ;;
   h)    hyper="$OPTARG"
-  		;;
+        ;;
   s)    sflag=1
-		msKey="$OPTARG"
-                ;;
+        msKey="$OPTARG"
+        ;;
   o)    oflag=1
         dbHost="$OPTARG"
-                ;;
+        ;;
   r)    rflag=1
         dbUser="$OPTARG"
-                ;;
+        ;;
   d)    dflag=1
         dbPassword="$OPTARG"
-                ;;
+        ;;
   p)    pflag=1
         dbPort="$OPTARG"
-                ;;
-  ?)	usage
-		failed 2
-		;;
+        ;;
+  ?)    usage
+        failed 2
+        ;;
   esac
 done
 
@@ -94,30 +95,35 @@ then
   failed 2
 fi
 
-if [ ! -d $mntpoint ] 
+if [ ! -d $mntpoint ]
 then
   echo "mount point $mntpoint doesn't exist\n"
   failed 4
 fi
 
-if [[ "$fflag" == "1" && ! -f $tmpltimg ]] 
+if [[ "$fflag" == "1" && ! -f $tmpltimg ]]
 then
   echo "template image file $tmpltimg doesn't exist"
   failed 3
 fi
 
-if [ "$pflag" != 1 ]; then
-    dbPort=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.port'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
-fi
+if [ -f /etc/cloudstack/management/db.properties ]
+then
+    if [ "$pflag" != 1 ]
+    then
+        dbPort=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.port'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+    fi
 
-if [ "$oflag" != 1 ]; then
-    dbHost=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.host'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
-fi
-if [ "$rflag" != 1 ]; then
-    dbUser=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.username'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
-fi
+    if [ "$oflag" != 1 ]
+    then
+        dbHost=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.host'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+    fi
+
+    if [ "$rflag" != 1 ]
+    then
+        dbUser=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.username'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+    fi
 
-if [ -f /etc/cloudstack/management/db.properties ]; then
     encType=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.encryption.type'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
     if [ "$encType" == "file" ]
     then
@@ -130,23 +136,24 @@ if [ -f /etc/cloudstack/management/db.properties ]; then
             failed 9
         fi
     fi
-fi
 
-if [[ "$encType" == "file" || "$encType" == "web" ]]
-then
-	encPassword=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.password'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//'i | sed 's/^ENC(\(.*\))/\1/')
-	if [ ! $encPassword == "" ]
-	then
-		dbPassword=(`java -classpath $jasypt org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh input=$encPassword password=$msKey verbose=false`)
-		if [ ! $dbPassword ]
-		then
-			echo "Failed to decrypt DB password from db.properties"
-			failed 9
-		fi
-	fi
-else
-    if [ "$dflag" != 1 ]; then
-        dbPassword=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.password'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//'i )
+    if [[ "$encType" == "file" || "$encType" == "web" ]]
+    then
+        encPassword=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.password'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//'i | sed 's/^ENC(\(.*\))/\1/')
+        if [ ! $encPassword == "" ]
+        then
+            dbPassword=(`java -classpath $jasypt org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh input=$encPassword password=$msKey verbose=false`)
+            if [ ! $dbPassword ]
+            then
+                echo "Failed to decrypt DB password from db.properties"
+                failed 9
+            fi
+        fi
+    else
+        if [ "$dflag" != 1 ]
+        then
+            dbPassword=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.password'  | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//'i )
+        fi
     fi
 fi
 
@@ -172,6 +179,10 @@ then
    then
       ext="vhd"
       templateId=(`mysql -P $dbPort -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"Hyperv\" and removed is null"`)
+   elif [ "$hyper" == "ovm3" ]
+   then
+      ext="raw"
+      templateId=(`mysql -P $dbPort -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "select max(id) from cloud.vm_template where type = \"SYSTEM\" and hypervisor_type = \"Ovm3\" and removed is null"`)
    else
       usage
       failed 2
@@ -180,11 +191,14 @@ fi
 
 if [ ! $templateId ]
 then
-	echo "Unable to get template Id from database"
-	failed 8
+    echo "Unable to get template Id from database"
+    failed 8
 fi
 
-localfile=$(uuidgen).$ext
+_uuid=$(uuidgen)
+localfile=$_uuid.$ext
+
+_res=(`mysql -P $dbPort -h $dbHost --user=$dbUser --password=$dbPassword --skip-column-names -U cloud -e "update cloud.vm_template set uuid=\"$_uuid\", url=\"$url\" where id=\"$templateId\""`)
 
 mntpoint=`echo "$mntpoint" | sed 's|/*$||'`
 

From 3d9cbf0bcb011f4012c94f0df040d9b8ddd325bc Mon Sep 17 00:00:00 2001
From: Koushik Das <koushik@apache.org>
Date: Fri, 14 Aug 2015 17:11:52 +0530
Subject: [PATCH 058/115] CLOUDSTACK-8733: Host stuck in rebalancing state
 during agent LB This is happening as ClusterServiceServletAdapter is started
 after ClusteredAgentManagerImpl. Fix is to start ClusterServiceServletAdapter
 before ClusteredAgentManagerImpl.

(cherry-picked from c989921fb7adcfd125ca5f541c0f9c5d1c512c54)
---
 .../cluster/ClusterServiceServletAdapter.java |  6 ++-
 .../ClusterServiceServletAdapterTest.java     | 47 +++++++++++++++++++
 .../jobs/impl/SyncQueueManagerImpl.java       |  1 +
 3 files changed, 53 insertions(+), 1 deletion(-)
 create mode 100644 framework/cluster/test/com/cloud/cluster/ClusterServiceServletAdapterTest.java

diff --git a/framework/cluster/src/com/cloud/cluster/ClusterServiceServletAdapter.java b/framework/cluster/src/com/cloud/cluster/ClusterServiceServletAdapter.java
index d36aed1d4d..7451b5f422 100644
--- a/framework/cluster/src/com/cloud/cluster/ClusterServiceServletAdapter.java
+++ b/framework/cluster/src/com/cloud/cluster/ClusterServiceServletAdapter.java
@@ -24,12 +24,12 @@
 import javax.naming.ConfigurationException;
 
 import org.apache.log4j.Logger;
-
 import org.apache.cloudstack.framework.config.ConfigDepot;
 
 import com.cloud.cluster.dao.ManagementServerHostDao;
 import com.cloud.utils.NumbersUtil;
 import com.cloud.utils.component.AdapterBase;
+import com.cloud.utils.component.ComponentLifecycle;
 import com.cloud.utils.db.DbProperties;
 
 public class ClusterServiceServletAdapter extends AdapterBase implements ClusterServiceAdapter {
@@ -50,6 +50,10 @@ public class ClusterServiceServletAdapter extends AdapterBase implements Cluster
 
     private int _clusterServicePort = DEFAULT_SERVICE_PORT;
 
+    public ClusterServiceServletAdapter() {
+        setRunLevel(ComponentLifecycle.RUN_LEVEL_FRAMEWORK);
+    }
+
     @Override
     public ClusterService getPeerService(String strPeer) throws RemoteException {
         try {
diff --git a/framework/cluster/test/com/cloud/cluster/ClusterServiceServletAdapterTest.java b/framework/cluster/test/com/cloud/cluster/ClusterServiceServletAdapterTest.java
new file mode 100644
index 0000000000..28dbcaa951
--- /dev/null
+++ b/framework/cluster/test/com/cloud/cluster/ClusterServiceServletAdapterTest.java
@@ -0,0 +1,47 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.cluster;
+
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.runners.MockitoJUnitRunner;
+
+import com.cloud.utils.component.ComponentLifecycle;
+
+@RunWith(MockitoJUnitRunner.class)
+public class ClusterServiceServletAdapterTest {
+
+    ClusterServiceServletAdapter clusterServiceServletAdapter;
+    ClusterManagerImpl clusterManagerImpl;
+
+    @Before
+    public void setup() throws IllegalArgumentException,
+            IllegalAccessException, NoSuchFieldException, SecurityException {
+        clusterServiceServletAdapter = new ClusterServiceServletAdapter();
+        clusterManagerImpl = new ClusterManagerImpl();
+    }
+
+    @Test
+    public void testRunLevel() {
+        int runLevel = clusterServiceServletAdapter.getRunLevel();
+        assertTrue(runLevel == ComponentLifecycle.RUN_LEVEL_FRAMEWORK);
+        assertTrue(runLevel == clusterManagerImpl.getRunLevel());
+    }
+}
diff --git a/framework/jobs/src/org/apache/cloudstack/framework/jobs/impl/SyncQueueManagerImpl.java b/framework/jobs/src/org/apache/cloudstack/framework/jobs/impl/SyncQueueManagerImpl.java
index c17c5812f0..2f97991e3e 100644
--- a/framework/jobs/src/org/apache/cloudstack/framework/jobs/impl/SyncQueueManagerImpl.java
+++ b/framework/jobs/src/org/apache/cloudstack/framework/jobs/impl/SyncQueueManagerImpl.java
@@ -207,6 +207,7 @@ public void doInTransactionWithoutResult(TransactionStatus status) {
     @Override
     @DB
     public void returnItem(final long queueItemId) {
+        s_logger.info("Returning queue item " + queueItemId + " back to queue for second try in case of DB deadlock");
         try {
             Transaction.execute(new TransactionCallbackNoReturn() {
                 @Override

From 26700fbe766e06c3b953ee9ebae3f51ff1a08968 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Tue, 25 Aug 2015 11:29:21 +0530
Subject: [PATCH 059/115] CLOUDSTACK-8766: Fix infinite scrolling pagination
 for zonal template listing

Uses listViewDataProvider to implement pagination for listing templates and ISOs
in the zones tab. Dedupes isos and templates in the list views.

This closes #739

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/templates.js | 72 +++++++++++++++++++++++++----------------
 1 file changed, 44 insertions(+), 28 deletions(-)

diff --git a/ui/scripts/templates.js b/ui/scripts/templates.js
index f0b8103afe..ffad8e2840 100644
--- a/ui/scripts/templates.js
+++ b/ui/scripts/templates.js
@@ -15,8 +15,10 @@
 // specific language governing permissions and limitations
 // under the License.
 (function(cloudStack, $) {
-	var ostypeObjs;
-	
+    var ostypeObjs;
+    var previousCollection = [];
+    var previousFilterType = null;
+
     cloudStack.sections.templates = {
         title: 'label.menu.templates',
         id: 'templates',
@@ -588,6 +590,10 @@
                         var ignoreProject = false;
                         if (args.filterBy != null) { //filter dropdown
                             if (args.filterBy.kind != null) {
+                                if (previousFilterType != args.filterBy.kind || args.page == 1) {
+                                    previousFilterType = args.filterBy.kind;
+                                    previousCollection = [];
+                                }
                                 switch (args.filterBy.kind) {
                                     case "all":
                                         ignoreProject = true;
@@ -631,19 +637,19 @@
                                 var itemsView = [];
 								
                                 $(items).each(function(index, item) {
-                                    var existing = $.grep(itemsView, function(it){
+                                    var existing = $.grep(previousCollection, function(it){
                                         return it != null && it.id !=null && it.id == item.id;
                                     });
-								
-                                    if (existing.length == 0) {
-                                        itemsView.push($.extend(item, {                                            
+
+                                    if (existing.length > 0) {
+                                        return true; // skip adding this entry
+                                    } else {
+                                        var templateItem = $.extend(item, {
                                             zones: item.zonename,
                                             zoneids: [item.zoneid]
-                                        }));
-                                    }
-                                    else {
-                                        existing[0].zones = 'label.multiplezones';
-                                        existing[0].zoneids.push(item.zoneid);
+                                        });
+                                        itemsView.push(templateItem);
+                                        previousCollection.push(templateItem);
                                     }
                                 });								
 
@@ -1080,12 +1086,13 @@
 
 
                                     dataProvider: function(args) {  // UI > Templates menu (listing) > select a template from listing > Details tab > Zones tab (listing) 
-                                    	$.ajax({
+                                        var data = { templatefilter: "self",
+                                                     id: args.context.templates[0].id
+                                                   };
+                                        listViewDataProvider(args, data);
+                                        $.ajax({
                                             url: createURL("listTemplates"),
-                                            data: {
-                                            	templatefilter: "self",
-                                            	id: args.context.templates[0].id
-                                            },
+                                            data: data,
                                             success: function(json) {
                                             	var jsonObjs = json.listtemplatesresponse.template;
                                             	                                            	
@@ -1724,6 +1731,10 @@
                         var ignoreProject = false;
                         if (args.filterBy != null) { //filter dropdown
                             if (args.filterBy.kind != null) {
+                                if (previousFilterType != args.filterBy.kind || args.page == 1) {
+                                    previousFilterType = args.filterBy.kind;
+                                    previousCollection = [];
+                                }
                                 switch (args.filterBy.kind) {
                                     case "all":
                                         ignoreProject = true;
@@ -1767,22 +1778,24 @@
 
                                 var itemsView = [];
                                 $(items).each(function(index, item) {
-                                    var existing = $.grep(itemsView, function(it){
+                                    var existing = $.grep(previousCollection, function(it){
                                         return it != null && it.id !=null && it.id == item.id;
                                     });
-                                    if (existing.length == 0) {
-                                        itemsView.push({
+
+
+                                    if (existing.length > 0) {
+                                        return true; // skip adding this entry
+                                    } else {
+                                        var isoItem = {
                                             id: item.id,
                                             name: item.name,
                                             description: item.description,
                                             ostypeid: item.ostypeid,
                                             zones: item.zonename,
                                             zoneids: [item.zoneid]
-                                        });
-                                    }
-                                    else {
-                                        existing[0].zones = 'Multiple Zones';
-                                        existing[0].zoneids.push(item.zoneid);
+                                        };
+                                        itemsView.push(isoItem);
+                                        previousCollection.push(isoItem);
                                     }
                                 }
 );
@@ -2081,11 +2094,14 @@
                                     hideSearchBar: true,
 
                                     dataProvider: function(args) {
-                                                var jsonObj = args.context.isos[0];
-                                                var apiCmd = "listIsos&isofilter=self&id=" + jsonObj.id;
-
+                                                var data = {
+                                                    isofilter: 'self',
+                                                    id: args.context.isos[0].id
+                                                };
+                                                listViewDataProvider(args, data);
                                                 $.ajax({
-                                                    url: createURL(apiCmd),
+                                                    url: createURL('listIsos'),
+                                                    data: data,
                                                     dataType: "json",
                                                     success: function(json) {
                                                             var isos = json.listisosresponse.iso;

From 2a382e000b55dc6bef065241886f316348dc979e Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 24 Aug 2015 14:46:09 +0530
Subject: [PATCH 060/115] CLOUDSTACK-8749: Add checks to prevent
 malformed/unexpected input

Based on @jburwell's comment on PR #718

This closes #733

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../hypervisor/kvm/resource/BridgeVifDriver.java      | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
index dbc079dee5..2fab9a83cf 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
@@ -26,6 +26,7 @@
 
 import javax.naming.ConfigurationException;
 
+import com.google.common.base.Strings;
 import org.apache.log4j.Logger;
 import org.libvirt.LibvirtException;
 
@@ -275,7 +276,7 @@ private void createControlNetwork() throws LibvirtException {
         createControlNetwork(_bridges.get("linklocal"));
     }
 
-    private void deleteExitingLinkLocalRouteTable(String linkLocalBr) {
+    private void deleteExistingLinkLocalRouteTable(String linkLocalBr) {
         Script command = new Script("/bin/bash", _timeout);
         command.add("-c");
         command.add("ip route | grep " + NetUtils.getLinkLocalCIDR());
@@ -286,7 +287,11 @@ private void deleteExitingLinkLocalRouteTable(String linkLocalBr) {
             String[] lines = parser.getLines().split("\\n");
             for (String line : lines) {
                 String[] tokens = line.split(" ");
-                if (!tokens[2].equalsIgnoreCase(linkLocalBr)) {
+                if (tokens != null && tokens.length < 2) {
+                    continue;
+                }
+                final String device = tokens[2];
+                if (!Strings.isNullOrEmpty(device) && !device.equalsIgnoreCase(linkLocalBr)) {
                     Script.runSimpleBashScript("ip route del " + NetUtils.getLinkLocalCIDR() + " dev " + tokens[2]);
                 } else {
                     foundLinkLocalBr = true;
@@ -300,7 +305,7 @@ private void deleteExitingLinkLocalRouteTable(String linkLocalBr) {
     }
 
     private void createControlNetwork(String privBrName) {
-        deleteExitingLinkLocalRouteTable(privBrName);
+        deleteExistingLinkLocalRouteTable(privBrName);
         if (!isBridgeExists(privBrName)) {
             Script.runSimpleBashScript("brctl addbr " + privBrName + "; ip link set " + privBrName + " up; ip address add 169.254.0.1/16 dev " + privBrName, _timeout);
         }

From fad723df1be584057bc87e49fb9882b98ff9822c Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Thu, 27 Aug 2015 10:44:43 +0530
Subject: [PATCH 061/115] messages: fix string in pt_BR translation file

The string error caused JS error that failed translation on the UI

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 client/WEB-INF/classes/resources/messages_pt_BR.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/client/WEB-INF/classes/resources/messages_pt_BR.properties b/client/WEB-INF/classes/resources/messages_pt_BR.properties
index 682ff2597c..ca9653489e 100644
--- a/client/WEB-INF/classes/resources/messages_pt_BR.properties
+++ b/client/WEB-INF/classes/resources/messages_pt_BR.properties
@@ -1699,7 +1699,7 @@ message.add.system.service.offering=Por favor preencha os dados abaixo para adic
 message.add.template=Entre com os dados para criar um novo template.
 message.add.volume=Entre com os dados para criar um novo disco.
 message.add.VPN.gateway=Favor confirmar que voc\u00ea deseja adicionar um gateway de VPN
-message.admin.guide.read=Para VMs baseadas em VMware, por favor leia a sess\u00e3o sobre escalonamento din\u00e2mico no guia do administrador antes de escalonar. Voc\u00ea gostaria de continuar?\\
+message.admin.guide.read=Para VMs baseadas em VMware, por favor leia a sess\u00e3o sobre escalonamento din\u00e2mico no guia do administrador antes de escalonar. Voc\u00ea gostaria de continuar?
 message.advanced.mode.desc=Escolhe este modelo de rede se deseja ter habilitar o suporte a VLAN. Este modelo permite maior flexibilidade ao administrador ao permitir ofertas de rede customizada, firewall, vpn ou load balancer bem como acesso via rede virtual ou acesso direto.
 message.advanced.security.group=Escolha esta op\u00e7\u00e3o se desejar utilizar Security Groups para isolamento das VMs guest.
 message.advanced.virtual=Escolha esta op\u00e7\u00e3o se desejar utilizar VLANs para isolamento das VMs guest.

From 069e3f92adb3d047011b2ca2cb7eb6c18cd707a8 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Thu, 27 Aug 2015 12:31:04 +0530
Subject: [PATCH 062/115] CLOUDSTACK-8766: Fix infinite scrolling pagination
 for zonal iso/template listing

Due to aggregation of templates and isos on the UI/client side, it could result
that for each page we could end up having lesser templates/isos listed to have
the scroll shown that triggers infinite scrolling. In theory, there
is still a chance if there are several zones with the same template being listed
resulting in only one aggregated template which could cause the scroll to not
get shown; but in practice I believe this fix should work for most users.

Page size set based on experimental data:
https://github.com/apache/cloudstack/pull/751#issuecomment-135661968

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/templates.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ui/scripts/templates.js b/ui/scripts/templates.js
index ffad8e2840..6d09b51042 100644
--- a/ui/scripts/templates.js
+++ b/ui/scripts/templates.js
@@ -586,6 +586,9 @@
                     dataProvider: function(args) {
                         var data = {};
                         listViewDataProvider(args, data);
+                        // Due to zonal grouping, low pagesize can result lower
+                        // aggregated items, resulting in no scroll shown
+                        data.pagesize = 200;
 
                         var ignoreProject = false;
                         if (args.filterBy != null) { //filter dropdown
@@ -1727,6 +1730,9 @@
                     dataProvider: function(args) {
                         var data = {};
                         listViewDataProvider(args, data);
+                        // Due to zonal grouping, low pagesize can result lower
+                        // aggregated items, resulting in no scroll shown
+                        data.pagesize = 200;
 
                         var ignoreProject = false;
                         if (args.filterBy != null) { //filter dropdown

From 711acfa93dd8fcf1083062753464901c171f4d6f Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Fri, 28 Aug 2015 15:52:06 +0530
Subject: [PATCH 063/115] CLOUDSTACK-8762: Confirm disk activity before
 starting a VM

Implements a VM volume/disk file activity checker that checks if QCOW2 file
has been changed before starting the VM. This is useful as a pessimistic
approach to save VMs that were running on faulty hosts that CloudStack could
try to launch on other hosts while the host was not cleanly fenced. This is
optional and available only if you enable the settings in agent.properties
file, on per-host basis.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 agent/conf/agent.properties                   |  16 +++
 .../resource/LibvirtComputingResource.java    |  31 +++++
 .../utils/hypervisor/HypervisorUtils.java     |  68 +++++++++++
 .../utils/hypervisor/HypervisorUtilsTest.java | 111 ++++++++++++++++++
 4 files changed, 226 insertions(+)
 create mode 100644 utils/src/org/apache/cloudstack/utils/hypervisor/HypervisorUtils.java
 create mode 100644 utils/test/org/apache/cloudstack/utils/hypervisor/HypervisorUtilsTest.java

diff --git a/agent/conf/agent.properties b/agent/conf/agent.properties
index fcd8b5c299..daad05f3b6 100644
--- a/agent/conf/agent.properties
+++ b/agent/conf/agent.properties
@@ -133,6 +133,22 @@ hypervisor.type=kvm
 # Disable memory ballooning on vm guests for overcommit, by default overcommit
 # feature enables balloon and sets currentMemory to a minimum value.
 #
+# vm.diskactivity.checkenabled=false
+# Set to true to check disk activity on VM's disks before starting a VM. This only applies
+# to QCOW2 files, and ensures that there is no other running instance accessing
+# the file before starting. It works by checking the modify time against the current time,
+# so care must be taken to ensure the cluster has time synced, otherwise VMs may fail to start.
+#
+# vm.diskactivity.checktimeout_s=120
+# Timeout for giving up on waiting for VM's disk files to become inactive. Hitting
+# this timeout will result in failure to start VM.
+#
+# vm.diskactivity.inactivetime_ms=30000
+# This is the length of time that the disk needs to be inactive in order to pass the check.
+# This means current time minus mtime of disk file needs to be greater than this number.
+# It also has the side effect of setting the minimum threshold between a stop and start of
+# a given VM.
+#
 # kvmclock.disable=false
 # Some newer linux kernels are incapable of reliably migrating vms with kvmclock
 # This is a workaround for the bug, admin can set this to true per-host
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index ae48783ee6..0f5908f33c 100755
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -91,6 +91,7 @@
 import org.apache.cloudstack.utils.qemu.QemuImg.PhysicalDiskFormat;
 import org.apache.cloudstack.utils.qemu.QemuImgException;
 import org.apache.cloudstack.utils.qemu.QemuImgFile;
+import org.apache.cloudstack.utils.hypervisor.HypervisorUtils;
 
 import com.cloud.agent.api.Answer;
 import com.cloud.agent.api.AttachIsoCommand;
@@ -319,6 +320,10 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
     private int _migrateSpeed;
     private int _migrateDowntime;
     private int _migratePauseAfter;
+    protected boolean _diskActivityCheckEnabled;
+    protected long _diskActivityCheckFileSizeMin = 10485760; // 10MB
+    protected int _diskActivityCheckTimeoutSeconds = 120; // 120s
+    protected long _diskActivityInactiveThresholdMilliseconds = 30000; // 30s
 
     private long _hvVersion;
     private long _kernelVersion;
@@ -969,6 +974,7 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
         params.put("libvirtVersion", _hypervisorLibvirtVersion);
 
         configureVifDrivers(params);
+        configureDiskActivityChecks(params);
 
         KVMStorageProcessor storageProcessor = new KVMStorageProcessor(_storagePoolMgr, this);
         storageProcessor.configure(name, params);
@@ -982,6 +988,20 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
         return true;
     }
 
+    protected void configureDiskActivityChecks(Map<String, Object> params) {
+        _diskActivityCheckEnabled = Boolean.parseBoolean((String)params.get("vm.diskactivity.checkenabled"));
+        if (_diskActivityCheckEnabled) {
+            int timeout = NumbersUtil.parseInt((String)params.get("vm.diskactivity.checktimeout_s"), 0);
+            if (timeout > 0) {
+                _diskActivityCheckTimeoutSeconds = timeout;
+            }
+            long inactiveTime = NumbersUtil.parseLong((String)params.get("vm.diskactivity.inactivetime_ms"), 0L);
+            if (inactiveTime > 0) {
+                _diskActivityInactiveThresholdMilliseconds = inactiveTime;
+            }
+        }
+    }
+
     protected void configureVifDrivers(Map<String, Object> params) throws ConfigurationException {
         final String LIBVIRT_VIF_DRIVER = "libvirt.vif.driver";
 
@@ -3923,6 +3943,17 @@ public int compare(DiskTO arg0, DiskTO arg1) {
                 volPath = physicalDisk.getPath();
             }
 
+            // check for disk activity, if detected we should exit because vm is running elsewhere
+            if (_diskActivityCheckEnabled && physicalDisk != null && physicalDisk.getFormat() == PhysicalDiskFormat.QCOW2) {
+                s_logger.debug("Checking physical disk file at path " + volPath + " for disk activity to ensure vm is not running elsewhere");
+                try {
+                    HypervisorUtils.checkVolumeFileForActivity(volPath, _diskActivityCheckTimeoutSeconds, _diskActivityInactiveThresholdMilliseconds, _diskActivityCheckFileSizeMin);
+                } catch (IOException ex) {
+                    throw new CloudRuntimeException("Unable to check physical disk file for activity", ex);
+                }
+                s_logger.debug("Disk activity check cleared");
+            }
+
             // if params contains a rootDiskController key, use its value (this is what other HVs are doing)
             DiskDef.diskBus diskBusType = null;
             Map <String, String> params = vmSpec.getDetails();
diff --git a/utils/src/org/apache/cloudstack/utils/hypervisor/HypervisorUtils.java b/utils/src/org/apache/cloudstack/utils/hypervisor/HypervisorUtils.java
new file mode 100644
index 0000000000..a0a20936bf
--- /dev/null
+++ b/utils/src/org/apache/cloudstack/utils/hypervisor/HypervisorUtils.java
@@ -0,0 +1,68 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package org.apache.cloudstack.utils.hypervisor;
+
+import com.cloud.utils.exception.CloudRuntimeException;
+import org.apache.log4j.Logger;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.attribute.BasicFileAttributes;
+import java.util.concurrent.TimeUnit;
+
+public class HypervisorUtils {
+    public static final Logger s_logger = Logger.getLogger(HypervisorUtils.class);
+
+    public static void checkVolumeFileForActivity(final String filePath, int timeoutSeconds, long inactiveThresholdMilliseconds, long minimumFileSize) throws IOException {
+        File file = new File(filePath);
+        if (!file.exists()) {
+            throw new CloudRuntimeException("File " + file.getAbsolutePath() + " not found");
+        }
+        if (file.length() < minimumFileSize) {
+            s_logger.debug("VM disk file too small, fresh clone? skipping modify check");
+            return;
+        }
+        int waitedSeconds = 0;
+        int intervalSeconds = 1;
+        while (true) {
+            BasicFileAttributes attrs = Files.readAttributes(file.toPath(), BasicFileAttributes.class);
+            long modifyIdle = System.currentTimeMillis() - attrs.lastModifiedTime().toMillis();
+            long accessIdle = System.currentTimeMillis() - attrs.lastAccessTime().toMillis();
+            if (modifyIdle > inactiveThresholdMilliseconds && accessIdle > inactiveThresholdMilliseconds) {
+                s_logger.debug("File " + filePath + " has not been accessed or modified for at least " + inactiveThresholdMilliseconds + " ms");
+                return;
+            } else {
+                s_logger.debug("File was modified " + modifyIdle + "ms ago, accessed " + accessIdle + "ms ago, waiting for inactivity threshold of "
+                        + inactiveThresholdMilliseconds + "ms or timeout of " + timeoutSeconds + "s (waited " + waitedSeconds + "s)");
+            }
+            try {
+                TimeUnit.SECONDS.sleep(intervalSeconds);
+            } catch (InterruptedException ex) {
+                throw new CloudRuntimeException("Interrupted while waiting for activity on " + filePath + " to subside", ex);
+            }
+            waitedSeconds += intervalSeconds;
+            if (waitedSeconds >= timeoutSeconds) {
+                throw new CloudRuntimeException("Reached timeout while waiting for activity on " + filePath + " to subside");
+            }
+        }
+    }
+
+}
diff --git a/utils/test/org/apache/cloudstack/utils/hypervisor/HypervisorUtilsTest.java b/utils/test/org/apache/cloudstack/utils/hypervisor/HypervisorUtilsTest.java
new file mode 100644
index 0000000000..b54f4cbd31
--- /dev/null
+++ b/utils/test/org/apache/cloudstack/utils/hypervisor/HypervisorUtilsTest.java
@@ -0,0 +1,111 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package org.apache.cloudstack.utils.hypervisor;
+
+import com.cloud.utils.exception.CloudRuntimeException;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.runners.MockitoJUnitRunner;
+
+import java.io.File;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.util.Arrays;
+
+@RunWith(MockitoJUnitRunner.class)
+public class HypervisorUtilsTest {
+
+    final long _minFileSize = 10485760L;
+
+    @Test
+    public void checkVolumeFileForActivitySmallFileTest() throws IOException {
+        System.out.print("Testing don't block on newly created clones - ");
+        String filePath = "./testsmallfileinactive";
+        int timeoutSeconds = 10;
+        long thresholdMilliseconds = 5000;
+        File file = new File(filePath);
+        setupcheckVolumeFileForActivityFile(file, 0);
+
+        long startTime = System.currentTimeMillis();
+        HypervisorUtils.checkVolumeFileForActivity(filePath, timeoutSeconds, thresholdMilliseconds, _minFileSize);
+        long endTime = System.currentTimeMillis();
+
+        Assert.assertEquals(startTime, endTime, 1000L);
+        System.out.println("pass");
+
+        file.delete();
+    }
+
+    @Test
+    public void checkVolumeFileForActivityTest() throws IOException {
+        System.out.print("Testing block on modified files - ");
+        String filePath = "./testfileinactive";
+        int timeoutSeconds = 5;
+        long thresholdMilliseconds = 2000;
+        File file = new File(filePath);
+        setupcheckVolumeFileForActivityFile(file, _minFileSize);
+
+        long startTime = System.currentTimeMillis();
+        org.apache.cloudstack.utils.hypervisor.HypervisorUtils.checkVolumeFileForActivity(filePath, timeoutSeconds, thresholdMilliseconds, _minFileSize);
+        long duration = System.currentTimeMillis() - startTime;
+
+        Assert.assertFalse("Didn't block long enough, expected at least " + thresholdMilliseconds + " and got " + duration, duration < thresholdMilliseconds);
+        System.out.println("pass");
+
+        file.delete();
+    }
+
+    @Test(expected=CloudRuntimeException.class)
+    public void checkVolumeFileForActivityTimeoutTest() throws IOException {
+        System.out.print("Testing timeout of blocking on modified files - ");
+        String filePath = "./testfileinactive";
+        int timeoutSeconds = 3;
+        long thresholdMilliseconds = 5000;
+        File file = new File(filePath);
+        setupcheckVolumeFileForActivityFile(file, _minFileSize);
+
+        try {
+            HypervisorUtils.checkVolumeFileForActivity(filePath, timeoutSeconds, thresholdMilliseconds, _minFileSize);
+        } catch (CloudRuntimeException ex) {
+            System.out.println("pass");
+            throw ex;
+        } finally {
+            file.delete();
+        }
+        System.out.println("Fail");
+    }
+
+    private void setupcheckVolumeFileForActivityFile(File file, long minSize) throws IOException {
+        if (file.exists()) {
+            file.delete();
+        }
+        file.createNewFile();
+        char[] chars = new char[1048576];
+        Arrays.fill(chars, 'X');
+        long written = 0;
+        FileWriter writer = new FileWriter(file);
+        while (written < minSize) {
+            writer.write(chars);
+            written += chars.length;
+        }
+        writer.close();
+    }
+}

From a71df257b6e171bec5cca125b1f90ef8d63f7848 Mon Sep 17 00:00:00 2001
From: Milamber <milamber@apache.org>
Date: Tue, 1 Sep 2015 14:01:08 +0100
Subject: [PATCH 064/115] Update L10N resource files on 4.5 branch with 4.5
 translation strings from Transifex (20150901) Fix an issue with the key
 message.admin.guide.read on pt_BR L10N in web UI at the root cause

---
 .../resources/messages_de_DE.properties       |  49 +++
 .../resources/messages_ja_JP.properties       |   2 +-
 .../resources/messages_nl_NL.properties       |   2 +-
 .../resources/messages_pt_BR.properties       | 314 +++++++++---------
 .../resources/messages_zh_CN.properties       |   2 +-
 5 files changed, 209 insertions(+), 160 deletions(-)

diff --git a/client/WEB-INF/classes/resources/messages_de_DE.properties b/client/WEB-INF/classes/resources/messages_de_DE.properties
index b45349769a..11d11d14e6 100644
--- a/client/WEB-INF/classes/resources/messages_de_DE.properties
+++ b/client/WEB-INF/classes/resources/messages_de_DE.properties
@@ -265,6 +265,7 @@ label.add.ingress.rule=Zutrittsregel hinzuf\u00fcgen
 label.adding.succeeded=Erfolgreich hinzugef\u00fcgt
 label.adding.user=Nutzer hinzuf\u00fcgen
 label.adding.zone=Hinzuf\u00fcgen der Zone
+label.add.internal.lb=Interne LB hinzuf\u00fcgen
 label.add.ip.range=IP Bereich hinzuf\u00fcgen
 label.add.isolated.guest.network=Isoliertes Gastnetzwerk hinzuf\u00fcgen
 label.add.isolated.network=Isoliertes Netzwerk hinzuf\u00fcgen
@@ -440,6 +441,7 @@ label.delete.ciscoASA1000v=CiscoASA1000v l\u00f6schen
 label.delete.ciscovnmc.resource=CiscoVNMC-Ressource l\u00f6schen
 label.delete.events=Ereignisse l\u00f6schen
 label.delete.F5=F5 l\u00f6schen
+label.delete.internal.lb=Interne LB l\u00f6schen
 label.delete=L\u00f6schen
 label.delete.PA=Palo Alto l\u00f6schen
 label.delete.portable.ip.range=Portablen IP-Bereich l\u00f6schen
@@ -480,10 +482,14 @@ label.disk.iops.read.rate=Festplatten-Leserate (IOPS)
 label.disk.iops.total=Gesamte IOPS
 label.disk.iops.write.rate=Festplatten-Schreibrate (IOPS)
 label.disk.offering=Festplatten-Angebot
+label.disk.read.bytes=Festplatte Lesen (Bytes)
+label.disk.read.io=Festplatte Lesen (EA)
 label.disk.size=Festplattengr\u00f6\u00dfe
 label.disk.size.gb=Festplattengr\u00f6\u00dfe (in GB)
 label.disk.total=Gesamtzahl der Festplatten
 label.disk.volume=Festplatten Volume
+label.disk.write.bytes=Festplatte Schreiben (Bytes)
+label.disk.write.io=Festplatte Schreiben (EA)
 label.display.text=Anzeigetext
 label.distributedrouter=Verteilter Router
 label.dns.1=DNS 1
@@ -514,6 +520,7 @@ label.email.lower=E-Mail-Adresse
 label.enable.autoscale=Automatische Skalierung aktivieren
 label.enable.host=Host aktivieren
 label.enable.network.offering=Netzwerkangebot aktivieren
+label.enable.provider=Anbieter aktivieren
 label.enable.swift=Swift aktivieren
 label.enable.vnmc.device=VNMC-Ger\u00e4t aktivieren
 label.enable.vnmc.provider=VNMC-Anbieter aktivieren
@@ -567,6 +574,7 @@ label.gslb.details=GSLB-Details
 label.gslb.domain.name=GSLB-Dom\u00e4nenname
 label.gslb=GSLB
 label.gslb.lb.details=Lastverteilungsdetails
+label.gslb.lb.remove=Lastverteilung aus diesem GSLB entfernen
 label.gslb.lb.rule=Lastverteilungsregel
 label.gslb.service=GSLB-Dienst
 label.gslb.service.private.ip=GSLB-Dienst Private IP
@@ -628,6 +636,7 @@ label.instance.name=Name der Instanz
 label.instances=Instanzen
 label.internal.dns.1=Interne DNS 1
 label.internal.dns.2=Interne DNS 2
+label.internal.lb.details=Interne LB-Details
 label.internal.name=Interner Name
 label.interval.type=Interval Typ
 label.introduction.to.cloudstack=Einf\u00fchrung in CloudStack&\#8482
@@ -697,6 +706,8 @@ label.last.name=Nachname
 label.latest.events=Neueste Ereignisse
 label.launch=Start
 label.launch.vm=VM starten
+label.launch.zone=Zone starten
+label.lb.algorithm.leastconn=Mindestverbindungen
 label.lb.algorithm.roundrobin=Rundlauf-Verfahren
 label.lb.algorithm.source=Quelle
 label.ldap.configuration=LDAP-Konfiguration
@@ -706,6 +717,7 @@ label.level=Ebene
 label.load.balancer=Serverlastverteilung
 label.load.balancer.type=Lastverteilungstyp
 label.load.balancing=Lastverteilung
+label.load.balancing.policies=Verteilungsrichtlinien laden
 label.loading=Laden
 label.local=Lokal
 label.local.storage=Lokaler Speicher
@@ -812,6 +824,7 @@ label.network.device.type=Netzwerkger\u00e4tetyp
 label.network.domain=Netzwerk-Domain
 label.network.domain.text=Netzwerkdom\u00e4ne
 label.network.id=Netzwerk-ID
+label.networking.and.security=Netzwerkbetrieb und Sicherheit
 label.network.limits=Netzwerkbegrenzungen
 label.network.name=Netzwerk Name
 label.network=Netzwerk
@@ -830,6 +843,7 @@ label.nexusVswitch=Nexus 1000v
 label.nfs=NFS
 label.nfs.server=NFS Server
 label.nfs.storage=NFS-Speicher
+label.nic.adapter.type=NIC-Adaptertyp
 label.nicira.nvp.details=Nicira NVP-Details
 label.nics=NICs
 label.no.actions=Nicht verf\u00fcgbare Aktionen
@@ -861,6 +875,7 @@ label.optional=optional
 label.order=Reihenfolge
 label.os.preference=OS Pr\u00e4ferenz
 label.os.type=OS Typ
+label.other=Andere
 label.override.guest.traffic=Gast-Datenverkehr \u00fcberschreiben
 label.override.public.traffic=\u00d6ffentlichen Datenverkehr \u00fcberschreiben
 label.ovs=OVS
@@ -874,6 +889,7 @@ label.passive=Passiv
 label.password.enabled=Passwort aktiviert
 label.password.lower=Passwort
 label.password=Passwort
+label.password.reset.confirm=Passwort wurde zur\u00fcckgesetzt auf
 label.path=Pfad
 label.persistent=Persistent
 label.physical.network.ID=Physikalisches Netzwerkkennung
@@ -886,6 +902,7 @@ label.PING.storage.IP=IP des externen Speichers anpingen
 label.please.wait=Bitte warten
 label.pod=Pod
 label.pods=Pod
+label.polling.interval.sec=Abfrageintervall (in Sekunden)
 label.portable.ip=Portable IP
 label.portable.ip.range.details=Details des portablen IP-Bereichs
 label.portable.ip.ranges=Portable IP-Bereiche
@@ -925,6 +942,7 @@ label.providers=Anbieter
 label.public.interface=\u00d6ffentliches Interface
 label.public.ips=\u00d6ffentliche IP-Adressen
 label.public.ip=\u00d6ffentliche IP-Adresse
+label.public.load.balancer.provider=\u00d6ffentlicher Lastverteileranbieter
 label.public.network=\u00d6ffentliches Netzwerk
 label.public.port=\u00d6ffentlicher Port
 label.public.traffic=\u00d6ffentlicher Datenverkehr
@@ -933,6 +951,7 @@ label.public.zone=\u00d6ffentliche Zone
 label.purpose=Zweck
 label.Pxe.server.type=PXE Server Type
 label.quickview=Schnellansicht
+label.quiet.time.sec=Ruhezeit (in Sekunden)
 label.rbd.id=Cephx-Benutzer
 label.rbd=RBD
 label.rbd.secret=Cephx-Geheimnis
@@ -954,6 +973,9 @@ label.remove.pf=Portweiterleitungsregel entfernen
 label.remove.project.account=Konto aus Projekt entfernen
 label.remove.region=Region entfernen
 label.remove.rule=Regel entfernen
+label.remove.static.nat.rule=Statische NAT-Regel entfernen
+label.remove.static.route=Statische Route entfernen
+label.remove.vm.load.balancer=VM aus Lastverteiler entfernen
 label.remove.vmware.datacenter=VMware-Rechenzentrum entfernen
 label.remove.vpc.offering=VPC-Angebot entfernen
 label.remove.vpc=VPC entfernen
@@ -992,6 +1014,7 @@ label.s3.nfs.server=S3 NFS-Server
 label.s3.secret_key=Secret Key
 label.s3.socket_timeout=Socket-Zeit\u00fcberschreitung
 label.s3.use_https=HTTPS verwenden
+label.saml.entity=Identit\u00e4tsanbieter
 label.saturday=Samstag
 label.save.and.continue=Speichern und fortsetzen
 label.save=Sichern
@@ -1256,6 +1279,7 @@ label.zone.step.4.title=Schritt 4\: <strong>F\u00fcgen Sie einen IP-Bereich hinz
 label.zones=Zone
 label.zone.type=Zonentyp
 label.zone.wide=Zonenweit
+label.zoneWizard.trafficType.guest=Gast\: Datenverkehr zwischen den virtuellen Maschinen der Endbenutzer
 label.zone=Zone
 message.acquire.public.ip=Bitte w\u00e4hlen Sie eine Zone, von der Sie Ihre neue IP erlangen m\u00f6chten.
 message.action.cancel.maintenance=Ihr Host ist erfolgreich f\u00fcr die Wartung abgebrochen. Dieser Prozess kann ein paar Minuten dauern.
@@ -1269,6 +1293,7 @@ message.action.delete.ingress.rule=Bitte best\u00e4tigen Sie, dass Sie diese Zut
 message.action.delete.ISO=Bitte best\u00e4tigen Sie, dass Sie diese ISO l\u00f6schen m\u00f6chten.
 message.action.delete.ISO.for.all.zones=Die ISO gilt f\u00fcr alle Zonen. Bitte best\u00e4tigen Sie, dass Sie diese aus allen Zonen l\u00f6schen m\u00f6chten.
 message.action.delete.network=Bitte best\u00e4tigen Sie, dass Sie dieses Netzwerk l\u00f6schen m\u00f6chten.
+message.action.delete.physical.network=Bitte best\u00e4tigen Sie, dass Sie dieses physikalische Netzwerk l\u00f6schen m\u00f6chten
 message.action.delete.pod=Bitte best\u00e4tigen Sie, dass Sie dieses pod l\u00f6schen m\u00f6chten.
 message.action.delete.primary.storage=Bitte best\u00e4tigen Sie, dass Sie diese Hauptspeicher l\u00f6schen m\u00f6chten.
 message.action.delete.secondary.storage=Bitte best\u00e4tigen Sie, dass Sie diesen Sekund\u00e4rspeicher l\u00f6schen m\u00f6chten.
@@ -1282,17 +1307,22 @@ message.action.delete.zone=Bitte best\u00e4tigen Sie, dass Sie diese Zone l\u00f
 message.action.destroy.instance=Bitte best\u00e4tigen Sie, dass Sie diese Instanz l\u00f6schen m\u00f6chten.
 message.action.destroy.systemvm=Bitte best\u00e4tigen Sie, dass Sie die System VM zerst\u00f6ren m\u00f6chten.
 message.action.disable.cluster=Bitte best\u00e4tigen Sie, dass Sie diesen Cluster deaktivieren m\u00f6chten.
+message.action.disable.physical.network=Bitte best\u00e4tigen Sie, dass Sie dieses physikalische Netzwerk deaktivieren m\u00f6chten.
 message.action.disable.pod=Bitte best\u00e4tigen Sie, dass Sie diesen Pod deaktivieren m\u00f6chten.
 message.action.disable.static.NAT=Bitte best\u00e4tigen Sie, dass Sie die statische NAT deaktivieren m\u00f6chten.
 message.action.disable.zone=Bitte best\u00e4tigen Sie, dass Sie diese Zone deaktivieren m\u00f6chten.
 message.action.downloading.template=Vorlage wird heruntergeladen.
+message.action.download.iso=Bitte best\u00e4tigen Sie, dass Sie dieses ISO herunterladen m\u00f6chten.
 message.action.enable.cluster=Bitte best\u00e4tigen Sie, dass Sie diesen Cluster aktivieren m\u00f6chten.
+message.action.enable.physical.network=Bitte best\u00e4tigen Sie, dass Sie dieses physikalische Netzwerk aktivieren m\u00f6chten.
 message.action.enable.pod=Bitte best\u00e4tigen Sie, dass Sie diesen Pod aktivieren m\u00f6chten.
 message.action.enable.zone=Bitte best\u00e4tigen Sie, dass Sie diese Zone aktivieren m\u00f6chten.
 message.action.instance.reset.password=Bitte best\u00e4tigen Sie, dass Sie das ROOT Passwort f\u00fcr diese virtuelle Maschine \u00e4ndern m\u00f6chten.
 message.action.manage.cluster=Bitte best\u00e4tigen Sie, dass das Cluster bearbeitet werden soll.
 message.action.reboot.instance=Bitte best\u00e4tigen Sie, dass Sie diese Instanz neustarten m\u00f6chten.
 message.action.reboot.systemvm=Bitte best\u00e4tigen Sie, dass Sie diese System VM neustarten m\u00f6chten.
+message.action.release.ip=Bitte best\u00e4tigen Sie, dass Sie diese IP freigeben m\u00f6chten.
+message.action.remove.host=Bitte best\u00e4tigen Sie, dass Sie diesen Host entfernen m\u00f6chten.
 message.action.reset.password.off=Ihre Instanz untersch\u00fctzt derzeitig nicht dieses Feature.
 message.action.reset.password.warning=Ihre Instanz muss zuerst unterbrochen werden, bevor Sie Ihr derzeitiges Passwort \u00e4ndern k\u00f6nnen.
 message.action.restore.instance=Bitte best\u00e4tigen Sie, dass Sie diese Instanz wiederherstellen m\u00f6chten.
@@ -1302,6 +1332,7 @@ message.action.start.systemvm=Bitte best\u00e4tigen Sie, dass Sie diese System V
 message.action.stop.instance=Bitte best\u00e4tigen Sie, dass Sie diese Instanz anhalten m\u00f6chten.
 message.action.stop.systemvm=Bitte best\u00e4tigen Sie, dass Sie diese System VM anhalten m\u00f6chten.
 message.action.unmanage.cluster=Bitte best\u00e4tigen Sie, dass Sie das Cluster vernachl\u00e4ssigen m\u00f6chten.
+message.action.vmsnapshot.revert=VM-Schnappschuss zur\u00fccksetzen
 message.add.firewall=Eine Firewall zur Zone hinzuf\u00fcgen
 message.add.host=Bitte spezifizieren Sie die folgenden Parameter, um einen neuen Host hinzuzuf\u00fcgen.
 message.adding.host=Host wird hinzugef\u00fcgt
@@ -1320,8 +1351,20 @@ message.configuring.guest.traffic=Gast-Datenverkehr wird konfiguriert
 message.configuring.physical.networks=Physikalische Netzwerke werden konfiguriert
 message.configuring.public.traffic=\u00d6ffentlicher Datenverkehr wird konfiguriert
 message.configuring.storage.traffic=Speicherungsdatenverkehr wird konfiguriert
+message.confirm.archive.event=Bitte best\u00e4tigen Sie, dass Sie dieses Ereignis archivieren m\u00f6chten.
+message.confirm.archive.selected.alerts=Bitte best\u00e4tigen Sie, dass Sie die ausgew\u00e4hlten Alarme archivieren m\u00f6chten
 message.confirm.create.volume=Sind Sie sicher, dass Sie ein Volumen erstellen m\u00f6chten?
+message.confirm.delete.acl.list=Sind Sie sicher, dass Sie diese ACL-Liste l\u00f6schen m\u00f6chten?
+message.confirm.delete.alert=Sind Sie sicher, dass Sie diesen Alarm l\u00f6schen m\u00f6chten?
+message.confirm.delete.ciscoASA1000v=Bitte best\u00e4tigen Sie, dass Sie CiscoASA1000v l\u00f6schen m\u00f6chten
+message.confirm.destroy.router=Bitte best\u00e4tigen Sie, dass Sie diesen Router zerst\u00f6ren m\u00f6chten
+message.confirm.disable.host=Bitte best\u00e4tigen Sie, dass Sie den Host deaktivieren m\u00f6chten
+message.confirm.enable.host=Bitte best\u00e4tigen Sie, dass Sie den Host aktivieren m\u00f6chten
 message.confirm.migrate.volume=M\u00f6chten Sie dieses Volumen migrieren?
+message.confirm.remove.event=Sind Sie sicher, dass Sie dieses Ereignis entfernen m\u00f6chten?
+message.confirm.remove.selected.alerts=Bitte best\u00e4tigen Sie, dass Sie die ausgew\u00e4hlten Alarme entfernen m\u00f6chten
+message.confirm.remove.selected.events=Bitte best\u00e4tigen Sie, dass Sie die ausgew\u00e4hlten Ereignisse entfernen m\u00f6chten
+message.confirm.replace.acl.new.one=M\u00f6chten Sie die ACL durch die neue ersetzen?
 message.copy.iso.confirm=Bitte best\u00e4tigen Sie, dass Sie Ihre ISO kopieren m\u00f6chten und zwar nach
 message.create.template=Sind Sie sicher, dass Sie eine Vorlage erstellen m\u00f6chten?
 message.create.template.vm=VM aus Vorlage <b id\="p_name"></b> erstellen
@@ -1332,16 +1375,22 @@ message.creating.primary.storage=Hauptspeicher wird erstellt
 message.creating.secondary.storage=Sekund\u00e4rspeicher wird erstellt
 message.creating.zone=Zone wird erstellt
 message.delete.account=Bitte best\u00e4tigen Sie, dass Sie dieses Benutzerkonto l\u00f6schen m\u00f6chten.
+message.delete.project=Sind Sie sicher, dass Sie dieses Projekt l\u00f6schen m\u00f6chten?
+message.delete.user=Bitte best\u00e4tigen Sie, dass Sie diesen Benutzer l\u00f6schen m\u00f6chten.
+message.delete.VPN.connection=Bitte best\u00e4tigen Sie, dass Sie die VPN-Verbindung l\u00f6schen m\u00f6chten
 message.detach.iso.confirm=Bitte best\u00e4tigen Sie, dass Sie die ISO von der virtuellen Instanz trennen m\u00f6chten.
 message.disable.account=Bitte best\u00e4tigen Sie, dass Sie Ihr Benutzerkonto deaktivieren m\u00f6chten. Kein Nutzer dieses Kontos wird mehr Zugriff auf die Cloud Ressourcen haben. Alle laufenden virtuellen Maschinen werden sofort abgestellt.
 message.disable.snapshot.policy=Sie haben Ihre derzeitige Schnappschuss Richtlinie erfolgreich deaktiviert.
+message.disable.user=Bitte best\u00e4tigen Sie, dass Sie diesen Benutzer deaktivieren m\u00f6chten.
 message.disable.vpn.access=Bitte best\u00e4tigen Sie, dass Sie den VPN Zugriff deaktivieren m\u00f6chten.
+message.disable.vpn=Sind Sie sicher, dass Sie das VPN deaktivieren m\u00f6chten?
 message.disabling.network.offering=Netzwerkangebot wird deaktiviert
 message.disabling.vpc.offering=VPC-Angebot wird deaktiviert
 message.disallowed.characters=Nicht erlaubte Zeichen\: \\<\\,\\>
 message.download.ISO=Bitte klicken Sie auf <a href\="\#">00000</a>, um das ISO herunterzuladen
 message.download.template=Bitte klicken Sie auf <a href\="\#">00000</a>, um die Vorlage herunterzuladen
 message.download.volume=Bitte klicken Sie auf <a href\="\#">00000</a>, um das Volumen herunterzuladen
+message.download.volume.confirm=Bitte best\u00e4tigen Sie, dass Sie dieses Volumen herunterladen m\u00f6chten.
 message.enable.account=Bitte best\u00e4tigen Sie, dass Sie dieses Konto aktivieren m\u00f6chten.
 message.enabled.vpn=Ihr VPN Zugriff ist zurzeit aktiv und via IP k\u00f6nnen Sie darauf zugreifen
 message.enable.vpn.access=VPN ist zurzeit nicht f\u00fcr diese IP Addresse aktiviert. M\u00f6chten Sie den VPN Zugriff aktivieren?
diff --git a/client/WEB-INF/classes/resources/messages_ja_JP.properties b/client/WEB-INF/classes/resources/messages_ja_JP.properties
index a54ec89380..d069a1107e 100644
--- a/client/WEB-INF/classes/resources/messages_ja_JP.properties
+++ b/client/WEB-INF/classes/resources/messages_ja_JP.properties
@@ -1692,7 +1692,7 @@ message.add.system.service.offering=\u65b0\u3057\u3044\u30b7\u30b9\u30c6\u30e0 \
 message.add.template=\u65b0\u3057\u3044\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u3092\u4f5c\u6210\u3059\u308b\u305f\u3081\u306b\u3001\u6b21\u306e\u30c7\u30fc\u30bf\u3092\u5165\u529b\u3057\u3066\u304f\u3060\u3055\u3044\u3002
 message.add.volume=\u65b0\u3057\u3044\u30dc\u30ea\u30e5\u30fc\u30e0\u3092\u8ffd\u52a0\u3059\u308b\u305f\u3081\u306b\u3001\u6b21\u306e\u30c7\u30fc\u30bf\u3092\u5165\u529b\u3057\u3066\u304f\u3060\u3055\u3044\u3002
 message.add.VPN.gateway=VPN \u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u3092\u8ffd\u52a0\u3057\u3066\u3082\u3088\u308d\u3057\u3044\u3067\u3059\u304b?
-message.admin.guide.read=VMware \u30d9\u30fc\u30b9\u306e VM \u306b\u3064\u3044\u3066\u306f\u3001\u30b5\u30a4\u30ba\u5909\u66f4\u306e\u524d\u306b\u7ba1\u7406\u8005\u30ac\u30a4\u30c9\u306e\u52d5\u7684\u306a\u30b5\u30a4\u30ba\u5909\u66f4\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u3092\u304a\u8aad\u307f\u304f\u3060\u3055\u3044\u3002\u7d9a\u884c\u3057\u3066\u3082\u3088\u308d\u3057\u3044\u3067\u3059\u304b?,
+message.admin.guide.read=VMware \u30d9\u30fc\u30b9\u306e VM \u306b\u3064\u3044\u3066\u306f\u3001\u30b5\u30a4\u30ba\u5909\u66f4\u306e\u524d\u306b\u7ba1\u7406\u8005\u30ac\u30a4\u30c9\u306e\u52d5\u7684\u306a\u30b5\u30a4\u30ba\u5909\u66f4\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u3092\u304a\u8aad\u307f\u304f\u3060\u3055\u3044\u3002\u7d9a\u884c\u3057\u3066\u3082\u3088\u308d\u3057\u3044\u3067\u3059\u304b?\\,
 message.advanced.mode.desc=VLAN \u30b5\u30dd\u30fc\u30c8\u3092\u6709\u52b9\u306b\u3059\u308b\u5834\u5408\u306f\u3001\u3053\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30e2\u30c7\u30eb\u3092\u9078\u629e\u3057\u3066\u304f\u3060\u3055\u3044\u3002\u3053\u306e\u30e2\u30c7\u30eb\u3067\u306f\u6700\u3082\u67d4\u8edf\u306b\u30ab\u30b9\u30bf\u30e0 \u30cd\u30c3\u30c8\u30ef\u30fc\u30af \u30aa\u30d5\u30a1\u30ea\u30f3\u30b0\u3092\u63d0\u4f9b\u3067\u304d\u3001\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u3001VPN\u3001\u30ed\u30fc\u30c9 \u30d0\u30e9\u30f3\u30b5\u30fc\u306e\u30b5\u30dd\u30fc\u30c8\u306e\u307b\u304b\u306b\u3001\u76f4\u63a5\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3068\u4eee\u60f3\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3082\u6709\u52b9\u306b\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002
 message.advanced.security.group=\u30b2\u30b9\u30c8 VM \u3092\u5206\u96e2\u3059\u308b\u305f\u3081\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30b0\u30eb\u30fc\u30d7\u3092\u4f7f\u7528\u3059\u308b\u5834\u5408\u306f\u3001\u3053\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u9078\u629e\u3057\u3066\u304f\u3060\u3055\u3044\u3002
 message.advanced.virtual=\u30b2\u30b9\u30c8 VM \u3092\u5206\u96e2\u3059\u308b\u305f\u3081\u306b\u30be\u30fc\u30f3\u5168\u4f53\u306e VLAN \u3092\u4f7f\u7528\u3059\u308b\u5834\u5408\u306f\u3001\u3053\u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u9078\u629e\u3057\u3066\u304f\u3060\u3055\u3044\u3002
diff --git a/client/WEB-INF/classes/resources/messages_nl_NL.properties b/client/WEB-INF/classes/resources/messages_nl_NL.properties
index 1fd0a53505..848e20370f 100644
--- a/client/WEB-INF/classes/resources/messages_nl_NL.properties
+++ b/client/WEB-INF/classes/resources/messages_nl_NL.properties
@@ -1587,7 +1587,7 @@ message.add.system.service.offering=Specificeer de volgende gegevens om een nieu
 message.add.template=Specificeer de volgende gegevens om een nieuwe template aan te maken
 message.add.volume=Specificeer de volgende gegevens om een nieuw volume toe te voegen.
 message.add.VPN.gateway=Bevestig dat u een VPN Gateway wilt toevoegen
-message.admin.guide.read=Voor VMware-gebaseerde VMs, lees eerst de dynamic scaling sectie in de admin guide voordat u gaat schalen. Weet u zeker dat u verder wilt gaan?
+message.admin.guide.read=Voor VMware-gebaseerde VMs, lees eerst de dynamic scaling sectie in de admin guide voordat u gaat schalen. Weet u zeker dat u verder wilt gaan?\\,
 message.advanced.mode.desc=Kies dit netwerk model als u VLAN ondersteuning wilt inschakelen. Dit netwerk model geeft u de meeste flexibiliteit en stelt beheerders in staat om aangepaste netwerk aanbiedingen aan te maken met firewall, vpn, of load balancer ondersteuning. Ook kunt u kiezen tussen direct en virtual networking.
 message.advanced.security.group=Kies dit netwerk model als u security groups wilt gebruiken om virtueele machines te isoleren.
 message.advanced.virtual=Kies deze optie als u zone breede VLANs wilt gebruiken om virtueele machines te isoleren.
diff --git a/client/WEB-INF/classes/resources/messages_pt_BR.properties b/client/WEB-INF/classes/resources/messages_pt_BR.properties
index ca9653489e..d1110509b0 100644
--- a/client/WEB-INF/classes/resources/messages_pt_BR.properties
+++ b/client/WEB-INF/classes/resources/messages_pt_BR.properties
@@ -18,40 +18,40 @@
 changed.item.properties=Propriedades do item alteradas
 confirm.enable.s3=Por favor, preencha as informa\u00e7\u00f5es abaixo para habilitar suporte o Storage Secund\u00e1rio fornecido por S3
 confirm.enable.swift=Por favor, preencha as informa\u00e7\u00f5es abaixo para habilitar suporte ao Swift
-error.could.not.change.your.password.because.ldap.is.enabled=Erro\: a nuvem n\u00e3o alterou sua senha porque o LDAP est\u00e1 ativo.
+error.could.not.change.your.password.because.ldap.is.enabled=Erro\: a senha n\u00e3o foi alterada porque o LDAP est\u00e1 ativo.
 error.could.not.enable.zone=N\u00e3o foi poss\u00edvel habilitar a zona
 error.installWizard.message=Alguma coisa est\u00e1 errada; voc\u00ea pode voltar e corrigir quaisquer erros
 error.invalid.username.password=Usu\u00e1rio ou senha inv\u00e1lidos
-error.login=O seu usu\u00e1rio/senha n\u00e3o coincidem com nossos registros.
+error.login=O seu usu\u00e1rio/senha n\u00e3o coincidem com os registros.
 error.menu.select=N\u00e3o foi poss\u00edvel realizar a a\u00e7\u00e3o pois nenhum item foi selecionado.
 error.mgmt.server.inaccessible=O Servidor de Gerenciamento est\u00e1 inacess\u00edvel. Tente novamente mais tarde.
 error.password.not.match=Os campos de senha n\u00e3o combinam
-error.please.specify.physical.network.tags=As Ofertas de Rede n\u00e3o estar\u00e3o dispon\u00edveis enquanto voc\u00ea n\u00e3o especificar tags para esta interface f\u00edsica.
+error.please.specify.physical.network.tags=As Ofertas de Rede n\u00e3o estar\u00e3o dispon\u00edveis enquanto n\u00e3o for especificado tags para esta interface f\u00edsica.
 error.session.expired=Sua sess\u00e3o expirou.
 error.something.went.wrong.please.correct.the.following=Alguma coisa est\u00e1 errada; por favor corrija abaixo
 error.unable.to.reach.management.server=N\u00e3o foi poss\u00edvel acessar o Servidor de Gerenciamento
 error.unresolved.internet.name=Imposs\u00edvel resolver DNS
-force.delete.domain.warning=Aten\u00e7\u00e3o\: Esta op\u00e7\u00e3o remover\u00e1 todos os dom\u00ednios, contas e recursos associados.
+force.delete.domain.warning=Aten\u00e7\u00e3o\: Esta op\u00e7\u00e3o remover\u00e1 todos os dom\u00ednios filhos, contas e recursos associados.
 force.delete=For\u00e7ar Exclus\u00e3o
 force.remove=For\u00e7ar Remo\u00e7\u00e3o
 force.remove.host.warning=Aten\u00e7\u00e3o\: O CloudStack desligar\u00e1 de maneira for\u00e7ada todas as VMs antes de remover o host do cluster.
 force.stop=For\u00e7ar Parada
-force.stop.instance.warning=Aviso\: For\u00e7ar o desligamento desta inst\u00e2ncia deve ser sua \u00faltima op\u00e7\u00e3o. Isto pode levar a perda de dados, bem como  comportamento inconsist\u00eante do estado da m\u00e1quina virtual.
+force.stop.instance.warning=Aviso\: For\u00e7ar o desligamento desta inst\u00e2ncia deve ser sua \u00faltima op\u00e7\u00e3o. Isto pode levar a perda de dados, bem como comportamento inconsist\u00eante do estado da m\u00e1quina virtual.
 ICMP.code=C\u00f3digo ICMP
-ICMP.type=Tipo ICMP
+ICMP.type=Tipo de ICMP
 image.directory=Diret\u00f3rio da Imagem
 inline=Inline
 instances.actions.reboot.label=Reiniciar inst\u00e2ncia
 label.about.app=Sobre o CloudStack
 label.about=Sobre
 label.accept.project.invitation=Aceitar convite de projeto.
-label.account.and.security.group=Contas, grupos de Seguran\u00e7a
+label.account.and.security.group=Contas, Grupos de Seguran\u00e7a
 label.account=Conta
 label.account.id=ID da Conta
 label.account.lower=conta
 label.account.name=Nome da Conta
 label.accounts=Contas
-label.account.specific=Conta-Specific
+label.account.specific=Conta-Spec\u00edfica
 label.acl=ACL
 label.acl.id=ACL ID
 label.acl.name=Nome da ACL
@@ -66,8 +66,8 @@ label.action=A\u00e7\u00e3o
 label.action.cancel.maintenance.mode=Cancelar Modo de Manuten\u00e7\u00e3o
 label.action.cancel.maintenance.mode.processing=Cancelando Modo de Manuten\u00e7\u00e3o....
 label.action.change.password=Troca de Senha
-label.action.change.service.processing=Trocando de Plano....
-label.action.change.service=Trocar Plano
+label.action.change.service.processing=Trocando de Servi\u00e7o....
+label.action.change.service=Trocar Servi\u00e7o
 label.action.configure.samlauthorization=Configurar Autoriza\u00e7\u00e3o SAML SSO
 label.action.copy.ISO=Copiar ISO
 label.action.copy.ISO.processing=Copiando ISO...
@@ -93,27 +93,27 @@ label.action.delete.firewall.processing=Removendo Firewall....
 label.action.delete.firewall=Remover regra de firewall
 label.action.delete.ingress.rule.processing=Removendo Regra de Entrada....
 label.action.delete.ingress.rule=Remover Regra de Entrada
-label.action.delete.IP.range.processing=Removendo Range de IP....
-label.action.delete.IP.range=Remover Range IP
+label.action.delete.IP.range.processing=Removendo Range de IPs....
+label.action.delete.IP.range=Remover Range de IPs
 label.action.delete.ISO.processing=Removendo ISO....
 label.action.delete.ISO=Removendo ISO
 label.action.delete.load.balancer.processing=Removendo Balanceador de Carga...
-label.action.delete.load.balancer=Remover regra de balanceador de carga
+label.action.delete.load.balancer=Remover regra de balanceamento de carga
 label.action.delete.network.processing=Removendo Rede....
 label.action.delete.network=Remover Rede
-label.action.delete.nexusVswitch=Remover NexusVswitch
+label.action.delete.nexusVswitch=Remover Nexus 1000v
 label.action.delete.nic=Remover Interface de Rede
 label.action.delete.physical.network=Deletar rede f\u00edsica
-label.action.delete.pod.processing=Removendo POD....
-label.action.delete.pod=Remover POD
+label.action.delete.pod.processing=Removendo Pod....
+label.action.delete.pod=Remover Pod
 label.action.delete.primary.storage.processing=Removendo Storage Prim\u00e1rio....
 label.action.delete.primary.storage=Remover Storage Prim\u00e1rio
 label.action.delete.secondary.storage.processing=Removendo Storage Secund\u00e1rio....
 label.action.delete.secondary.storage=Remover Storage Secund\u00e1rio
-label.action.delete.security.group.processing=Removendo Security Group....
-label.action.delete.security.group=Remover Security Group
-label.action.delete.service.offering.processing=Removendo Plano....
-label.action.delete.service.offering=Remover Plano
+label.action.delete.security.group.processing=Removendo Grupo de Seguran\u00e7a....
+label.action.delete.security.group=Remover Grupo de Seguran\u00e7a
+label.action.delete.service.offering.processing=Removendo Oferta de Servi\u00e7o....
+label.action.delete.service.offering=Remover Oferta de Servi\u00e7o
 label.action.delete.snapshot.processing=Removendo Snapshot....
 label.action.delete.snapshot=Remover Snapshot
 label.action.delete.system.service.offering=Deletar Oferta de Servi\u00e7o de Sistema
@@ -126,7 +126,7 @@ label.action.delete.volume=Remover Disco
 label.action.delete.zone.processing=Removendo Zona....
 label.action.delete.zone=Remover Zona
 label.action.destroy.instance=Apagar Inst\u00e2ncia
-label.action.destroy.instance.processing=Apagando Inst\u00e2ncia....
+label.action.destroy.instance.processing=Destruindo Inst\u00e2ncia....
 label.action.destroy.systemvm=Apagar VM de Sistema
 label.action.destroy.systemvm.processing=Apagando VM de Sistema....
 label.action.detach.disk=Desplugar Disco
@@ -137,10 +137,10 @@ label.action.disable.account=Desativar conta
 label.action.disable.account.processing=Desativando conta....
 label.action.disable.cluster=Desativar Cluster
 label.action.disable.cluster.processing=Desativando Cluster....
-label.action.disable.nexusVswitch=Desabilitar NexusVswitch
+label.action.disable.nexusVswitch=Desabilitar Nexus 1000v
 label.action.disable.physical.network=Desabilitar rede f\u00edsica
-label.action.disable.pod=Desativar POD
-label.action.disable.pod.processing=Desativando POD....
+label.action.disable.pod=Desativar Pod
+label.action.disable.pod.processing=Desativando Pod....
 label.action.disable.static.NAT=Desativar NAT Est\u00e1tico
 label.action.disable.static.NAT.processing=Desativando NAT Est\u00e1tico....
 label.action.disable.user=Desativar Usu\u00e1rio
@@ -164,7 +164,7 @@ label.action.edit.network.processing=Editarando Rede....
 label.action.edit.pod=Editar Pod
 label.action.edit.primary.storage=Editar Storage Prim\u00e1rio
 label.action.edit.resource.limits=Editar Limite de Recursos
-label.action.edit.service.offering=Editar Plano
+label.action.edit.service.offering=Editar Oferta de Servi\u00e7o
 label.action.edit.template=Editar Template
 label.action.edit.user=Editar Usu\u00e1rio
 label.action.edit.zone=Editar Zona
@@ -172,29 +172,29 @@ label.action.enable.account=Ativar conta
 label.action.enable.account.processing=Ativando conta....
 label.action.enable.cluster=Ativar Cluster
 label.action.enable.cluster.processing=Ativando Cluster....
-label.action.enable.maintenance.mode=Ativar Modo de Manuten\u00e7\u00e3o
+label.action.enable.maintenance.mode=Habilitar Modo de Manuten\u00e7\u00e3o
 label.action.enable.maintenance.mode.processing=Ativando Modo de Manuten\u00e7\u00e3o....
-label.action.enable.nexusVswitch=Habilitar NexusVswitch
-label.action.enable.physical.network=Habilitar rede f\u00edsica
-label.action.enable.pod=Ativar POD
-label.action.enable.pod.processing=Ativando POD....
+label.action.enable.nexusVswitch=Ativar Nexus 1000v
+label.action.enable.physical.network=Ativar rede f\u00edsica
+label.action.enable.pod=Ativar Pod
+label.action.enable.pod.processing=Ativando Pod....
 label.action.enable.static.NAT=Ativar NAT Est\u00e1tico
 label.action.enable.static.NAT.processing=Ativando NAT Est\u00e1tico....
-label.action.enable.user=Habilitar usu\u00e1rio
-label.action.enable.user.processing=Habilitando Usu\u00e1rio...
+label.action.enable.user=Ativar usu\u00e1rio
+label.action.enable.user.processing=Ativando Usu\u00e1rio...
 label.action.enable.zone=Ativar Zona
 label.action.enable.zone.processing=Ativando Zona....
 label.action.expunge.instance=Eliminar Inst\u00e2ncia
-label.action.expunge.instance.processing=Expurgando Inst\u00e2ncia....
-label.action.force.reconnect=Force Reconnect
+label.action.expunge.instance.processing=Eliminando Inst\u00e2ncia....
+label.action.force.reconnect=For\u00e7ar Reconex\u00e3o
 label.action.force.reconnect.processing=Reconectando....
 label.action.generate.keys=Gerar Chaves
 label.action.generate.keys.processing=Gerando Chaves....
-label.action.list.nexusVswitch=Listar NexusVswitch
+label.action.list.nexusVswitch=Listar Nexus 1000v
 label.action.lock.account=Bloquear conta
 label.action.lock.account.processing=Bloqueando conta....
-label.action.manage.cluster.processing=Vinculando o Cluster....
-label.action.manage.cluster=Vincular Cluster
+label.action.manage.cluster=Gerenciar Cluster
+label.action.manage.cluster.processing=Gerenciando o Cluster....
 label.action.migrate.instance=Migrar Inst\u00e2ncia
 label.action.migrate.instance.processing=Migrando Inst\u00e2ncia....
 label.action.migrate.router=Migrar Roteador
@@ -216,8 +216,8 @@ label.action.remove.host.processing=Removendo Host....
 label.action.remove.host=Remover Host
 label.action.reset.password.processing=Recuperando a Senha....
 label.action.reset.password=Recuperar Senha
-label.action.resize.volume.processing=Resizing Volume....
-label.action.resize.volume=Resize Volume
+label.action.resize.volume.processing=Redimencionando Disco....
+label.action.resize.volume=Redimencionar Disco
 label.action.resource.limits=Limite de Recursos
 label.action.restore.instance.processing=Restaurando Inst\u00e2ncia...
 label.action.restore.instance=Restaurar Inst\u00e2ncia
@@ -256,7 +256,7 @@ label.add.account.to.project=Adicionar conta ao projeto
 label.add.ACL=Adicionar ACL
 label.add.acl.list=Adiciona Lista ACL
 label.add=Adicionar
-label.add.affinity.group=Adicionar um grupo de afinidade
+label.add.affinity.group=Adicionar novo grupo de afinidade
 label.add.baremetal.dhcp.device=Adiciona Dispositivo DHCP Baremetal
 label.add.BigSwitchVns.device=Adicionar BigSwitch Vns Controller
 label.add.BrocadeVcs.device=Adicionar Brocade Vcs Switch
@@ -266,23 +266,23 @@ label.add.by.group=Adicionar por Grupo
 label.add.ciscoASA1000v=Adicone Recurso CiscoASA1000v
 label.add.cluster=Adicionar Cluster
 label.add.compute.offering=Adicionar oferta de computa\u00e7\u00e3o
-label.add.direct.iprange=Add Direct Ip Range
+label.add.direct.iprange=Adicionar Range de IPs
 label.add.disk.offering=Adicionar Oferta de Disco
 label.add.domain=Adicionar Dom\u00ednio
 label.added.brocade.vcs.switch=Adicionado novo Brocade Vcs Switch
 label.added.new.bigswitch.vns.controller=Adicionado BigSwitch VNS Controller
 label.added.nicira.nvp.controller=Adicionado nova Controladora Nicira NVP
-label.add.egress.rule=Adicionar regra egress
+label.add.egress.rule=Adicionar regra de sa\u00edda
 label.addes.new.f5=Adicionado novo F5
 label.add.F5.device=Adicionar dispositivo F5
-label.add.firewall=Adicionar regra de Firewall
+label.add.firewall=Adicionar regra de firewall
 label.add.gslb=Adicionar GSLB
 label.add.guest.network=Adicionar rede guest
 label.add.host=Adicionar Host
 label.adding=Adicionando
 label.adding.cluster=Adicionando Cluster
 label.adding.failed=Falha ao Adicionar
-label.adding.pod=Adicionando POD
+label.adding.pod=Adicionando Pod
 label.adding.processing=Adicionando....
 label.add.ingress.rule=Adicionar Regra de Entrada
 label.adding.succeeded=Adicionado com Sucesso
@@ -290,25 +290,25 @@ label.adding.user=Adicionando Usu\u00e1rio
 label.adding.zone=Adicionando Zona
 label.add.intermediate.certificate=Adicionar certificado intermedi\u00e1rio
 label.add.internal.lb=Adiciona LB Interno
-label.add.ip.range=Adicionar Range de IP
+label.add.ip.range=Adicionar Range de IPs
 label.add.isolated.guest.network=Adiciona Rede Guest Isolada
 label.add.isolated.network=Adiciona Rede Isolada
 label.additional.networks=Redes Adicionais
 label.add.LDAP.account=Adicionar Conta LDAP
 label.add.list.name=Nome de Lista ACL
 label.add.load.balancer=Adicionar Balanceador de Carga
-label.add.more=Adicionar Mais
+label.add.more=Adicionar mais
 label.add.netScaler.device=Adicionar dispositivo Netscaler
 label.add.network.ACL=Adicione ACL de rede
 label.add.network.acl.list=Adicionar Lista de ACL de Rede
 label.add.network=Adicionar Rede
 label.add.network.device=Adicionar Dispositivo de Rede
 label.add.network.offering=Adicionar oferta de rede
-label.add.new.F5=Adicionar um novo F5
+label.add.new.F5=Adicionar novo F5
 label.add.new.gateway=Adicionar novo gateway
-label.add.new.NetScaler=Adicionar um novo NetScaler
+label.add.new.NetScaler=Adicionar novo NetScaler
 label.add.new.PA=Adicionar novo Palo Alto
-label.add.new.SRX=Adicionar um novo SRX
+label.add.new.SRX=Adicionar novo SRX
 label.add.new.tier=Adicionar nova camada
 label.add.nfs.secondary.staging.store=Adiciona Armazenamento NFS de Est\u00e1gio Secund\u00e1rio
 label.add.NiciraNvp.device=Adicionar Controlador Nvp
@@ -316,8 +316,8 @@ label.add.NuageVsp.device=Adicionar Nuage Virtualized Services Directory (VSD)
 label.add.OpenDaylight.device=Adiciona Controlador OpenDaylight
 label.add.PA.device=Adicionar dispositivo Palo Alto
 label.add.physical.network=Adicionar rede f\u00edsica
-label.add.pod=Adicionar POD
-label.add.portable.ip.range=Adicionar Faixa de Endere\u00e7os IPs Port\u00e1veis 
+label.add.pod=Adicionar Pod
+label.add.portable.ip.range=Adicionar Faixa de Endere\u00e7os IPs Port\u00e1veis
 label.add.port.forwarding.rule=Adicionar regra de encaminhamento de porta
 label.add.primary.storage=Adicionar Storage Prim\u00e1rio
 label.add.region=Adicionar Regi\u00e3o
@@ -325,12 +325,12 @@ label.add.resources=Adicionar Recursos
 label.add.route=Adicionar rota
 label.add.rule=Adicionar regra
 label.add.secondary.storage=Adicionar Storage Secund\u00e1rio
-label.add.security.group=Adicionar Security Group
-label.add.service.offering=Adicionar Plano
+label.add.security.group=Adicionar Grupo de Seguran\u00e7a
+label.add.service.offering=Adicionar Oferta de Servi\u00e7o
 label.add.SRX.device=Adicionar dispositivo SRX
 label.add.static.nat.rule=Adicionar regra de NAT est\u00e1tico
 label.add.static.route=Adicionar rota est\u00e1tica
-label.add.system.service.offering=Adicionar Plano para VM de Sistema
+label.add.system.service.offering=Adicionar Oferta de Servi\u00e7o para VM de Sistema
 label.add.template=Adicionar Template
 label.add.to.group=Adicionar ao grupo
 label.add.ucs.manager=Adiciona Gerenciador UCS
@@ -339,7 +339,7 @@ label.add.vlan=Adicionar VLAN
 label.add.vm=Adicionar VM
 label.add.vms=Adicionar VMs
 label.add.vms.to.lb=Adicionar VM(s) na regra de balanceamento de carga
-label.add.VM.to.tier=Adicionar m\u00e1quina virtual \u00e0 camada
+label.add.VM.to.tier=Adicionar VM \u00e0 camada
 label.add.vmware.datacenter=Adicionar Datacenter VMware
 label.add.vnmc.device=Adiciona dispositivo VNMC
 label.add.vnmc.provider=Adiciona provedor VNMC
@@ -375,7 +375,7 @@ label.anti.affinity=Anti-afinidade
 label.anti.affinity.group=Grupo de Anti-afinidade
 label.anti.affinity.groups=Grupos de Anti-afinidade
 label.api.key=API Key
-label.api.version=Ver\u00e3o da API
+label.api.version=Vers\u00e3o da API
 label.apply=Aplicar
 label.app.name=CloudStack
 label.archive.alerts=Guardar alertas
@@ -393,8 +393,8 @@ label.attached.iso=Imagem ISO Plugada
 label.author.email=E-mail do autor
 label.author.name=Nome do autor
 label.autoscale=Escalonamento Autom\u00e1tico
-label.availability=Availability
-label.availability.zone=Datacenter
+label.availability=Disponibilidade
+label.availability.zone=Zona de disponibilidade
 label.available=Dispon\u00edvel
 label.available.public.ips=IP P\u00fablico Dispon\u00edvel
 label.back=Voltar
@@ -407,7 +407,7 @@ label.baremetal.pxe.provider=Provedor PXE Baremetal
 label.basic=B\u00e1sico
 label.basic.mode=Modo B\u00e1sico
 label.bigswitch.controller.address=Endere\u00e7o do Controlador BigSwitch Vns
-label.bigswitch.vns.details=Detalhes do 
+label.bigswitch.vns.details=Detalhes do
 label.blade.id=ID da L\u00e2mina
 label.blades=L\u00e2minas
 label.bootable=Inicializ\u00e1vel
@@ -418,25 +418,25 @@ label.broadcasturi=url de broadcast
 label.broadcat.uri=URI de broadcast
 label.brocade.vcs.address=Endere\u00e7o do Vcs Switch
 label.brocade.vcs.details=Detalhes do Brocade Vcs Switch
-label.by.account=por Conta
+label.by.account=Por Conta
 label.by.alert.type=Por tipo de alerta
-label.by.availability=By Availability
+label.by.availability=By Disponibilidade
 label.by.date.end=Por data (final)
 label.by.date.start=Por data (in\u00edcio)
-label.by.domain=por Dom\u00ednio
-label.by.end.date=por Data Final
+label.by.domain=Por Dom\u00ednio
+label.by.end.date=Por Data Final
 label.by.event.type=Por tipo de evento
-label.by.level=por N\u00edvel
-label.by.pod=por Pod
-label.by.role=por Fun\u00e7\u00e3o
-label.by.start.date=por Data Inicial
-label.by.state=por estado
+label.by.level=Por N\u00edvel
+label.by.pod=Por Pod
+label.by.role=Por Fun\u00e7\u00e3o
+label.by.start.date=Por Data Inicial
+label.by.state=Por Estado
 label.bytes.received=Bytes Recebidos
 label.bytes.sent=Bytes Enviados
-label.by.traffic.type=por Tipo de Tr\u00e1fego
-label.by.type.id=por Tipo de ID
+label.by.traffic.type=Por Tipo de Tr\u00e1fego
+label.by.type.id=Por Tipo de ID
 label.by.type=Por Tipo
-label.by.zone=por Zona
+label.by.zone=Por Zona
 label.cache.mode=Tipo do cache de escrita
 label.cancel=Cancelar
 label.capacity.bytes=Capacidade de Bytes
@@ -448,7 +448,7 @@ label.change.service.offering=Alterar oferta de servi\u00e7o
 label.change.value=Alterar valor
 label.character=Caracter
 label.chassis=Chassis
-label.cidr.account=CIDR ou Conta/Security Group
+label.cidr.account=CIDR ou Conta/Grupo de Seguran\u00e7a
 label.cidr=CIDR
 label.cidr.list=CIDR de Origem
 label.CIDR.list=Lista CIDR
@@ -460,7 +460,7 @@ label.ciscovnmc.resource.details=Detalhes de recurso CiscoVNMC
 label.clean.up=Limpar
 label.clear.list=Limpar lista
 label.close=Fechar
-label.cloud.console=Console de Gerenciamento da Nuvem
+label.cloud.console=Console de Gerenciamento
 label.cloud.managed=Cloud.com Managed
 label.cluster=Cluster
 label.cluster.name=Nome do Cluster
@@ -472,11 +472,11 @@ label.community=Comunidade
 label.compute.and.storage=Processamento e Armazenamento
 label.compute=Computa\u00e7\u00e3o
 label.compute.offering=Oferta de Computa\u00e7\u00e3o
-label.compute.offerings=Oferta de Computa\u00e7\u00e3o
+label.compute.offerings=Ofertas de Computa\u00e7\u00e3o
 label.configuration=Configura\u00e7\u00e3o
 label.configure=Configurar
 label.configure.ldap=Configurar LDAP
-label.configure.network.ACLs=Configure ACLs de rede
+label.configure.network.ACLs=Configurar ACLs de rede
 label.configure.vpc=Configurar VPC
 label.confirmation=Confirma\u00e7\u00e3o
 label.confirm.password=Confirme a senha
@@ -499,21 +499,21 @@ label.cpu.utilized=CPU Utilizada
 label.created.by.system=Criado pelo sistema
 label.created=Criado
 label.create.nfs.secondary.staging.storage=Cria Armazenamento NFS de Est\u00e1gio Secund\u00e1rio
-label.create.nfs.secondary.staging.store=Criar storage staging secund\u00e1rio NFS
-label.create.project=Criar um projeto
+label.create.nfs.secondary.staging.store=Criar staging para storage secund\u00e1rio NFS
+label.create.project=Criar projeto
 label.create.template=Criar template
 label.create.VPN.connection=Criar uma conex\u00e3o VPN
 label.cross.zones=Inter Zonas
 label.custom=Customizado
 label.custom.disk.iops=IOPS personalizado
-label.custom.disk.size=Tamanho Customizado
+label.custom.disk.size=Tamanho de Disco Customizado
 label.daily=Di\u00e1rio
-label.data.disk.offering=Oferta de Disco Adicional
+label.data.disk.offering=Oferta para Disco de Dados
 label.date=Data
 label.day.of.month=Dia do M\u00eas
 label.day.of.week=Dia da Semana
 label.dc.name=Nome do DC
-label.dead.peer.detection=Detec\u00e7\u00e3o de correspondente morto
+label.dead.peer.detection=Detec\u00e7\u00e3o de falha no Peer
 label.decline.invitation=Rejeitar convite
 label.dedicate.cluster=Dedica Cluster
 label.dedicated=Dedicado
@@ -536,7 +536,7 @@ label.delete.ciscoASA1000v=Apaga CiscoASA1000v
 label.delete.ciscovnmc.resource=Apaga recurso CiscoVNMC
 label.delete.events=Remover eventos
 label.delete.F5=Remover F5
-label.delete.gateway=delete gateway
+label.delete.gateway=Remover gateway
 label.delete.internal.lb=Apaga LB Interno
 label.delete.NetScaler=Remover NetScaler
 label.delete.NiciraNvp=Remover Controlador Nvp
@@ -545,19 +545,19 @@ label.delete.OpenDaylight.device=Apaga Controladora OpenDaylight
 label.delete.PA=Remover Palo Alto
 label.delete.portable.ip.range=Deletar Endere\u00e7os IPs Port\u00e1teis
 label.delete.profile=Apaga Perfil
-label.delete.project=Deletar projeto
+label.delete.project=Remover projeto
 label.delete=Remover
 label.delete.secondary.staging.store=Apaga Armazenamento de Est\u00e1gio Secund\u00e1rio
 label.delete.SRX=Remover SRX
 label.delete.ucs.manager=Apaga Gerenciador UCS
-label.delete.VPN.connection=deletar a conex\u00e3o VPN
-label.delete.VPN.customer.gateway=deletar gateway de VPN de usu\u00e1rio
-label.delete.VPN.gateway=deletar um gateway de VPN
-label.delete.vpn.user=Deletar usu\u00e1rio VPN
+label.delete.VPN.connection=Remover conex\u00e3o VPN
+label.delete.VPN.customer.gateway=Remover gateway de VPN de usu\u00e1rio
+label.delete.VPN.gateway=Remover gateway de VPN
+label.delete.vpn.user=Remover usu\u00e1rio VPN
 label.deleting.failed=Falha ao remover
 label.deleting.processing=Removendo....
 label.deny=Negar
-label.deployment.planner=Deployment planejado
+label.deployment.planner=Modo do deploy
 label.description=Descri\u00e7\u00e3o
 label.destination.physical.network.id=ID de destino da rede f\u00edsica
 label.destination.zone=Zona de Destino
@@ -571,15 +571,15 @@ label.devices=Dispositivos
 label.dhcp=DHCP
 label.DHCP.server.type=Tipo de Servidor DHCP
 label.direct.attached.public.ip=IP P\u00fablico Conectado Diretamente
-label.direct.ips=IPs Diretos
+label.direct.ips=IPs Compartilhados
 label.disable.autoscale=Desabilita Auto-escala
 label.disabled=Desativado
 label.disable.host=Desabilita Host
 label.disable.network.offering=Desabilita oferta de rede
-label.disable.provider=Desabilitar Provider
+label.disable.provider=Desabilitar Provedor
 label.disable.vnmc.provider=Habilita provedor VNMC
 label.disable.vpc.offering=Desabilitar oferta VPC
-label.disable.vpn=Desabilitar VPN
+label.disable.vpn=Desabilitar VPN de Acesso Remoto
 label.disabling.vpn.access=Desativando Acesso VPN
 label.disassociate.profile.blade=Desassocia Perfil de L\u00e2mina
 label.disbale.vnmc.device=Desabilita dispositivo VNMC
@@ -595,7 +595,7 @@ label.disk.offering=Oferta de Disco
 label.disk.provisioningtype=Tipo de Provisionamento
 label.disk.read.bytes=Leitura do Disco (Bytes)
 label.disk.read.io=Leitura do Disk (I/O)
-label.disk.size.gb=Tamanho (em GB)
+label.disk.size.gb=Tamanho do Disco (em GB)
 label.disk.size=Tamanho do Disco
 label.disk.total=Disco Total
 label.disk.volume=Disco
@@ -607,7 +607,7 @@ label.distributedrouter=Roteador Distribuido
 label.dns.1=DNS 1
 label.dns.2=DNS 2
 label.dns=DNS
-label.DNS.domain.for.guest.networks=Dom\u00ednio DNS para redes h\u00f3spedes
+label.DNS.domain.for.guest.networks=Dom\u00ednio DNS para redes Guests
 label.domain.admin=Administrador de Dom\u00ednio
 label.domain=Dom\u00ednio
 label.domain.id=ID do Dom\u00ednio
@@ -615,7 +615,7 @@ label.domain.lower=dom\u00ednio
 label.domain.name=Nome do Dom\u00ednio
 label.domain.router=Roteador do Dom\u00ednio
 label.domain.suffix=Sufixo de Dom\u00ednio DNS (ex. xyz.com)
-label.done=Pronto
+label.done=Conclu\u00eddo
 label.double.quotes.are.not.allowed=Aspas duplas n\u00e3o s\u00e3o permitidas
 label.download.progress=Status do Download
 label.drag.new.position=Arrastar para uma nova posi\u00e7\u00e3o
@@ -631,8 +631,8 @@ label.edit.region=Editar Regi\u00e3o
 label.edit.tags=Edite etiquetas
 label.edit.traffic.type=Editar tipo de tr\u00e1fego
 label.edit.vpc=Editar VPC
-label.egress.default.policy=Pol\u00edtica de Entrada Padr\u00e3o
-label.egress.rule=Regra Egress
+label.egress.default.policy=Pol\u00edtica de de Sa\u00edda Padr\u00e3o
+label.egress.rule=Regra de sa\u00edda
 label.egress.rules=Regras de sa\u00edda
 label.elastic=El\u00e1stico
 label.elastic.IP=IP El\u00e1stico
@@ -642,19 +642,19 @@ label.email.lower=email
 label.enable.autoscale=Habilita Auto-escala
 label.enable.host=Habilita Host
 label.enable.network.offering=Habilita oferta de rede
-label.enable.provider=Habilitar provider
-label.enable.s3=Habilita storage secund\u00e1ria fornecida por S3
-label.enable.swift=Habilitar Swift
+label.enable.provider=Ativar provedor
+label.enable.s3=Ativar Storage Secund\u00e1rio fornecido via S3
+label.enable.swift=Ativar Swift
 label.enable.vnmc.device=Habilita dispositivo VNMC
 label.enable.vnmc.provider=Habilita provedor VNMC
 label.enable.vpc.offering=Habilitar oferta VPC
-label.enable.vpn=Habilitar VPN
+label.enable.vpn=Ativar VPN de Acesso Remoto
 label.enabling.vpn.access=Ativando Acesso VPN
 label.enabling.vpn=Ativando VPN
-label.end.IP=IP do fim
-label.endpoint.or.operation=Endpoint or Operation
-label.endpoint=Ponto de acesso
-label.end.port=Porta Final
+label.end.IP=IP final
+label.endpoint=Endpoint
+label.endpoint.or.operation=Endpoint ou Opera\u00e7\u00e3o
+label.end.port=Porta final
 label.end.reserved.system.IP=Fim dos IPs reservados para o sistema
 label.end.vlan=VLAN final
 label.end.vxlan=VXLAN final
@@ -669,14 +669,14 @@ label.ESP.policy=Pol\u00edtica ESP
 label.esx.host=ESX/ESXi Host
 label.event.archived=Evento Arquivado
 label.event.deleted=Evento Detectado
-label.example=Examplo
+label.example=Exemplo
 label.expunge=Eliminar
 label.external.link=Link externo
 label.extractable=Extra\u00edvel
 label.f5.details=Detalhes do F5
 label.f5=F5
 label.failed=Falhou
-label.featured=Featured
+label.featured=Destaque
 label.fetch.latest=Obter \u00faltimos
 label.filterBy=Filtrar por
 label.firewall=Firewall
@@ -684,16 +684,16 @@ label.firstname.lower=primeiro nome
 label.first.name=Primeiro Nome
 label.format=Formato
 label.friday=Sexta-feira
-label.full=Full
-label.full.path=Path completo
+label.full=Cheio
+label.full.path=Caminho completo
 label.gateway=Gateway
 label.general.alerts=Alertas Gerais
 label.generating.url=Criando URL
 label.gluster.volume=Disco
-label.go.step.2=V\u00e1 para passo 2
-label.go.step.3=V\u00e1 para passo 3
-label.go.step.4=V\u00e1 para passo 4
-label.go.step.5=V\u00e1 para passo 5
+label.go.step.2=V\u00e1 para o passo 2
+label.go.step.3=V\u00e1 para o passo 3
+label.go.step.4=V\u00e1 para o passo 4
+label.go.step.5=V\u00e1 para o passo 5
 label.gpu=CPU
 label.group.by.account=Agrupamento por conta
 label.group.by.cluster=Agrupamento por cluster
@@ -714,17 +714,17 @@ label.gslb.service.private.ip=Servi\u00e7o GSLB - IP Privado
 label.gslb.service.public.ip=Servi\u00e7o GSLB - IP P\u00fablico
 label.gslb.service=Servi\u00e7o GSLB
 label.gslb.servicetype=Tipo do Servi\u00e7o
-label.guest.cidr=CIDR de rede Convidado
-label.guest.end.ip=IP do fim do guest
-label.guest.gateway=Gateway de rede Convidado
+label.guest.cidr=CIDR de rede Guest
+label.guest.end.ip=IP final do Guest
+label.guest.gateway=Gateway de rede Guest
 label.guest=Guest
 label.guest.ip=Endere\u00e7o IP Convidado
-label.guest.ip.range=Intervalo de rede convidado
+label.guest.ip.range=Intervalo de IPs para Guest
 label.guest.netmask=M\u00e1scara de rede Guest
 label.guest.network.details=Detalhes de rede convidada
 label.guest.networks=Redes Guest
-label.guest.start.ip=IP de in\u00edcio do guest
-label.guest.traffic=Tr\u00e1fego de h\u00f3spedes
+label.guest.start.ip=IP inicial do Guest
+label.guest.traffic=Tr\u00e1fego de Guests
 label.guest.traffic.vswitch.name=Nome do vSwitch de Tr\u00e1fego Convidado
 label.guest.traffic.vswitch.type=Tipo de vSwitch de Tr\u00e1fego Convidado
 label.guest.type=Tipo de Guest
@@ -735,21 +735,21 @@ label.healthy.threshold=Limiar de Salubridade
 label.help=Ajuda
 label.hide.ingress.rule=Ocultar Regra de Entrada
 label.hints=Dicas
-label.home=Home
+label.home=In\u00edcio
 label.host.alerts=Alertas de Host
 label.host=Host
 label.host.MAC=Host MAC
 label.host.name=Host Name
 label.hosts=Hosts
-label.host.tags=Tags de Host
+label.host.tags=Etiquetas de Host
 label.hourly=A cada hora
 label.hvm=HVM
-label.hypervisor.capabilities=Recursos de Virtualizador
-label.hypervisor=Hipervisor
+label.hypervisor.capabilities=Recursos de Hypervisor
+label.hypervisor=Hypervisor
 label.hypervisors=Hypervisors
 label.hypervisor.snapshot.reserve=Reserva de Snapshot do Hypervisor
 label.hypervisor.type=Tipo do Hypervisor
-label.hypervisor.version=Vers\u00e3o de Virtualizador
+label.hypervisor.version=Vers\u00e3o de Hypervisor
 label.hyperv.traffic.label=R\u00f3tulo de tr\u00e1fego HyperV
 label.id=ID
 label.IKE.DH=DH IKE
@@ -764,13 +764,13 @@ label.initiated.by=Iniciado por
 label.inside.port.profile=Perfil de Porta Interna
 label.installWizard.addClusterIntro.subtitle=O que \u00e9 um cluster?
 label.installWizard.addClusterIntro.title=Vamos adicionar um cluster
-label.installWizard.addHostIntro.subtitle=O que \u00e9 um Host ?
+label.installWizard.addHostIntro.subtitle=O que \u00e9 um Host?
 label.installWizard.addHostIntro.title=Vamos adicionar um host
-label.installWizard.addPodIntro.subtitle=O que \u00e9 um pod ?
+label.installWizard.addPodIntro.subtitle=O que \u00e9 um pod?
 label.installWizard.addPodIntro.title=Vamos adicionar um pod
-label.installWizard.addPrimaryStorageIntro.subtitle=Qual \u00e9 o storage prim\u00e1rio ?
+label.installWizard.addPrimaryStorageIntro.subtitle=Qual \u00e9 o storage prim\u00e1rio?
 label.installWizard.addPrimaryStorageIntro.title=Vamos adicionar o storage prim\u00e1rio
-label.installWizard.addSecondaryStorageIntro.subtitle=Qual \u00e9 o storage secund\u00e1rio ?
+label.installWizard.addSecondaryStorageIntro.subtitle=Qual \u00e9 o storage secund\u00e1rio?
 label.installWizard.addSecondaryStorageIntro.title=Vamos adicionar o storage secund\u00e1rio
 label.installWizard.addZoneIntro.subtitle=O que \u00e9 uma zona?
 label.installWizard.addZoneIntro.title=Vamos adicionar uma zona
@@ -793,7 +793,7 @@ label.internallbvm=LbVm Interno
 label.internal.name=Nome interno
 label.interval.type=Tipo de Intervalo
 label.introduction.to.cloudstack=Introdu\u00e7\u00e3o ao CloudStack&\#8482
-label.invalid.integer=Invalid Integer
+label.invalid.integer=Inteiro inv\u00e1lido
 label.invalid.number=N\u00famero inv\u00e1lido
 label.invitations=Convites
 label.invite=Convidar
@@ -805,8 +805,8 @@ label.ip.allocations=Aloca\u00e7\u00f5es de IP
 label.ip=IP
 label.ip.limits=Limites de IP P\u00fablico
 label.ip.or.fqdn=IP ou FQDN
-label.ip.range=Range de IP
-label.ip.ranges=Ranges de IP
+label.ip.range=Intervalo de IP
+label.ip.ranges=Intervalos de IPs
 label.IPsec.preshared.key=Chave IPSec pr\u00e9 compartilhada
 label.ips=IPs
 label.ipv4.cidr=CIDR IPv4
@@ -833,7 +833,7 @@ label.isolation.mode=Modo Isolado
 label.isolation.uri=URI de isolamento
 label.is.redundant.router=Redundante
 label.is.shared=\u00c9 Compartilhado
-label.is.system=\u00e9 um sistema
+label.is.system=\u00c9 um Sistema
 label.item.listing=Listar items
 label.keep=Manter
 label.keyboard.type=Tipo de Teclado
@@ -841,22 +841,22 @@ label.key=Chave
 label.kvm.traffic.label=Etiqueta de tr\u00e1fego KVM
 label.label=Etiqueta
 label.lang.arabic=Arabe
-label.lang.brportugese=Portugu\u00eas brasileiro
+label.lang.brportugese=Portugu\u00eas Brasileiro
 label.lang.catalan=Catal\u00e3o
-label.lang.chinese=Chinese (Simplified)
+label.lang.chinese=Chinese (Simplificado)
 label.lang.dutch=Holand\u00eas (Holanda)
-label.lang.english=English
+label.lang.english=Ingl\u00eas
 label.lang.french=Franc\u00eas
 label.lang.german=Alem\u00e3o
 label.lang.hungarian=H\u00fangaro
 label.lang.italian=Italiano
-label.lang.japanese=Japanese
+label.lang.japanese=Japones
 label.lang.korean=Coreano
 label.lang.norwegian=Noruegu\u00eas
 label.lang.polish=Polon\u00eas
 label.lang.russian=Russo
-label.lang.spanish=Spanish
-label.last.disconnected=Last Disconnected
+label.lang.spanish=Espanhol
+label.last.disconnected=\u00daltima desconex\u00e3o
 label.lastname.lower=\u00faltimo nome
 label.last.name=\u00daltimo Nome
 label.latest.events=\u00daltimos eventos
@@ -878,7 +878,7 @@ label.load.balancing=Balanceamento de Carga
 label.load.balancing.policies=Pol\u00edticas de balanceamento de carga
 label.loading=Carregando
 label.local=Local
-label.local.storage.enabled=Habilitar storage local para VMs de usu\u00e1rios
+label.local.storage.enabled=Ativar storage local para VMs de usu\u00e1rios
 label.local.storage.enabled.system.vms=Habilitar storage local para VMs de Sistema
 label.local.storage=Storage Local
 label.login=Entrar
@@ -886,26 +886,26 @@ label.logout=Sair
 label.lun=LUN
 label.LUN.number=LUN \#
 label.lxc.traffic.label=R\u00f3tulo de tr\u00e1fego LXC
-label.make.project.owner=Criar propriet\u00e1rio de conta de projeto
+label.make.project.owner=Definir conta propriet\u00e1ria de projeto
 label.managed=Gerenciado
 label.manage=Gerenciar
 label.management=Gerenciamento
 label.management.ips=Gerenciamento de Endere\u00e7os IP
 label.management.server=Servidor de Gerenciamento
 label.manage.resources=Gerenciar Recursos
-label.max.cpus=M\u00e1ximo de cores de CPU
-label.max.guest.limit=Limite m\u00e1x. de guest
+label.max.cpus=M\u00e1ximo de CPU cores
+label.max.guest.limit=Limite m\u00e1x. de guests
 label.maximum=M\u00e1ximo
 label.max.instances=Inst\u00e2ncias Max
 label.max.memory=M\u00e1x. de mem\u00f3ria (MiB)
 label.max.networks=M\u00e1x. de redes
-label.max.primary.storage=M\u00e1x. prim\u00e1rio (GiB)
+label.max.primary.storage=M\u00e1x. storage prim\u00e1rio (GiB)
 label.max.public.ips=M\u00e1x. IPs p\u00fablicos
-label.max.secondary.storage=Max. Secund\u00e1rio (GiB)
+label.max.secondary.storage=Max. storage secund\u00e1rio (GiB)
 label.max.snapshots=Max. snapshots
 label.max.templates=M\u00e1x. templates
 label.max.vms=M\u00e1x. VMs de usu\u00e1rio
-label.max.volumes=M\u00e1x. volumes
+label.max.volumes=M\u00e1x. discos
 label.max.vpcs=M\u00e1x. VPCs
 label.may.continue=Voc\u00ea pode continuar agora
 label.md5.checksum=MD5 checksum
@@ -927,10 +927,10 @@ label.menu.destroyed.instances=Inst\u00e2ncias Apagadas
 label.menu.disk.offerings=Oferta de Discos
 label.menu.domains=Dom\u00ednios
 label.menu.events=Eventos
-label.menu.featured.isos=ISOs Customizada
-label.menu.featured.templates=Templates Customizados
+label.menu.featured.isos=ISOs em Destaque
+label.menu.featured.templates=Templates em Destaque
 label.menu.global.settings=Configura\u00e7\u00f5es Globais
-label.menu.infrastructure=Infra-estrutura
+label.menu.infrastructure=Infraestrutura
 label.menu.instances=Inst\u00e2ncias
 label.menu.ipaddresses=Endere\u00e7os IP
 label.menu.isos=ISOs
@@ -940,10 +940,10 @@ label.menu.my.isos=Minhas ISOs
 label.menu.my.templates=Meus Templates
 label.menu.network.offerings=Oferta de Rede
 label.menu.network=Rede
-label.menu.physical.resources=Recursos B\u00e1\u00adsicos
+label.menu.physical.resources=Recursos F\u00edsicos
 label.menu.regions=Regi\u00f5es
-label.menu.running.instances=Inst\u00e2ncias Rodando
-label.menu.security.groups=Grupos de seguran\u00e7a
+label.menu.running.instances=Inst\u00e2ncias em Execu\u00e7\u00e3o
+label.menu.security.groups=Grupos de Seguran\u00e7a
 label.menu.service.offerings=Oferta de Servi\u00e7os
 label.menu.snapshots=Snapshots
 label.menu.stopped.instances=Inst\u00e2ncias Paradas
@@ -968,7 +968,7 @@ label.migrate.volume=Migrar Volume
 label.migrate.volume.to.primary.storage=Migrar volume para outro storage prim\u00e1rio
 label.minimum=M\u00ed\u00adnimo
 label.min.instances=Inst\u00e2ncias Min
-label.minute.past.hour=minuto(s) passado(s) da \u00faltima hora 
+label.minute.past.hour=minuto(s) passado(s) da \u00faltima hora
 label.mode=Modo
 label.monday=Segunda
 label.monthly=Mensal
@@ -1092,7 +1092,7 @@ label.PING.CIFS.username=PING CIFS username
 label.PING.dir=PING Directory
 label.ping.path=Caminho do Ping
 label.PING.storage.IP=Disparar PING para IP do Storage
-label.planner.mode=Modo planejado
+label.planner.mode=Modo do plano
 label.please.specify.netscaler.info=Por favor especifique as informa\u00e7\u00f5es do Netscaler
 label.please.wait=Por Favor Aguarde
 label.plugin.details=Detalhes do plugin
@@ -1247,8 +1247,8 @@ label.s3.bucket=Balde
 label.s3.connection_timeout=Tempo limite de conex\u00e3o
 label.s3.endpoint=Ponto de acesso
 label.s3.max_error_retry=Limite de tentativas de recupera\u00e7\u00e3o de erro
-label.s3.nfs.path=Caminho NFS S3
-label.s3.nfs.server=Servidor NFS S3
+label.s3.nfs.path=Caminho S3 NFS
+label.s3.nfs.server=Servidor S3 NFS
 label.s3.secret_key=Chave Secreta
 label.s3.socket_timeout=Tempo limite no socket
 label.s3.use_https=Use HTTPS
@@ -1320,7 +1320,7 @@ label.snapshot.s=Snapshot(s)
 label.snapshots=Snapshots
 label.SNMP.community=Comunidade SNMP
 label.SNMP.port=Porta SNMP
-label.sockets=Sockets
+label.sockets=CPU Sockets
 label.source.ip.address=Endere\u00e7o IP de origem
 label.source.nat=Source NAT
 label.source.nat.supported=SourceNAT Supportado
@@ -1485,7 +1485,7 @@ label.view.all=Visualizar tudo
 label.view.console=Visualizar Console
 label.viewing=Visualizar
 label.view.more=Ver mais
-label.view.secondary.ips=Visualizar os IPs secund\u00e1rios
+label.view.secondary.ips=Visualizar IPs secund\u00e1rios
 label.view=Visualizar
 label.virtual.appliance=Appliance Virtual
 label.virtual.appliance.details=Detalhes de appliance virtual
@@ -1596,7 +1596,7 @@ label.zoneWizard.trafficType.public=P\u00fablico\: tr\u00e1fego entre a internet
 label.zoneWizard.trafficType.storage=Storage\: tr\u00e1fego entre servidores de storage prim\u00e1ria e secund\u00e1ria, tais como templates de m\u00e1quinas virtuais e snapshots
 label.zone=Zona
 managed.state=Status do Gerenciamento
-message.acquire.ip.nic=Por favor, confirme que voc\u00ea deseja adquirir um novo IP secund\u00e1rio para esta Interface de Rede.</br>NOTA\: Voc\u00ea precisa configurar manualmente o novo IP secund\u00e1rio dentro da maquinas virtual.
+message.acquire.ip.nic=Por favor, confirme que voc\u00ea deseja adquirir um novo IP secund\u00e1rio para esta Interface de Rede.</br>NOTA\: Voc\u00ea precisa configurar manualmente o novo IP secund\u00e1rio dentro da maquina virtual.
 message.acquire.new.ip=Por favor confirme que voc\u00ea gostaria de adquirir um novo IP para esta rede.
 message.acquire.new.ip.vpc=Por favor confirme que voc\u00ea gostaria de adquirir um novo IP para esta VPC.
 message.acquire.public.ip=Selecione a zona de onde voc\u00ea deseja adquirir o novo IP
@@ -1699,7 +1699,7 @@ message.add.system.service.offering=Por favor preencha os dados abaixo para adic
 message.add.template=Entre com os dados para criar um novo template.
 message.add.volume=Entre com os dados para criar um novo disco.
 message.add.VPN.gateway=Favor confirmar que voc\u00ea deseja adicionar um gateway de VPN
-message.admin.guide.read=Para VMs baseadas em VMware, por favor leia a sess\u00e3o sobre escalonamento din\u00e2mico no guia do administrador antes de escalonar. Voc\u00ea gostaria de continuar?
+message.admin.guide.read=Para VMs baseadas em VMware, por favor leia a sess\u00e3o sobre escalonamento din\u00e2mico no guia do administrador antes de escalonar. Voc\u00ea gostaria de continuar?\\,
 message.advanced.mode.desc=Escolhe este modelo de rede se deseja ter habilitar o suporte a VLAN. Este modelo permite maior flexibilidade ao administrador ao permitir ofertas de rede customizada, firewall, vpn ou load balancer bem como acesso via rede virtual ou acesso direto.
 message.advanced.security.group=Escolha esta op\u00e7\u00e3o se desejar utilizar Security Groups para isolamento das VMs guest.
 message.advanced.virtual=Escolha esta op\u00e7\u00e3o se desejar utilizar VLANs para isolamento das VMs guest.
diff --git a/client/WEB-INF/classes/resources/messages_zh_CN.properties b/client/WEB-INF/classes/resources/messages_zh_CN.properties
index 718e415ccd..b0c31bb43e 100644
--- a/client/WEB-INF/classes/resources/messages_zh_CN.properties
+++ b/client/WEB-INF/classes/resources/messages_zh_CN.properties
@@ -1677,7 +1677,7 @@ message.add.system.service.offering=\u8bf7\u586b\u5199\u4ee5\u4e0b\u6570\u636e\u
 message.add.template=\u8bf7\u8f93\u5165\u4ee5\u4e0b\u6570\u636e\u4ee5\u521b\u5efa\u65b0\u6a21\u677f
 message.add.volume=\u8bf7\u586b\u5199\u4ee5\u4e0b\u6570\u636e\u4ee5\u6dfb\u52a0\u4e00\u4e2a\u65b0\u5377\u3002
 message.add.VPN.gateway=\u8bf7\u786e\u8ba4\u60a8\u786e\u5b9e\u8981\u6dfb\u52a0 VPN \u7f51\u5173
-message.admin.guide.read=\u5bf9\u4e8e\u57fa\u4e8e VMware \u7684 VM\uff0c\u8bf7\u5148\u9605\u8bfb\u7ba1\u7406\u6307\u5357\u4e2d\u7684\u52a8\u6001\u6269\u5c55\u90e8\u5206\uff0c\u7136\u540e\u518d\u8fdb\u884c\u6269\u5c55\u3002\u662f\u5426\u8981\u7ee7\u7eed?,
+message.admin.guide.read=\u5bf9\u4e8e\u57fa\u4e8e VMware \u7684 VM\uff0c\u8bf7\u5148\u9605\u8bfb\u7ba1\u7406\u6307\u5357\u4e2d\u7684\u52a8\u6001\u6269\u5c55\u90e8\u5206\uff0c\u7136\u540e\u518d\u8fdb\u884c\u6269\u5c55\u3002\u662f\u5426\u8981\u7ee7\u7eed?\\,
 message.advanced.mode.desc=\u5982\u679c\u8981\u542f\u7528 VLAN \u652f\u6301\uff0c\u8bf7\u9009\u62e9\u6b64\u7f51\u7edc\u6a21\u5f0f\u3002\u6b64\u7f51\u7edc\u6a21\u5f0f\u5728\u5141\u8bb8\u7ba1\u7406\u5458\u63d0\u4f9b\u9632\u706b\u5899\u3001VPN \u6216\u8d1f\u8f7d\u5e73\u8861\u5668\u652f\u6301\u7b49\u81ea\u5b9a\u4e49\u7f51\u7edc\u65b9\u6848\u4ee5\u53ca\u542f\u7528\u76f4\u63a5\u7f51\u7edc\u8fde\u63a5\u4e0e\u865a\u62df\u7f51\u7edc\u8fde\u63a5\u7b49\u65b9\u9762\u63d0\u4f9b\u4e86\u6700\u5927\u7684\u7075\u6d3b\u6027\u3002
 message.advanced.security.group=\u5982\u679c\u8981\u4f7f\u7528\u5b89\u5168\u7ec4\u63d0\u4f9b\u6765\u5bbe VM \u9694\u79bb\uff0c\u8bf7\u9009\u62e9\u6b64\u6a21\u5f0f\u3002
 message.advanced.virtual=\u5982\u679c\u8981\u4f7f\u7528\u6574\u4e2a\u8d44\u6e90\u57df\u7684 VLAN \u63d0\u4f9b\u6765\u5bbe VM \u9694\u79bb\uff0c\u8bf7\u9009\u62e9\u6b64\u6a21\u5f0f\u3002

From f5b51970488df6204508f7d2e6e8e7b03e865711 Mon Sep 17 00:00:00 2001
From: Mike Tutkowski <mike.tutkowski@solidfire.com>
Date: Tue, 1 Sep 2015 16:00:08 -0600
Subject: [PATCH 065/115] Support live migration on older version of Libvirt

---
 .../hypervisor/kvm/resource/LibvirtComputingResource.java   | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index ae48783ee6..01237980b2 100755
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -3096,8 +3096,12 @@ private Answer execute(MigrateCommand cmd) {
                                VIR_DOMAIN_XML_MIGRATABLE flag (value = 8)
                                https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainXMLFlags
 
+                               Use VIR_DOMAIN_XML_SECURE (value = 1) prior to v1.0.0.
+
              */
-            xmlDesc = dm.getXMLDesc(8).replace(_privateIp, cmd.getDestinationIp());
+            int xmlFlag = conn.getLibVirVersion() >= 1000000 ? 8 : 1; // 1000000 equals v1.0.0
+
+            xmlDesc = dm.getXMLDesc(xmlFlag).replace(_privateIp, cmd.getDestinationIp());
 
             dconn = new Connect("qemu+tcp://" + cmd.getDestinationIp() + "/system");
 

From 15ef2b114c942cfa714c5e1558e98f775442c0e2 Mon Sep 17 00:00:00 2001
From: Rene Moser <mail@renemoser.net>
Date: Fri, 4 Sep 2015 15:58:55 +0200
Subject: [PATCH 066/115] config: doc: add default value 10 in description for
 vm.network.nic.max.secondary.ipaddresses

value hardcoded by commit 4925b9f6a126454215531998c461bf376ac6ab67

(cherry picked from commit 0b956bbc1f198f72ad5a60ade21e42c0e23ec15c)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 server/src/com/cloud/configuration/Config.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index d4a77976c4..41a187237c 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -404,7 +404,7 @@ public enum Config {
     MaxNumberOfSecondaryIPsPerNIC(
             "Network", ManagementServer.class, Integer.class,
             "vm.network.nic.max.secondary.ipaddresses", "256",
-            "Specify the number of secondary ip addresses per nic per vm", null),
+            "Specify the number of secondary ip addresses per nic per vm. Default value 10 is used, if not specified.", null),
 
     EnableServiceMonitoring(
             "Network", ManagementServer.class, Boolean.class,

From 2b8fd2469f5dad54684c253560a1fa7fcebc5892 Mon Sep 17 00:00:00 2001
From: Wido den Hollander <wido@widodh.nl>
Date: Sun, 13 Sep 2015 15:30:20 +0200
Subject: [PATCH 067/115] CLOUDSTACK-8443: Support CentOS 7 for 4.5

This is based on two PRs:
- 731
- 757

This commit is based on the 4.5 branch for a future 4.5 release.
---
 agent/bindir/cloud-setup-agent.in             |   8 +-
 .../resource/LibvirtComputingResource.java    |  23 --
 python/lib/cloud_utils.py                     | 247 ++++++++----------
 python/lib/cloudutils/serviceConfig.py        |  11 +-
 python/lib/cloudutils/utilities.py            |  44 ++--
 scripts/vm/hypervisor/kvm/setup-cgroups.sh    |  52 ----
 setup/db/db/schema-421to430.sql               |   3 +-
 7 files changed, 145 insertions(+), 243 deletions(-)
 delete mode 100755 scripts/vm/hypervisor/kvm/setup-cgroups.sh

diff --git a/agent/bindir/cloud-setup-agent.in b/agent/bindir/cloud-setup-agent.in
index 9ec24994e5..e8f8f2f452 100755
--- a/agent/bindir/cloud-setup-agent.in
+++ b/agent/bindir/cloud-setup-agent.in
@@ -6,9 +6,9 @@
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
-# 
+#
 #   http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -65,7 +65,7 @@ def getUserInputs():
     if oldHypervisor == "":
         oldHypervisor = "kvm"
 
-    hypervisor = raw_input("Please input the Hypervisor type kvm/lxc:[%s]"%oldCluster)
+    hypervisor = raw_input("Please input the Hypervisor type kvm/lxc:[%s]"%oldHypervisor)
     if hypervisor == "":
         hypervisor = oldHypervisor
 
@@ -138,7 +138,7 @@ if __name__ == '__main__':
         glbEnv.nics.append(options.prvNic)
         glbEnv.nics.append(options.pubNic)
         glbEnv.nics.append(options.guestNic)
-        
+
     print "Starting to configure your system:"
     syscfg = sysConfigFactory.getSysConfigFactory(glbEnv)
     try:
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index c9242ea065..45acef0e5c 100755
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -312,7 +312,6 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
     private String _ovsPvlanVmPath;
     private String _routerProxyPath;
     private String _ovsTunnelPath;
-    private String _setupCgroupPath;
     private String _host;
     private String _dcId;
     private String _pod;
@@ -718,17 +717,6 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
             _hypervisorType = HypervisorType.KVM;
         }
 
-        //Verify that cpu,cpuacct cgroups are not co-mounted
-        if(HypervisorType.LXC.equals(getHypervisorType())){
-            _setupCgroupPath = Script.findScript(kvmScriptsDir, "setup-cgroups.sh");
-            if (_setupCgroupPath == null) {
-                throw new ConfigurationException("Unable to find the setup-cgroups.sh");
-            }
-            if(!checkCgroups()){
-                throw new ConfigurationException("cpu,cpuacct cgroups are co-mounted");
-            }
-        }
-
         _hypervisorURI = (String)params.get("hypervisor.uri");
         if (_hypervisorURI == null) {
             _hypervisorURI = LibvirtConnection.getHypervisorURI(_hypervisorType.toString());
@@ -5308,17 +5296,6 @@ public HypervisorType getHypervisorType(){
         return _hypervisorType;
     }
 
-    private boolean checkCgroups(){
-        final Script command = new Script(_setupCgroupPath, 5 * 1000, s_logger);
-        String result;
-        result = command.execute();
-        if (result != null) {
-            s_logger.debug("cgroup check failed:" + result);
-            return false;
-        }
-        return true;
-    }
-
     public String mapRbdDevice(KVMPhysicalDisk disk){
         KVMStoragePool pool = disk.getPool();
         //Check if rbd image is already mapped
diff --git a/python/lib/cloud_utils.py b/python/lib/cloud_utils.py
index 243bb408d4..b01cd9c1a2 100644
--- a/python/lib/cloud_utils.py
+++ b/python/lib/cloud_utils.py
@@ -6,9 +6,9 @@
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
-# 
+#
 #   http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -18,7 +18,7 @@
 
 
 
- 
+
 
 # -*- coding: utf-8 -*-
 """CloudStack Python utility library"""
@@ -106,7 +106,7 @@ def exit(errno=E_GENERIC,message=None,*args):
 
 def resolve(host,port):
 	return [ (x[4][0],len(x[4])+2) for x in socket.getaddrinfo(host,port,socket.AF_UNSPEC,socket.SOCK_STREAM, 0, socket.AI_PASSIVE) ]
-	
+
 def resolves_to_ipv6(host,port):
 	return resolve(host,port)[0][1] == IPV6
 
@@ -119,7 +119,7 @@ def __init__(self, returncode, cmd):
 			self.returncode = returncode ; self.cmd = cmd
 		def __str__(self): return "Command '%s' returned non-zero exit status %d" % (self.cmd, self.returncode)
 	subprocess.CalledProcessError = CalledProcessError
-	
+
 	def check_call(*popenargs, **kwargs):
 		retcode = subprocess.call(*popenargs, **kwargs)
 		cmd = kwargs.get("args")
@@ -183,7 +183,7 @@ def __init__(self,stdout,stderr):
 				self.stdout = stdout
 				self.stderr = stderr
 		return CommandOutput(*m)
-		
+
 	def __get_recursive_name(self,sep=None):
 		m = self
 		l = []
@@ -195,7 +195,7 @@ def __get_recursive_name(self,sep=None):
 		else: return l
 	def __str__(self):
 		return '<Command %r>'%self.__get_recursive_name(sep=" ")
-		
+
 	def __repr__(self): return self.__str__()
 
 kvmok = Command("kvm-ok")
@@ -275,7 +275,7 @@ def replace_line(f,startswith,stanza,always_add=False):
 
 def replace_or_add_line(f,startswith,stanza):
 	return replace_line(f,startswith,stanza,always_add=True)
-	
+
 # ==================================== CHECK FUNCTIONS ==========================
 
 # If they return without exception, it's okay.  If they raise a CheckFailed exception, that means a condition
@@ -410,8 +410,8 @@ def __init__(self,brname, pubNic, prvNic):
 		else:
 			self.nmservice = 'network-manager'
 			self.netservice = 'networking'
-		
-		
+
+
 	def done(self):
 		try:
 			alreadysetup = False
@@ -422,7 +422,7 @@ def done(self):
 					alreadysetup = alreadysetup or augtool._print("/files/etc/sysconfig/network-scripts/ifcfg-%s"%self.prvNic).stdout.strip()
 				if not alreadysetup:
 					alreadysetup = augtool._print("/files/etc/sysconfig/network-scripts/ifcfg-%s"%self.brname).stdout.strip()
-				
+
 			else:
 				if self.pubNic != None:
 					alreadysetup = alreadysetup or augtool._print("/files/etc/network/interfaces/iface",self.pubNic).stdout.strip()
@@ -437,14 +437,14 @@ def done(self):
 
 	def restore_state(self):
 		if not self.runtime_state_changed: return
-		
+
 		try:
 			o = ifconfig(self.brname)
 			bridge_exists = True
 		except CalledProcessError,e:
 			print e.stdout + e.stderr
 			bridge_exists = False
-			
+
 		if bridge_exists:
 			ifconfig(self.brname,"0.0.0.0")
 			if hasattr(self,"old_net_device"):
@@ -458,8 +458,8 @@ def restore_state(self):
 			except CalledProcessError: pass
 			try: ifdown("--force",self.brname)
 			except CalledProcessError: pass
-		
-		
+
+
 		if self.was_net_service_running is None:
 			# we do nothing
 			pass
@@ -475,7 +475,7 @@ def restore_state(self):
 				if e.returncode == 1: pass
 				else: raise
 			time.sleep(1)
-		
+
 		if self.was_nm_service_running is None:
 			 # we do nothing
 			 pass
@@ -488,7 +488,7 @@ def restore_state(self):
 			time.sleep(1)
 			start_service(self.nmservice,force=True)
 			time.sleep(1)
-		
+
 		self.runtime_state_changed = False
 
 	def execute(self):
@@ -496,12 +496,12 @@ def execute(self):
 		routes = ip.route().stdout.splitlines()
 		defaultroute = [ x for x in routes if x.startswith("default") ]
 		if not defaultroute: raise TaskFailed("Your network configuration does not have a default route")
-		
+
 		dev = defaultroute[0].split()[4]
 		yield "Default route assigned to device %s"%dev
-		
+
 		self.old_net_device = dev
-		
+
 		if distro in (Fedora, CentOS, RHEL6):
 			inconfigfile = "/".join(augtool.match("/files/etc/sysconfig/network-scripts/*/DEVICE",dev).stdout.strip().split("/")[:-1])
 			if not inconfigfile: raise TaskFailed("Device %s has not been set up in /etc/sysconfig/network-scripts"%dev)
@@ -514,7 +514,7 @@ def execute(self):
 		if not automatic:
 			if distro is Fedora: raise TaskFailed("Device %s has not been set up in %s as automatic on boot"%dev,pathtoconfigfile)
 			else: raise TaskFailed("Device %s has not been set up in /etc/network/interfaces as automatic on boot"%dev)
-			
+
 		if distro not in (Fedora , CentOS, RHEL6):
 			inconfigfile = augtool.match("/files/etc/network/interfaces/iface",dev).stdout.strip()
 			if not inconfigfile: raise TaskFailed("Device %s has not been set up in /etc/network/interfaces"%dev)
@@ -534,12 +534,12 @@ def execute(self):
 			disable_service(self.nmservice)
 		else:
 			self.was_nm_service_running = False
-			
+
 		if is_service_running(self.netservice):
 			self.was_net_service_running = True
 		else:
 			self.was_net_service_running = False
-			
+
 		yield "Creating Cloud bridging device and making device %s member of this bridge"%dev
 
 		if distro in (Fedora, CentOS, RHEL6):
@@ -574,9 +574,9 @@ def execute(self):
 			innewconfigfile,innewconfigfile,innewconfigfile,innewconfigfile,
 			inconfigfile,inconfigfile,inconfigfile,inconfigfile,inconfigfile,inconfigfile,
 			inconfigfile,self.brname)
-			
+
 			yield "Executing the following reconfiguration script:\n%s"%script
-			
+
 			try:
 				returned = augtool < script
 				if "Saved 2 file" not in returned.stdout:
@@ -597,9 +597,9 @@ def execute(self):
 set %s %s
 set %s/bridge_ports %s
 save"""%(automatic,self.brname,inconfigfile,self.brname,inconfigfile,dev)
-			
+
 			yield "Executing the following reconfiguration script:\n%s"%script
-			
+
 			try:
 				returned = augtool < script
 				if "Saved 1 file" not in returned.stdout:
@@ -611,16 +611,16 @@ def execute(self):
 				#restore()
 				print e.stdout + e.stderr
 				raise TaskFailed("Network reconfiguration failed")
-		
+
 		yield "We are going to restart network services now, to make the network changes take effect.  Hit ENTER when you are ready."
 		if self.isAutoMode(): pass
         	else:
 		    raw_input()
-		
+
 		# if we reach here, then if something goes wrong we should attempt to revert the runinng state
 		# if not, then no point
 		self.runtime_state_changed = True
-		
+
 		yield "Enabling and restarting non-NetworkManager networking"
 		if distro is Ubuntu: ifup(self.brname,stdout=None,stderr=None)
 		stop_service(self.netservice)
@@ -628,28 +628,28 @@ def execute(self):
 		except CalledProcessError,e:
 			if e.returncode == 1: pass
 			else: raise
-		
+
 		yield "Verifying that the bridge is up"
 		try:
 			o = ifconfig(self.brname)
 		except CalledProcessError,e:
 			print e.stdout + e.stderr
 			raise TaskFailed("The bridge could not be set up properly")
-		
+
 		yield "Networking restart done"
 
 
 class SetupCgConfig(ConfigTask):
 	name = "control groups configuration"
-	
+
 	def done(self):
-		
+
 		try:
 			return "group virt" in file("/etc/cgconfig.conf","r").read(-1)
 		except IOError,e:
 			if e.errno is 2: raise TaskFailed("cgconfig has not been properly installed on this system")
 			raise
-		
+
 	def execute(self):
 		cgconfig = file("/etc/cgconfig.conf","r").read(-1)
 		cgconfig = cgconfig + """
@@ -660,7 +660,7 @@ def execute(self):
 }
 """
 		file("/etc/cgconfig.conf","w").write(cgconfig)
-		
+
 		stop_service("cgconfig")
 		enable_service("cgconfig",forcestart=True)
 
@@ -668,53 +668,35 @@ def execute(self):
 class SetupCgRules(ConfigTask):
 	name = "control group rules setup"
 	cfgline = "root:/usr/sbin/libvirtd	cpu	virt/"
-	
+
 	def done(self):
 		try:
 			return self.cfgline in file("/etc/cgrules.conf","r").read(-1)
 		except IOError,e:
 			if e.errno is 2: raise TaskFailed("cgrulesd has not been properly installed on this system")
 			raise
-	
+
 	def execute(self):
 		cgrules = file("/etc/cgrules.conf","r").read(-1)
 		cgrules = cgrules + "\n" + self.cfgline + "\n"
 		file("/etc/cgrules.conf","w").write(cgrules)
-		
+
 		stop_service("cgred")
 		enable_service("cgred")
 
 
-class SetupCgroupControllers(ConfigTask):
-	name = "qemu cgroup controllers setup"
-	cfgline = "cgroup_controllers = [ \"cpu\" ]"
-	filename = "/etc/libvirt/qemu.conf"
-	
-	def done(self):
-		try:
-			return self.cfgline in file(self.filename,"r").read(-1)
-		except IOError,e:
-			if e.errno is 2: raise TaskFailed("qemu has not been properly installed on this system")
-			raise
-	
-	def execute(self):
-		libvirtqemu = file(self.filename,"r").read(-1)
-		libvirtqemu = libvirtqemu + "\n" + self.cfgline + "\n"
-		file("/etc/libvirt/qemu.conf","w").write(libvirtqemu)
-
-
 class SetupSecurityDriver(ConfigTask):
 	name = "security driver setup"
 	cfgline = "security_driver = \"none\""
 	filename = "/etc/libvirt/qemu.conf"
-	
+
 	def done(self):
 		try:
 			return self.cfgline in file(self.filename,"r").read(-1)
 		except IOError,e:
 			if e.errno is 2: raise TaskFailed("qemu has not been properly installed on this system")
 			raise
-	
+
 	def execute(self):
 		libvirtqemu = file(self.filename,"r").read(-1)
 		libvirtqemu = libvirtqemu + "\n" + self.cfgline + "\n"
@@ -733,7 +715,7 @@ def done(self):
 		except IOError,e:
 			if e.errno is 2: raise TaskFailed("libvirt has not been properly installed on this system")
 			raise
-	
+
 	def execute(self):
 		if distro in (Fedora,CentOS, RHEL6): 	 libvirtfile = "/etc/sysconfig/libvirtd"
 		elif distro is Ubuntu:	 libvirtfile = "/etc/default/libvirt-bin"
@@ -741,7 +723,7 @@ def execute(self):
 		libvirtbin = file(libvirtfile,"r").read(-1)
 		libvirtbin = libvirtbin + "\n" + self.cfgline + "\n"
 		file(libvirtfile,"w").write(libvirtbin)
-		
+
 		if distro in (CentOS, Fedora, RHEL6):	svc = "libvirtd"
 		else:					svc = "libvirt-bin"
 		stop_service(svc)
@@ -755,7 +737,7 @@ class SetupLiveMigration(ConfigTask):
 			'auth_tcp="none"',
 			"listen_tls=0",
 	)
-	
+
 	def done(self):
 		try:
 			lines = [ s.strip() for s in file("/etc/libvirt/libvirtd.conf").readlines() ]
@@ -763,25 +745,25 @@ def done(self):
 		except IOError,e:
 			if e.errno is 2: raise TaskFailed("libvirt has not been properly installed on this system")
 			raise
-	
+
 	def execute(self):
-		
+
 		for stanza in self.stanzas:
 			startswith = stanza.split("=")[0] + '='
 			replace_or_add_line("/etc/libvirt/libvirtd.conf",startswith,stanza)
 
 		if distro in (Fedora, RHEL6):
 			replace_or_add_line("/etc/sysconfig/libvirtd","LIBVIRTD_ARGS=","LIBVIRTD_ARGS=-l")
-		
+
 		elif distro is Ubuntu:
 			if os.path.exists("/etc/init/libvirt-bin.conf"):
 				replace_line("/etc/init/libvirt-bin.conf", "exec /usr/sbin/libvirtd","exec /usr/sbin/libvirtd -d -l")
 			else:
 				replace_or_add_line("/etc/default/libvirt-bin","libvirtd_opts=","libvirtd_opts='-l -d'")
-			
+
 		else:
 			raise AssertionError("Unsupported distribution")
-		
+
 		if distro in (CentOS, Fedora, RHEL6):	svc = "libvirtd"
 		else:						svc = "libvirt-bin"
 		stop_service(svc)
@@ -790,13 +772,13 @@ def execute(self):
 
 class SetupRequiredServices(ConfigTask):
 	name = "required services setup"
-	
+
 	def done(self):
 		if distro in (Fedora, RHEL6):  nfsrelated = "rpcbind nfslock"
 		elif distro is CentOS: nfsrelated = "portmap nfslock"
 		else: return True
 		return all( [ is_service_running(svc) for svc in nfsrelated.split() ] )
-		
+
 	def execute(self):
 
 		if distro in (Fedora, RHEL6):  nfsrelated = "rpcbind nfslock"
@@ -808,9 +790,9 @@ def execute(self):
 
 class SetupFirewall(ConfigTask):
 	name = "firewall setup"
-	
+
 	def done(self):
-		
+
 		if distro in (Fedora, CentOS,RHEL6):
 			if not os.path.exists("/etc/sysconfig/iptables"): return True
 			if ":on" not in chkconfig("--list","iptables").stdout: return True
@@ -820,7 +802,7 @@ def done(self):
 		rule = "-p tcp -m tcp --dport 16509 -j ACCEPT"
 		if rule in iptablessave().stdout: return True
 		return False
-	
+
 	def execute(self):
 		ports = "22 1798 16509".split()
 		if distro in (Fedora , CentOS, RHEL6):
@@ -836,9 +818,9 @@ class SetupFirewall2(ConfigTask):
 	def __init__(self,brname):
 		ConfigTask.__init__(self)
 		self.brname = brname
-	
+
 	def done(self):
-		
+
 		if distro in (Fedora, CentOS, RHEL6):
 			if not os.path.exists("/etc/sysconfig/iptables"): return True
 			if ":on" not in chkconfig("--list","iptables").stdout: return True
@@ -847,13 +829,13 @@ def done(self):
 			if "Status: active" not in ufw.status().stdout: return True
 			if not os.path.exists("/etc/ufw/before.rules"): return True
 			return False
-		
+
 	def execute(self):
-		
+
 		yield "Permitting traffic in the bridge interface, migration port and for VNC ports"
-		
+
 		if distro in (Fedora , CentOS, RHEL6):
-			
+
 			for rule in (
 				"-I INPUT 1 -p tcp --dport 5900:6100 -j ACCEPT",
 				"-I INPUT 1 -p tcp --dport 49152:49216 -j ACCEPT",
@@ -861,9 +843,9 @@ def execute(self):
 				args = rule.split()
 				o = iptables(*args)
 			service.iptables.save(stdout=None,stderr=None)
-			
+
 		else:
-			
+
 			ufw.allow.proto.tcp("from","any","to","any","port","5900:6100")
 			ufw.allow.proto.tcp("from","any","to","any","port","49152:49216")
 
@@ -887,7 +869,6 @@ def config_tasks(brname, pubNic, prvNic):
 			SetupNetworking(brname, pubNic, prvNic),
 			SetupCgConfig(),
 			SetupCgRules(),
-			SetupCgroupControllers(),
 			SetupSecurityDriver(),
 			SetupLibvirt(),
 			SetupLiveMigration(),
@@ -914,31 +895,31 @@ def remove_backup(targetdir):
 
 def list_zonespods(host):
 	text = urllib2.urlopen('http://%s:8096/client/api?command=listPods'%host).read(-1)
-	dom = xml.dom.minidom.parseString(text) 
+	dom = xml.dom.minidom.parseString(text)
 	x = [ (zonename,podname)
-		for pod in dom.childNodes[0].childNodes  
-		for podname in [ x.childNodes[0].wholeText for x in pod.childNodes if x.tagName == "name" ] 
+		for pod in dom.childNodes[0].childNodes
+		for podname in [ x.childNodes[0].wholeText for x in pod.childNodes if x.tagName == "name" ]
 		for zonename in  [ x.childNodes[0].wholeText for x in pod.childNodes if x.tagName == "zonename" ]
 		]
 	return x
-	
+
 def prompt_for_hostpods(zonespods):
 	"""Ask user to select one from those zonespods
 	Returns (zone,pod) or None if the user made the default selection."""
 	while True:
 		stderr("Type the number of the zone and pod combination this host belongs to (hit ENTER to skip this step)")
-		print "  N) ZONE, POD" 
+		print "  N) ZONE, POD"
 		print "================"
 		for n,(z,p) in enumerate(zonespods):
 			print "%3d) %s, %s"%(n,z,p)
 		print "================"
 		print "> ",
 		zoneandpod = raw_input().strip()
-		
+
 		if not zoneandpod:
 			# we go with default, do not touch anything, just break
 			return None
-		
+
 		try:
 			# if parsing fails as an int, just vomit and retry
 			zoneandpod = int(zoneandpod)
@@ -946,10 +927,10 @@ def prompt_for_hostpods(zonespods):
 		except ValueError,e:
 			stderr(str(e))
 			continue # re-ask
-		
+
 		# oh yeah, the int represents an valid zone and pod index in the array
 		return zonespods[zoneandpod]
-	
+
 # this configures the agent
 
 def device_exist(devName):
@@ -961,8 +942,8 @@ def device_exist(devName):
 			alreadysetup = augtool.match("/files/etc/network/interfaces/iface",devName).stdout.strip()
 		return alreadysetup
 	except OSError,e:
-		return False		
-	
+		return False
+
 def setup_agent_config(configfile, host, zone, pod, cluster, guid, pubNic, prvNic):
 	stderr("Examining Agent configuration")
 	fn = configfile
@@ -970,14 +951,14 @@ def setup_agent_config(configfile, host, zone, pod, cluster, guid, pubNic, prvNi
 	lines = [ s.strip() for s in text.splitlines() ]
 	confopts = dict([ m.split("=",1) for m in lines if "=" in m and not m.startswith("#") ])
 	confposes = dict([ (m.split("=",1)[0],n) for n,m in enumerate(lines) if "=" in m and not m.startswith("#") ])
-	
+
 	if guid != None:
 		confopts['guid'] = guid
 	else:
 		if not "guid" in confopts:
 			stderr("Generating GUID for this Agent")
 			confopts['guid'] = uuidgen().stdout.strip()
-	
+
 	if host == None:
 		try: host = confopts["host"]
 		except KeyError: host = "localhost"
@@ -987,19 +968,19 @@ def setup_agent_config(configfile, host, zone, pod, cluster, guid, pubNic, prvNi
 		if newhost: host = newhost
 
 	confopts["host"] = host
-	
+
 	if pubNic != None and device_exist(pubNic):
-		confopts["public.network.device"] = pubNic	
+		confopts["public.network.device"] = pubNic
 		if prvNic == None or not device_exist(prvNic):
-			confopts["private.network.device"] = pubNic	
-		
+			confopts["private.network.device"] = pubNic
+
 	if prvNic != None and device_exist(prvNic):
-		confopts["private.network.device"] = prvNic	
+		confopts["private.network.device"] = prvNic
 		if pubNic == None or not device_exist(pubNic):
-			confopts["public.network.device"] = prvNic	
+			confopts["public.network.device"] = prvNic
 
 	stderr("Querying %s for zones and pods",host)
-	
+
 	try:
 	    if zone == None or pod == None:
 			x = list_zonespods(confopts['host'])
@@ -1020,7 +1001,7 @@ def setup_agent_config(configfile, host, zone, pod, cluster, guid, pubNic, prvNi
 		line = "=".join([opt,val])
 		if opt not in confposes: lines.append(line)
 		else: lines[confposes[opt]] = line
-	
+
 	text = "\n".join(lines)
 	file(fn,"w").write(text)
 
@@ -1046,7 +1027,7 @@ def setup_consoleproxy_config(configfile, host, zone, pod):
 	confopts["host"] = host
 
 	stderr("Querying %s for zones and pods",host)
-	
+
 	try:
                 if zone == None or pod == None:
 			x = list_zonespods(confopts['host'])
@@ -1066,7 +1047,7 @@ def setup_consoleproxy_config(configfile, host, zone, pod):
 		line = "=".join([opt,val])
 		if opt not in confposes: lines.append(line)
 		else: lines[confposes[opt]] = line
-	
+
 	text = "\n".join(lines)
 	file(fn,"w").write(text)
 
@@ -1083,22 +1064,22 @@ class NoMigrator(MigratorException): pass
 
 class Migrator:
 	"""Migrator class.
-	
+
 	The migrator gets a list of Python objects, and discovers MigrationSteps in it. It then sorts the steps into a chain, based on the attributes from_level and to_level in each one of the steps.
-	
+
 	When the migrator's run(context) is called, the chain of steps is applied sequentially on the context supplied to run(), in the order of the chain of steps found at discovery time.  See the documentation for the MigrationStep class for information on how that happens.
 	"""
-	
+
 	def __init__(self,evolver_source):
 		self.discover_evolvers(evolver_source)
 		self.sort_evolvers()
-		
+
 	def discover_evolvers(self,source):
 		self.evolvers = []
 		for val in source:
 			if hasattr(val,"from_level") and hasattr(val,"to_level") and val.to_level:
 				self.evolvers.append(val)
-	
+
 	def sort_evolvers(self):
 		new = []
 		while self.evolvers:
@@ -1114,30 +1095,30 @@ def sort_evolvers(self):
 					raise IndexError, "no evolver could be found to evolve from level %s"%new[-1].to_level
 			new.append(self.evolvers.pop(idx))
 		self.evolvers = new
-	
+
 	def get_evolver_chain(self):
 		return [ (s.from_level, s.to_level, s) for s in self.evolvers ]
-		
+
 	def get_evolver_by_starting_level(self,level):
 		try: return [ s for s in self.evolvers if s.from_level == level][0]
 		except IndexError: raise NoMigrator, "No evolver knows how to evolve the database from schema level %r"%level
-	
+
 	def get_evolver_by_ending_level(self,level):
 		try: return [ s for s in self.evolvers if s.to_level == level][0]
 		except IndexError: raise NoMigrator, "No evolver knows how to evolve the database to schema level %r"%level
-	
+
 	def run(self, context, dryrun = False, starting_level = None, ending_level = None):
 		"""Runs each one of the steps in sequence, passing the migration context to each. At the end of the process, context.commit() is called to save the changes, or context.rollback() is called if dryrun = True.
-		
+
 		If starting_level is not specified, then the context.get_schema_level() is used to find out at what level the context is at.  Then starting_level is set to that.
-		
+
 		If ending_level is not specified, then the evolvers will run till the end of the chain."""
-		
+
 		assert dryrun is False # NOT IMPLEMENTED, prolly gonna implement by asking the context itself to remember its state
-		
+
 		starting_level = starting_level or context.get_schema_level() or self.evolvers[0].from_level
 		ending_level = ending_level or self.evolvers[-1].to_level
-		
+
 		evolution_path = self.evolvers
 		idx = evolution_path.index(self.get_evolver_by_starting_level(starting_level))
 		evolution_path = evolution_path[idx:]
@@ -1146,9 +1127,9 @@ def run(self, context, dryrun = False, starting_level = None, ending_level = Non
 			raise NoEvolutionPath, "No evolution path from schema level %r to schema level %r" % \
 				(starting_level,ending_level)
 		evolution_path = evolution_path[:idx+1]
-		
+
 		logging.info("Starting migration on %s"%context)
-		
+
 		for ec in evolution_path:
 			assert ec.from_level == context.get_schema_level()
 			evolver = ec(context=context)
@@ -1164,36 +1145,36 @@ def run(self, context, dryrun = False, starting_level = None, ending_level = Non
 			context.set_schema_level(evolver.to_level)
 			#context.commit()
 			logging.info("%s is now at level %s",context,context.get_schema_level())
-		
+
 		#if dryrun: # implement me with backup and restore
 			#logging.info("Rolling back changes on %s",context)
 			#context.rollback()
 		#else:
 			#logging.info("Committing changes on %s",context)
 			#context.commit()
-		
+
 		logging.info("Migration finished")
-		
+
 
 class MigrationStep:
 	"""Base MigrationStep class, aka evolver.
-	
+
 	You develop your own steps, and then pass a list of those steps to the
 	Migrator instance that will run them in order.
-	
+
 	When the migrator runs, it will take the list of steps you gave him,
 	and, for each step:
-	
+
 	a) instantiate it, passing the context you gave to the migrator
 	   into the step's __init__().
 	b) run() the method in the migration step.
-	
+
 	As you can see, the default MigrationStep constructor makes the passed
 	context available as self.context in the methods of your step.
-	
+
 	Each step has two member vars that determine in which order they
 	are run, and if they need to run:
-	
+
 	- from_level = the schema level that the database should be at,
 		       before running the evolver
 		       The value None has special meaning here, it
@@ -1202,14 +1183,14 @@ class MigrationStep:
 	- to_level =   the schema level number that the database will be at
 		       after the evolver has run
 	"""
-	
+
 	# Implement these attributes in your steps
 	from_level = None
 	to_level = None
-	
+
 	def __init__(self,context):
 		self.context = context
-		
+
 	def run(self):
 		raise NotImplementedError
 
@@ -1220,5 +1201,3 @@ def commit(self):raise NotImplementedError
 	def rollback(self):raise NotImplementedError
 	def get_schema_level(self):raise NotImplementedError
 	def set_schema_level(self,l):raise NotImplementedError
-
-
diff --git a/python/lib/cloudutils/serviceConfig.py b/python/lib/cloudutils/serviceConfig.py
index 86f5a904f2..292c9a77d7 100755
--- a/python/lib/cloudutils/serviceConfig.py
+++ b/python/lib/cloudutils/serviceConfig.py
@@ -5,9 +5,9 @@
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
-# 
+#
 #   http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -56,7 +56,7 @@ def configration(self):
             if self.syscfg.env.mode == "Server":
                 raise CloudRuntimeException("Configure %s failed, Please check the /var/log/cloudstack/setupManagement.log for detail"%self.serviceName)
             else:
-                raise CloudRuntimeException("Configure %s failed, Please check the /var/log/cloudstack/setupAgent.log for detail"%self.serviceName)
+                raise CloudRuntimeException("Configure %s failed, Please check the /var/log/cloudstack/agent/setup.log for detail"%self.serviceName)
 
     def backup(self):
         if self.status is None:
@@ -428,7 +428,7 @@ def config(self):
 
             return True
         except:
-            raise CloudRuntimeException("Failed to configure apparmor, please see the /var/log/cloudstack/setupAgent.log for detail, \
+            raise CloudRuntimeException("Failed to configure apparmor, please see the /var/log/cloudstack/agent/setup.log for detail, \
                                         or you can manually disable it before starting myCloud")
 
     def restore(self):
@@ -458,7 +458,7 @@ def config(self):
                 cfo.replace_line("SELINUX=", "SELINUX=permissive")
                 return True
             except:
-                raise CloudRuntimeException("Failed to configure selinux, please see the /var/log/cloudstack/setupAgent.log for detail, \
+                raise CloudRuntimeException("Failed to configure selinux, please see the /var/log/cloudstack/agent/setup.log for detail, \
                                             or you can manually disable it before starting myCloud")
         else:
             return True
@@ -493,7 +493,6 @@ def config(self):
             filename = "/etc/libvirt/qemu.conf"
 
             cfo = configFileOps(filename, self)
-            cfo.addEntry("cgroup_controllers", "[\"cpu\"]")
             cfo.addEntry("security_driver", "\"none\"")
             cfo.addEntry("user", "\"root\"")
             cfo.addEntry("group", "\"root\"")
diff --git a/python/lib/cloudutils/utilities.py b/python/lib/cloudutils/utilities.py
index 88e2d1c6f9..1fe5bd3d2c 100755
--- a/python/lib/cloudutils/utilities.py
+++ b/python/lib/cloudutils/utilities.py
@@ -5,9 +5,9 @@
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
-# 
+#
 #   http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -53,25 +53,25 @@ def alarm_handler(signum, frame):
         except:
             raise  CloudRuntimeException(formatExceptionInfo())
 
-        if not self.success: 
+        if not self.success:
             logging.debug("Failed to execute:" + self.getErrMsg())
 
     def isSuccess(self):
         return self.success
-    
+
     def getStdout(self):
         return self.stdout.strip("\n")
-    
+
     def getLines(self):
         return self.stdout.split("\n")
 
     def getStderr(self):
         return self.stderr.strip("\n")
-    
+
     def getErrMsg(self):
         if self.isSuccess():
             return ""
-        
+
         if self.getStderr() is None or self.getStderr() == "":
             return self.getStdout()
         else:
@@ -80,11 +80,11 @@ def getErrMsg(self):
 def initLoging(logFile=None):
     try:
         if logFile is None:
-            logging.basicConfig(level=logging.DEBUG) 
-        else: 
-            logging.basicConfig(filename=logFile, level=logging.DEBUG) 
+            logging.basicConfig(level=logging.DEBUG)
+        else:
+            logging.basicConfig(filename=logFile, level=logging.DEBUG)
     except:
-        logging.basicConfig(level=logging.DEBUG) 
+        logging.basicConfig(level=logging.DEBUG)
 
 def writeProgressBar(msg, result):
     output = "[%-6s]\n"%"Failed"
@@ -100,7 +100,7 @@ def writeProgressBar(msg, result):
 class UnknownSystemException(Exception):
     "This Excption is raised if the current operating enviornment is unknown"
     pass
- 
+
 class Distribution:
     def __init__(self):
         self.distro = "Unknown"
@@ -112,7 +112,7 @@ def __init__(self):
             version = file("/etc/redhat-release").readline()
             if version.find("Red Hat Enterprise Linux Server release 6") != -1 or version.find("Scientific Linux release 6") != -1 or version.find("CentOS Linux release 6") != -1 or version.find("CentOS release 6.") != -1:
                 self.distro = "RHEL6"
-            elif version.find("Red Hat Enterprise Linux Server release 7") != -1:
+            elif version.find("Red Hat Enterprise Linux Server release 7") != -1 or version.find("Scientific Linux release 7") != -1 or version.find("CentOS Linux release 7") != -1 or version.find("CentOS release 7.") != -1:
                 self.distro = "RHEL7"
             elif version.find("CentOS release") != -1:
                 self.distro = "CentOS"
@@ -132,17 +132,17 @@ def __init__(self):
                 self.distro = "Ubuntu"
             else:
                 raise UnknownSystemException(distributor)
-        else: 
+        else:
             raise UnknownSystemException
 
     def getVersion(self):
-        return self.distro 
+        return self.distro
     def getRelease(self):
         return self.release
     def getArch(self):
         return self.arch
-        
- 
+
+
 class serviceOps:
     pass
 class serviceOpsRedhat(serviceOps):
@@ -159,7 +159,7 @@ def isServiceRunning(self, servicename):
     def stopService(self, servicename,force=False):
         if self.isServiceRunning(servicename) or force:
             return bash("service " + servicename +" stop").isSuccess()
-        
+
         return True
     def disableService(self, servicename):
         result = self.stopService(servicename)
@@ -174,13 +174,13 @@ def startService(self, servicename,force=False):
     def enableService(self, servicename,forcestart=False):
         bash("chkconfig --level 2345 " + servicename + " on")
         return self.startService(servicename,force=forcestart)
-        
+
     def isKVMEnabled(self):
         if os.path.exists("/dev/kvm"):
             return True
         else:
             return False
-        
+
 class serviceOpsUbuntu(serviceOps):
     def isServiceRunning(self, servicename):
         try:
@@ -200,7 +200,7 @@ def disableService(self, servicename):
         result = self.stopService(servicename)
         bash("sudo update-rc.d -f " + servicename + " remove")
         return result
-    
+
     def startService(self, servicename,force=True):
         if not self.isServiceRunning(servicename) or force:
             return bash("sudo /usr/sbin/service " + servicename + " start").isSuccess()
@@ -211,7 +211,7 @@ def enableService(self, servicename,forcestart=True):
         return self.startService(servicename,force=forcestart)
 
     def isKVMEnabled(self):
-        return bash("kvm-ok").isSuccess() 
+        return bash("kvm-ok").isSuccess()
 
 class serviceOpsRedhat7(serviceOps):
     def isServiceRunning(self, servicename):
diff --git a/scripts/vm/hypervisor/kvm/setup-cgroups.sh b/scripts/vm/hypervisor/kvm/setup-cgroups.sh
deleted file mode 100755
index 6b00b02831..0000000000
--- a/scripts/vm/hypervisor/kvm/setup-cgroups.sh
+++ /dev/null
@@ -1,52 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-
-# Script to fix cgroups co-mounted issue
-# Applies to RHEL 7 versions (and family member CentOS 7) only
-# Detect if cpu,cpuacct cgroups are co-mounted
-# If co-mounted, unmount and mount them seperately
-
-#set -x
-
-# Check distribution version for RHEL
-if [ -f '/etc/redhat-release' ]; then
-    # Check RHEL version for 7
-    if grep -E 'Red Hat Enterprise Linux Server release 7|CentOS Linux release 7' /etc/redhat-release > /dev/null; then
-        # Check if cgroups if co-mounted
-        if [ -d '/sys/fs/cgroup/cpu,cpuacct' ]; then
-            # cgroups co-mounted. Requires remount
-            umount /sys/fs/cgroup/cpu,cpuacct
-            rm /sys/fs/cgroup/cpu
-            rm /sys/fs/cgroup/cpuacct
-            rm -rf /sys/fs/cgroup/cpu,cpuacct
-            mkdir -p /sys/fs/cgroup/cpu
-            mkdir -p /sys/fs/cgroup/cpuacct
-            mount -t cgroup -o cpu cpu "/sys/fs/cgroup/cpu"
-            mount -t cgroup -o cpuacct cpuacct "/sys/fs/cgroup/cpuacct"
-            # Verify that cgroups are not co-mounted
-            if [ -d '/sys/fs/cgroup/cpu,cpuacct' ]; then
-               echo "cgroups still co-mounted"
-               exit 1;
-            fi
-        fi
-    fi
-fi
-
-exit 0
diff --git a/setup/db/db/schema-421to430.sql b/setup/db/db/schema-421to430.sql
index 3f2ad023d2..0a96ea0ad9 100644
--- a/setup/db/db/schema-421to430.sql
+++ b/setup/db/db/schema-421to430.sql
@@ -111,8 +111,7 @@ CREATE TABLE `cloud`.`async_job_join_map` (
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 #realhostip changes, before changing table and adding default value
-UPDATE `cloud`.`configuration` SET value = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="consoleproxy.url.domain") AS `temptable` WHERE `temptable`.`name`="consoleproxy.url.domain")) WHERE `name`="consoleproxy.url.domain";
-UPDATE `cloud`.`configuration` SET `value` = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="secstorage.ssl.cert.domain") AS `temptable` WHERE `temptable`.`name`="secstorage.ssl.cert.domain")) WHERE `name`="secstorage.ssl.cert.domain";
+UPDATE `cloud`.`configuration` SET value=CONCAT("*.",value) WHERE `name`="consoleproxy.url.domain" OR `name`="secstorage.ssl.cert.domain";
 
 ALTER TABLE `cloud`.`configuration` ADD COLUMN `default_value` VARCHAR(4095) COMMENT 'Default value for a configuration parameter';
 ALTER TABLE `cloud`.`configuration` ADD COLUMN `updated` datetime COMMENT 'Time this was updated by the server. null means this row is obsolete.';

From a4f552d46dd3ffa608a75ae79e4154bbf6766305 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 14 Sep 2015 09:59:40 +0530
Subject: [PATCH 068/115] cloudstack: set next version to 4.5.3-SNAPSHOT

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 agent/pom.xml                                                 | 2 +-
 api/pom.xml                                                   | 2 +-
 awsapi/pom.xml                                                | 2 +-
 client/pom.xml                                                | 2 +-
 core/pom.xml                                                  | 2 +-
 developer/pom.xml                                             | 2 +-
 engine/api/pom.xml                                            | 2 +-
 engine/components-api/pom.xml                                 | 2 +-
 engine/network/pom.xml                                        | 2 +-
 engine/orchestration/pom.xml                                  | 2 +-
 engine/pom.xml                                                | 2 +-
 engine/schema/pom.xml                                         | 2 +-
 engine/service/pom.xml                                        | 2 +-
 engine/storage/cache/pom.xml                                  | 2 +-
 engine/storage/datamotion/pom.xml                             | 2 +-
 engine/storage/image/pom.xml                                  | 2 +-
 engine/storage/integration-test/pom.xml                       | 2 +-
 engine/storage/pom.xml                                        | 2 +-
 engine/storage/snapshot/pom.xml                               | 2 +-
 engine/storage/volume/pom.xml                                 | 2 +-
 framework/cluster/pom.xml                                     | 2 +-
 framework/config/pom.xml                                      | 2 +-
 framework/db/pom.xml                                          | 2 +-
 framework/events/pom.xml                                      | 2 +-
 framework/ipc/pom.xml                                         | 2 +-
 framework/jobs/pom.xml                                        | 2 +-
 framework/managed-context/pom.xml                             | 2 +-
 framework/pom.xml                                             | 2 +-
 framework/rest/pom.xml                                        | 2 +-
 framework/security/pom.xml                                    | 2 +-
 framework/spring/lifecycle/pom.xml                            | 2 +-
 framework/spring/module/pom.xml                               | 2 +-
 maven-standard/pom.xml                                        | 2 +-
 plugins/acl/static-role-based/pom.xml                         | 2 +-
 plugins/affinity-group-processors/explicit-dedication/pom.xml | 2 +-
 plugins/affinity-group-processors/host-anti-affinity/pom.xml  | 2 +-
 plugins/alert-handlers/snmp-alerts/pom.xml                    | 2 +-
 plugins/alert-handlers/syslog-alerts/pom.xml                  | 2 +-
 plugins/api/discovery/pom.xml                                 | 2 +-
 plugins/api/rate-limit/pom.xml                                | 2 +-
 plugins/api/solidfire-intg-test/pom.xml                       | 2 +-
 plugins/database/mysql-ha/pom.xml                             | 2 +-
 plugins/dedicated-resources/pom.xml                           | 2 +-
 plugins/deployment-planners/implicit-dedication/pom.xml       | 2 +-
 plugins/deployment-planners/user-concentrated-pod/pom.xml     | 2 +-
 plugins/deployment-planners/user-dispersing/pom.xml           | 2 +-
 plugins/event-bus/inmemory/pom.xml                            | 2 +-
 plugins/event-bus/rabbitmq/pom.xml                            | 2 +-
 plugins/file-systems/netapp/pom.xml                           | 2 +-
 plugins/ha-planners/skip-heurestics/pom.xml                   | 2 +-
 plugins/host-allocators/random/pom.xml                        | 2 +-
 plugins/hypervisors/baremetal/pom.xml                         | 2 +-
 plugins/hypervisors/hyperv/pom.xml                            | 2 +-
 plugins/hypervisors/kvm/pom.xml                               | 2 +-
 plugins/hypervisors/ovm/pom.xml                               | 2 +-
 plugins/hypervisors/simulator/pom.xml                         | 2 +-
 plugins/hypervisors/ucs/pom.xml                               | 2 +-
 plugins/hypervisors/vmware/pom.xml                            | 2 +-
 plugins/hypervisors/xenserver/pom.xml                         | 2 +-
 plugins/network-elements/bigswitch-vns/pom.xml                | 2 +-
 plugins/network-elements/brocade-vcs/pom.xml                  | 2 +-
 plugins/network-elements/cisco-vnmc/pom.xml                   | 2 +-
 plugins/network-elements/dns-notifier/pom.xml                 | 2 +-
 plugins/network-elements/elastic-loadbalancer/pom.xml         | 2 +-
 plugins/network-elements/f5/pom.xml                           | 2 +-
 plugins/network-elements/globodns/pom.xml                     | 2 +-
 plugins/network-elements/internal-loadbalancer/pom.xml        | 2 +-
 plugins/network-elements/juniper-contrail/pom.xml             | 2 +-
 plugins/network-elements/juniper-srx/pom.xml                  | 2 +-
 plugins/network-elements/midonet/pom.xml                      | 2 +-
 plugins/network-elements/netscaler/pom.xml                    | 2 +-
 plugins/network-elements/nicira-nvp/pom.xml                   | 2 +-
 plugins/network-elements/nuage-vsp/pom.xml                    | 2 +-
 plugins/network-elements/opendaylight/pom.xml                 | 2 +-
 plugins/network-elements/ovs/pom.xml                          | 2 +-
 plugins/network-elements/palo-alto/pom.xml                    | 2 +-
 plugins/network-elements/stratosphere-ssp/pom.xml             | 2 +-
 plugins/network-elements/vxlan/pom.xml                        | 2 +-
 plugins/pom.xml                                               | 2 +-
 plugins/storage-allocators/random/pom.xml                     | 2 +-
 plugins/storage/image/default/pom.xml                         | 2 +-
 plugins/storage/image/s3/pom.xml                              | 2 +-
 plugins/storage/image/sample/pom.xml                          | 2 +-
 plugins/storage/image/swift/pom.xml                           | 2 +-
 plugins/storage/volume/cloudbyte/pom.xml                      | 2 +-
 plugins/storage/volume/default/pom.xml                        | 2 +-
 plugins/storage/volume/nexenta/pom.xml                        | 2 +-
 plugins/storage/volume/sample/pom.xml                         | 2 +-
 plugins/storage/volume/solidfire/pom.xml                      | 2 +-
 plugins/user-authenticators/ldap/pom.xml                      | 2 +-
 plugins/user-authenticators/md5/pom.xml                       | 2 +-
 plugins/user-authenticators/pbkdf2/pom.xml                    | 2 +-
 plugins/user-authenticators/plain-text/pom.xml                | 2 +-
 plugins/user-authenticators/saml2/pom.xml                     | 2 +-
 plugins/user-authenticators/sha256salted/pom.xml              | 2 +-
 pom.xml                                                       | 2 +-
 quickcloud/pom.xml                                            | 2 +-
 server/pom.xml                                                | 2 +-
 services/console-proxy-rdp/rdpconsole/pom.xml                 | 2 +-
 services/console-proxy/plugin/pom.xml                         | 2 +-
 services/console-proxy/pom.xml                                | 2 +-
 services/console-proxy/server/pom.xml                         | 2 +-
 services/iam/plugin/pom.xml                                   | 2 +-
 services/iam/pom.xml                                          | 2 +-
 services/iam/server/pom.xml                                   | 2 +-
 services/pom.xml                                              | 2 +-
 services/secondary-storage/controller/pom.xml                 | 2 +-
 services/secondary-storage/pom.xml                            | 2 +-
 services/secondary-storage/server/pom.xml                     | 2 +-
 systemvm/pom.xml                                              | 2 +-
 test/pom.xml                                                  | 2 +-
 tools/apidoc/pom.xml                                          | 2 +-
 tools/build/setnextversion.sh                                 | 2 ++
 tools/checkstyle/pom.xml                                      | 2 +-
 tools/devcloud-kvm/pom.xml                                    | 2 +-
 tools/devcloud/pom.xml                                        | 2 +-
 tools/marvin/pom.xml                                          | 2 +-
 tools/pom.xml                                                 | 2 +-
 tools/wix-cloudstack-maven-plugin/pom.xml                     | 2 +-
 usage/pom.xml                                                 | 2 +-
 utils/pom.xml                                                 | 2 +-
 vmware-base/pom.xml                                           | 2 +-
 122 files changed, 123 insertions(+), 121 deletions(-)

diff --git a/agent/pom.xml b/agent/pom.xml
index 9a427a3783..5c04080ce6 100644
--- a/agent/pom.xml
+++ b/agent/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/api/pom.xml b/api/pom.xml
index 595de1811a..7bbf8b18ed 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/awsapi/pom.xml b/awsapi/pom.xml
index 371b17d342..9e3348d452 100644
--- a/awsapi/pom.xml
+++ b/awsapi/pom.xml
@@ -26,7 +26,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/client/pom.xml b/client/pom.xml
index 13e1411b97..bcb139109c 100644
--- a/client/pom.xml
+++ b/client/pom.xml
@@ -17,7 +17,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/core/pom.xml b/core/pom.xml
index 39dc04ca1c..9aca4192ac 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/developer/pom.xml b/developer/pom.xml
index 8612e12e78..5294640869 100644
--- a/developer/pom.xml
+++ b/developer/pom.xml
@@ -18,7 +18,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/engine/api/pom.xml b/engine/api/pom.xml
index 293110473c..dcf4a16451 100644
--- a/engine/api/pom.xml
+++ b/engine/api/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/components-api/pom.xml b/engine/components-api/pom.xml
index 645e1f1930..df15363f63 100644
--- a/engine/components-api/pom.xml
+++ b/engine/components-api/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/network/pom.xml b/engine/network/pom.xml
index c9a17550e5..f91738b54b 100644
--- a/engine/network/pom.xml
+++ b/engine/network/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/orchestration/pom.xml b/engine/orchestration/pom.xml
index e1bb541b48..23c0d1c587 100755
--- a/engine/orchestration/pom.xml
+++ b/engine/orchestration/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/pom.xml b/engine/pom.xml
index 8de7223c5e..d0d4662f4a 100644
--- a/engine/pom.xml
+++ b/engine/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/engine/schema/pom.xml b/engine/schema/pom.xml
index ed8cb59959..42703edc33 100644
--- a/engine/schema/pom.xml
+++ b/engine/schema/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/service/pom.xml b/engine/service/pom.xml
index 6673a5e2cf..13876a8bbe 100644
--- a/engine/service/pom.xml
+++ b/engine/service/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <artifactId>cloud-engine-service</artifactId>
   <packaging>war</packaging>
diff --git a/engine/storage/cache/pom.xml b/engine/storage/cache/pom.xml
index f35c6ba7b3..392bf659af 100644
--- a/engine/storage/cache/pom.xml
+++ b/engine/storage/cache/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/datamotion/pom.xml b/engine/storage/datamotion/pom.xml
index d83d3eb24e..f3a798ac5c 100644
--- a/engine/storage/datamotion/pom.xml
+++ b/engine/storage/datamotion/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/image/pom.xml b/engine/storage/image/pom.xml
index b9a31b70cf..4e3436b9e6 100644
--- a/engine/storage/image/pom.xml
+++ b/engine/storage/image/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/integration-test/pom.xml b/engine/storage/integration-test/pom.xml
index a864e36e38..b734852ba9 100644
--- a/engine/storage/integration-test/pom.xml
+++ b/engine/storage/integration-test/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/pom.xml b/engine/storage/pom.xml
index 5cc7f4e790..4479634def 100644
--- a/engine/storage/pom.xml
+++ b/engine/storage/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/snapshot/pom.xml b/engine/storage/snapshot/pom.xml
index a2e74382f4..483c9ba66b 100644
--- a/engine/storage/snapshot/pom.xml
+++ b/engine/storage/snapshot/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/engine/storage/volume/pom.xml b/engine/storage/volume/pom.xml
index af575429e6..b78f594c0a 100644
--- a/engine/storage/volume/pom.xml
+++ b/engine/storage/volume/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-engine</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/cluster/pom.xml b/framework/cluster/pom.xml
index 6725eaa312..093dce45f3 100644
--- a/framework/cluster/pom.xml
+++ b/framework/cluster/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/config/pom.xml b/framework/config/pom.xml
index 70852167e7..54edcfb63f 100644
--- a/framework/config/pom.xml
+++ b/framework/config/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/db/pom.xml b/framework/db/pom.xml
index 175f4273bf..1027e7a81a 100644
--- a/framework/db/pom.xml
+++ b/framework/db/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/events/pom.xml b/framework/events/pom.xml
index 879fd014d5..3d78a6d46a 100644
--- a/framework/events/pom.xml
+++ b/framework/events/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/ipc/pom.xml b/framework/ipc/pom.xml
index eaf4512a8b..35d02c559c 100644
--- a/framework/ipc/pom.xml
+++ b/framework/ipc/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/jobs/pom.xml b/framework/jobs/pom.xml
index f36d5d17a3..3380a3650b 100644
--- a/framework/jobs/pom.xml
+++ b/framework/jobs/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>  
   <dependencies>
diff --git a/framework/managed-context/pom.xml b/framework/managed-context/pom.xml
index 79dca68f78..d55b07322f 100644
--- a/framework/managed-context/pom.xml
+++ b/framework/managed-context/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-maven-standard</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../maven-standard/pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/pom.xml b/framework/pom.xml
index 84a4469daa..64d1774c67 100644
--- a/framework/pom.xml
+++ b/framework/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <build>
     <defaultGoal>install</defaultGoal>
diff --git a/framework/rest/pom.xml b/framework/rest/pom.xml
index 381b638f65..0ea2195c5a 100644
--- a/framework/rest/pom.xml
+++ b/framework/rest/pom.xml
@@ -22,7 +22,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <artifactId>cloud-framework-rest</artifactId>
diff --git a/framework/security/pom.xml b/framework/security/pom.xml
index 2088080bab..03e97c8f1b 100644
--- a/framework/security/pom.xml
+++ b/framework/security/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-framework</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/framework/spring/lifecycle/pom.xml b/framework/spring/lifecycle/pom.xml
index c648d2604c..937cf66f48 100644
--- a/framework/spring/lifecycle/pom.xml
+++ b/framework/spring/lifecycle/pom.xml
@@ -16,7 +16,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloud-maven-standard</artifactId>
-        <version>4.5.2</version>
+        <version>4.5.3-SNAPSHOT</version>
         <relativePath>../../../maven-standard/pom.xml</relativePath>
     </parent>
     <dependencies>
diff --git a/framework/spring/module/pom.xml b/framework/spring/module/pom.xml
index 868b5f41ca..1836924fea 100644
--- a/framework/spring/module/pom.xml
+++ b/framework/spring/module/pom.xml
@@ -24,7 +24,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloud-maven-standard</artifactId>
-        <version>4.5.2</version>
+        <version>4.5.3-SNAPSHOT</version>
         <relativePath>../../../maven-standard/pom.xml</relativePath>
     </parent>
     <dependencies>
diff --git a/maven-standard/pom.xml b/maven-standard/pom.xml
index 9288f99e39..f51fd9363b 100644
--- a/maven-standard/pom.xml
+++ b/maven-standard/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/acl/static-role-based/pom.xml b/plugins/acl/static-role-based/pom.xml
index 24235abcd2..bb6baf4441 100644
--- a/plugins/acl/static-role-based/pom.xml
+++ b/plugins/acl/static-role-based/pom.xml
@@ -26,7 +26,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/affinity-group-processors/explicit-dedication/pom.xml b/plugins/affinity-group-processors/explicit-dedication/pom.xml
index 3e8708e146..6e1259e17c 100644
--- a/plugins/affinity-group-processors/explicit-dedication/pom.xml
+++ b/plugins/affinity-group-processors/explicit-dedication/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/affinity-group-processors/host-anti-affinity/pom.xml b/plugins/affinity-group-processors/host-anti-affinity/pom.xml
index 70a6a5f459..097290c3e9 100644
--- a/plugins/affinity-group-processors/host-anti-affinity/pom.xml
+++ b/plugins/affinity-group-processors/host-anti-affinity/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/alert-handlers/snmp-alerts/pom.xml b/plugins/alert-handlers/snmp-alerts/pom.xml
index 2dfbb08c04..d2832139ac 100644
--- a/plugins/alert-handlers/snmp-alerts/pom.xml
+++ b/plugins/alert-handlers/snmp-alerts/pom.xml
@@ -22,7 +22,7 @@
   <parent>
     <artifactId>cloudstack-plugins</artifactId>
     <groupId>org.apache.cloudstack</groupId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
diff --git a/plugins/alert-handlers/syslog-alerts/pom.xml b/plugins/alert-handlers/syslog-alerts/pom.xml
index ffab04aaa4..7473437a0d 100644
--- a/plugins/alert-handlers/syslog-alerts/pom.xml
+++ b/plugins/alert-handlers/syslog-alerts/pom.xml
@@ -22,7 +22,7 @@
   <parent>
     <artifactId>cloudstack-plugins</artifactId>
     <groupId>org.apache.cloudstack</groupId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <modelVersion>4.0.0</modelVersion>
diff --git a/plugins/api/discovery/pom.xml b/plugins/api/discovery/pom.xml
index 280426e557..53f23e9331 100644
--- a/plugins/api/discovery/pom.xml
+++ b/plugins/api/discovery/pom.xml
@@ -26,7 +26,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/api/rate-limit/pom.xml b/plugins/api/rate-limit/pom.xml
index 7e084d0a35..7f2f3fa845 100644
--- a/plugins/api/rate-limit/pom.xml
+++ b/plugins/api/rate-limit/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/api/solidfire-intg-test/pom.xml b/plugins/api/solidfire-intg-test/pom.xml
index dd41153e44..c6ba7d4e24 100644
--- a/plugins/api/solidfire-intg-test/pom.xml
+++ b/plugins/api/solidfire-intg-test/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/database/mysql-ha/pom.xml b/plugins/database/mysql-ha/pom.xml
index 4d7eb4fd1c..32471adfdb 100644
--- a/plugins/database/mysql-ha/pom.xml
+++ b/plugins/database/mysql-ha/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/dedicated-resources/pom.xml b/plugins/dedicated-resources/pom.xml
index 95c4399d9a..0a204f9a37 100644
--- a/plugins/dedicated-resources/pom.xml
+++ b/plugins/dedicated-resources/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/deployment-planners/implicit-dedication/pom.xml b/plugins/deployment-planners/implicit-dedication/pom.xml
index 17064ac3b6..f75a14e8f0 100644
--- a/plugins/deployment-planners/implicit-dedication/pom.xml
+++ b/plugins/deployment-planners/implicit-dedication/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/deployment-planners/user-concentrated-pod/pom.xml b/plugins/deployment-planners/user-concentrated-pod/pom.xml
index 7bc823740b..db6847d0af 100644
--- a/plugins/deployment-planners/user-concentrated-pod/pom.xml
+++ b/plugins/deployment-planners/user-concentrated-pod/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/deployment-planners/user-dispersing/pom.xml b/plugins/deployment-planners/user-dispersing/pom.xml
index 90b455b351..01194804f6 100644
--- a/plugins/deployment-planners/user-dispersing/pom.xml
+++ b/plugins/deployment-planners/user-dispersing/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/event-bus/inmemory/pom.xml b/plugins/event-bus/inmemory/pom.xml
index fffdd1f0aa..9d3ccc4b33 100644
--- a/plugins/event-bus/inmemory/pom.xml
+++ b/plugins/event-bus/inmemory/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/event-bus/rabbitmq/pom.xml b/plugins/event-bus/rabbitmq/pom.xml
index 0bf1ab2a6e..eb6860d24c 100644
--- a/plugins/event-bus/rabbitmq/pom.xml
+++ b/plugins/event-bus/rabbitmq/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/file-systems/netapp/pom.xml b/plugins/file-systems/netapp/pom.xml
index be74372835..7d743cbbcc 100644
--- a/plugins/file-systems/netapp/pom.xml
+++ b/plugins/file-systems/netapp/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/ha-planners/skip-heurestics/pom.xml b/plugins/ha-planners/skip-heurestics/pom.xml
index 9294e92bdc..ceee6530aa 100644
--- a/plugins/ha-planners/skip-heurestics/pom.xml
+++ b/plugins/ha-planners/skip-heurestics/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/host-allocators/random/pom.xml b/plugins/host-allocators/random/pom.xml
index 3b5ed705f0..94361cdf19 100644
--- a/plugins/host-allocators/random/pom.xml
+++ b/plugins/host-allocators/random/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/hypervisors/baremetal/pom.xml b/plugins/hypervisors/baremetal/pom.xml
index 92e85c1266..382aa654f9 100755
--- a/plugins/hypervisors/baremetal/pom.xml
+++ b/plugins/hypervisors/baremetal/pom.xml
@@ -21,7 +21,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <artifactId>cloud-plugin-hypervisor-baremetal</artifactId>
diff --git a/plugins/hypervisors/hyperv/pom.xml b/plugins/hypervisors/hyperv/pom.xml
index d93b70c5a6..aab9f09434 100644
--- a/plugins/hypervisors/hyperv/pom.xml
+++ b/plugins/hypervisors/hyperv/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <properties>
diff --git a/plugins/hypervisors/kvm/pom.xml b/plugins/hypervisors/kvm/pom.xml
index a7c04aac98..f5b8eb41a9 100644
--- a/plugins/hypervisors/kvm/pom.xml
+++ b/plugins/hypervisors/kvm/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/hypervisors/ovm/pom.xml b/plugins/hypervisors/ovm/pom.xml
index 4046407ce9..d26d9acfeb 100644
--- a/plugins/hypervisors/ovm/pom.xml
+++ b/plugins/hypervisors/ovm/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/hypervisors/simulator/pom.xml b/plugins/hypervisors/simulator/pom.xml
index e021d32184..5dbf4bdf2d 100644
--- a/plugins/hypervisors/simulator/pom.xml
+++ b/plugins/hypervisors/simulator/pom.xml
@@ -22,7 +22,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloudstack-plugins</artifactId>
-        <version>4.5.2</version>
+        <version>4.5.3-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
     <artifactId>cloud-plugin-hypervisor-simulator</artifactId>
diff --git a/plugins/hypervisors/ucs/pom.xml b/plugins/hypervisors/ucs/pom.xml
index 52eee87dcb..d89d5f3a2a 100755
--- a/plugins/hypervisors/ucs/pom.xml
+++ b/plugins/hypervisors/ucs/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <artifactId>cloud-plugin-hypervisor-ucs</artifactId>
diff --git a/plugins/hypervisors/vmware/pom.xml b/plugins/hypervisors/vmware/pom.xml
index c73028c305..c2015c30a5 100644
--- a/plugins/hypervisors/vmware/pom.xml
+++ b/plugins/hypervisors/vmware/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/hypervisors/xenserver/pom.xml b/plugins/hypervisors/xenserver/pom.xml
index b9c2d33d0d..a76ba4edce 100644
--- a/plugins/hypervisors/xenserver/pom.xml
+++ b/plugins/hypervisors/xenserver/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/bigswitch-vns/pom.xml b/plugins/network-elements/bigswitch-vns/pom.xml
index 0c0638fcbb..20ac3df4ac 100644
--- a/plugins/network-elements/bigswitch-vns/pom.xml
+++ b/plugins/network-elements/bigswitch-vns/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/brocade-vcs/pom.xml b/plugins/network-elements/brocade-vcs/pom.xml
index 112c1a564b..c81634b439 100644
--- a/plugins/network-elements/brocade-vcs/pom.xml
+++ b/plugins/network-elements/brocade-vcs/pom.xml
@@ -16,7 +16,7 @@
 	<parent>
 		<groupId>org.apache.cloudstack</groupId>
 		<artifactId>cloudstack-plugins</artifactId>
-		<version>4.5.2</version>
+		<version>4.5.3-SNAPSHOT</version>
 		<relativePath>../../pom.xml</relativePath>
 	</parent>
 
diff --git a/plugins/network-elements/cisco-vnmc/pom.xml b/plugins/network-elements/cisco-vnmc/pom.xml
index 6671077e8e..9ae5d00615 100644
--- a/plugins/network-elements/cisco-vnmc/pom.xml
+++ b/plugins/network-elements/cisco-vnmc/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/dns-notifier/pom.xml b/plugins/network-elements/dns-notifier/pom.xml
index 7b4602e539..5466605f2c 100644
--- a/plugins/network-elements/dns-notifier/pom.xml
+++ b/plugins/network-elements/dns-notifier/pom.xml
@@ -22,7 +22,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <artifactId>cloud-plugin-example-dns-notifier</artifactId>
diff --git a/plugins/network-elements/elastic-loadbalancer/pom.xml b/plugins/network-elements/elastic-loadbalancer/pom.xml
index bb1b79fc21..13eb9e4860 100644
--- a/plugins/network-elements/elastic-loadbalancer/pom.xml
+++ b/plugins/network-elements/elastic-loadbalancer/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/f5/pom.xml b/plugins/network-elements/f5/pom.xml
index 3a24d865e5..621ac625b8 100644
--- a/plugins/network-elements/f5/pom.xml
+++ b/plugins/network-elements/f5/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/globodns/pom.xml b/plugins/network-elements/globodns/pom.xml
index a3df2e4746..8f22c1e60b 100644
--- a/plugins/network-elements/globodns/pom.xml
+++ b/plugins/network-elements/globodns/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/internal-loadbalancer/pom.xml b/plugins/network-elements/internal-loadbalancer/pom.xml
index 46d62c01c3..5a9f5ef6e6 100644
--- a/plugins/network-elements/internal-loadbalancer/pom.xml
+++ b/plugins/network-elements/internal-loadbalancer/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/network-elements/juniper-contrail/pom.xml b/plugins/network-elements/juniper-contrail/pom.xml
index 482aa72dad..e311f083d2 100644
--- a/plugins/network-elements/juniper-contrail/pom.xml
+++ b/plugins/network-elements/juniper-contrail/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <repositories>
diff --git a/plugins/network-elements/juniper-srx/pom.xml b/plugins/network-elements/juniper-srx/pom.xml
index 1f29632fad..234249982a 100644
--- a/plugins/network-elements/juniper-srx/pom.xml
+++ b/plugins/network-elements/juniper-srx/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/midonet/pom.xml b/plugins/network-elements/midonet/pom.xml
index ae5d319440..595497e99f 100644
--- a/plugins/network-elements/midonet/pom.xml
+++ b/plugins/network-elements/midonet/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 <repositories>
diff --git a/plugins/network-elements/netscaler/pom.xml b/plugins/network-elements/netscaler/pom.xml
index a57cbde376..3c9a05df9b 100644
--- a/plugins/network-elements/netscaler/pom.xml
+++ b/plugins/network-elements/netscaler/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/network-elements/nicira-nvp/pom.xml b/plugins/network-elements/nicira-nvp/pom.xml
index 7d91277738..73e4352a7b 100644
--- a/plugins/network-elements/nicira-nvp/pom.xml
+++ b/plugins/network-elements/nicira-nvp/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/plugins/network-elements/nuage-vsp/pom.xml b/plugins/network-elements/nuage-vsp/pom.xml
index 4afd4cd7c8..f2ca145048 100644
--- a/plugins/network-elements/nuage-vsp/pom.xml
+++ b/plugins/network-elements/nuage-vsp/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/plugins/network-elements/opendaylight/pom.xml b/plugins/network-elements/opendaylight/pom.xml
index a4510d26a3..93baf6ee52 100644
--- a/plugins/network-elements/opendaylight/pom.xml
+++ b/plugins/network-elements/opendaylight/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/plugins/network-elements/ovs/pom.xml b/plugins/network-elements/ovs/pom.xml
index 6ef13e6af8..63898329dd 100644
--- a/plugins/network-elements/ovs/pom.xml
+++ b/plugins/network-elements/ovs/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/palo-alto/pom.xml b/plugins/network-elements/palo-alto/pom.xml
index a24e13a7de..0db7620e4e 100644
--- a/plugins/network-elements/palo-alto/pom.xml
+++ b/plugins/network-elements/palo-alto/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/stratosphere-ssp/pom.xml b/plugins/network-elements/stratosphere-ssp/pom.xml
index 4843fa7765..ae109eaef0 100644
--- a/plugins/network-elements/stratosphere-ssp/pom.xml
+++ b/plugins/network-elements/stratosphere-ssp/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/network-elements/vxlan/pom.xml b/plugins/network-elements/vxlan/pom.xml
index e65905840b..935dd60a04 100644
--- a/plugins/network-elements/vxlan/pom.xml
+++ b/plugins/network-elements/vxlan/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/pom.xml b/plugins/pom.xml
index 6c826600c4..1706fe8a69 100755
--- a/plugins/pom.xml
+++ b/plugins/pom.xml
@@ -17,7 +17,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
 
   <build>
diff --git a/plugins/storage-allocators/random/pom.xml b/plugins/storage-allocators/random/pom.xml
index 38f7687713..3922d6395c 100644
--- a/plugins/storage-allocators/random/pom.xml
+++ b/plugins/storage-allocators/random/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/image/default/pom.xml b/plugins/storage/image/default/pom.xml
index 4041b75bfe..6e42eeddd8 100644
--- a/plugins/storage/image/default/pom.xml
+++ b/plugins/storage/image/default/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/image/s3/pom.xml b/plugins/storage/image/s3/pom.xml
index 59b5a04887..0ea7f8c6ba 100644
--- a/plugins/storage/image/s3/pom.xml
+++ b/plugins/storage/image/s3/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/image/sample/pom.xml b/plugins/storage/image/sample/pom.xml
index 8df6fa2750..caa5509ce9 100644
--- a/plugins/storage/image/sample/pom.xml
+++ b/plugins/storage/image/sample/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/image/swift/pom.xml b/plugins/storage/image/swift/pom.xml
index 1c1f28296f..bceb104e0d 100644
--- a/plugins/storage/image/swift/pom.xml
+++ b/plugins/storage/image/swift/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/cloudbyte/pom.xml b/plugins/storage/volume/cloudbyte/pom.xml
index 161317797b..c8f25e3fe1 100755
--- a/plugins/storage/volume/cloudbyte/pom.xml
+++ b/plugins/storage/volume/cloudbyte/pom.xml
@@ -26,7 +26,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/default/pom.xml b/plugins/storage/volume/default/pom.xml
index 43c21b1de4..887353ce83 100644
--- a/plugins/storage/volume/default/pom.xml
+++ b/plugins/storage/volume/default/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/nexenta/pom.xml b/plugins/storage/volume/nexenta/pom.xml
index ca5085747f..98cc78bfbd 100644
--- a/plugins/storage/volume/nexenta/pom.xml
+++ b/plugins/storage/volume/nexenta/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/sample/pom.xml b/plugins/storage/volume/sample/pom.xml
index 12d813e8ec..cc03898602 100644
--- a/plugins/storage/volume/sample/pom.xml
+++ b/plugins/storage/volume/sample/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/storage/volume/solidfire/pom.xml b/plugins/storage/volume/solidfire/pom.xml
index 622c18c6b0..fc79c1109a 100644
--- a/plugins/storage/volume/solidfire/pom.xml
+++ b/plugins/storage/volume/solidfire/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/user-authenticators/ldap/pom.xml b/plugins/user-authenticators/ldap/pom.xml
index eacf498cd2..ec2813e00d 100644
--- a/plugins/user-authenticators/ldap/pom.xml
+++ b/plugins/user-authenticators/ldap/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/plugins/user-authenticators/md5/pom.xml b/plugins/user-authenticators/md5/pom.xml
index 0b479675d9..58642f7856 100644
--- a/plugins/user-authenticators/md5/pom.xml
+++ b/plugins/user-authenticators/md5/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/user-authenticators/pbkdf2/pom.xml b/plugins/user-authenticators/pbkdf2/pom.xml
index 1568a08b37..8ae8b9b9c5 100644
--- a/plugins/user-authenticators/pbkdf2/pom.xml
+++ b/plugins/user-authenticators/pbkdf2/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/user-authenticators/plain-text/pom.xml b/plugins/user-authenticators/plain-text/pom.xml
index 5c6f28a4ad..c1a74ed025 100644
--- a/plugins/user-authenticators/plain-text/pom.xml
+++ b/plugins/user-authenticators/plain-text/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/plugins/user-authenticators/saml2/pom.xml b/plugins/user-authenticators/saml2/pom.xml
index 44f7316ae1..d58ef0bb50 100644
--- a/plugins/user-authenticators/saml2/pom.xml
+++ b/plugins/user-authenticators/saml2/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/plugins/user-authenticators/sha256salted/pom.xml b/plugins/user-authenticators/sha256salted/pom.xml
index 7611da710e..f646c828f0 100644
--- a/plugins/user-authenticators/sha256salted/pom.xml
+++ b/plugins/user-authenticators/sha256salted/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-plugins</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/pom.xml b/pom.xml
index 2a508b50c6..94b4be97a6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -19,7 +19,7 @@
 
   <groupId>org.apache.cloudstack</groupId>
   <artifactId>cloudstack</artifactId>
-  <version>4.5.2</version>
+  <version>4.5.3-SNAPSHOT</version>
   <packaging>pom</packaging>
   <name>Apache CloudStack</name>
   <description>Apache CloudStack is an IaaS (“Infrastructure as a Service”) cloud orchestration platform.</description>
diff --git a/quickcloud/pom.xml b/quickcloud/pom.xml
index 50d8e25941..c908c12512 100644
--- a/quickcloud/pom.xml
+++ b/quickcloud/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-maven-standard</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../maven-standard/pom.xml</relativePath>
   </parent>
 </project>
diff --git a/server/pom.xml b/server/pom.xml
index 9f40b67838..d176e49d98 100644
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/services/console-proxy-rdp/rdpconsole/pom.xml b/services/console-proxy-rdp/rdpconsole/pom.xml
index fb1566aea5..f48ef0683d 100755
--- a/services/console-proxy-rdp/rdpconsole/pom.xml
+++ b/services/console-proxy-rdp/rdpconsole/pom.xml
@@ -27,7 +27,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-services</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/services/console-proxy/plugin/pom.xml b/services/console-proxy/plugin/pom.xml
index 42b7f8a48d..1168be4926 100644
--- a/services/console-proxy/plugin/pom.xml
+++ b/services/console-proxy/plugin/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-console-proxy</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
 </project>
diff --git a/services/console-proxy/pom.xml b/services/console-proxy/pom.xml
index e37adaf8bf..1f9d888a72 100644
--- a/services/console-proxy/pom.xml
+++ b/services/console-proxy/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-services</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/services/console-proxy/server/pom.xml b/services/console-proxy/server/pom.xml
index ce1682b8e6..2f6e5cca1e 100644
--- a/services/console-proxy/server/pom.xml
+++ b/services/console-proxy/server/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-console-proxy</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/services/iam/plugin/pom.xml b/services/iam/plugin/pom.xml
index 749a3cab1a..769b1e4b24 100644
--- a/services/iam/plugin/pom.xml
+++ b/services/iam/plugin/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-iam</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/services/iam/pom.xml b/services/iam/pom.xml
index 62361f9c4a..8e287cee8c 100644
--- a/services/iam/pom.xml
+++ b/services/iam/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-services</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/services/iam/server/pom.xml b/services/iam/server/pom.xml
index 4554ad2251..1605bacd77 100644
--- a/services/iam/server/pom.xml
+++ b/services/iam/server/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-iam</artifactId>
-    <version>4.5.2-SNAPSHOT</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/services/pom.xml b/services/pom.xml
index 973a7f794a..0b6d562ab0 100644
--- a/services/pom.xml
+++ b/services/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/services/secondary-storage/controller/pom.xml b/services/secondary-storage/controller/pom.xml
index 017cca5f4a..203bb462d4 100644
--- a/services/secondary-storage/controller/pom.xml
+++ b/services/secondary-storage/controller/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-secondary-storage</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/services/secondary-storage/pom.xml b/services/secondary-storage/pom.xml
index 1c90640d5e..55748470e0 100644
--- a/services/secondary-storage/pom.xml
+++ b/services/secondary-storage/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-services</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <modules>
diff --git a/services/secondary-storage/server/pom.xml b/services/secondary-storage/server/pom.xml
index 91f0fb6e3c..01a6e0c6a5 100644
--- a/services/secondary-storage/server/pom.xml
+++ b/services/secondary-storage/server/pom.xml
@@ -23,7 +23,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack-service-secondary-storage</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
     <properties>
diff --git a/systemvm/pom.xml b/systemvm/pom.xml
index bf9aa37175..39f50886fd 100644
--- a/systemvm/pom.xml
+++ b/systemvm/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <properties>
diff --git a/test/pom.xml b/test/pom.xml
index 989b1e90dd..148b0649d1 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -23,7 +23,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloudstack</artifactId>
-        <version>4.5.2</version>
+        <version>4.5.3-SNAPSHOT</version>
     </parent>
     <dependencies>
         <dependency>
diff --git a/tools/apidoc/pom.xml b/tools/apidoc/pom.xml
index 80f9620673..18b70f43ec 100644
--- a/tools/apidoc/pom.xml
+++ b/tools/apidoc/pom.xml
@@ -17,7 +17,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloud-tools</artifactId>
-        <version>4.5.2</version>
+        <version>4.5.3-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <properties>
diff --git a/tools/build/setnextversion.sh b/tools/build/setnextversion.sh
index a41676db6d..dd195c2bdc 100755
--- a/tools/build/setnextversion.sh
+++ b/tools/build/setnextversion.sh
@@ -16,6 +16,8 @@
 # specific language governing permissions and limitations
 # under the License.
 
+set -e
+
 version='TESTBUILD'
 sourcedir=~/cloudstack/
 branch='master'
diff --git a/tools/checkstyle/pom.xml b/tools/checkstyle/pom.xml
index 29c5cf6d44..67e60b9399 100644
--- a/tools/checkstyle/pom.xml
+++ b/tools/checkstyle/pom.xml
@@ -24,7 +24,7 @@
     <name>Apache CloudStack Developer Tools - Checkstyle Configuration</name>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>checkstyle</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <build>
       <plugins>
         <plugin>
diff --git a/tools/devcloud-kvm/pom.xml b/tools/devcloud-kvm/pom.xml
index f1b6f42bd0..debf9fdd7c 100644
--- a/tools/devcloud-kvm/pom.xml
+++ b/tools/devcloud-kvm/pom.xml
@@ -17,7 +17,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-tools</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/tools/devcloud/pom.xml b/tools/devcloud/pom.xml
index 5d761f46bd..ff0ad1c7ab 100644
--- a/tools/devcloud/pom.xml
+++ b/tools/devcloud/pom.xml
@@ -17,7 +17,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-tools</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/tools/marvin/pom.xml b/tools/marvin/pom.xml
index 34839684cf..f830706abe 100644
--- a/tools/marvin/pom.xml
+++ b/tools/marvin/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloud-tools</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <build>
diff --git a/tools/pom.xml b/tools/pom.xml
index ef96501704..31fff8e6d6 100644
--- a/tools/pom.xml
+++ b/tools/pom.xml
@@ -27,7 +27,7 @@
     <parent>
         <groupId>org.apache.cloudstack</groupId>
         <artifactId>cloudstack</artifactId>
-        <version>4.5.2</version>
+        <version>4.5.3-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <build>
diff --git a/tools/wix-cloudstack-maven-plugin/pom.xml b/tools/wix-cloudstack-maven-plugin/pom.xml
index bf8ce2f763..00b62bcca6 100644
--- a/tools/wix-cloudstack-maven-plugin/pom.xml
+++ b/tools/wix-cloudstack-maven-plugin/pom.xml
@@ -16,7 +16,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../../pom.xml</relativePath>
   </parent>
 
diff --git a/usage/pom.xml b/usage/pom.xml
index 3e60921d71..56cc31db4a 100644
--- a/usage/pom.xml
+++ b/usage/pom.xml
@@ -15,7 +15,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <dependencies>
     <dependency>
diff --git a/utils/pom.xml b/utils/pom.xml
index 916aa78197..0aec5c62e6 100755
--- a/utils/pom.xml
+++ b/utils/pom.xml
@@ -25,7 +25,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <dependencies>
diff --git a/vmware-base/pom.xml b/vmware-base/pom.xml
index 090711fdb4..865d2923a3 100644
--- a/vmware-base/pom.xml
+++ b/vmware-base/pom.xml
@@ -24,7 +24,7 @@
   <parent>
     <groupId>org.apache.cloudstack</groupId>
     <artifactId>cloudstack</artifactId>
-    <version>4.5.2</version>
+    <version>4.5.3-SNAPSHOT</version>
   </parent>
   <dependencies>
     <dependency>

From af38c492d844572910f6f6157ac0bfa2c71318d5 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 14 Sep 2015 10:01:58 +0530
Subject: [PATCH 069/115] debian: add 4.5.3-snapshot to changelog

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 debian/changelog | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 2843055070..898fcabcc9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+cloudstack (4.5.3-snapshot) unstable; urgency=low
+
+  * Update the version to 4.5.3 snapshot
+
+ -- the Apache CloudStack project <dev@cloudstack.apache.org>  Mon, 14 Sep 2015 10:01:38 +0530
+
 cloudstack (4.5.2) unstable; urgency=low
 
   * Update the version to 4.5.2

From a54dffc570a6c5c5d0b75bf4ea5abf5e003ccdd9 Mon Sep 17 00:00:00 2001
From: Boris Schrijver <boris@pcextreme.nl>
Date: Wed, 9 Sep 2015 17:53:35 +0200
Subject: [PATCH 070/115] Added QCOW2 virtual size checking for S3.

- Cleaned up S3TemplateDownloader
- Created static QCOW2 utils class.
- Reformatted some parts of DownloadManagerImpl
---
 .../template/S3TemplateDownloader.java        | 169 +++++++++++-------
 .../storage/template/DownloadManagerImpl.java |  87 ++++++---
 utils/src/com/cloud/utils/S3Utils.java        |  16 ++
 .../com/cloud/utils/storage/QCOW2Utils.java   |  60 +++++++
 4 files changed, 244 insertions(+), 88 deletions(-)
 create mode 100644 utils/src/com/cloud/utils/storage/QCOW2Utils.java

diff --git a/core/src/com/cloud/storage/template/S3TemplateDownloader.java b/core/src/com/cloud/storage/template/S3TemplateDownloader.java
index ec44d8d70e..ac47decefc 100644
--- a/core/src/com/cloud/storage/template/S3TemplateDownloader.java
+++ b/core/src/com/cloud/storage/template/S3TemplateDownloader.java
@@ -27,6 +27,8 @@
 import java.io.InputStream;
 import java.util.Date;
 
+import org.apache.cloudstack.managed.context.ManagedContextRunnable;
+import org.apache.cloudstack.storage.command.DownloadCommand.ResourceType;
 import org.apache.commons.httpclient.ChunkedInputStream;
 import org.apache.commons.httpclient.Credentials;
 import org.apache.commons.httpclient.Header;
@@ -50,10 +52,6 @@
 import com.amazonaws.services.s3.model.ProgressListener;
 import com.amazonaws.services.s3.model.PutObjectRequest;
 import com.amazonaws.services.s3.model.StorageClass;
-
-import org.apache.cloudstack.managed.context.ManagedContextRunnable;
-import org.apache.cloudstack.storage.command.DownloadCommand.ResourceType;
-
 import com.cloud.agent.api.storage.Proxy;
 import com.cloud.agent.api.to.S3TO;
 import com.cloud.utils.Pair;
@@ -61,46 +59,48 @@
 import com.cloud.utils.UriUtils;
 
 /**
- * Download a template file using HTTP
- *
+ * Download a template file using HTTP(S)
  */
 public class S3TemplateDownloader extends ManagedContextRunnable implements TemplateDownloader {
-    public static final Logger s_logger = Logger.getLogger(S3TemplateDownloader.class.getName());
+    private static final Logger s_logger = Logger.getLogger(S3TemplateDownloader.class.getName());
     private static final MultiThreadedHttpConnectionManager s_httpClientManager = new MultiThreadedHttpConnectionManager();
 
     private String downloadUrl;
     private String installPath;
     private String s3Key;
     private String fileName;
-    public TemplateDownloader.Status status = TemplateDownloader.Status.NOT_STARTED;
-    public String errorString = " ";
-    private long remoteSize = 0;
-    public long downloadTime = 0;
-    public long totalBytes;
+    private String fileExtension;
+    private String errorString = " ";
+
+    private TemplateDownloader.Status status = TemplateDownloader.Status.NOT_STARTED;
+    private ResourceType resourceType = ResourceType.TEMPLATE;
     private final HttpClient client;
+    private final HttpMethodRetryHandler myretryhandler;
     private GetMethod request;
-    private boolean resume = false;
     private DownloadCompleteCallback completionCallback;
-    private S3TO s3;
-    private boolean inited = true;
+    private S3TO s3to;
 
+    private long remoteSize = 0;
+    private long downloadTime = 0;
+    private long totalBytes;
     private long maxTemplateSizeInByte;
-    private ResourceType resourceType = ResourceType.TEMPLATE;
-    private final HttpMethodRetryHandler myretryhandler;
 
-    public S3TemplateDownloader(S3TO storageLayer, String downloadUrl, String installPath, DownloadCompleteCallback callback, long maxTemplateSizeInBytes, String user,
-            String password, Proxy proxy, ResourceType resourceType) {
-        s3 = storageLayer;
+    private boolean resume = false;
+    private boolean inited = true;
+
+    public S3TemplateDownloader(S3TO s3to, String downloadUrl, String installPath, DownloadCompleteCallback callback,
+            long maxTemplateSizeInBytes, String user, String password, Proxy proxy, ResourceType resourceType) {
+        this.s3to = s3to;
         this.downloadUrl = downloadUrl;
         this.installPath = installPath;
-        status = TemplateDownloader.Status.NOT_STARTED;
+        this.status = TemplateDownloader.Status.NOT_STARTED;
         this.resourceType = resourceType;
-        maxTemplateSizeInByte = maxTemplateSizeInBytes;
+        this.maxTemplateSizeInByte = maxTemplateSizeInBytes;
 
-        totalBytes = 0;
-        client = new HttpClient(s_httpClientManager);
+        this.totalBytes = 0;
+        this.client = new HttpClient(s_httpClientManager);
 
-        myretryhandler = new HttpMethodRetryHandler() {
+        this.myretryhandler = new HttpMethodRetryHandler() {
             @Override
             public boolean retryMethod(final HttpMethod method, final IOException exception, int executionCount) {
                 if (executionCount >= 2) {
@@ -128,6 +128,7 @@ public boolean retryMethod(final HttpMethod method, final IOException exception,
 
             Pair<String, Integer> hostAndPort = UriUtils.validateUrl(downloadUrl);
             fileName = StringUtils.substringAfterLast(downloadUrl, "/");
+            fileExtension = StringUtils.substringAfterLast(fileName, ".");
 
             if (proxy != null) {
                 client.getHostConfiguration().setProxy(proxy.getHost(), proxy.getPort());
@@ -139,8 +140,10 @@ public boolean retryMethod(final HttpMethod method, final IOException exception,
             if ((user != null) && (password != null)) {
                 client.getParams().setAuthenticationPreemptive(true);
                 Credentials defaultcreds = new UsernamePasswordCredentials(user, password);
-                client.getState().setCredentials(new AuthScope(hostAndPort.first(), hostAndPort.second(), AuthScope.ANY_REALM), defaultcreds);
-                s_logger.info("Added username=" + user + ", password=" + password + "for host " + hostAndPort.first() + ":" + hostAndPort.second());
+                client.getState().setCredentials(
+                        new AuthScope(hostAndPort.first(), hostAndPort.second(), AuthScope.ANY_REALM), defaultcreds);
+                s_logger.info("Added username=" + user + ", password=" + password + "for host " + hostAndPort.first()
+                        + ":" + hostAndPort.second());
             } else {
                 s_logger.info("No credentials configured for host=" + hostAndPort.first() + ":" + hostAndPort.second());
             }
@@ -160,11 +163,11 @@ public boolean retryMethod(final HttpMethod method, final IOException exception,
     @Override
     public long download(boolean resume, DownloadCompleteCallback callback) {
         switch (status) {
-            case ABORTED:
-            case UNRECOVERABLE_ERROR:
-            case DOWNLOAD_FINISHED:
-                return 0;
-            default:
+        case ABORTED:
+        case UNRECOVERABLE_ERROR:
+        case DOWNLOAD_FINISHED:
+            return 0;
+        default:
 
         }
 
@@ -215,10 +218,11 @@ public long download(boolean resume, DownloadCompleteCallback callback) {
                 contentType = contentTypeHeader.getValue();
             }
 
-            InputStream in = !chunked ? new BufferedInputStream(request.getResponseBodyAsStream()) : new ChunkedInputStream(request.getResponseBodyAsStream());
+            InputStream in = !chunked ? new BufferedInputStream(request.getResponseBodyAsStream())
+                    : new ChunkedInputStream(request.getResponseBodyAsStream());
 
-            s_logger.info("Starting download from " + getDownloadUrl() + " to s3 bucket " + s3.getBucketName() + " remoteSize=" + remoteSize + " , max size=" +
-                maxTemplateSizeInByte);
+            s_logger.info("Starting download from " + getDownloadUrl() + " to s3 bucket " + s3to.getBucketName()
+                    + " remoteSize=" + remoteSize + " , max size=" + maxTemplateSizeInByte);
 
             Date start = new Date();
             // compute s3 key
@@ -230,9 +234,9 @@ public long download(boolean resume, DownloadCompleteCallback callback) {
             if (contentType != null) {
                 metadata.setContentType(contentType);
             }
-            PutObjectRequest putObjectRequest = new PutObjectRequest(s3.getBucketName(), s3Key, in, metadata);
+            PutObjectRequest putObjectRequest = new PutObjectRequest(s3to.getBucketName(), s3Key, in, metadata);
             // check if RRS is enabled
-            if (s3.getEnableRRS()) {
+            if (s3to.getEnableRRS()) {
                 putObjectRequest = putObjectRequest.withStorageClass(StorageClass.ReducedRedundancy);
             }
             // register progress listenser
@@ -257,14 +261,15 @@ public void progressChanged(ProgressEvent progressEvent) {
 
             });
 
-            if (!s3.getSingleUpload(remoteSize)) {
+            if (!s3to.getSingleUpload(remoteSize)) {
                 // use TransferManager to do multipart upload
-                S3Utils.mputObject(s3, putObjectRequest);
+                S3Utils.mputObject(s3to, putObjectRequest);
             } else {
                 // single part upload, with 5GB limit in Amazon
-                S3Utils.putObject(s3, putObjectRequest);
-                while (status != TemplateDownloader.Status.DOWNLOAD_FINISHED && status != TemplateDownloader.Status.UNRECOVERABLE_ERROR &&
-                    status != TemplateDownloader.Status.ABORTED) {
+                S3Utils.putObject(s3to, putObjectRequest);
+                while (status != TemplateDownloader.Status.DOWNLOAD_FINISHED
+                        && status != TemplateDownloader.Status.UNRECOVERABLE_ERROR
+                        && status != TemplateDownloader.Status.ABORTED) {
                     // wait for completion
                 }
             }
@@ -324,32 +329,59 @@ public long getDownloadedBytes() {
         return totalBytes;
     }
 
+    /**
+     * Returns an InputStream only when the status is DOWNLOAD_FINISHED.
+     *
+     * The caller of this method must close the InputStream to prevent resource leaks!
+     *
+     * @return S3ObjectInputStream of the object.
+     */
+    public InputStream getS3ObjectInputStream() {
+        // Check if the download is finished
+        if (status != Status.DOWNLOAD_FINISHED) {
+            return null;
+        }
+
+        return S3Utils.getObjectStream(s3to, s3to.getBucketName(), s3Key);
+    }
+
+    public void cleanupAfterError() {
+        if (status != Status.UNRECOVERABLE_ERROR) {
+            s_logger.debug("S3Template downloader does not have state UNRECOVERABLE_ERROR, no cleanup neccesarry.");
+            return;
+        }
+
+        s_logger.info("Cleanup after UNRECOVERABLE_ERROR, trying to remove object: " + s3Key);
+
+        S3Utils.deleteObject(s3to, s3to.getBucketName(), s3Key);
+    }
+
     @Override
     @SuppressWarnings("fallthrough")
     public boolean stopDownload() {
         switch (getStatus()) {
-            case IN_PROGRESS:
-                if (request != null) {
-                    request.abort();
-                }
-                status = TemplateDownloader.Status.ABORTED;
-                return true;
-            case UNKNOWN:
-            case NOT_STARTED:
-            case RECOVERABLE_ERROR:
-            case UNRECOVERABLE_ERROR:
-            case ABORTED:
-                status = TemplateDownloader.Status.ABORTED;
-            case DOWNLOAD_FINISHED:
-                try {
-                    S3Utils.deleteObject(s3, s3.getBucketName(), s3Key);
-                } catch (Exception ex) {
-                    // ignore delete exception if it is not there
-                }
-                return true;
+        case IN_PROGRESS:
+            if (request != null) {
+                request.abort();
+            }
+            status = TemplateDownloader.Status.ABORTED;
+            return true;
+        case UNKNOWN:
+        case NOT_STARTED:
+        case RECOVERABLE_ERROR:
+        case UNRECOVERABLE_ERROR:
+        case ABORTED:
+            status = TemplateDownloader.Status.ABORTED;
+        case DOWNLOAD_FINISHED:
+            try {
+                S3Utils.deleteObject(s3to, s3to.getBucketName(), s3Key);
+            } catch (Exception ex) {
+                // ignore delete exception if it is not there
+            }
+            return true;
 
-            default:
-                return true;
+        default:
+            return true;
         }
     }
 
@@ -359,7 +391,7 @@ public int getDownloadPercent() {
             return 0;
         }
 
-        return (int)(100.0 * totalBytes / remoteSize);
+        return (int) (100.0 * totalBytes / remoteSize);
     }
 
     @Override
@@ -417,4 +449,11 @@ public ResourceType getResourceType() {
         return resourceType;
     }
 
-}
+    public long getTotalBytes() {
+        return totalBytes;
+    }
+
+    public String getFileExtension() {
+        return fileExtension;
+    }
+}
\ No newline at end of file
diff --git a/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java b/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java
index 9678b6b862..eb8c029053 100755
--- a/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java
+++ b/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java
@@ -41,13 +41,12 @@
 import javax.ejb.Local;
 import javax.naming.ConfigurationException;
 
-import org.apache.log4j.Logger;
-
 import org.apache.cloudstack.storage.command.DownloadCommand;
 import org.apache.cloudstack.storage.command.DownloadCommand.ResourceType;
 import org.apache.cloudstack.storage.command.DownloadProgressCommand;
 import org.apache.cloudstack.storage.command.DownloadProgressCommand.RequestType;
 import org.apache.cloudstack.storage.resource.SecondaryStorageResource;
+import org.apache.log4j.Logger;
 
 import com.cloud.agent.api.storage.DownloadAnswer;
 import com.cloud.agent.api.storage.Proxy;
@@ -67,9 +66,9 @@
 import com.cloud.storage.template.Processor.FormatInfo;
 import com.cloud.storage.template.QCOW2Processor;
 import com.cloud.storage.template.RawImageProcessor;
-import com.cloud.storage.template.TARProcessor;
 import com.cloud.storage.template.S3TemplateDownloader;
 import com.cloud.storage.template.ScpTemplateDownloader;
+import com.cloud.storage.template.TARProcessor;
 import com.cloud.storage.template.TemplateConstants;
 import com.cloud.storage.template.TemplateDownloader;
 import com.cloud.storage.template.TemplateDownloader.DownloadCompleteCallback;
@@ -83,6 +82,7 @@
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.script.OutputInterpreter;
 import com.cloud.utils.script.Script;
+import com.cloud.utils.storage.QCOW2Utils;
 
 @Local(value = DownloadManager.class)
 public class DownloadManagerImpl extends ManagerBase implements DownloadManager {
@@ -124,10 +124,10 @@ public DownloadJob(TemplateDownloader td, String jobId, long id, String tmpltNam
             this.tmpltName = tmpltName;
             this.format = format;
             this.hvm = hvm;
-            description = descr;
-            checksum = cksum;
+            this.description = descr;
+            this.checksum = cksum;
             this.installPathPrefix = installPathPrefix;
-            templatesize = 0;
+            this.templatesize = 0;
             this.id = id;
             this.resourceType = resourceType;
         }
@@ -271,11 +271,27 @@ public void setDownloadStatus(String jobId, Status status) {
             threadPool.execute(td);
             break;
         case DOWNLOAD_FINISHED:
-            if (!(td instanceof S3TemplateDownloader)) {
-                // we currently only create template.properties for NFS by
-                // running some post download script
+            if(td instanceof S3TemplateDownloader) {
+                // For S3 and Swift, which are considered "remote",
+                // as in the file cannot be accessed locally,
+                // we run the postRemoteDownload() method.
+                td.setDownloadError("Download success, starting install ");
+                String result = postRemoteDownload(jobId);
+                if (result != null) {
+                    s_logger.error("Failed post download install: " + result);
+                    td.setStatus(Status.UNRECOVERABLE_ERROR);
+                    td.setDownloadError("Failed post download install: " + result);
+                    ((S3TemplateDownloader) td).cleanupAfterError();
+                } else {
+                    td.setStatus(Status.POST_DOWNLOAD_FINISHED);
+                    td.setDownloadError("Install completed successfully at " + new SimpleDateFormat().format(new Date()));
+                }
+            }
+            else {
+                // For other TemplateDownloaders where files are locally available,
+                // we run the postLocalDownload() method.
                 td.setDownloadError("Download success, starting install ");
-                String result = postDownload(jobId);
+                String result = postLocalDownload(jobId);
                 if (result != null) {
                     s_logger.error("Failed post download script: " + result);
                     td.setStatus(Status.UNRECOVERABLE_ERROR);
@@ -284,17 +300,6 @@ public void setDownloadStatus(String jobId, Status status) {
                     td.setStatus(Status.POST_DOWNLOAD_FINISHED);
                     td.setDownloadError("Install completed successfully at " + new SimpleDateFormat().format(new Date()));
                 }
-            } else {
-                // for s3 and swift, we skip post download step and just set
-                // status to trigger callback.
-                td.setStatus(Status.POST_DOWNLOAD_FINISHED);
-                // set template size for S3
-                S3TemplateDownloader std = (S3TemplateDownloader)td;
-                long size = std.totalBytes;
-                DownloadJob dnld = jobs.get(jobId);
-                dnld.setTemplatesize(size);
-                dnld.setTemplatePhysicalSize(size);
-                dnld.setTmpltPath(std.getDownloadLocalPath()); // update template path to include file name.
             }
             dj.cleanup();
             break;
@@ -334,12 +339,48 @@ private String computeCheckSum(File f) {
     }
 
     /**
-     * Post download activity (install and cleanup). Executed in context of
+     * Post remote download activity (install and cleanup). Executed in context of the downloader thread.
+     */
+    private String postRemoteDownload(String jobId) {
+        String result = null;
+        DownloadJob dnld = jobs.get(jobId);
+        S3TemplateDownloader td = (S3TemplateDownloader)dnld.getTemplateDownloader();
+
+        if (td.getFileExtension().equalsIgnoreCase("QCOW2")) {
+            // The QCOW2 is the only format with a header,
+            // and as such can be easily read.
+
+            try {
+                InputStream inputStream = td.getS3ObjectInputStream();
+
+                dnld.setTemplatesize(QCOW2Utils.getVirtualSize(inputStream));
+
+                inputStream.close();
+            }
+            catch (IOException e) {
+                result = "Couldn't read QCOW2 virtual size. Error: " + e.getMessage();
+            }
+
+        }
+        else {
+            // For the other formats, both the virtual
+            // and actual file size are set the same.
+            dnld.setTemplatesize(td.getTotalBytes());
+        }
+
+        dnld.setTemplatePhysicalSize(td.getTotalBytes());
+        dnld.setTmpltPath(td.getDownloadLocalPath());
+
+        return result;
+    }
+
+    /**
+     * Post local download activity (install and cleanup). Executed in context of
      * downloader thread
      *
      * @throws IOException
      */
-    private String postDownload(String jobId) {
+    private String postLocalDownload(String jobId) {
         DownloadJob dnld = jobs.get(jobId);
         TemplateDownloader td = dnld.getTemplateDownloader();
         String resourcePath = dnld.getInstallPathPrefix(); // path with mount
diff --git a/utils/src/com/cloud/utils/S3Utils.java b/utils/src/com/cloud/utils/S3Utils.java
index 532b2eb547..f39b1ee553 100644
--- a/utils/src/com/cloud/utils/S3Utils.java
+++ b/utils/src/com/cloud/utils/S3Utils.java
@@ -62,6 +62,7 @@
 import com.amazonaws.services.s3.model.ObjectMetadata;
 import com.amazonaws.services.s3.model.PutObjectRequest;
 import com.amazonaws.services.s3.model.S3Object;
+import com.amazonaws.services.s3.model.S3ObjectInputStream;
 import com.amazonaws.services.s3.model.S3ObjectSummary;
 import com.amazonaws.services.s3.transfer.TransferManager;
 import com.amazonaws.services.s3.transfer.Upload;
@@ -245,6 +246,21 @@ public static S3Object getObject(final ClientOptions clientOptions, final String
 
     }
 
+    // Note that whenever S3Object is returned, client code needs to close the internal stream to avoid resource leak.
+    public static S3ObjectInputStream getObjectStream(final ClientOptions clientOptions, final String bucketName, final String key) {
+
+        assert clientOptions != null;
+        assert !isBlank(bucketName);
+        assert !isBlank(key);
+
+        if (LOGGER.isDebugEnabled()) {
+            LOGGER.debug(format("Get S3 object %1$s in " + "bucket %2$s", key, bucketName));
+        }
+
+        return acquireClient(clientOptions).getObject(bucketName, key).getObjectContent();
+
+    }
+
     @SuppressWarnings("unchecked")
     public static File getFile(final ClientOptions clientOptions, final String bucketName, final String key, final File targetDirectory,
         final FileNamingStrategy namingStrategy) {
diff --git a/utils/src/com/cloud/utils/storage/QCOW2Utils.java b/utils/src/com/cloud/utils/storage/QCOW2Utils.java
new file mode 100644
index 0000000000..3e08bd6634
--- /dev/null
+++ b/utils/src/com/cloud/utils/storage/QCOW2Utils.java
@@ -0,0 +1,60 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.utils.storage;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.cloud.utils.NumbersUtil;
+
+public final class QCOW2Utils {
+    private static final int VIRTUALSIZE_HEADER_LOCATION = 24;
+    private static final int VIRTUALSIZE_HEADER_LENGTH = 8;
+
+    /**
+     * Private constructor ->  This utility class cannot be instantiated.
+     */
+    private QCOW2Utils() {}
+
+    /**
+     * @return the header location of the virtual size field.
+     */
+    public static int getVirtualSizeHeaderLocation() {
+        return VIRTUALSIZE_HEADER_LOCATION;
+    }
+
+    /**
+     * @param inputStream The QCOW2 object in stream format.
+     * @return The virtual size of the QCOW2 object.
+     */
+    public static long getVirtualSize(InputStream inputStream) throws IOException {
+        byte[] bytes = new byte[VIRTUALSIZE_HEADER_LENGTH];
+
+        if (inputStream.skip(VIRTUALSIZE_HEADER_LOCATION) != VIRTUALSIZE_HEADER_LOCATION) {
+            throw new IOException("Unable to skip to the virtual size header");
+        }
+
+        if (inputStream.read(bytes) != VIRTUALSIZE_HEADER_LENGTH) {
+            throw new IOException("Unable to properly read the size");
+        }
+
+        return NumbersUtil.bytesToLong(bytes);
+    }
+}
\ No newline at end of file

From dc670d55bf97504eb3165c46dca708b2bf9d020c Mon Sep 17 00:00:00 2001
From: Boris Schrijver <boris@pcextreme.nl>
Date: Mon, 14 Sep 2015 10:56:11 +0200
Subject: [PATCH 071/115] Fixed Findbugs issue introduced by
 1c6378ec0056e8c75990a4a0c15e99b2df162a75 PR #795.

---
 .../cloudstack/storage/template/DownloadManagerImpl.java       | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java b/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java
index eb8c029053..35010b041c 100755
--- a/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java
+++ b/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java
@@ -78,6 +78,7 @@
 import com.cloud.storage.template.VhdProcessor;
 import com.cloud.storage.template.VmdkProcessor;
 import com.cloud.utils.NumbersUtil;
+import com.cloud.utils.StringUtils;
 import com.cloud.utils.component.ManagerBase;
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.script.OutputInterpreter;
@@ -418,7 +419,7 @@ private String postLocalDownload(String jobId) {
         if (extension.equals("iso")) {
             templateName = jobs.get(jobId).getTmpltName().trim().replace(" ", "_");
         } else {
-            templateName = java.util.UUID.nameUUIDFromBytes((jobs.get(jobId).getTmpltName() + System.currentTimeMillis()).getBytes()).toString();
+            templateName = java.util.UUID.nameUUIDFromBytes((jobs.get(jobId).getTmpltName() + System.currentTimeMillis()).getBytes(StringUtils.getPreferredCharset())).toString();
         }
 
         // run script to mv the temporary template file to the final template

From 284ce1fb881970c47a004017b46937c594264fb2 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Tue, 15 Sep 2015 09:57:12 +0530
Subject: [PATCH 072/115] engine/schema: add 4.5.2 to 4.5.3 upgrade path

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../cloud/upgrade/DatabaseUpgradeChecker.java | 89 ++++++++++---------
 1 file changed, 46 insertions(+), 43 deletions(-)

diff --git a/engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java b/engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
index 6cdc4c1938..41ef35a4db 100755
--- a/engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
+++ b/engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
@@ -75,6 +75,7 @@
 import com.cloud.upgrade.dao.Upgrade444to450;
 import com.cloud.upgrade.dao.Upgrade450to451;
 import com.cloud.upgrade.dao.Upgrade451to452;
+import com.cloud.upgrade.dao.Upgrade452to453;
 import com.cloud.upgrade.dao.UpgradeSnapshot217to224;
 import com.cloud.upgrade.dao.UpgradeSnapshot223to224;
 import com.cloud.upgrade.dao.VersionDao;
@@ -105,7 +106,7 @@ public DatabaseUpgradeChecker() {
             new Upgrade2211to2212(), new Upgrade2212to2213(), new Upgrade2213to2214(), new Upgrade2214to30(),
             new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(),
             new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.1.8", new DbUpgrade[] {new Upgrade218to22(), new Upgrade221to222(), new UpgradeSnapshot217to224(),
             new Upgrade222to224(), new Upgrade218to224DomainVlans(), new Upgrade224to225(), new Upgrade225to226(),
@@ -114,7 +115,7 @@ public DatabaseUpgradeChecker() {
             new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(),
             new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.1.9", new DbUpgrade[] {new Upgrade218to22(), new Upgrade221to222(), new UpgradeSnapshot217to224(),
             new Upgrade222to224(), new Upgrade218to224DomainVlans(), new Upgrade224to225(), new Upgrade225to226(),
@@ -122,14 +123,14 @@ public DatabaseUpgradeChecker() {
             new Upgrade2211to2212(), new Upgrade2212to2213(), new Upgrade2213to2214(), new Upgrade2214to30(),
             new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(),
             new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.1", new DbUpgrade[] {new Upgrade221to222(), new UpgradeSnapshot223to224(), new Upgrade222to224(),
             new Upgrade224to225(), new Upgrade225to226(), new Upgrade227to228(), new Upgrade228to229(),
             new Upgrade229to2210(), new Upgrade2210to2211(), new Upgrade2211to2212(), new Upgrade2212to2213(),
             new Upgrade2213to2214(), new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(),
             new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(),
-            new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.2", new DbUpgrade[] {new Upgrade222to224(), new UpgradeSnapshot223to224(), new Upgrade224to225(),
             new Upgrade225to226(), new Upgrade227to228(), new Upgrade228to229(), new Upgrade229to2210(),
@@ -137,7 +138,7 @@ public DatabaseUpgradeChecker() {
             new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(),
             new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(),
-            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.3", new DbUpgrade[] {new Upgrade222to224(), new UpgradeSnapshot223to224(), new Upgrade224to225(),
             new Upgrade225to226(), new Upgrade227to228(), new Upgrade228to229(), new Upgrade229to2210(),
@@ -145,154 +146,156 @@ public DatabaseUpgradeChecker() {
             new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(),
             new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(),
-            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.4", new DbUpgrade[] {new Upgrade224to225(), new Upgrade225to226(), new Upgrade227to228(),
             new Upgrade228to229(), new Upgrade229to2210(), new Upgrade2210to2211(), new Upgrade2211to2212(),
             new Upgrade2212to2213(), new Upgrade2213to2214(), new Upgrade2214to30(), new Upgrade30to301(),
             new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(),
-            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.5", new DbUpgrade[] {new Upgrade225to226(), new Upgrade227to228(), new Upgrade228to229(),
             new Upgrade229to2210(), new Upgrade2210to2211(), new Upgrade2211to2212(), new Upgrade2212to2213(),
             new Upgrade2213to2214(), new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(),
             new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(),
             new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.6", new DbUpgrade[] {new Upgrade227to228(), new Upgrade228to229(), new Upgrade229to2210(),
             new Upgrade2210to2211(), new Upgrade2211to2212(), new Upgrade2212to2213(), new Upgrade2213to2214(),
             new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(),
             new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(),
-            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.7", new DbUpgrade[] {new Upgrade227to228(), new Upgrade228to229(), new Upgrade229to2210(),
             new Upgrade2210to2211(), new Upgrade2211to2212(), new Upgrade2212to2213(),
             new Upgrade2213to2214(), new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(),
             new Upgrade410to420(),
             new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.8", new DbUpgrade[] {new Upgrade228to229(), new Upgrade229to2210(), new Upgrade2210to2211(),
             new Upgrade2211to2212(), new Upgrade2212to2213(), new Upgrade2213to2214(), new Upgrade2214to30()
             , new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(),
-            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.9", new DbUpgrade[] {new Upgrade229to2210(), new Upgrade2210to2211(), new Upgrade2211to2212(),
             new Upgrade2212to2213(), new Upgrade2213to2214(), new Upgrade2214to30(), new Upgrade30to301(),
             new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.10", new DbUpgrade[] {new Upgrade2210to2211(), new Upgrade2211to2212(), new Upgrade2212to2213(),
             new Upgrade2213to2214(), new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(),
             new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(),
-            new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.12", new DbUpgrade[] {new Upgrade2212to2213(), new Upgrade2213to2214(), new Upgrade2214to30(),
             new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(),
             new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(),
             new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.13", new DbUpgrade[] {new Upgrade2213to2214(), new Upgrade2214to30(), new Upgrade30to301(),
             new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.14", new DbUpgrade[] {new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(),
             new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(),
             new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(),
-            new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("3.0.0", new DbUpgrade[] {new Upgrade30to301(), new Upgrade301to302(), new Upgrade302to40(),
             new Upgrade40to41(), new Upgrade410to420(),
             new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(),
-            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("3.0.1", new DbUpgrade[] {new Upgrade301to302(), new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(),
-            new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("3.0.2", new DbUpgrade[] {new Upgrade302to40(), new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(),
-            new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.0.0", new DbUpgrade[] {new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(),
-                new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.0.1", new DbUpgrade[] {new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(),
-                new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.0.2", new DbUpgrade[] {new Upgrade40to41(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(),
-                new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.1.0", new DbUpgrade[] {new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(),
-                new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.1.1", new DbUpgrade[] {new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(),
-                new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.2.0", new DbUpgrade[] {new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(),
-                new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.2.1", new DbUpgrade[] {new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-                new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.3.0", new DbUpgrade[] {new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-                new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.3.1", new DbUpgrade[] {new Upgrade431to440(), new Upgrade440to441(), new Upgrade441to442(),
-                new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.3.2", new DbUpgrade[] {new Upgrade432to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(),
-                new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("4.4.0", new DbUpgrade[] {new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(),
-                new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
-        _upgradeMap.put("4.4.1", new DbUpgrade[] {new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452() });
+        _upgradeMap.put("4.4.1", new DbUpgrade[] {new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453() });
 
-        _upgradeMap.put("4.4.2", new DbUpgrade[] {new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+        _upgradeMap.put("4.4.2", new DbUpgrade[] {new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
-        _upgradeMap.put("4.4.3", new DbUpgrade[] {new Upgrade443to450(), new Upgrade450to451(), new Upgrade451to452()});
+        _upgradeMap.put("4.4.3", new DbUpgrade[] {new Upgrade443to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
-        _upgradeMap.put("4.4.4", new DbUpgrade[] {new Upgrade444to450(), new Upgrade450to451(), new Upgrade451to452()});
+        _upgradeMap.put("4.4.4", new DbUpgrade[] {new Upgrade444to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
-        _upgradeMap.put("4.5.0", new DbUpgrade[] {new Upgrade450to451(), new Upgrade451to452()});
+        _upgradeMap.put("4.5.0", new DbUpgrade[] {new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
-        _upgradeMap.put("4.5.1", new DbUpgrade[] {new Upgrade451to452()});
+        _upgradeMap.put("4.5.1", new DbUpgrade[] {new Upgrade451to452(), new Upgrade452to453()});
+
+        _upgradeMap.put("4.5.2", new DbUpgrade[] {new Upgrade452to453()});
 
         //CP Upgrades
         _upgradeMap.put("3.0.3", new DbUpgrade[] {new Upgrade303to304(), new Upgrade304to305(), new Upgrade305to306(), new Upgrade306to307(), new Upgrade307to410(),
             new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("3.0.4", new DbUpgrade[] {new Upgrade304to305(), new Upgrade305to306(), new Upgrade306to307(), new Upgrade307to410(), new Upgrade410to420(),
             new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("3.0.5", new DbUpgrade[] {new Upgrade305to306(), new Upgrade306to307(), new Upgrade307to410(), new Upgrade410to420(), new Upgrade420to421(),
             new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(),
-            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("3.0.6", new DbUpgrade[] {new Upgrade306to307(), new Upgrade307to410(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(),
-            new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("3.0.7", new DbUpgrade[] {new Upgrade307to410(), new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(),
-                new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452()});
+                new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(), new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.15", new DbUpgrade[] {new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(),
             new Upgrade302to303(), new Upgrade303to304(), new Upgrade304to305(), new Upgrade305to306(), new Upgrade306to307(), new Upgrade307to410(),
             new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(),
-            new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
 
         _upgradeMap.put("2.2.16", new DbUpgrade[] {new Upgrade2214to30(), new Upgrade30to301(), new Upgrade301to302(),
             new Upgrade302to303(), new Upgrade303to304(), new Upgrade304to305(), new Upgrade305to306(), new Upgrade306to307(), new Upgrade307to410(),
             new Upgrade410to420(), new Upgrade420to421(), new Upgrade421to430(), new Upgrade430to440(), new Upgrade440to441(), new Upgrade441to442(), new Upgrade442to450(),
-            new Upgrade450to451(), new Upgrade451to452()});
+            new Upgrade450to451(), new Upgrade451to452(), new Upgrade452to453()});
     }
 
     protected void runScript(Connection conn, File file) {

From 17166eb631e4647be1a74970d0771b5add5f2ace Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Tue, 15 Sep 2015 09:57:48 +0530
Subject: [PATCH 073/115] schema: add 4.5.2 to 4.5.3 upgrade path stubs

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../cloud/upgrade/dao/Upgrade452to453.java    | 67 +++++++++++++++++++
 setup/db/db/schema-452to453-cleanup.sql       | 20 ++++++
 setup/db/db/schema-452to453.sql               | 21 ++++++
 3 files changed, 108 insertions(+)
 create mode 100644 engine/schema/src/com/cloud/upgrade/dao/Upgrade452to453.java
 create mode 100644 setup/db/db/schema-452to453-cleanup.sql
 create mode 100644 setup/db/db/schema-452to453.sql

diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade452to453.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade452to453.java
new file mode 100644
index 0000000000..d1c4661607
--- /dev/null
+++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade452to453.java
@@ -0,0 +1,67 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package com.cloud.upgrade.dao;
+
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.utils.script.Script;
+import org.apache.log4j.Logger;
+
+import java.io.File;
+import java.sql.Connection;
+
+public class Upgrade452to453 implements DbUpgrade {
+    final static Logger s_logger = Logger.getLogger(Upgrade452to453.class);
+
+    @Override
+    public String[] getUpgradableVersionRange() {
+        return new String[] {"4.5.2", "4.5.3"};
+    }
+
+    @Override
+    public String getUpgradedVersion() {
+        return "4.5.3";
+    }
+
+    @Override
+    public boolean supportsRollingUpgrade() {
+        return false;
+    }
+
+    @Override
+    public File[] getPrepareScripts() {
+        String script = Script.findScript("", "db/schema-452to453.sql");
+        if (script == null) {
+            throw new CloudRuntimeException("Unable to find db/schema-452to453.sql");
+        }
+        return new File[] {new File(script)};
+    }
+
+    @Override
+    public void performDataMigration(Connection conn) {
+    }
+
+    @Override
+    public File[] getCleanupScripts() {
+        String script = Script.findScript("", "db/schema-452to453-cleanup.sql");
+        if (script == null) {
+            throw new CloudRuntimeException("Unable to find db/schema-452to453-cleanup.sql");
+        }
+
+        return new File[] {new File(script)};
+    }
+}
diff --git a/setup/db/db/schema-452to453-cleanup.sql b/setup/db/db/schema-452to453-cleanup.sql
new file mode 100644
index 0000000000..de1c6fe65c
--- /dev/null
+++ b/setup/db/db/schema-452to453-cleanup.sql
@@ -0,0 +1,20 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements.  See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership.  The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License.  You may obtain a copy of the License at
+--
+--   http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied.  See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+
+--;
+-- Schema cleanup from 4.5.2 to 4.5.3;
+--;
diff --git a/setup/db/db/schema-452to453.sql b/setup/db/db/schema-452to453.sql
new file mode 100644
index 0000000000..c3ae594873
--- /dev/null
+++ b/setup/db/db/schema-452to453.sql
@@ -0,0 +1,21 @@
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements.  See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership.  The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License.  You may obtain a copy of the License at
+--
+--   http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied.  See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+
+--;
+-- Schema upgrade from 4.5.2 to 4.5.3;
+--;
+

From 5f95f1688ec78d122c5dc16e88b18f3fbbd39071 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@citrix.com>
Date: Fri, 11 Sep 2015 15:39:09 +0530
Subject: [PATCH 074/115] CLOUDSTACK-8820: Showing error when try to add
 advance zone using VMWare ESXi 6.0 host Summary: In vCenter 6.0, response
 headers need to be fetched after service login for server cookie unlike
 previous versions of vCenter.

(cherry picked from commit 4a6e2cdeeecae6953245ce3213513f4d5dd82e7f)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../hypervisor/vmware/util/VmwareClient.java  | 84 ++++++++++++-------
 1 file changed, 52 insertions(+), 32 deletions(-)

diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
index f3f7e0c93f..f8bf5e5caf 100644
--- a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
@@ -147,13 +147,26 @@ public void connect(String url, String userName, String password) throws Excepti
         @SuppressWarnings("unchecked")
         Map<String, List<String>> headers = (Map<String, List<String>>)((BindingProvider)vimPort).getResponseContext().get(MessageContext.HTTP_RESPONSE_HEADERS);
         List<String> cookies = headers.get("Set-cookie");
+
+        vimPort.login(serviceContent.getSessionManager(), userName, password, null);
+
+        if (cookies == null) {
+            @SuppressWarnings("unchecked")
+            Map<String, List<String>> responseHeaders = (Map<String, List<String>>)((BindingProvider)vimPort).getResponseContext().get(MessageContext.HTTP_RESPONSE_HEADERS);
+            cookies = responseHeaders.get("Set-cookie");
+            if (cookies == null) {
+                String msg = "Login successful, but failed to get server cookies from url :[" + url + "]";
+                s_logger.error(msg);
+                throw new Exception(msg);
+            }
+        }
+
         String cookieValue = cookies.get(0);
         StringTokenizer tokenizer = new StringTokenizer(cookieValue, ";");
         cookieValue = tokenizer.nextToken();
         String pathData = "$" + tokenizer.nextToken();
         serviceCookie = "$Version=\"1\"; " + cookieValue + "; " + pathData;
 
-        vimPort.login(serviceContent.getSessionManager(), userName, password, null);
         isConnected = true;
     }
 
@@ -572,41 +585,48 @@ public ManagedObjectReference getDecendentMoRef(ManagedObjectReference root, Str
             return null;
         }
 
-        // Create PropertySpecs
-        PropertySpec pSpec = new PropertySpec();
-        pSpec.setType(type);
-        pSpec.setAll(false);
-        pSpec.getPathSet().add("name");
-
-        ObjectSpec oSpec = new ObjectSpec();
-        oSpec.setObj(root);
-        oSpec.setSkip(false);
-        oSpec.getSelectSet().addAll(constructCompleteTraversalSpec());
-
-        PropertyFilterSpec spec = new PropertyFilterSpec();
-        spec.getPropSet().add(pSpec);
-        spec.getObjectSet().add(oSpec);
-        List<PropertyFilterSpec> specArr = new ArrayList<PropertyFilterSpec>();
-        specArr.add(spec);
-
-        List<ObjectContent> ocary = vimPort.retrieveProperties(getPropCol(), specArr);
-
-        if (ocary == null || ocary.size() == 0) {
-            return null;
-        }
+        try {
+            // Create PropertySpecs
+            PropertySpec pSpec = new PropertySpec();
+            pSpec.setType(type);
+            pSpec.setAll(false);
+            pSpec.getPathSet().add("name");
+
+            ObjectSpec oSpec = new ObjectSpec();
+            oSpec.setObj(root);
+            oSpec.setSkip(false);
+            oSpec.getSelectSet().addAll(constructCompleteTraversalSpec());
+
+            PropertyFilterSpec spec = new PropertyFilterSpec();
+            spec.getPropSet().add(pSpec);
+            spec.getObjectSet().add(oSpec);
+            List<PropertyFilterSpec> specArr = new ArrayList<PropertyFilterSpec>();
+            specArr.add(spec);
+
+            ManagedObjectReference propCollector = getPropCol();
+            List<ObjectContent> ocary = vimPort.retrieveProperties(propCollector, specArr);
+
+            if (ocary == null || ocary.size() == 0) {
+                return null;
+            }
 
-        // filter through retrieved objects to get the first match.
-        for (ObjectContent oc : ocary) {
-            ManagedObjectReference mor = oc.getObj();
-            List<DynamicProperty> propary = oc.getPropSet();
-            if (type == null || type.equals(mor.getType())) {
-                if (propary.size() > 0) {
-                    String propval = (String)propary.get(0).getVal();
-                    if (propval != null && name.equalsIgnoreCase(propval))
-                        return mor;
+            // filter through retrieved objects to get the first match.
+            for (ObjectContent oc : ocary) {
+                ManagedObjectReference mor = oc.getObj();
+                List<DynamicProperty> propary = oc.getPropSet();
+                if (type == null || type.equals(mor.getType())) {
+                    if (propary.size() > 0) {
+                        String propval = (String)propary.get(0).getVal();
+                        if (propval != null && name.equalsIgnoreCase(propval))
+                            return mor;
+                    }
                 }
             }
+        } catch (Exception e) {
+            s_logger.debug("Failed to get mor for name: " + name + " and type: " + type, e);
+            throw e;
         }
+
         return null;
     }
 

From 52e23996b8b09a2c73ca7afc8976f5a31684346a Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@citrix.com>
Date: Mon, 14 Sep 2015 15:27:52 +0530
Subject: [PATCH 075/115] CLOUDSTACK-8820: Updated the code for vCenter6 data
 center support.

(cherry picked from commit 1d73418c2c2b3881952f9dab0ed235ebfb096a50)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../com/cloud/hypervisor/vmware/util/VmwareClient.java | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
index f8bf5e5caf..b2b291958e 100644
--- a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareClient.java
@@ -151,6 +151,7 @@ public void connect(String url, String userName, String password) throws Excepti
         vimPort.login(serviceContent.getSessionManager(), userName, password, null);
 
         if (cookies == null) {
+            // Get the cookie from the response header. See vmware sample program com.vmware.httpfileaccess.GetVMFiles
             @SuppressWarnings("unchecked")
             Map<String, List<String>> responseHeaders = (Map<String, List<String>>)((BindingProvider)vimPort).getResponseContext().get(MessageContext.HTTP_RESPONSE_HEADERS);
             cookies = responseHeaders.get("Set-cookie");
@@ -622,9 +623,12 @@ public ManagedObjectReference getDecendentMoRef(ManagedObjectReference root, Str
                     }
                 }
             }
-        } catch (Exception e) {
-            s_logger.debug("Failed to get mor for name: " + name + " and type: " + type, e);
-            throw e;
+        } catch (InvalidPropertyFaultMsg invalidPropertyException) {
+            s_logger.debug("Failed to get Vmware ManagedObjectReference for name: " + name + " and type: " + type + " due to " + invalidPropertyException.getMessage());
+            throw invalidPropertyException;
+        } catch (RuntimeFaultFaultMsg runtimeFaultException) {
+            s_logger.debug("Failed to get Vmware ManagedObjectReference for name: " + name + " and type: " + type + " due to " + runtimeFaultException.getMessage());
+            throw runtimeFaultException;
         }
 
         return null;

From 11abfb8766817804ff953e6b8dcf25026f1b936a Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 16 Sep 2015 12:55:50 +0530
Subject: [PATCH 076/115] tools/appliance: update Debian 7 iso URLs based on
 615261

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../appliance/definitions/systemvm64template/definition.rb  | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tools/appliance/definitions/systemvm64template/definition.rb b/tools/appliance/definitions/systemvm64template/definition.rb
index f3086c5d0d..b7a9002631 100644
--- a/tools/appliance/definitions/systemvm64template/definition.rb
+++ b/tools/appliance/definitions/systemvm64template/definition.rb
@@ -10,9 +10,9 @@
   :memory_size=> '256',
   :disk_size => '3000', :disk_format => 'VDI', :hostiocache => 'off',
   :os_type_id => 'Debian_64',
-  :iso_file => "debian-7.8.0-amd64-netinst.iso",
-  :iso_src => "http://cdimage.debian.org/cdimage/archive/7.8.0/amd64/iso-cd/debian-7.8.0-amd64-netinst.iso",
-  :iso_md5 => "a91fba5001cf0fbccb44a7ae38c63b6e",
+  :iso_file => "debian-7.9.0-amd64-netinst.iso",
+  :iso_src => "http://cdimage.debian.org/cdimage/archive/7.9.0/amd64/iso-cd/debian-7.9.0-amd64-netinst.iso",
+  :iso_md5 => "774d1fc8c5364e63b22242c33a89c1a3",
   :iso_download_timeout => "1000",
   :boot_wait => "10", :boot_cmd_sequence => [
      '<Esc>',

From 54595d11d4548591f94da19478595c6620e7e018 Mon Sep 17 00:00:00 2001
From: Boris Schrijver <boris@pcextreme.nl>
Date: Tue, 15 Sep 2015 09:15:26 +0200
Subject: [PATCH 077/115] Added Unit Tests for QCOW2Utils.

---
 .../storage/template/DownloadManagerImpl.java |   4 +-
 .../cloud/utils/storage/QCOW2UtilsTest.java   | 122 ++++++++++++++++++
 2 files changed, 124 insertions(+), 2 deletions(-)
 create mode 100644 utils/test/com/cloud/utils/storage/QCOW2UtilsTest.java

diff --git a/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java b/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java
index 35010b041c..a1afe8ddff 100755
--- a/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java
+++ b/services/secondary-storage/server/src/org/apache/cloudstack/storage/template/DownloadManagerImpl.java
@@ -24,6 +24,7 @@
 import java.math.BigInteger;
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.nio.charset.Charset;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.text.SimpleDateFormat;
@@ -78,7 +79,6 @@
 import com.cloud.storage.template.VhdProcessor;
 import com.cloud.storage.template.VmdkProcessor;
 import com.cloud.utils.NumbersUtil;
-import com.cloud.utils.StringUtils;
 import com.cloud.utils.component.ManagerBase;
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.script.OutputInterpreter;
@@ -419,7 +419,7 @@ private String postLocalDownload(String jobId) {
         if (extension.equals("iso")) {
             templateName = jobs.get(jobId).getTmpltName().trim().replace(" ", "_");
         } else {
-            templateName = java.util.UUID.nameUUIDFromBytes((jobs.get(jobId).getTmpltName() + System.currentTimeMillis()).getBytes(StringUtils.getPreferredCharset())).toString();
+            templateName = java.util.UUID.nameUUIDFromBytes((jobs.get(jobId).getTmpltName() + System.currentTimeMillis()).getBytes(Charset.forName("UTF-8"))).toString();
         }
 
         // run script to mv the temporary template file to the final template
diff --git a/utils/test/com/cloud/utils/storage/QCOW2UtilsTest.java b/utils/test/com/cloud/utils/storage/QCOW2UtilsTest.java
new file mode 100644
index 0000000000..a3ebe7276f
--- /dev/null
+++ b/utils/test/com/cloud/utils/storage/QCOW2UtilsTest.java
@@ -0,0 +1,122 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.utils.storage;
+
+import static org.junit.Assert.assertEquals;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.ByteBuffer;
+import java.nio.charset.Charset;
+
+import org.junit.Before;
+import org.junit.Test;
+
+public class QCOW2UtilsTest {
+
+    InputStream inputStream;
+
+    final Long virtualSize = 21474836480L;
+
+    /**
+     * The QCOW2 Header
+     *
+     * uint32_t magic;
+     * uint32_t version;
+     *
+     * uint64_t backing_file_offset;
+     * uint32_t backing_file_size;
+     *
+     * uint32_t cluster_bits;
+     * uint64_t size;
+     *
+     * uint32_t crypt_method;
+     *
+     * uint32_t l1_size;
+     * int64_t l1_table_offset;
+     *
+     * uint64_t refcount_table_offset;
+     * uint32_t refcount_table_clusters;
+     *
+     * uint32_t nb_snapshots;
+     * uint64_t snapshots_offset;
+     *
+     * @see https://people.gnome.org/~markmc/qcow-image-format.html
+     */
+
+    @Before
+    public void setup() {
+
+        ByteBuffer byteBuffer = ByteBuffer.allocate(72);
+
+        // Magic
+        byteBuffer.put("QFI".getBytes(Charset.forName("UTF-8")));
+        byteBuffer.put((byte)0xfb);
+
+        // Version
+        byteBuffer.putInt(2);
+
+        // Backing file offset
+        byteBuffer.putLong(0L);
+
+        // Backing file size
+        byteBuffer.putInt(0);
+
+        // Cluster bits
+        byteBuffer.putInt(0);
+
+        // Size
+        byteBuffer.putLong(virtualSize);
+
+        // Crypt method
+        byteBuffer.putInt(0);
+
+        // L1 Size
+        byteBuffer.putInt(0);
+
+        // L1 Table offset
+        byteBuffer.putLong(0L);
+
+        // Refcount table offset
+        byteBuffer.putLong(0L);
+
+        // Refcount table cluster
+        byteBuffer.putInt(0);
+
+        // NB Snapshots
+        byteBuffer.putInt(0);
+
+        // Snapshots offset
+        byteBuffer.putLong(0L);
+
+        inputStream = new ByteArrayInputStream(byteBuffer.array());
+    }
+
+    @Test
+    public void getVirtualSizeHeaderLocation() {
+        assertEquals(24, QCOW2Utils.getVirtualSizeHeaderLocation());
+    }
+
+    @Test
+    public void getVirtualSizeTest() throws IOException {
+        assertEquals(virtualSize.longValue(), QCOW2Utils.getVirtualSize(inputStream));
+    }
+}

From f1f1fefdf6c3e0eba812b6b5d9321b3aaf1711a6 Mon Sep 17 00:00:00 2001
From: Pierre-Luc Dion <pdion891@apache.org>
Date: Sun, 27 Sep 2015 20:53:34 -0400
Subject: [PATCH 078/115] Fix dockerbuild because hardcoded filename for marvin

Signed-off-by: Pierre-Luc Dion <pdion891@apache.org>
---
 Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 32e2c74e53..a1ff652a2c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -30,7 +30,8 @@ RUN (/usr/bin/mysqld_safe &); \
     sleep 3; \
     mvn -Pdeveloper -pl developer -Ddeploydb; \
     mvn -Pdeveloper -pl developer -Ddeploydb-simulator; \
-    pip install tools/marvin/dist/Marvin-4.5.2.tar.gz
+    MARVIN_FILE=`find tools/marvin/dist/ -name "Marvin*.tar.gz"` \
+    pip install $MARVIN_FILE
 
 EXPOSE 8080
 

From 30c704915c882f8ac2ab551aa157d0b7a0bdb47f Mon Sep 17 00:00:00 2001
From: Rene Moser <resmo@apache.org>
Date: Thu, 24 Sep 2015 21:10:26 +0200
Subject: [PATCH 079/115] CLOUDSTACK-8848: ensure power state is up to date
 when handling missing VMs in powerReport

There 2 things which has been changed.

* We look on power_state_update_time instead of update_time. Didn't make sense to me at all to look at update_time.
* Due DB update optimisation, powerState will only be updated if < MAX_CONSECUTIVE_SAME_STATE_UPDATE_COUNT. That is why we can not rely on these information unless we make sure these are up to date.
---
 .../com/cloud/vm/VirtualMachinePowerStateSyncImpl.java   | 9 ++++++++-
 engine/schema/src/com/cloud/vm/dao/VMInstanceDao.java    | 2 ++
 .../schema/src/com/cloud/vm/dao/VMInstanceDaoImpl.java   | 6 ++++++
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/engine/orchestration/src/com/cloud/vm/VirtualMachinePowerStateSyncImpl.java b/engine/orchestration/src/com/cloud/vm/VirtualMachinePowerStateSyncImpl.java
index d3dcdec314..19ed71c993 100644
--- a/engine/orchestration/src/com/cloud/vm/VirtualMachinePowerStateSyncImpl.java
+++ b/engine/orchestration/src/com/cloud/vm/VirtualMachinePowerStateSyncImpl.java
@@ -111,7 +111,14 @@ private void processReport(long hostId, Map<Long, VirtualMachine.PowerState> tra
 
             for (VMInstanceVO instance : vmsThatAreMissingReport) {
 
-                Date vmStateUpdateTime = instance.getUpdateTime();
+                // Make sure powerState is up to date for missing VMs
+                if (!_instanceDao.isPowerStateUpToDate(instance.getId())) {
+                    s_logger.warn("Detected missing VM but power state is outdated, wait for another process report run for VM id: " + instance.getId());
+                    _instanceDao.resetVmPowerStateTracking(instance.getId());
+                    continue;
+                }
+
+                Date vmStateUpdateTime = instance.getPowerStateUpdateTime();
                 if (vmStateUpdateTime == null) {
                     s_logger.warn("VM state was updated but update time is null?! vm id: " + instance.getId());
                     vmStateUpdateTime = currentTime;
diff --git a/engine/schema/src/com/cloud/vm/dao/VMInstanceDao.java b/engine/schema/src/com/cloud/vm/dao/VMInstanceDao.java
index 1d522dc620..8d457fadff 100644
--- a/engine/schema/src/com/cloud/vm/dao/VMInstanceDao.java
+++ b/engine/schema/src/com/cloud/vm/dao/VMInstanceDao.java
@@ -138,4 +138,6 @@ public interface VMInstanceDao extends GenericDao<VMInstanceVO, Long>, StateDao<
     HashMap<String, Long> countVgpuVMs(Long dcId, Long podId, Long clusterId);
 
     VMInstanceVO findVMByHostNameInZone(String hostName, long zoneId);
+
+    boolean isPowerStateUpToDate(long instanceId);
 }
diff --git a/engine/schema/src/com/cloud/vm/dao/VMInstanceDaoImpl.java b/engine/schema/src/com/cloud/vm/dao/VMInstanceDaoImpl.java
index be0e3668e7..48b56d1fa4 100644
--- a/engine/schema/src/com/cloud/vm/dao/VMInstanceDaoImpl.java
+++ b/engine/schema/src/com/cloud/vm/dao/VMInstanceDaoImpl.java
@@ -803,6 +803,12 @@ public Boolean doInTransaction(TransactionStatus status) {
         });
     }
 
+    @Override
+    public boolean isPowerStateUpToDate(final long instanceId) {
+        VMInstanceVO instance = findById(instanceId);
+        return instance.getPowerStateUpdateCount() < MAX_CONSECUTIVE_SAME_STATE_UPDATE_COUNT;
+    }
+
     @Override
     public void resetVmPowerStateTracking(final long instanceId) {
         Transaction.execute(new TransactionCallbackNoReturn() {

From 8cd8b6c83c360777a3648be709424365bc121cae Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan@onecht.net>
Date: Fri, 2 Oct 2015 11:42:42 +0200
Subject: [PATCH 080/115] CLOUDSTACK-8848: added null pointer guard to new
 public method

---
 .../cloud/vm/VirtualMachinePowerStateSyncImpl.java  | 13 +++++++++----
 .../src/com/cloud/vm/dao/VMInstanceDaoImpl.java     |  3 +++
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/engine/orchestration/src/com/cloud/vm/VirtualMachinePowerStateSyncImpl.java b/engine/orchestration/src/com/cloud/vm/VirtualMachinePowerStateSyncImpl.java
index 19ed71c993..3b9d6f596d 100644
--- a/engine/orchestration/src/com/cloud/vm/VirtualMachinePowerStateSyncImpl.java
+++ b/engine/orchestration/src/com/cloud/vm/VirtualMachinePowerStateSyncImpl.java
@@ -24,13 +24,13 @@
 import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
-
 import org.apache.cloudstack.framework.config.ConfigKey;
 import org.apache.cloudstack.framework.messagebus.MessageBus;
 import org.apache.cloudstack.framework.messagebus.PublishScope;
 
 import com.cloud.agent.api.HostVmStateReportEntry;
 import com.cloud.utils.DateUtil;
+import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.vm.dao.VMInstanceDao;
 
 public class VirtualMachinePowerStateSyncImpl implements VirtualMachinePowerStateSync {
@@ -112,9 +112,14 @@ private void processReport(long hostId, Map<Long, VirtualMachine.PowerState> tra
             for (VMInstanceVO instance : vmsThatAreMissingReport) {
 
                 // Make sure powerState is up to date for missing VMs
-                if (!_instanceDao.isPowerStateUpToDate(instance.getId())) {
-                    s_logger.warn("Detected missing VM but power state is outdated, wait for another process report run for VM id: " + instance.getId());
-                    _instanceDao.resetVmPowerStateTracking(instance.getId());
+                try {
+                    if (!_instanceDao.isPowerStateUpToDate(instance.getId())) {
+                        s_logger.warn("Detected missing VM but power state is outdated, wait for another process report run for VM id: " + instance.getId());
+                        _instanceDao.resetVmPowerStateTracking(instance.getId());
+                        continue;
+                    }
+                } catch (CloudRuntimeException e) {
+                    s_logger.warn("Checked for missing powerstate of a none existing vm", e);
                     continue;
                 }
 
diff --git a/engine/schema/src/com/cloud/vm/dao/VMInstanceDaoImpl.java b/engine/schema/src/com/cloud/vm/dao/VMInstanceDaoImpl.java
index 48b56d1fa4..aa940ce342 100644
--- a/engine/schema/src/com/cloud/vm/dao/VMInstanceDaoImpl.java
+++ b/engine/schema/src/com/cloud/vm/dao/VMInstanceDaoImpl.java
@@ -806,6 +806,9 @@ public Boolean doInTransaction(TransactionStatus status) {
     @Override
     public boolean isPowerStateUpToDate(final long instanceId) {
         VMInstanceVO instance = findById(instanceId);
+        if(instance == null) {
+            throw new CloudRuntimeException("checking power state update count on non existing instance " + instanceId);
+        }
         return instance.getPowerStateUpdateCount() < MAX_CONSECUTIVE_SAME_STATE_UPDATE_COUNT;
     }
 

From bacf971220ea97e80ac2fcf28de3ed9a51749522 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 28 Oct 2015 11:14:49 +0530
Subject: [PATCH 081/115] CLOUDSTACK-9000: logrotate cloudstack-agent out and
 err logs

Adds logrotate rules for cloudstack-agent.{err,out} log files

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 agent/conf/cloudstack-agent.logrotate | 26 ++++++++++++++++++++++++++
 packaging/centos63/cloud.spec         |  1 +
 2 files changed, 27 insertions(+)
 create mode 100644 agent/conf/cloudstack-agent.logrotate

diff --git a/agent/conf/cloudstack-agent.logrotate b/agent/conf/cloudstack-agent.logrotate
new file mode 100644
index 0000000000..202de8f15a
--- /dev/null
+++ b/agent/conf/cloudstack-agent.logrotate
@@ -0,0 +1,26 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+/var/log/cloudstack/agent/cloudstack-agent.out
+/var/log/cloudstack/agent/cloudstack-agent.err
+{
+    copytruncate
+    daily
+    rotate 5
+    compress
+    missingok
+}
diff --git a/packaging/centos63/cloud.spec b/packaging/centos63/cloud.spec
index 3efa54eff9..133e11a050 100644
--- a/packaging/centos63/cloud.spec
+++ b/packaging/centos63/cloud.spec
@@ -347,6 +347,7 @@ install -D agent/target/transformed/cloudstack-agent-upgrade ${RPM_BUILD_ROOT}%{
 install -D agent/target/transformed/libvirtqemuhook ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/lib/libvirtqemuhook
 install -D agent/target/transformed/cloud-ssh ${RPM_BUILD_ROOT}%{_bindir}/%{name}-ssh
 install -D agent/target/transformed/cloudstack-agent-profile.sh ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d/%{name}-agent-profile.sh
+install -D agent/target/transformed/cloudstack-agent.logrotate ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/cloudstack-agent
 install -D plugins/hypervisors/kvm/target/cloud-plugin-hypervisor-kvm-%{_maventag}.jar ${RPM_BUILD_ROOT}%{_datadir}/%name-agent/lib/cloud-plugin-hypervisor-kvm-%{_maventag}.jar
 cp plugins/hypervisors/kvm/target/dependencies/*  ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/lib
 

From ba9a600410c8d7818bb19e24b4389722ef6507e8 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 28 Oct 2015 11:14:49 +0530
Subject: [PATCH 082/115] CLOUDSTACK-9000: logrotate cloudstack-agent out and
 err logs

Adds logrotate rules for cloudstack-agent.{err,out} log files

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 agent/pom.xml                   | 6 ++++++
 debian/cloudstack-agent.install | 1 +
 debian/rules                    | 1 +
 packaging/centos63/cloud.spec   | 3 ++-
 4 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/agent/pom.xml b/agent/pom.xml
index 5c04080ce6..3603bce862 100644
--- a/agent/pom.xml
+++ b/agent/pom.xml
@@ -92,6 +92,12 @@
                     </filterreader>
                   </filterchain>
                 </copy>
+                <copy
+                  todir="${basedir}/target/transformed">
+                  <fileset dir="${basedir}/conf">
+                    <include name="cloudstack-agent.logrotate" />
+                  </fileset>
+                </copy>
               </target>
             </configuration>
           </execution>
diff --git a/debian/cloudstack-agent.install b/debian/cloudstack-agent.install
index 94dd30d15d..82fce9f78c 100644
--- a/debian/cloudstack-agent.install
+++ b/debian/cloudstack-agent.install
@@ -19,6 +19,7 @@
 /etc/cloudstack/agent/environment.properties
 /etc/cloudstack/agent/log4j-cloud.xml
 /etc/profile.d/cloudstack-agent-profile.sh
+/etc/logrotate.d/cloudstack-agent
 /etc/init.d/cloudstack-agent
 /usr/bin/cloudstack-setup-agent
 /usr/bin/cloudstack-ssh
diff --git a/debian/rules b/debian/rules
index 3801ae2421..45461bb743 100755
--- a/debian/rules
+++ b/debian/rules
@@ -74,6 +74,7 @@ install:
 	install -D agent/target/transformed/cloud-setup-agent $(DESTDIR)/usr/bin/cloudstack-setup-agent
 	install -D agent/target/transformed/cloud-ssh $(DESTDIR)/usr/bin/cloudstack-ssh
 	install -D agent/target/transformed/cloudstack-agent-profile.sh $(DESTDIR)/$(SYSCONFDIR)/profile.d/cloudstack-agent-profile.sh
+	install -D agent/target/transformed/cloudstack-agent.logrotate $(DESTDIR)/$(SYSCONFDIR)/logrotate.d/cloudstack-agent
 	install -D agent/target/transformed/cloudstack-agent-upgrade $(DESTDIR)/usr/bin/cloudstack-agent-upgrade
 	install -D agent/target/transformed/libvirtqemuhook $(DESTDIR)/usr/share/$(PACKAGE)-agent/lib/
 	install -D agent/target/transformed/* $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/agent
diff --git a/packaging/centos63/cloud.spec b/packaging/centos63/cloud.spec
index 133e11a050..c8901a84d6 100644
--- a/packaging/centos63/cloud.spec
+++ b/packaging/centos63/cloud.spec
@@ -347,7 +347,7 @@ install -D agent/target/transformed/cloudstack-agent-upgrade ${RPM_BUILD_ROOT}%{
 install -D agent/target/transformed/libvirtqemuhook ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/lib/libvirtqemuhook
 install -D agent/target/transformed/cloud-ssh ${RPM_BUILD_ROOT}%{_bindir}/%{name}-ssh
 install -D agent/target/transformed/cloudstack-agent-profile.sh ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d/%{name}-agent-profile.sh
-install -D agent/target/transformed/cloudstack-agent.logrotate ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/cloudstack-agent
+install -D agent/target/transformed/cloudstack-agent.logrotate ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name}-agent
 install -D plugins/hypervisors/kvm/target/cloud-plugin-hypervisor-kvm-%{_maventag}.jar ${RPM_BUILD_ROOT}%{_datadir}/%name-agent/lib/cloud-plugin-hypervisor-kvm-%{_maventag}.jar
 cp plugins/hypervisors/kvm/target/dependencies/*  ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/lib
 
@@ -652,6 +652,7 @@ fi
 %attr(0755,root,root) %{_bindir}/%{name}-ssh
 %attr(0755,root,root) %{_sysconfdir}/init.d/%{name}-agent
 %attr(0644,root,root) %{_sysconfdir}/profile.d/%{name}-agent-profile.sh
+%attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name}-agent
 %attr(0755,root,root) %{_datadir}/%{name}-common/scripts/network/cisco
 %config(noreplace) %{_sysconfdir}/%{name}/agent
 %dir %{_localstatedir}/log/%{name}/agent

From 76554e6f5edc43bd2b5acc2e79da15ae39e03acf Mon Sep 17 00:00:00 2001
From: Nitin Kumar Maharana <nitinkumar.maharana@citrix.com>
Date: Sat, 26 Sep 2015 16:33:28 +0530
Subject: [PATCH 083/115] CLOUDSTACK-8913: Search box in Templates tab out of
 alignment

Increased the margin and padding to accomodate all the boxes inside toolbar.

(cherry picked from commit febaeb2a157e75041bdfd4058de5f35e7da09ca7)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/css/cloudstack3.css | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ui/css/cloudstack3.css b/ui/css/cloudstack3.css
index 06abbb8b15..c239e6726c 100644
--- a/ui/css/cloudstack3.css
+++ b/ui/css/cloudstack3.css
@@ -3115,14 +3115,14 @@ div.toolbar div.button.main-action,
   font-size: 12px;
   font-weight: 100;
   color: #000000;
-  margin: 0 14px 0 0;
+  margin: 0 10px 0 0;
   cursor: pointer;
   /*+text-shadow:0px 1px 1px #DEE5EA;*/
   -moz-text-shadow: 0px 1px 1px #DEE5EA;
   -webkit-text-shadow: 0px 1px 1px #DEE5EA;
   -o-text-shadow: 0px 1px 1px #DEE5EA;
   text-shadow: 0px 1px 1px #DEE5EA;
-  padding: 5px 7px 5px 6px;
+  padding: 5px 5px 5px 5px;
   background: #F7F7F7;
   background: rgb(247, 247, 247);
   background: url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIxJSIgc3RvcC1jb2xvcj0iI2Y3ZjdmNyIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiNlYWVhZWEiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+);

From 619f0eb276499a7b8f31d31f6479d27f215c7b3f Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Tue, 3 Nov 2015 13:47:23 +0530
Subject: [PATCH 084/115] CLOUDSTACK-9019: Add storage network offering in ssvm
 only if storage network is defined

During creation of SSVM, checks and adds NetworkOffering.SystemStorageNetwork to
offerings only if storage network exists for the target datacenter

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../SecondaryStorageManagerImpl.java                 | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java b/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
index 7b6e868051..382a0f8757 100755
--- a/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
+++ b/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
@@ -93,6 +93,7 @@
 import com.cloud.network.dao.NetworkDao;
 import com.cloud.network.dao.NetworkVO;
 import com.cloud.network.rules.RulesManager;
+import com.cloud.network.StorageNetworkManager;
 import com.cloud.offering.NetworkOffering;
 import com.cloud.offering.ServiceOffering;
 import com.cloud.offerings.dao.NetworkOfferingDao;
@@ -181,6 +182,8 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
     @Inject
     protected SecondaryStorageVmDao _secStorageVmDao;
     @Inject
+    protected StorageNetworkManager _sNwMgr;
+    @Inject
     private DataCenterDao _dcDao;
     @Inject
     private VMTemplateDao _templateDao;
@@ -548,9 +551,12 @@ protected Map<String, Object> createSecStorageVmInstance(long dataCenterId, Seco
             defaultNetwork = defaultNetworks.get(0);
         }
 
-        List<? extends NetworkOffering> offerings =
-            _networkModel.getSystemAccountNetworkOfferings(NetworkOffering.SystemControlNetwork, NetworkOffering.SystemManagementNetwork,
-                NetworkOffering.SystemStorageNetwork);
+        List<? extends NetworkOffering> offerings = null;
+        if (_sNwMgr.isStorageIpRangeAvailable(dataCenterId)) {
+            offerings = _networkModel.getSystemAccountNetworkOfferings(NetworkOffering.SystemControlNetwork, NetworkOffering.SystemManagementNetwork, NetworkOffering.SystemStorageNetwork);
+        } else {
+            offerings = _networkModel.getSystemAccountNetworkOfferings(NetworkOffering.SystemControlNetwork, NetworkOffering.SystemManagementNetwork);
+        }
         LinkedHashMap<Network, List<? extends NicProfile>> networks = new LinkedHashMap<Network, List<? extends NicProfile>>(offerings.size() + 1);
         NicProfile defaultNic = new NicProfile();
         defaultNic.setDefaultNic(true);

From 4e6ff4b3c3d16a68127db5a642c5875a12c51b9e Mon Sep 17 00:00:00 2001
From: ramamurtis <ramamurti.subramanian@citrix.com>
Date: Fri, 30 Oct 2015 09:44:59 +0530
Subject: [PATCH 085/115] CLOUDSTACK-9006 - ListTemplates API returns result in
 inconsistent order when called concurrently

(cherry picked from commit c90723f491c8da4cb9873a896a2410f60b358193)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 framework/db/src/com/cloud/utils/db/Filter.java             | 2 +-
 server/src/com/cloud/api/query/QueryManagerImpl.java        | 1 +
 server/src/com/cloud/api/query/dao/TemplateJoinDaoImpl.java | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/framework/db/src/com/cloud/utils/db/Filter.java b/framework/db/src/com/cloud/utils/db/Filter.java
index fdcad9c3e5..59dc8c1477 100755
--- a/framework/db/src/com/cloud/utils/db/Filter.java
+++ b/framework/db/src/com/cloud/utils/db/Filter.java
@@ -89,7 +89,7 @@ public void addOrderBy(Class<?> clazz, String field, boolean ascending) {
         if (_orderBy == null) {
             _orderBy = order.insert(0, " ORDER BY ").toString();
         } else {
-            _orderBy = order.insert(0, _orderBy).toString();
+            _orderBy = order.insert(0, _orderBy + ", ").toString();
         }
     }
 
diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java
index 62714eafab..c67b1cf26a 100644
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@ -2992,6 +2992,7 @@ private Pair<List<TemplateJoinVO>, Integer> searchForTemplatesInternal(Long temp
         Boolean isAscending = Boolean.parseBoolean(_configDao.getValue("sortkey.algorithm"));
         isAscending = (isAscending == null ? Boolean.TRUE : isAscending);
         Filter searchFilter = new Filter(TemplateJoinVO.class, "sortKey", isAscending, startIndex, pageSize);
+        searchFilter.addOrderBy(TemplateJoinVO.class, "tempZonePair", isAscending);
 
         SearchBuilder<TemplateJoinVO> sb = _templateJoinDao.createSearchBuilder();
         sb.select(null, Func.DISTINCT, sb.entity().getTempZonePair()); // select distinct (templateId, zoneId) pair
diff --git a/server/src/com/cloud/api/query/dao/TemplateJoinDaoImpl.java b/server/src/com/cloud/api/query/dao/TemplateJoinDaoImpl.java
index 4e33728df2..96fbe84806 100644
--- a/server/src/com/cloud/api/query/dao/TemplateJoinDaoImpl.java
+++ b/server/src/com/cloud/api/query/dao/TemplateJoinDaoImpl.java
@@ -383,6 +383,7 @@ public List<TemplateJoinVO> searchByTemplateZonePair(Boolean showRemoved, String
         Boolean isAscending = Boolean.parseBoolean(_configDao.getValue("sortkey.algorithm"));
         isAscending = (isAscending == null ? Boolean.TRUE : isAscending);
         Filter searchFilter = new Filter(TemplateJoinVO.class, "sortKey", isAscending, null, null);
+        searchFilter.addOrderBy(TemplateJoinVO.class, "tempZonePair", isAscending);
         List<TemplateJoinVO> uvList = new ArrayList<TemplateJoinVO>();
         // query details by batches
         int curr_index = 0;

From efe93d7487d0f79394f31ea75425e33039e858f5 Mon Sep 17 00:00:00 2001
From: ramamurtis <ramamurti.subramanian@citrix.com>
Date: Wed, 4 Nov 2015 10:31:02 +0530
Subject: [PATCH 086/115] CLOUDSTACK-9006 - ListTemplates API returns result in
 inconsistent order when called concurrently

Adding filter test to verify addOrderBy method.

(cherry picked from commit 9d1a469ae5f0a3751b64d66582fbcc2180a9c97c)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../test/com/cloud/utils/db/FilterTest.java   | 44 +++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 framework/db/test/com/cloud/utils/db/FilterTest.java

diff --git a/framework/db/test/com/cloud/utils/db/FilterTest.java b/framework/db/test/com/cloud/utils/db/FilterTest.java
new file mode 100644
index 0000000000..079611ab69
--- /dev/null
+++ b/framework/db/test/com/cloud/utils/db/FilterTest.java
@@ -0,0 +1,44 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// the License.  You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.utils.db;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class FilterTest {
+
+    @Test
+    /*
+    *  This test verifies that the Order By clause generated by the filter is correct and it separates each
+    *  order by field with a comma. Using DbTestVO to assert it
+    */
+    public void testAddOrderBy() {
+        Filter filter = new Filter(DbTestVO.class, "fieldString", true, 1L, 1L);
+
+        Assert.assertTrue(filter.getOrderBy().trim().toLowerCase().equals("order by test.fld_string asc"));
+
+        filter.addOrderBy(DbTestVO.class, "fieldLong", true);
+
+        Assert.assertTrue(filter.getOrderBy().contains(","));
+        Assert.assertTrue(filter.getOrderBy().split(",")[1].trim().toLowerCase().equals("test.fld_long asc"));
+
+        filter.addOrderBy(DbTestVO.class, "fieldInt", true);
+
+        Assert.assertTrue(filter.getOrderBy().split(",").length == 3);
+        Assert.assertTrue(filter.getOrderBy().split(",")[2].trim().toLowerCase().equals("test.fld_int asc"));
+    }
+}

From d34da5aa8f10c0d47c837f99b2f456a91c77c2ab Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Tue, 3 Nov 2015 15:27:46 +0530
Subject: [PATCH 087/115] CLOUDSTACK-9020: Metrics views for CloudStack UI

Implements following:
- A metrics table widget that is:
  - vertically and horizontally scrollable with pagination/infinite scrolling
  - sortable columns (client side)
  - groupable/collapsible columns
  - alternate row coloring
  - refresh button to refresh views
  - threshold table cell coloring
  - panel/breadcrumb navigation
  - quick view action column
  - translatable labels
- Sortable column for all CloudStack tables (client side)
- Configurable UI pagesize for list API calls, 'default.ui.page.size'
- Metrics views: Zones, Clusters, Hosts, Instances, Storage pools, Volumes
- Resource filtering/navigation: Zones->Clusters->Hosts->Instances->Volumes, Storage Pool->Volumes

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../config/ApiServiceConfiguration.java       |    4 +-
 .../classes/resources/messages.properties     |   35 +
 ui/css/cloudstack3.css                        |   84 +-
 ui/dictionary.jsp                             |   35 +
 ui/images/sprites.png                         |  Bin 194105 -> 198421 bytes
 ui/index.jsp                                  |    2 +
 ui/scripts/cloudStack.js                      |   20 +
 ui/scripts/instances.js                       |   18 +-
 ui/scripts/metrics.js                         | 1087 +++++++++++++++++
 ui/scripts/storage.js                         |   17 +
 ui/scripts/system.js                          |   82 +-
 ui/scripts/ui-custom/metricsView.js           |  140 +++
 ui/scripts/ui/widgets/cloudBrowser.js         |    8 +
 ui/scripts/ui/widgets/dataTable.js            |   91 +-
 ui/scripts/ui/widgets/listView.js             |  204 +++-
 15 files changed, 1778 insertions(+), 49 deletions(-)
 create mode 100644 ui/scripts/metrics.js
 create mode 100644 ui/scripts/ui-custom/metricsView.js

diff --git a/api/src/org/apache/cloudstack/config/ApiServiceConfiguration.java b/api/src/org/apache/cloudstack/config/ApiServiceConfiguration.java
index 94c0a55de6..701af62588 100644
--- a/api/src/org/apache/cloudstack/config/ApiServiceConfiguration.java
+++ b/api/src/org/apache/cloudstack/config/ApiServiceConfiguration.java
@@ -26,6 +26,8 @@ public class ApiServiceConfiguration implements Configurable {
     public static final ConfigKey<String> ManagementHostIPAdr = new ConfigKey<String>("Advanced", String.class, "host", "localhost", "The ip address of management server", true);
     public static final ConfigKey<String> ApiServletPath = new ConfigKey<String>("Advanced", String.class, "endpointe.url", "http://localhost:8080/client/api",
             "API end point. Can be used by CS components/services deployed remotely, for sending CS API requests", true);
+    public static final ConfigKey<Long> DefaultUIPageSize = new ConfigKey<Long>("Advanced", Long.class, "default.ui.page.size", "20",
+            "The default pagesize to be used by UI and other clients when making list* API calls", true, ConfigKey.Scope.Global);
 
     @Override
     public String getConfigComponentName() {
@@ -34,7 +36,7 @@ public String getConfigComponentName() {
 
     @Override
     public ConfigKey<?>[] getConfigKeys() {
-        return new ConfigKey<?>[] {ManagementHostIPAdr, ApiServletPath};
+        return new ConfigKey<?>[] {ManagementHostIPAdr, ApiServletPath, DefaultUIPageSize};
     }
 
 }
diff --git a/client/WEB-INF/classes/resources/messages.properties b/client/WEB-INF/classes/resources/messages.properties
index f5e058855d..54276e4579 100644
--- a/client/WEB-INF/classes/resources/messages.properties
+++ b/client/WEB-INF/classes/resources/messages.properties
@@ -831,6 +831,41 @@ label.menu.templates=Templates
 label.menu.virtual.appliances=Virtual Appliances
 label.menu.virtual.resources=Virtual Resources
 label.menu.volumes=Volumes
+label.metrics=Metrics
+label.metrics.allocated=Allocated
+label.metrics.clusters=Clusters
+label.metrics.cpu.allocated=CPU Allocation
+label.metrics.cpu.max.dev=Deviation
+label.metrics.cpu.total=Total
+label.metrics.cpu.usage=CPU Usage
+label.metrics.cpu.used.avg=Used
+label.metrics.disk=Disk
+label.metrics.disk.iops.total=IOPS
+label.metrics.disk.read=Read
+label.metrics.disk.size=Size
+label.metrics.disk.storagetype=Type
+label.metrics.disk.usage=Disk Usage
+label.metrics.disk.used=Used
+label.metrics.disk.total=Total
+label.metrics.disk.allocated=Allocated
+label.metrics.disk.unallocated=Unallocated
+label.metrics.disk.write=Write
+label.metrics.hosts=Hosts
+label.metrics.memory.allocated=Mem Allocation
+label.metrics.memory.max.dev=Deviation
+label.metrics.memory.total=Total
+label.metrics.memory.usage=Mem Usage
+label.metrics.memory.used.avg=Used
+label.metrics.name=Name
+label.metrics.network.usage=Network Usage
+label.metrics.network.read=Read
+label.metrics.network.write=Write
+label.metrics.num.cpu.cores=Cores
+label.metrics.property=Property
+label.metrics.scope=Scope
+label.metrics.state=State
+label.metrics.storagepool=Storage Pool
+label.metrics.vm.name=VM Name
 label.migrate.instance.to.host=Migrate instance to another host
 label.migrate.instance.to.ps=Migrate instance to another primary storage
 label.migrate.instance.to=Migrate instance to
diff --git a/ui/css/cloudstack3.css b/ui/css/cloudstack3.css
index c239e6726c..3a4e963abd 100644
--- a/ui/css/cloudstack3.css
+++ b/ui/css/cloudstack3.css
@@ -146,7 +146,7 @@ table thead th.sorted.asc {
 
 table tbody td,
 table th {
-  padding: 10px 5px 8px;
+  padding: 10px 5px 6px;
   border-right: 1px solid #BFBFBF;
   color: #282828;
   clear: none;
@@ -1393,7 +1393,7 @@ div.list-view td.state span {
   -webkit-text-shadow: 0px 1px 1px #FFFFFF;
   -o-text-shadow: 0px 1px 1px #FFFFFF;
   text-shadow: 0px 1px 1px #FFFFFF;
-  background: url(../images/sprites.png) 1px -536px;
+  background: url(../images/sprites.png) 1px -526px;
 }
 
 div.list-view td.state.on span {
@@ -1407,7 +1407,69 @@ div.list-view td.state.off span {
   background-image: url(../images/sprites.png);
   background-repeat: no-repeat;
   color: #B90606;
-  background-position: 1px -496px;
+  background-position: 1px -492px;
+}
+
+div.list-view td.state.warning span {
+  background-image: url(../images/sprites.png);
+  background-repeat: no-repeat;
+  color: #B90606;
+  background-position: 1px -558px;
+}
+
+div.list-view td.state.transition span {
+  background-image: url(../images/sprites.png);
+  background-repeat: no-repeat;
+  color: #B90606;
+  background-position: 1px -432px;
+}
+
+.horizontal-overflow tbody td, .horizontal-overflow thead th {
+  min-width: 40px;
+  padding: 10px 10px 5px 0px;
+}
+
+.horizontal-overflow th.quick-view {
+  padding-left: 5px;
+}
+
+.groupable-header {
+  background: url(../images/bg-table-head.png);
+  border-left: 1px solid #C6C3C3;
+  border-right: 1px solid #C6C3C3;
+}
+
+.groupable-header-columns th {
+  border: none;
+}
+
+table.horizontal-overflow td.state {
+  width: 55px;
+  min-width: 55px;
+  max-width: 55px;
+}
+
+table.no-split td.first {
+  min-width: 150px;
+}
+
+.groupable-header-border {
+  border-left: 1px solid #C6C3C3;
+  border-right: 1px solid #C6C3C3;
+}
+
+td.alert-notification-threshold {
+  color: #E87900;
+  background-color: rgba(255, 231, 175, 0.75);
+}
+
+td.alert-disable-threshold {
+  color: #F50000;
+  background-color: rgba(255, 190, 190, 0.75);
+}
+
+span.compact {
+  height: 16px;
 }
 
 /** Quick view tooltip*/
@@ -12420,6 +12482,22 @@ div.ui-dialog div.autoscaler div.field-group div.form-container form div.form-it
   background-position: 0px -707px;
 }
 
+.viewMetrics .icon {
+  background-position: -40px -32px;
+}
+
+.viewMetrics:hover .icon {
+  background-position: -40px -32px;
+}
+
+.refreshMetrics .icon {
+  background-position: 0px -62px;
+}
+
+.refreshMetrics:hover .icon {
+  background-position: 0px -62px;
+}
+
 .attach .icon,
 .attachISO .icon,
 .attachDisk .icon,
diff --git a/ui/dictionary.jsp b/ui/dictionary.jsp
index 414dab8783..e0a41c1478 100644
--- a/ui/dictionary.jsp
+++ b/ui/dictionary.jsp
@@ -832,6 +832,41 @@ dictionary = {
 'label.menu.virtual.appliances': '<fmt:message key="label.menu.virtual.appliances" />',
 'label.menu.virtual.resources': '<fmt:message key="label.menu.virtual.resources" />',
 'label.menu.volumes': '<fmt:message key="label.menu.volumes" />',
+'label.metrics': '<fmt:message key="label.metrics" />',
+'label.metrics.allocated': '<fmt:message key="label.metrics.allocated" />',
+'label.metrics.clusters': '<fmt:message key="label.metrics.clusters" />',
+'label.metrics.cpu.allocated': '<fmt:message key="label.metrics.cpu.allocated" />',
+'label.metrics.cpu.max.dev': '<fmt:message key="label.metrics.cpu.max.dev" />',
+'label.metrics.cpu.total': '<fmt:message key="label.metrics.cpu.total" />',
+'label.metrics.cpu.usage': '<fmt:message key="label.metrics.cpu.usage" />',
+'label.metrics.cpu.used.avg': '<fmt:message key="label.metrics.cpu.used.avg" />',
+'label.metrics.disk': '<fmt:message key="label.metrics.disk" />',
+'label.metrics.disk.iops.total': '<fmt:message key="label.metrics.disk.iops.total" />',
+'label.metrics.disk.read': '<fmt:message key="label.metrics.disk.read" />',
+'label.metrics.disk.size': '<fmt:message key="label.metrics.disk.size" />',
+'label.metrics.disk.storagetype': '<fmt:message key="label.metrics.disk.storagetype" />',
+'label.metrics.disk.usage': '<fmt:message key="label.metrics.disk.usage" />',
+'label.metrics.disk.used': '<fmt:message key="label.metrics.disk.used" />',
+'label.metrics.disk.total': '<fmt:message key="label.metrics.disk.total" />',
+'label.metrics.disk.allocated': '<fmt:message key="label.metrics.disk.allocated" />',
+'label.metrics.disk.unallocated': '<fmt:message key="label.metrics.disk.unallocated" />',
+'label.metrics.disk.write': '<fmt:message key="label.metrics.disk.write" />',
+'label.metrics.hosts': '<fmt:message key="label.metrics.hosts" />',
+'label.metrics.memory.allocated': '<fmt:message key="label.metrics.memory.allocated" />',
+'label.metrics.memory.max.dev': '<fmt:message key="label.metrics.memory.max.dev" />',
+'label.metrics.memory.total': '<fmt:message key="label.metrics.memory.total" />',
+'label.metrics.memory.usage': '<fmt:message key="label.metrics.memory.usage" />',
+'label.metrics.memory.used.avg': '<fmt:message key="label.metrics.memory.used.avg" />',
+'label.metrics.name': '<fmt:message key="label.metrics.name" />',
+'label.metrics.network.read': '<fmt:message key="label.metrics.network.read" />',
+'label.metrics.network.usage': '<fmt:message key="label.metrics.network.usage" />',
+'label.metrics.network.write': '<fmt:message key="label.metrics.network.write" />',
+'label.metrics.num.cpu.cores': '<fmt:message key="label.metrics.num.cpu.cores" />',
+'label.metrics.property': '<fmt:message key="label.metrics.property" />',
+'label.metrics.scope': '<fmt:message key="label.metrics.scope" />',
+'label.metrics.state': '<fmt:message key="label.metrics.state" />',
+'label.metrics.storagepool': '<fmt:message key="label.metrics.storagepool" />',
+'label.metrics.vm.name': '<fmt:message key="label.metrics.vm.name" />',
 'label.migrate.instance.to': '<fmt:message key="label.migrate.instance.to" />',
 'label.migrate.instance.to.host': '<fmt:message key="label.migrate.instance.to.host" />',
 'label.migrate.instance.to.ps': '<fmt:message key="label.migrate.instance.to.ps" />',
diff --git a/ui/images/sprites.png b/ui/images/sprites.png
index 1a6eaa577f225198e28af92e55f7f9ea600f4661..0ddafaff27e31856c7de8a23abf4bdcced12726b 100755
GIT binary patch
delta 148415
zcmagFWn5I>7d|>ObazUNfP&K9AkrbINVk-fbRIxbB$V!u?oNSGx{-#VK@di|`yTxM
z?*07li~G5}m>0~Mz1LoQt@S)BPSanU_$b_%m)J|#q?l~1D!d6wReGA;z<MF_I=a2>
z_2lOKnF>p+ISW=FGwL@+DFtRG)aTzm4CLgLP7`zmm-al1XhD@Gbi_-H$YLl&jbS&P
zlKaKRLs;&J*6TZzY(AW^wN+Ex)-Ks>$%7SZR?ZxIA$C;QbFAX7?bT)=p6Tve(zbND
zYANX_>DbPPV60J0f7OPQ1?1<ytAL?0uO0{;oEM5mc5CbDrIJK+^_x|_jh{viC5gBe
z6NNv=4DDzvM~LRQk9xByeNkYxvbJU<#B4OIXeeuGX~`}vEj5{|wa(`D@qNR+Z}(Vn
zyPvKHTe66#U0fV^$nWVFIPn-$Pf_)%I%6Vl*^Q_ATVybyyfTDT7H}&i%PP&!&+kjH
zh-c5^k;#rB!VdOg{kWUlZ^0(+FRo2dR9-%nVBy+OU*Bf*`t`|hsKjx$#=CbL<eH)T
zL6i~Iig@RgThjC<#=QF?`=%n0xm^4^B|IV-SQe#i?UbCIogJ_0_@KK%!&$TVRn#D@
z5`+&I1yS#+qoZR!1(fROk%V{FBv{-GtsQjYb^Lk0!AN437%hHu5Sg1HP0xvfjMuF5
zy+vQ|LofuPN^y4!Ma6<5R;!NlT^iPXbJ$02L1|Rfv!<vsM=*@9Zf<p>dyWEo)-F;t
zw|`4S7sa{Dgb_{36mRaytyeq9C_qSaEDyJRIk)O7+P--J7}St)q*_w`1+2(gTtImM
z$LXz{|6H3m;47IwCU*b0*=IWhbF88mo%&wqU`HP7D;OxjE2T0d;%GW_5cO&2mxq~>
zjLeWvRo#k4KZm(KFDj-Gkp4mUG8(D#w?jyb9@%-ac2c_XskAdeH88RKO$T=_TXrQ^
z56<0*fpFA%JA%jOCuc%=q&qu1wG9nt!;jgZ8exXn-%KPm7SZol=4K(p<Wor%h*V7#
zAd0~I8wkO8Ksa{x{YQVl(&6E$=nU86y&%eOUvpn<M%6YbM4~3pa&eayZyNAoobzz0
z>zYZuK_MvD^F2z*E`6>j`sqitT}x?62@*g62n0KA&xKSW!hPLggmKlEb7$(z4R{#t
z{NY3W@AdWh)e|pz#2LR;*+-?v$v7IHg>{iwxzBo%_<!ELrqCF{sJOC4sX9hQ$l&r_
z8)S;NUAK2<o)djwRf|EV@{gjen`pm9Pd~wv)Ni=lK!Qhk_|jkPm+r`vE=AP(-M2Wv
z=A}|A3g3>iHZG<jgj6Q%B?ZKN<np#o?tvK<UvQo{dJYFk)RBA5=@dPGg`ThTf${Xi
zQ2#ECz}bOZmQXSoOh)vaKLoB+&wn!qLJ^Z_4@z-aq<?8lJp@(F7(^Iq@Tz=W;=KMr
z$ci>GB$!YJ)9GAsZ;9y9e_s;=5Q3Vlyo<3x)Xef~MHUjVCV`(0iw&c<VqC5Ndmfj%
zW3A`tI)!y4y2kM<)B{2gVQF6ZhhFb|dt9~CIX{q97M2Ar3|<r+ds_no+3l{;1$D#1
z4aBda3r`yeP?q%LDKRwYs}K;?a1l#tBl5-zc^?4&AV}yh@VBZ(pHFLiVrs~}{0b{|
zuC??vtJ9=|drU2@M7uH5L@Vw}JxYaTST2S}*h>Xl1AHH%LR4!1o;b}1=v5gs%Sbq>
zG3$PircGIGC823&<O-cs<`!|p^R4ZAlWr;vCy^bx2MDwdjnQgociqQ^_nn3vSt!fZ
z)Djy02^^H?Kv!Sl<bD9G)*PzoA2b74>0w^e^==)l0n@rh`Eg#R5M*+!q56dc@*-bz
z`}XA&i*rDYzs^T}Ib095$0wEVO=M_T!mF-ID!c>-DI|4!@2(1*8y)Oe62AOs&&<Q}
zP%VC<)MzFBC|a;qh6^ji@;SJFIcjxj$St-8Y2$mK50*g*_qt@4!dgyMCg&=~*4VGk
z>(KOPYBzj>ra;5?XC1P)bCkSA1bg=+j~d@ZoMj)M>sw~aH#nA3(a^VCRorEwWxgzz
zn3Af1cF2;3(qw-EOJ{F!hI^!;`?ads=~*WE{BUMlthAgWKC-@H`M`oJkE7E4h1Xxa
za-C#Ak;jbZZ2&?2O3U4k=1D<<%TM+wex}VmyZ&faeX#otF`i0+f<5^sSco-cw7&O+
zT!AXb)438zQ`AR0L}S!~cdK4UZ6yaz2cI{6VlA!r?8A|33t77k!T(P2m-DYarkJ09
zsD4>o^BUn)4dM9}l<q^i=5{Cmo`3}^i7`yKT08|6WXq%b@>DgfgAh^>y#P^Q>cm}o
z;B!Y4TeGPhTT7d9-kxY(Sn<1i4?wFBoJ49Ly?JWXQV|*X>+$jsTAk&e7bln5Xz(92
zFvHr+eT*WyA2<P`;0bU}Np2x9cpjWUzE4khr4eiG!zmun_dM{q81RCLu0xH*$$+AR
zt5S^ayM&}+CVjLZ|8#T@PZ?TG39EgfT@nEp1+QWyJFh~$#pQX<X)*L6`YPM6;<8gv
zuep4ME)?@7BC4CPxC6hMT_ldI-e~X}-Ok#sbGBg6mglvyqu&zOH*jvU-g)7Z^hfA$
zdBg6m=%w@h^3XqR03R!iXAFNB!?H-TYL_jPy>UhpLek>}Z?_NHy0E5Q9cd|cnj7cP
z%A_CTT4dp(bntQElH_SZB}jKO{@c8-w<1vqN_-_Ub5UiB?<8&;a(+jH_Y6{w{wdVj
z7pl3*WQ5N#sym{s^vEKXL<Y9J&kN@WydJlTPz#pA0Z1S3Zyc<5Q#$CM2-;tMK%?N4
zAWQ!&)sgwb2(9}Ip1-F5C23YgruWn&D+tD=XjZazYrh*LF9!obX*cElT3=zu{K<>c
zEvxeje5LLU48t;ngH9%F%J$I9|8DL!_%G26?PS%_5$N-LUa6?iXLuk)^!BM<I^jd}
zK_l#805u-v$9qf_)jKBvc-<^H=W4{j;`$=%UY_3owT9d>u0txG2Oazo&RaYTnm<lc
zjO7L7joy;(^e1R+9<yTyzvV6x2g@=vOY7bVC9XZ`{~*a{p{WifHZ@8_Iomm^DG0Fj
zcd#zo6X`thp+Db}kn|>hTN)=a*R$E=Pxs^G3W%|;4x+q(u;I*L)9}{KVCxgS{XH{_
zbK$)vKRbw~aZOd(O-ptJF~qO^lG2vv0QDkk^wh!g>VviUhM}=RuaOdHe@c|eX--f&
z4SHPbN-&H*{!CxsdtZj3N3wtEXrRhWg(17fi~CqA$4IG&Yag%dL}VG=I7hP>Ps)}S
z2HeWq?z~p=U1LCo!<K&Ow&RJRs=QRPqk1${$$Qfv%iBAPi=RWv7E`7gMzpR#@;4Lu
z0^fX4<qV(N_&lU;2%U^8frA0p$4m#W_1<CUAPJL%uv<$Vyv0X2=iSm%Bxr3lr6G&=
z0q$EqWXFC_h1pI%HH3Q^HZeajSPqn_ruoS5{|=@)=Lnu6RBW8s#s4)%{bZ+igwsP+
z0?qVp)qkAib}W0BuB;AaK9$b(Hd1z;0K<w(j&WvE*8wex)pfhm@d!oGx-3&$scs;j
zrL)qOcgL#j8*GdiV_lImH_AIVSp>T%s<Gn%<m{=G_zEZO_O8yGk0|pkrRV@YIZWOb
z`sv!M=)w2*TT@dS(+9y#vnX?c20eLAeuA4E=UiG5KIcy<Wb>MN^ruZtrMVw@7M!;N
zF9lWGZyQGLHkvsVpu{Lx@@Lj%B=Cwc@qk47Z|yeXMHjsC#euJ4QzDlwt6yVr|J^ML
zd)DsOu!*ZLHb#wN9Fr?_q3sWNN0~$ZPJcz4Zzv5x-7j%bU*^{H*Og7Ly8b(eLe8*b
zqw8KbIyE0P7UM$mE+LVpwNrhx`lWBQu?}@by|AATIbKcvt2@^dQBD6&W0~cTBCcLP
zImeCKi{nJ5@Eeb5(CHM7#&jje8WLY)a=RekEM0%x_MHAM$zApP6VZG)Ao@lwz<a8!
z&GQ08{&B|r9~S(OYo42vdz*5Wzjm*8bz{|czuSb0)DLacr9SQ-{=IIk#jR0W>+ZNZ
zp$W^!DQq1vpDrRv@p;nsx6k5wt?sPNWy`hQ&-~&fQ4vb~5i0<HpB++mQbi7PkJ*OO
zC^`q6jV1PY>()PE3<3C2pJ5~@E7MSQE0p{6!RVOzjn^Z#7_8{bb{fnq^}Gk23{D&P
z1nan}7&1qOD>icb->a1ln*aKH5NDpsHVHURYzgLbjjzg%vu`GlQ?$Cz;t^!Brj}4X
z$GpaK)Vbt6M;<>~jv_k=WrWDsNcFaEg%^M{1h&i=0&m401-Qv!$W(+Zw{`)G*RI2s
z{hs-09FI~U{w!T0M+Hky!2$KMRi%L(PwPziPq!bFMTCEN4J2BO(J6daC&sYWl=g0Z
zp0vlqn9)gKi71&E67HXa;V(2d8R_xm;H(z5#2|yEd5bw;0-=><tgLEk<=t&gxg{6f
zT4uI8<lzA0zYQe1L`zwd{j2Vm(U?&}bwD*oA$O0L)LaiMpUg8!xaoT@7wEmFm5lq`
znk1}7m|{MkgWwsELW1!-_v$GTHoe&U<G^K>4blEkVg*FDAY`3-oNAHH#|AQGwC{a<
zY1a-vRDBk2^@?Jl-DlX%Pe>{WYx(r{@+t^N5lGkN!;b#YJG5_{veB2guwO~az&%5F
z{@hFcuh{a-vO4#;I|;=sC_W-BI}vinqWAURX0qUBRyug!njvz2t$fy^YO;l*Umff6
zEftx+)=mmKpBB-tjN`nE$=v$kG(W+(<Wgbu<oa<=l=NUgAqsa7!*=dZ<DawR%9KC@
zZBzxv%KGd$r&C=5j5&lF#tD;<EoL1R?FaHYxCwJPw}L6|l_-Px_o>u3aa5S7u1K?~
zFTqXyp3T~M_?l4FlTe@N$R350+u5y*_S}*%(XFoF!f#>1p9*8KgR5LHRr0-I24$F(
z_yxmhQub~MqznO5A{at=m{w&Kz?g0#0RyVU_$Kc;WWVazU};QOJE}TgNFPPo>)ZlK
zBJ+6*()cfcm4=igOgi@7N4Zly|Aa}dZEOv1ZJ~N?0%P~j#ZFD;UiyPBI0)T54BuS*
z1D0B*e63Kxteh$3mfBfs6UO3&9%5C=pM<`CNhY1CjvW)!?g{q>a`6?t0uYL-uMfka
zA#jHRNpB<NyK{NCs4j9OGH1hs*b2rJx^;(O(90q;9Ylv)@E_lA4$8qs3%hzMHDE*e
z8qI1FX`2cL4WcssEk*YOYGbM*;amOmW}nOj)|p58VWNM9uaPnnk0!4+{|aM_PGMt=
z_A{hZTJQY@;$VFB9Y!qsTt3F3>=+*Uwgz5dNbZ2WlbQ?_&4<DAT~SGzHV+&h?t5!a
zGXZ38M|$-wUKJn=F&SU9LXA4ybnuelqN5J#29!z7=1@@r6Y+PK1SfHRyK0c}L=Izw
zl~pGQ)SQrK5Ehg;3v+W|lLRN<&-&MUE$h&rov*-z_(w6#R^KAo)|gTBdi1g%T=0+G
zmR8p+=dZTiLNGY;JdT?hjtBPaTbCQAeP6QV(zZbNWtI<6#MU1u6<vYs>c~G4e?MlA
zJ<t9@o}D>V5>gHUnMWO?F_q&Qw}%`VV^kOz@dlx7xP!4%lrfX=k6;x1{*H~EYA{|3
zkf_SspC0$#r&?~4eLJFfg$2ZHzy3~0NruLDh|E*}Dng0|4}3sZ|E9I-03+St7yAai
zWR=jLGgIUQ=5j^{T%f3<#a`rk%Y|B<5)6XPWN($U;z)9{t0E?C8-f=X#wrJShAhny
z^y7yFAMUa<KD`uCK?+}<+Qe7aO-aH4Lq>iKYa(xh7rs)Wz47oCxPyN@@of-g{l2^J
z>G|OuHLxn*n=T|xZ4MD}n;0$vZX(%BHVuwCTuU6<b{)~B9!p^yi~@d(x2q@ZH^02~
zQVeH*O}Hgn7mK46j(oPbWQfPmNU(Ur^7XXE;LD5ysm<??l8vvhM`uoNrFSKP2`y9s
z+;Oj{DZ(VwTh3NY#wZDGm8N|$8+ZPr+p7n8{ODPgT$zt4GI|~~Ecv22zC{6<qU?Su
zvW)>v;q&v#qF=g_I5!y%S5Nk57|S<(%T7M#;<q24&9)fn>S1yRe!4yAPwiZDvJQvZ
z*x6ZLoqF+T$qS;}!9PkRaActa9&R9+`T*6f_CE{2ARxTWg<$<^A3?dwz-Y#9wDJ#S
zYahZ;pY|XFS(B0iFAn1iO)+A$o_GsFWievf4_A60eHJ$ZjJ~FfHaS3>K>$J5^(Tf;
zpFNh!G^&O?mXbM^eLRVtmYH!?L2RWE9YXuZ>nB{Wc53>I2)%oOrVUU7rfsW^qfrSj
zgud39v#G0%+-PI*;aYU=R#Pi^V~>7C1JNDK6{AchkIH{N9hc<GM=&h&pU?M^rSX>p
zne+VU*KRm$(cacr#O1<Yl+<p#wY!JYQQ=|g{s^OLe{{|1Rr4_9EEYzl$cy`wxCh;?
z#q8951kdYyQV>wznAm#MDk<u%_J}_H@QL=_;iJD&-2I1<e{3twNl5RrR8)A!W@-eB
z^Y$?@ozJ$g--l`O^H#$IzccJ-hP5&66@IbuMio7Sw9!0b|E0`~(EYdjv$0QRX2*V<
z`8lF2m>d6&KXkY|VjY(7m7vHJ4qduFFpLw#=*R@v|CfkEqR}Lji6XlHY)7r7J2GYD
z*!=V(LHwdrT5%CrebK?juJ>P(9mQxS1d+Jwc6+A77f}Hm!2Gnvqoxn5)&mKM_B{(z
z-VR?_ruFupiTuz;4H0IlknSUA3nG*W>nQSC<ZpiLewcJ~!@9}pxt%}4)m9q=;OQX`
zJWyUma?T*R-ES_VulHB#gcfDuwr=1e{UY_a)})n>Q?u{Wd;Ef&PtnhIc$|Msntiaw
z>+;;)E9v8UNCV72$JM9vIVKRh3AGg7nP^JN@9U#a=?|nr`+hukRqHO2RW>1KF^=q2
zavRk&a=tNMLfL}eYqrzmH6Xr6y|A1r<n}<y)}<P!z*cnjZ+B$f*y3#D;XCKW*`vna
zDHR&rZMgn+b*gEOi)Bf|u`e?|FTRfJai?kW{8!OnM2`=kaepu9Pt@6)rlOrgXy>wq
z6<8g3Z4x<zFuHI^@I$_Tb~(sYOTs#PO4pwnZGsxI)1C;q*9#EVG2+(aL&E06=0N0u
zJuaz{Ww6~Maxv%1-gNh6vv8pvKRCV_f1j&98C4229vK=pvo?&%yEjnMq}fI&C#U`U
z4po((gINB_t?sFKPNbp#dn^D_m`8-)8-18y?1inBt)b)H@V^y4^Vo&B9U9mvDAUAz
z0Spx)AuMDNyx*|e`}z;46sr&FRTap&)3=bPBwumEWMVfXVDr4SC-=51L-P)FgC^2O
z7^Z?Pt^#SJ<-&GqqO#V%@BW{UZz)rAC9d0_w~p=DeGy~2-s25;Wpx!J&eyuOlOsps
zy0+1^#e_1SRZ*w`zlUfFVGoNb|6IH$gEVa+bhfS(mL$tJYcS(#EUW#Q;7cP%AYW5}
z#KD+5U-oYwCGU76j7P%!(2f_X4r!Jz^7)Fur4|Bt;$Z8zRS+yj{PcWF;zDtwt<9^p
zh6NNcqjx4`GGW{{S>j+a86;E<9o=$9>>N=cFF0n!frfacA=2Ww>MPGScCd^XMA?Eq
zha<QQ%e`kKoyH`YQ(eAoC$L~$By*A0W3jDq4%il=Yip!7xvdN$Yip2l`~AW{@c0O&
zXcB44fba4oZ~e&Qb9m3%Be=Z3C)`D|U=cOIJ`3wD#&`VhJ4Y98iV;}cZZs}Te|)hu
z1d0GG%-G!FD`$TNbtp_^9E}afO1(mo;Ew`DR@=yk3I^OBjA4Jzjs%NF8m1ve^ecDO
zFCL$~w7z&rf9(VJ)J4kE^qBNS(U$5reVv=rohmmN@I70Q_w*Fbw>G70#R$B`db@IT
zVLBEFst{zMH_Kc3wka)tD_W>IWV88&09~^u!6s5;zbK!$8Zr6)Fs*3XthZp(FWd5z
z@ZYgnRaCVclrErqb2QlgN)amZg2SNMrGgH#?8MKTp}hUpYb!u#-}1l`F8B!Y2_?MC
z)VXe|qI=D08;QJFJZqCzRmF>CQC)3Dmala`a4;XsRTSHYqqMF#OqUycejtcn0ZijK
zejVBLR@K!EGebxdK-u%^&*lvetv)Ug9uPKM$E_z>p_uA^Ni~Tf<5Ga#`b#S&C>Ed(
zd}BL&oU%qOT7+ezs@It(x@u}2)?+aD^I2bz@)(M}Sb*f>qrHCa<&X#V`_RqDd31ff
zy;;S@pPbgZL3Q*F4zBMsEalhN0|^Sufp!RSlY>luGUdc)@pNJ0*&~Qey(XLHnF<Bw
zoZ2Z0k*K4V%S*5F)>B;(QPHOLugY(0t%z#g4Vj+)oqf(k^rlQV7`ZDfE=q}8Z81RJ
zKQPeO-|xjw9+8eCwsv;)yYMri89(Iosnini{nvi-GNthow2<yGV`^i{BESr8sFfFj
z`e2!#G(T_u5meT!8M`7|fzmiX(~@erc!Jx+>3!o?e(J`PJj0=Z0kio=r&rqATDrPQ
zY^0{hsj~Iozq!r2adq|d4z9FnU}O{&T1G~93i9$8g7c0Yigy>8caOyhAIDzJCs^w}
zZ~wVc`N3fNwbHNo`N8j=M^=EX?OHf%hVkNe&-XKx&>kl))mU}E!`L*}DV?Nz#Y-AH
z9v+@i-J|1i^%}<&85WhKN*DumBz1t4luQ<(8Tb9M{Gv_B&67wmRLU<rVj9yg*Q$6|
z$0&b!a0LH;NtyqX=LeVc<H*whB-?w8`S&Px>`^0vjt2YGmDyb@n?OZ3X3uXtsv-N9
z9RUl<?qK*{adB~Bd3kp=huhwws<*eOfq}uq<fKUoOH)%*YiMTe`>M^a5C{WA@wxP?
zDUew_VQ06tx6dys+L}zYZ{E@`JK>!+^xk>PDS^D2ueV@FE^w!#UDFlLkH`|k`IU+?
zqk>Nz4cyC3C|z7#0jF*%%h9Q+5Y0~>V#9NFwii<kZF2VZ&w%SS`U9`lw+X>&na<-R
zu$r10Xp*oqOR9ifPH8D_kCPhA@XJ%RuqrBuH;xAL%3RCO<xT@8tf6vy3i*zWn1Kzo
zMEkPd{RgDxlrA>GJ>UAyWV~U-ikLZDpPM_^o^|=*AVU1n04(`$wREq|0yBLciVW~f
z?9nDFX(N3<k#yP-uQYlO-RUK9vtW;c##*lF+G}xrevsyOxwXE&zW)=4Q^Uwe-N}ht
z>G9V-<_7}r;cExR2mz(XwNv21vg1rIkGIx0HmX6BCxbN1e~376xI1+)6F@zsrOc~y
z={!C#!oUQ87;0|clBr9HyjSOM?ZZw_-P)1O6*KiipcRnRzn=}XPGQSC|4Gs2Kb4Y}
zM)R!g+*CwFgzfR;t=W1nNkE)&zqDp}HBL({yQSs9v@2LaqQMXSn4Fyaa&|q4(hOSZ
z0KFVG!)wHU{_EORIgrBEF6Y_0Ii)!Ut_1h&>JT6hszO2|Z)PJWC9CpL-ntt1{QP<B
zQrq5Ps(WlF$ul_#IYlo1EOWlehPU%KoM`b_@@Ar!D6{<5YjzF}EhnsZh!0EdlCLQx
zHUyamQfv_da&mHMZgbY4in8juxp0+~m6N&6(8HexhJ>J-R#Enu6X(5hU>wsOUtAmx
z!U9OnCkiBj?GT{#2S_n+<$E*KPHAB@b_l$Qqx)&5Vw^qYwaF+}ull&oj!z(HO=#0w
zjBct_rz72cF<jH8V)3N3lp}%DXc%-R&~<#>*}Nn|A%+!+$nusbQ1f7~aR0)GnK)d*
z(z4)7diqmu2AR)!keLR^&E~jhSq{Jv3s$ERImb(S>)~rJ-(s^^vVUl0$uE+69QQ@U
zb^)!nM8oO>M^eVOnW=Ja4mm#!qT?r{)b6B@;Ja2i6HbgNDrj(m`c#~LKJomjeeJtH
zGh6(V&^gMlQT8o9CcA|kQfCY9nM<w<+CCEWV9d(N%|%7j|I+1kSQPWZR|WX_`M<=+
z%P|vQNR7yjXliTATU$St$RucAinh?<TypB6{ZUfhY*TtF^><ef`CEO;zl=s|rW`s<
zr79j085#Kq-cgP`j0Ubhn)A#)*nN+9H=HIcb~MOq{_fprgY(kWOa_9AifS-JJoN-Q
zZKgv$p0C=$h5NN{T_{UhfE8fu)`0xg^Zy#<)|~U~Wjwa{uOJqpP?dINxaIztZmPSU
zel^OcN}T-c-UDe%*n4>rjmoS+bKer>e5jM&IGO5@T8Y7F+q>SE&&V5`^ut&U=5M~+
z4;%&}OKW4P(@;>Q7))B`PX~8X92>9Fkep>Suf;<WEYj&Cy1>@%lX0Lxy~lN7ktig@
zgb+Ver{*1=9%%F>QYSl}e-^sGD%RUC^zSaTfB~I}6#GkZGS$WGh~GOOq}~#>vpAtr
zkw&KfYJX-aQ61!5Xn)Yk^GEn|)B2@7d0SOJ>Ybg*8oN~IVc}2=dY?-7tVw8nRqHSY
zpK7e0Lu-6IyY}Jv8W3G$^^1w7N0`b(Nr32o%198KTXyR*$mxHyWyR!_7*?Wzjoa~i
z(hCopM+|*|JCcW#DkP^y@0&s7@0X?J4Hq(Xp&S*f4tgZ-9o+j4a`CB<FI|X@dA@YI
z@rMURAVvn>_?N-eo|tk6o6valcLnWews`IYYACN2J^`c%B(EL8<|;5#&2e~mxbM~4
zx-z_WpaB{J2;SKmh3#~S1lOfCHL=f`q~+w$%8}J}2mzX&AA4ufeIOBVRm^m-Al>gB
zpi$)%03k0fF)`E*0b+Yp=IwET&$d?P>cwW}W^Cs5I>t|<rS$T)%=R`$t}hDvAR#bD
z00M%G9uEsL{Y3iAKeU1E<+lw_TfAY8k1928qwxCQE&tei+H^SEK@GVg&${y{?i<9T
z^r#ESBlS}@vEEO`&NDGhSY3N<=tIt|uknO`C}Jlc-#G<4LpRZQvYt6lx+^sjf31d;
zPAl8Mkp|zyX8W7Ph-mm)48FfCLHSCQ0We|b6X96s`HGAox`$VkINX>LJ;daguAd+G
z<4~$#jn|1yb4$yap3CKJ>85AB9k2BmGYB|3tzP^NttaFO7Lk*5n0FFaWTru9*0oav
zXGcf6c@v%AcDh13R%{^CuF0bA&v@Sr!ntstH7*CX4xb?euXi3?UKUqWSZ)rd1LDwF
z1!fthFG-B4A(Wpp=bc9QmYcSzc%NY7;9Q9xKEy9=Y4KJwu-n=6`_Lo4bi4and){{j
zX1oM5XN$A&XB9V<Z7M49U$&_&VH@J|Xp&I$?adP!&w8A5z^2e_oFnY}HT3PzuKna9
zY5J({=O&HRJ*v?#x<`nRSeHtJNWiY8@yZ3767r*T>yi1pb4LPC#{myDNjrRahxXla
zPb*sQWQrBBuISG??Mws52{ML?Y45Lg2#;1n;&9Z8)>CRcJiNGsglgZb)5ZPiGs5w<
zOL8XgdfGF;e-{&@BZ!ZWFEwhXtC$vL@n(qA6uk_xOh(`6^*pumd6}M`4#+|Btu<f1
z{DrvktK4sBA2Dp6InKBrx%jiY+wGJ_Jd4_yB@@zf_UCwO{K*qm)vw)@xoLlCs%xsP
zt$kNcGZ$|LHt$aQE6T+=?y*J}WR9&Z19<~Z;j<}Gh05-*>W}Ej5^_QtAGV(pxamCU
zt&=mT{{Bfrf31OZtr{0-Hcfd)Q_T@OT&Ns@CeZ<Ra%m6MjDAyZW+r-r0mmZ2-oI*f
z=`r{^yeuzh%aAegU8m-&sza;eD{@d1dJ9_qAQ~2ylyo@J%+1YtMJPBVEo_?iWxV`(
zbz7R1mF2F+GtSpHIM}&%@ELTMCgR?gjL_>pRz4=#8f@QK;Q$&8TJNwl+!;=C;33wU
zSs=S}fh592<x;IV!xoQP1A`K;1ur3r>y<dcP~Y%yin#SE>N@F0c3&^%hwFo$RHWeh
z=FL-YI$f6&G9&6kcyE9aR;T83nn)$>hr!*D+7c&y4=3BNr%4;J<E?QP)E=sG(uB7T
zvVjT#;k46ifRW8a#aQm<opP|`&h|@ZH~(~(N?KK(t-oZD8Xg}~ig)9*?th|ezsgcJ
z%r4A!dvi(-JOI4KOjy_CEue>9t#UEc-+zIBdiq|U<kgAhjDBn(u11{^YX`^VTm#jZ
zs4&V9?l;~H>q-pri#JL|bKeev`2_{fGK^LZJd(Ho6WA}S+Rc<UjO)Rjz0JJ5yjD@$
z`;ag@JIf~^@WLECJK5l%*h5ZEiXEl%2l!;aEuQC8U5IW|XSA=ig-SY2PD?Hc<UnJ5
z%TYCxObBt4JV?zwNOjtd83@sY4ds+O^O^?o$`HRNFJEDvYa|C}Yqjb~6Rclpjd!1`
zvH`ss<{qz~Tt_lRtt|^t_bie?;sg8QyO`f6I_k$(o@9C7>G$N<S!2{aSY#lIUTnYE
zp@`~-tsi*scnx1gbeZ1UzU}lgaF_&R_yDPAh3`TaW`_`p8b^p)QKB1GxP!>q8!r`A
z`mO$qAgjFGep*7*yj4^^^e`F8iMs);uUCRO1INJjPPl`uE#gsXAZ4Myq=sn<dHL}z
zUTRS+t7*!{{7zjYzx&N$mE6+p_9nWx(1&Gh*w$EW7p_`Lmi3<7*5{^mRJ=gLu3fdz
zsHARJ{S=vJ752(p&w7{#0u4+Ozv6b4$3zfd>at`PDr<>S>T=IL`(TW~uU`X9&#?SS
z*g-271FhWD$$d1mwr=Wq^IQ?)SfFKFfTeay-tPXMTg3?vJkmBc-Ua?(sCxUpVs&h3
zIokK+`a4LB1+VSqYQuMT?Rj{4d&~)f^s&~%TI3(QPDDvK*xMUAAl&v`eGR5}c2xKN
z{K@+E?c?B}%Hh#b6$dg4SOLSJfTSdS8GqE8u?{&nt%S7DB1ExB%7<>F6x@YnC-a%m
zgqXZ?D6!M^Jws9Vx$Xzr9FM|K;RO0vxg%tVTJ#>(p@U5!Y*zkkCmSV-vT#=ZsC4S(
z6``UEMZGnvNMxX0botTk<p)}d9<`_CC0MB6U&T=nM~b@i@F@b8`|U|)tXi!=>LPP;
z*iwzF-Ox)te;<jZ@{GXoaU9C%9!bK#xE+7aqNUXLOqTZa^z=M0w+ftSLP4qwdGh2*
z_x}!zjUp+LVq~nWJYZW^Ru&f*=d(Q5hC|Mg)z(Jm&pRyi(dc@Wf|Qi>*c*Sj?PDzs
ztLyG3>l6S?V79ln*S+ATTrHJF&`e@Ts6khwX`CjRo;zPz+f@Loq|<Lnqsn)1=#2)p
z#t88~<r}92MY)XdY0Y(1QZi2#Pbf+zmZzUwh9v(Zm3sA;85aIi>lb*~fkj1T*sxDO
zvjV1rI5KmD*!lg<Ya?;p^)a+X8_PegiO^`jRsqJ`u;lGlu^#leq1VkQrtS{AZ40)m
zI^S%3YlC=-Wt`AO7c@8?AJ0F|V`F2>%E<{_U0q%5(DbditlERbNFa0b@`5$kf-H0z
z%OiT$s7k~M@qEd_Ft_3wt!cCQ>l&7tn!0qp;{ddr(Ytmq5QiVD{f6yNx8KGW7e9H{
z4E$j-t$N#j1U+>xFW3Cku;>-Bv9U2(EgUAj+qv3Y{kfB;JU6B&ehnvJbI)(NFSuh7
zMIp1#ounQalr#Fpv5Gc~na{vUHD7zBj?{o#ReP|@jW4@!pj<6<mE+@-edwvZs%O14
z+x8fdssZd-%7n{vK52(c`>tQrFI%X0@`1Jl^4~FEsIo+DNWz<hWM^ib(wLvBiWV*%
zldJJ~j?|wSiWTF;^sIS4<>ZVuXmQ&iyM?Gp-nfA944r9qWp`-1U>O=3YTZ2B0q4;g
z1V^hm;xxf=H85=kiN9GL29ssQg0+*7_np1yoYDHxh~yHOAaS-`9}WPCnVG;6Vqmf6
zV_w|P>e7sXrh|Fsk%K%=-|(xw_Do~0nX6=Eh5I5GE||ESEqZg-+c_kv%HTGt<=^!Q
z`#&rw<ifCssWMSssBstH@621e-NebHtEYpzK>MK|RJ4lxSzYmrJ0Q`?%{x`3`A`WQ
zpEt!X;@>5w`K2WalhM74JOX02R8I~sp31>BlR|!)vB4H6yk4+Z^yGYyA*yOrcAsEO
zc5zCRepWB*UYOqfbZ>O5k-t=4`aU8!sH6#1xvN(cB$-=Se2J}LZF%+jwbKtYib{~t
zR##V_J`wWmFj9y7z1SAQCnF>C5X-2VL&?76Slw>|i}GUBhF0?OKo9*hu%fa!5{GO?
zg+b}O|8mD^3PpXiPC38vg9Si1zwg6XGd!5I@>NzAz4vxNbgVer%TKj81<8{q`<v1j
z5{)inVum?a3#yeo2Ehm_E!Oj2mj^Aoz%_dZ6-4r_|Eo;S;t^V3rB|Z`Nl6Yo64SY&
z<y&D*Nl*AS>-T^)Qkz$A1k&-vVp+&ntmL#OSP~TQaH-xyR65sccjwhQHX0mhuA+AK
zT0JHxzzS0F#?PNWBXDqVyhk2vV|^?~=G3u#Q6P-ya-<0brvcT(PhNpEnhW<^!~U@#
zS7*H)s0lVs&K~4R6o~(MugpdQX<!oiGH`YIfry1_z(TpSt<7(^Kc3y2)!)q^aa>(8
zo&N5;r`7q=Q;hD~Pg3b|N=gbiZ@N-Du7*6TvD6_4OAxC~n;BOgs;a7??}<$vgR3n!
zf5uw`C8m`!)D*K1tp=tUEnW;P`R-{fX2?>Zj?FlG_kF`t^X^oohfTS#YQ{=iUTA4G
zx%BV@J4A_%c${{s`}3DVB!?<C2rXA+CpJMDk*cAF*4LtN<})#%cE@n8Uirlf|I$GQ
z1ESROLRm3tx?=^^X(vqgzov*5&atuDN4as-{Aj(%lUtMB`KIfO5ddA2H7c~j#L)9M
z*~UoblAga8dT3mHywmBdrCAC~s-VNWp%i|AUWjI1tMlDRM&!umKuKw7935sdW^=_C
z8q(v3d9M&wHlMq@y9LYJF1L>c`uj6PwsK<~X)vZ;FSfPY`=`qEnn1tsu9z}I2!NDR
z&%P-bjHaz_^Ij6|b#-+<D>z0BbkWnj`7G%45Ci?`Teuvwvv=Q9Md{NACxf#oQ2;ow
z`eW4Q*5@mW?e8r<1Lum&U`kK9B7m#VH!F*1B$%z%>CZ7e169*sji+ElBJ}6A2cDyT
z<nGb+ufh`1`jW=dq>w2gz3Db7d1cx;S|5zaSe4N>Z_%eG51@XvW(&&T*h_puLbtB2
z?#5sex7m>B-uI6^Yd@+vrYelo0WQk*AQCk=pDIYF%aI@%bs#XdwY6>6>g+V-2F;C)
zgX7x6)3fPVD)%l;iR8GM?i_cSs@v5K*6=xhvAqpsof#5)-;ajdkA_7vMb74(xm8Je
zoX!su+Xq|E7M0!I1<}yZI1Ilh-B%>8udiEw8jT2l2Y-Q2Vc<dplq0>|_ZFYV>)~dj
zXsn6gM?FpbwK7&)68v`F59z%5O!tP<NK_&JLGPypiGuLI{Is}5SkXvP8VT_M^#t`_
z<W2{aF<ZQU)N(gEk5WGQYk#5O>pgyQJ@qH`uA<?}q-PG<VV5ddb5JMgB~y0N@y0(+
zv*E4bT_L+vaB#4L3*h3C2Ik@!bB#_9>7p^l`8<(j4f|I&pr*hX<tmO6cbo7!+i5W8
ztY3uEi-SrcVNo##>#j-pU|G{UC>P7iopcIjSa!l^EX0E4Afa1v%1yZ9c)rD6-nbeE
z+?@fyMHhupZed~A*RRCnoQ8uS)owcMXMg<cnc9vEATn&Yxme%O;Cvsrz=92Lz-zGJ
zSlz)GLJ2XbeZ%0KM3+!$fS3qe`;++W_HRz!5C6NHkK&e6P{;9d4>tQNNEi!a%EY<&
zr$#)mAVK7MJ}cQw&=~bS>qkM<8Obr5Td0AXd*tvhX~1u}zs}$Nx>l=THoUWvG%Fpk
zNCQlwv4L!O%TdV3kAcu*`{rzkHCbi#z{ASQ%6MZi8TF&IOg14{XZe12dsSOo``2|c
zFk_%cHJK+^*m)x>?r>vsbD;d2kOtvALs?~mhuEzW$WUImx}M14P(1V5FD@xxP0+K?
zuB;@?1Um@A4SnWcySrc9*RpS~Hzkb#s2F*44<e7O3v4Ba0}t7)5q!JvyZFi^4ZIG7
z1!0_z^YE$5(Z#FYzs~MM^OH;oAW+vw#1wA{`+danWI^brzw~x2@#|0q=k&m;x{nBT
zWCoA#<#FQO?OA(`_nCcjbMwr1Pu{AxpUd<b#^&cgYhp+Dd_*?4ew4$;#ufs8$7%Hr
z42Y7v1rx<bfM5_MSe<$Zmo0fyc8M&0U7`ltfKDnE5o?O)zcg;pv=QIOuAFm9+Zp>{
z+K7^s)+|=d^oz1ZZw?DRP(A%_OHPnI&rot=6JG=(QP1+pnr)uZW#{y7aEMuv?WUKx
zs4xpEEI^w${CW3kR|IEqNeSRxSzaFHikt#d7-?qWS)>xGL}qkO4pY8r>I*r!E;6_o
zSnBp-2%=1Yl_CSYmWz(h#@JT(?SS$GJ9|{u;1-<*rxsCPo5_!vVzw(gTUuuLv*3Vl
z`LpDimwz*-k&zGr;i#i&#aNb;Qz@&mv+aOU-Lq3E4>7u}0I)3zn7za3j6b@2q2Mjg
znp!_K$2ypHdc-R!aHp0xksnYlTmJOPi#Y2P?-MDoy++B7H5yL`CmNj}>#nE8tBO@m
z^S!#(+PKz#TxZ6Gq<RIxP5EHhMko(2f%`tZ2Hq#UBbUL&7~nye<HJ|#oV9uDP9j%=
zkJK*?(g;Spq#jQKe1Fa?v(VTEJ}E<qS1~n|#PP(QJ_UEeV^O8N`?;+>-S|58$>-a0
zp@-=C+13=1sx5OP5^J>&EZ?YmD?FYQ$xUHWeRAL6UCFN-{(hJJ8#uhWDNsw}GNd-g
zoSPG!X|z^eugMg-64ferC7u&UefYid1OC5x?T~cMC&2tn?NO+D>3PS<&z1f4v@{Nm
zfrog!QlOb$hIG%&3)k!=iR5iJC>8BjewQ4pz3+!pV(Hqd^HJY)A|2Yq+soUWyqLc9
zCcL3?jHw?vpRrbt<mB{z@pw|`Ju*K3en7nwGeio7O_5W=`U})Kz&&2`r8V|_FY~@%
znOKAYWdelW;d;`+f3v^YF!I`66|h#i|N1Yo-ojlSQjSUv%dhSAw?n79Ui`|QDV_s$
zy!aH~gQ5-HgrNDWRcwkIqd8vXZ9c;vxOxQs?z5d_(^`f#+&Ry}f-G4_=fg?3bQmjf
zZA0C!$=QpYJww;7g-~(GGoz|8)V5SZ(il`AO#)dpru=Y!NO{EII`F&Qz0fnRS9fCj
z?-UjL{{H+4v;LeN1oudbd>|+c5B;y+@&2D2p71re3IptUfQJaG4IJ{_pB@tiT`mU~
z^7;7RLX^0`nHV1{;eNYBlg(GYZZ0cZr156?0%vo1%b#ubHokRW;3rim;jPNDUl#TZ
z)&x|K+Z0iImtL8A5ID71_B1!@r31!xz`JGSfOhHi*Y6hp#3Q-S%9FleDfRK-D*H*(
zU7(>I#aoL5J-!5+1SdCD_$%C-D7*@^b9U%%mWdKR-|g&@^)!vW#0)vBtl|>z9a=cu
zOjW%Hl2Zc!rYy?y#X~aoyR$K8iiTc!>HAw2h22VpTO_jyA2`g!#gpHs!3k4QDJ^~%
zGdT{xi8J0ugG49H=nIk2=f&<0W^XQNkJwr4B~Ln&p(7KY)L6*(a=kR;Nb+Yq-|QNZ
zZ^lb}ku4UiB*#P<!@2Lgf94LcrdFb2%QL3}y7O{{GQX|{+E^r&fLTWP<A=nM#EQ4V
zkrPe6uJDBK)u96eN(jpY(t5(mDdTNBkD{(oz25$r-daT^PoAl?*P68=u=i-xahe6a
zJ^vilRx|Y3qguQ>%~wgv)=qwCg_G`*pn01R_`{hsTY);bfP>>gxUle3%4VW=Ac|zv
z=~^Vfh;@J4UTkrPlwvL*$kL9nh^|AV%+(mQwh$jeP~<Rf3h1NC$WhI=F|wXICXD;n
z3j|_K;7E?~JFd6be__;5dL#?P-_`b-xf<JGkWipR21JBM1b-ZRme2Ye-fjjPg=ZY0
zTU<AQw$B}6<<d-|@pDe$=>_1a^XfBa|L7mfJ+I~PqmZYNjdzw`@Eu!j7ByOATIx%<
zoizR&!>}U*URYDew^#{M?RnCTYU;-<J)%bgUBy)8krb&h+oJ)@XBWacDj9D#<dHpl
z&36YCxXO^hfxajxtyC{^XZy|E;`ZF9Mgd2@#=ko6%M`2}?NF3i1yF!=snDfOymW~@
z=1d>r`-4`ILiicP{X@<AhWm}@;;?xoIj<7kZx7v<9(;hLz2Ud^hHplo{A!psYWre!
zd{(8A5H-t!WoK*~Tt=p7N9c<8)rp|5(lQZYA%@lIZzZRbtZZ{=b??=mlOca#y0AGD
zU7kQ_zY;dv;7A*AGHfJvdBTV$HO_~~f1@_Y?Aj+NIKY#MSN8~@*y;V19TY8qP!2Ww
zW$*px(*>5hxm>fG+x#2xp=~9}p7K&Q?R<+zzhfEhm(RW~;LlP}MSD1~^43kTfhd}F
z@p8T?;tl=Z8{wJfqk8!&DKT~5vim5uw>9_d?k+B6mMj4WyQ&(ut8W*XgSgBC(idd*
z+Kq^rdEKR3c&(D<q|uutU4pnY4PSjvL$y<u3(EVzW%d-(oTVl1Z@S)b8a0Ow_EVH8
z0JmRb#_+q_7+99IPPrMv!PjM1UhQTeq6BGn5Hw4CcZ1;l+;!GkU%XcJ=|H944!51Y
z#hNu0ph&lNEA`qr)AKLwBVqp(U6RH}+o-)reSf#O=u*s(s9JL#MFUw9C8VV9!D`n(
zUNFyy2Cr>5M@6BRxT?L_Y^(8G+pC}CXI`w(ySSZhtC~SG{OdUidi7-SG#6y4uf|ff
zh*H}v%9?U7DWOhwk?#IFz?akv7k~vKx81qO5i@bu+X9M((m1ahjZE)Rh?VY}&Z?cz
zYl$VnjSR=@=_pD2ZAmvifwp>|u70i}D7=;6=FhzFql+ftf-B!e6905Kwx{>K{cwZi
zEj<PM1#CGCGg!paa>sl3xac*3-(hKR1AE>S{`y7e7)qG64uTeO8>|UzM}VxZbi41h
zC7q!4Dt?(Y((|)P;X#N=TyFaU_VrwCY0`JO`>02W>pzAfWD0V5Phi38Dkyo}&u^n=
zW2q>Pdfx*FsX=e0JN2fg-T`G8RgF)zhPZHk)1(Z(q%z?3`rmm?IauKn(lS{79kyWp
z3iccyyB&tt01lZze_AGc9=dCBI)4mCY62NF!|A>EBQC1mJ!kiHYn{l$sryU+Sv^?)
zoGEI(eFbdtk8BL-{lwYKJX{l|&p7edEVdrq8!^r>*G<6bJ$?pC8}w&77i-Pv?aelI
zL$g;iW2?VxgYOkSSZ-eQJEbaE5UTN-lT|93$_7f+7m4m~16Q=nb>oKM>7ACF+HR3n
z0UawI59-iRi|5r&!^6y*iP@!O5R8fPURf0)Yjbt(U+3bUkJDV~&QF*0G3}!FBgYPA
z+1%V*JMqdhL1&|ju5m>s{QrYE@c)hC{O`@4GDGg++LT!~3mTV8kqKgP6TC&KsF3e|
z|9i3TKUTSP+Dt8OUml9A5B>X(5GslU28h&{Rx{22_qf3S3$-<;Z(DCbya|;DE`#Zn
zmRpYJyAJVj{^>#B|AgoN7drp^g6&5P`?oWgA%Gx}j3I_Uh{_~I8de~ig^mlyIS*hU
zgzPqhs|nKd?Xxoedk@Z(5X!Z1bSA|005dO9?ekk1Z@~>4UeZ^6hi>tOz$Zwult4`C
z?d8XN0x%jDBKa`n)c$!Y<Ev_#_`<J*_jrZL-3jp^azq)0@u9RVluBw_--#Cd-uUg|
zD?z`o!nN|OpzDtaa^#7`5c(&7Q%&(e`uhVteMkhUQKs*%uh-BtUOn&%m-|-h;&ITW
zmfQMU1?%5SaD+F2P@M7)Us@{|wLiMx-4EV~fuZQQI6q8Y!meL0IbN&CJC`~l6UY)N
z7jP0vb}v!`D7o;@iT9T}ZhqGE?`4_#Bn8ex{M2!D5tRMPZ0{@cZaLR=XlwVrYb=`F
zt1~PB^`2a*J#@8S!Z%J$y=eHE#&q@2lSI6Bd-GRR4PYsEk^D+mE7A^WBr^Tk?~m8~
zAZk{;W&!Sr+%DoOQTvojE^jA}G-Q7?DBA#+ul$X<#d)$oQCcKoN<;J2aQTKOgzXW9
zIMKZ&_)jcHq9i{rKC2*~dFQ>DZcFA;h42e4jAh<vY*n7wVvajN*FpQCBHCC?I)gu9
zU4}9MXqWPZ9LafqME3Ss{}_!tcTMw;TARiKAz9mf?ZCdEag=362XRGHRyRoY?=F5w
zdqH?V{upy)u8uffF?#i0f5t{`cGoX+%|lPo=38$dg<>S;FeAT_@sY8S`8zHJA!2CO
zhihl%AvU@a6fM!DCzDqNqim$)S+x;cSOC%fUY5b4**{&$68JaG>I6Of^3GUrG|+9Q
za3`?o4pK;ynwuVmsu{qE!S>`??;bc?s?v@Rxn3j`phiq4<;UXtiHN7j75vO{bE=JS
zi}fxmXk;*2bh=;ivnPfaUut43EsBVO>dhEg#5R9;rCg`eX^YUy2nALL*#CjQOB#me
zhH7qmb`=dcd3O4GMAPU|=!xPHWn@@*<#xtf&-ae5B{&O4L>2#ATLB_Anm%64Vn=Z9
z<1|JhIc@K<d$u#^^mT#dCE^AyqfFQ^S#x`nasV*%V+-lNe6#U2Ma*k7|FtU9va&@l
z2;lg?*nlbxa&823Hs1TP$~vYZyqt1ro?S+&(`C1vi<2k){p$<l_ctr_76QgpJDcB~
zDw>Ht&d5cH+dSF_EfoW0>~5c9GM~dtqatW|_v_!SF2ye#M#n$Z_PPFyBeS(R6HoTL
zzqWK;!!Xx6MWrll=E^t0g4jlxc&C>!ZvWRiz<bM)W6qAifLn4UiUWjp4RN~>qTT*a
zA3PiWdAiU!+wxN_7S-PVzWzh#cA7dM;56PKaQ(Ngy}^gOQv57<Y-eq*+o2@OQEv;s
z_0j&!Lw7s9>#3#cH?b+kb3)mdjfdaU{;GBy$P}ogNU6Ochk)2G{40H^mQT)l5r|iJ
z_kNachxUBV`Oi%HkKv~~D$k-15+@sAjxr}s>%Yy-bQ8X>-Rpqz2wy}v!wiwR74_Wm
z_IKB0dqfvWOF%D}ew@NCa?6iRzBaQs=6*PgtEay?+kxoBvc7o*c)U9)Q0Zu#t}UgN
z_52cLhcZeVewaw1O%hQsyp#G8s7jhP4E+R74=ta`j;p<O$?q$k_9NK8n{C<KXDdD-
zSYG0F^;X@(3W(9jQ^vqyAR_DxL~F_UbMnNn;<x+G&L>0fo@dx$flN6}OkIJrjIXe;
zV${6qhlbOZ=u@Snq+=pceI-X~)T?Kc2WQ;{WA`$IozZE>w4C%4^}_<C0BFp8$X+Kz
z$wGtU1sGR4?Q{=0<GBAVhGeNG$Fz?W!D}cuOv8@Zif_E#kSQr~LTaQzt~t!DWRW5D
zL2xOqu(}6=-yD0&71%gNmRKQg&d-KVrrRwAb6FnAkTTJxlY(=hpeNunLIgr9a3P7#
z!~6h4V@_f2dTQMR0YH%H!>S#Qlfu&C0bQbVkmBoR6gHIoI5x!qD|9Iao}wB_!sjm)
zv8L>2u1hRJk9Y8*2e4v`|Ju<6OWt2f4Cu2%P!1fpC!`dDYcL%lB=0(~76{iwl@4=g
zYr%t;<S<|4%+5?PI*yFE(5CIRa$@2J?jy4!|C38Y2A>xqfWd|1PXaxbHosoFbwfE<
ziOc1;n_OPP4rmYkNq;YWFFme*nM@KS3x$a_uy%$~NwY8W*B@ED0Mctv2tt`0QV1df
z1x*^;FBS^O05NX%r-5>G#jt<Bty-(BKoj%+ky8%2g&N~RI3bJI-cu-VA<JJLlN>%M
zss$IoWbE;Pq_rA<!8Cqx6bT)L{3-K`p73FZI{uEsx?nH*{@*iJ|DJgO7lRl;&LQVe
z)Kpmp3<ih>Bnk2sk^~i#u#mYmcm<gLQ_ZQIP|!XrED4PPM~cdy7E&LsdMh*XX^)y@
zgY)-krl2--2HRNFKOOP}sxJVFR|HIvB)1w9wWj>rEOgo38)C`%mX8W<04YxSXdrjU
zj#DGX-uA#Ix`D0wwX|^q0Ul$v%{1DYWI1yD5iSF{6b+MjU`GL<(pw=y9pKO(<l`0m
z@Ahw{AlIm0s(f1@f44mlv8*gbKMXU}?Ad<k!lzLiTMJ9xv0a#kzLZ!An*B}kVhW-F
zjX^bD1W!(Ill&uEhT)$c0~Fgy>OT-tA+%AmxDLu5aaX<2s-R4y@2)1p4DRqw;78CZ
z>`rTQEdqKH*<K!*qI`)DQT=(l(P_%|r>pUUrT%H9)z1Of7~NkJ(gnfZG4ffOE{<n9
zUjXC1iIvFdq79PKuN@b^!YTqd>Og(ojk3F(mI^9?nZ{a{fb`asz5PXZqVq4O17!uB
zGl}n!OY)C|?%z=ex_(Vti!u7Hika`y2l#Czam_Ap8T<Lt^#9`QEraTanr`7a9NY;I
zAb61AL4v!5V8PuTg1a*W2oNN=TS5r#?hrJ%ySqyuxP2#ip7*P_>el^ptKd*|YM9y6
zdr$Y;t5^2~Vb&ue6)hv+Oltx~IJ{J|pMUv$Oc=ANr`P?o_(S2RzAm~mQ^;53QSLp<
z`|+SuKf#J`y=HBwA186&{aspT{E*SD^6z6iMevG{uc+xE;(QcjrWxf%6eQ@ksn9H3
z5u5ax3GAV_X*H-WY3CHp$J(0U?LIa<d3y(dm+Xr;nWZjXTF^Vc#<7b}`*&h_(}7(#
zJ~;k?erw1i#M1KFwL6!cY*OSZWM+(-W1spG>hA^A(5e*>JNgLYi>yX*IX#Kj?`1V(
zB#pyc`;gYJLX)t0lWpNCQ;1gw9bY!PQ7Jno8cMBO0)R<`K8!&DDRVM-_cq5g!ed=f
zxFg=`VHq_3iHkzZXRtl_YI5#W$zGeL#u>W(ISWnBMqN>EEO0R*`isHRJ=1gf!B)pU
z|1aTb&@5q2wlNXYv)%miPj2lE)`D`!3=YRo709n4C3VEF09;uhGks`KP1ccCl=FKN
z2yC52yX8uaWM=S#uE&clChw2iA-&`$Ibqd-09}}|Yww^7@yjG14)rg`cio6o4r#eA
z<DA>U=I>%~Me0%IL#5uy6npjNr*U0J^tlcl1aYXu&817qR#Tz+J|D<DG3&&l%z-Q-
zu~4zcM3!GMngFUIBDk7nxGfzptG?rR(LHH}17>Y5{fEF0A>B6XOHHm5kgp1D5ID7b
zTj{p*>(_HcR+rg&KR)P*Ly4XDuSX~A%!NIp$eNBkXgpItq3FT0Mj`5}j$D*wV#VLv
z>m@~yHvtU5H*dQ<)4GWYn&AW9?6+J|k~WzB@`kIc0!|owUwmJ2Y>I5MVG{PVHk`j(
z_{-izQ-R#;LAWRQ$;r-V`6?a!ZpViS>G9}xp*ELk&d21A9ewz4CTFKHuUcz-=Egnm
z%J{jSCM&Y(u<Qh@i!QFxoh^-Q2i7G|THYl*213dW2VTF`@5L0x+*`0-9iK8dMu!()
zN3$QaN@k}7A^!NGx_jaho2l)sgP3zuSNA(^02s}elh@<gKe&s&I)~GH#h?AQF$43E
zi4h5)drKu202z8MiXIH9;e|&9xKjfS0OUI}*1KiEQW>AbivRDbciQCJ+0I}_RSu>@
zR+Og&{OS6C_3yL3B*CO2!GyBP_%Q;xIX|+PS$~r#*|^GlD9WVJ<8F^UMFjAGCrc0*
z?CS^of2fDw)GLW2$!j(_o-cNgHi^MP8R{i32dHsi)|OF~zhziF-)2#FIGNMMmQ7Lo
z;I|Z<t*_@Cl^?^aMKs&kLilKi&2KB-zL{iHa3<oS4zRc5`F{pxAY|~>v^eq?=93rE
zSNC5gyCl47{w=@uBd4SyS{1OEE-cuHurT)%z7k$NEdK}{75^5EH!XJ2R%0h7)?uf{
zCK@l{&}#5#f*$;h3J*0=DFN&FYhKU(8Y`F0Qt;wo@&6Ghx#3u~nOR_Sz`wlV^o6xR
z#vL#NG7Afeu)0XrzRe`M6))8j0frB^<}P#~-P?$lBEKiaDhUly+c`z7<FSj~43oM;
zm~mH@&-vezv17BjASeIz1^Y5GGQ9y664H1N<SaMW#TUd}+u_;yQKTIEnZp_Uwiutp
zXdQgw;^VJ39uI`hW^tth=x9D?=R4W8v({6fq60i8FS*eLNiePPXY@H*q8WVQA&MYc
z$nU-VGB&T-uS~!Wq#TabMep@G$rSSdDx541JZ0<6F&9u~cWsvTx=#GLgfw6F+gdv*
zJ#kZ+pBb;Sg5#Lkb>(UEX)$v-2xC9`8%U%yJ=Z7|#C!@P`SSK^@qOsqe{1BK-i)sI
zlDK->Mx%pfNLxYc32v0|EwkE>Barl-$xu3gNt$rHj^Mdpr46w^5~LUo`<W!0N^I9M
zbKUl79dY}D^K)j;?S-tFJ3cdWi61c~3r5QLfJi^WN%oEn`E-3z1v00HMt)DP81r=R
zQ4cR8$5l`p=3YUl`hPF))}$9pgHp-l6teV9QSy<bji0}g3=;~#fj=px?G__oE6&0E
z(Gntp1e8P-94A*<N}~XOPUbKQq(5ULP=08!Yn#FZ+8Ud64jLZkvq}Ft=g*n_{ryG&
zaR=`eNAO%lMa2)*1UGCzC*<`o@BK%LFd3P0x6W+?X6_t&dk@`V!4?-F`$hA-?7tz2
zJ)S|zU9ac)oegHL(tV*oKsyEU9hs6{_~?}W{9oUIeU^mf--h3cnNtGQ@U}ww7gr60
zfJc4cuIk@6N#Bqlf}oV$<NeM5!Y{88xWUK!{}aE!ax0w5R{ui$m)`&n_~?Vv9<faf
z{R$b?c_1seQHNXYhaFRrbM`Mtl6;3az)oxjoC7Y9Rp=@bwhiV-5`RDhVhCplF+@DQ
z&XJBg&VB~s{tc-lFbR9Zjy;)wCa|Asf03H|309VHgbEM$Jfu@;<F|(oU;~f<x<dx`
z8E>q{8CA{y#di}%;60)Pfj<L~05HHb#HngZN^FxGzv*b>P%bVmU<pn&So<aN-kzRd
zNEckFc#f3A->VkpPyRzaM}ZE=1E4PASG;yNAPt1+{DfkuGiHl4UeoaM61g>zlJdJr
z<h{=@=CWV*QCCum0Sp=aje$rYS2^XM9p<t246%l@goTk{ct;XIt+QQtZo-x3t;O`*
zX0aY8*yvD8T}=(9kw=D!2~x4i$-$65Q&h-mL<Qu(cW}7@UcvUb*n1C*h>Dspfu;sF
zJRSi7%=2}!MhJ4l<l#pPb)8#Ib1)$cF7_VV;!j@gkt|_@ugd?-R*i*p1gX|8L4j!$
zwg5NC><=q#Wn0@LAwlpC4IXav4fFH%4-&)3ZZFvl3~3V5{({fVU4F}v^v*RAXNMw@
zO=>W@y!3!)7S?AfNQ~0p;KJD0_{IF~=fN!DEPeTZRu*>{B@;;+z^7woE|E0dPePQR
zXvLLe)0?>nd{ma7@B<XFzN)KDHHroz765Rzq}P{Eb1*Ca7lO=<h<XG3F1zJRrtAn~
z0>7Q*<%gI$SzUT&?JpnMdcJ~I^F1OI<@LO$H*s-s7!tHmU$js8Czplx@u~kon8AM$
zU0pp9BSyBBsIbsaNlVL<7|38l9Ol*bf&p=0r@8R!SHt<)3X_A>8I-&qKiH&Wt1UmZ
z37e4qyMZ=a0RB|g+&p(_%^@Gq^z-xEh1C^!It?T;@9cq%t;(@EAJo(+k;RlKu#?aK
z>Zmm|G{Dcl;3vfN_4O+!_7=wz*Ayn+*f3gm1!prH=3{2-*C`_ZXLzA2EzjQZkdW=1
z-!v9$Rv6o{5*7oiX>Y7z;o1X#B?w7Kl%gEMG!=z@r$3P(?U^w#F$=I9ZAAcu0Hd_B
zk`4&penDK4e>o*yX(swi5;h5^tM92BH^wMi?llG`lK+EbS9no!=9I&`ofboJsAysO
zwn1hV7R({o(j!EMcjL_ZjTYVwS2Z_?y{Dw=eX*aAk)AH_7CWd0mYrt$5FQLZ;Rf1;
zhs2JOUNqwK0lBEGIvf?>-8ib5$v~H5P5Cm`f8N2bD^T$7gKaZkEq$=q;2c9OEsp!_
znOAOJp19gnAxt4tURYSJ$t0I(hA2Y9YA7NGD=<@lDQc+*O%ee8g=SA@4_IA-)a0)R
z?<Z6)Pn=kRQ~CnBPq-JcD3RF#w4%XL^osac0YVtaz3pZz7=U5K8u%Y1gMFsaj>+i}
zNiHn(zczR~-i@>HqVN9yIKrY^?=UjgCgpVP`UKQ(>yV}%@WdDNSt_aqNgyuY!&vh2
zpw3W?$xfX4NX)tJ(3pLkNVmU>KIk5w<PSA=(NyEk-6u2xJLoBezZxKxO=k|u#7;JC
zO_RVjgC2J<#gkXA>ovb}$pQorrN@aJ{QQ+p6qnEikq~{9=qs8(E%GTEyO{1<6;C9u
zgnvFjn|GH`B&72rtht=vmBnE4TAbNU%iVF4J&r$SXgcz^ac?B|vgS)<II(Y|LT#^T
zX}3dPG=Tg(FI7ef4Ofe|Knw3SryfJ(m-Ub!44Mx|f72Vka2z4Y=&KTd)zDKd8pH>F
z)mFlB+0Y3dwm)$CR$c8f;wwKv5%$u2Fxd#;S^dM3TI)V9tft0hIr^2#yY6rX6BA)I
z=2&*x=df-|lgqk+hy;;Cl)EdxCh)H@z*)|rx*DJr?o|4`4YYaf&jBpLt?C11iUsq_
zCweIGv~gA=52>jy2!lVaG(1Cw``Du4EBpSv(E8is70m7P&KyoLj1Wp9l57Yv2{wkv
zrhhT9Vh03y5H-nMqU2v}yAjWXI?(%D0e)}}nEq0L0KDNd{}DhJZPg99Qf&C*1mH>H
zz<jg!F<4X>28)C5knfHdKf<KkfJyI{rK<PZ+Apa8f(6(Gt4bLEh)|_})SeYH((FVW
zG=kDD`E%xUZrKNstU83VuUEE(YX1jH&gMc1QCDFekEWhf1l4~8;sgE4;hzFLe)`py
zs{%=vHscS2U;{7#?V1A*0NmW%cz`<@?titxyN#IAv7<gT*f4#Z&*RNbe(5s*73}dR
zOMh>n`eMG3)VJw%NRB7vO~)zMRL7CEfA2|PFS&nR1?F}zc6uYx5}z;O#lN+-8Ql%3
zM`?Ej%ptpw)hECdk_<8QIlp>>vXaD*{VakA0PSzLtocKnXt1w+Kp~jdfct5P-TpC8
z8CC!zcAg*-9TW4>ZmCfeJ1GB8^Mg8n>$M+z#~MXPC5d#EoIfFEXO8Ar-CZo#e}X#Z
z+y!t8ods5ffn$*zBy2z(&I3+lfVyP_S`Xiz5K8jgkEs1Xwc|S>0HGj6&xYB!ySuxM
z2u^2YYNiO(cuoE4l@zB7X)$TkVuud16-CWV0GIVYyns0u0tkuZXpDsYLVx*lyEhTy
zf!E%#eOCe0La$%6D+9ctB$%{PR6s4JLAo={a)*lzxG*79o3>rMKg6LyS5eJ%WF(vD
ze^86lJ3shS)|VmRig=DiS$Ej>LLOL>_yCB|`s+Z_BY(ND<zSE~GsIG(tT_-yuq6+f
zyByB`T_>wP_9JN&$k^~}8V8a!6-PP$Rv9lfGr>N)AC)r`l7sSjBo#Xs>teIb0AEgI
zd8bzW52Rzo0BxNQumAH*i84!U+N=}+&v1CxzW)XWaw*w+PxAl}#z4S15G9n`B8OC!
zQ%fUZsI^^rR97ecXD+`!hw?z$i9;iPH=R%n2%(EWSP5eEe|D=1{R=H7QBV=KmnKiG
zlADSrDgb*bxkcz8^xFK~Bpi~CWoY6|NPRSRh!8HIitzV%k}gw#26zjnIZpBi<^eiw
z>|DVo42k!*`G~9m{nNFW*66FSqZ{F_k^I?0b(_k}9Co|_G(dpeOw5leA>r@STe2AT
z%cGST(gpA!#8~O00|x+;*d}~560nH4O2nYWkL(ZI`#i%*sqlV#&i4XnnL3G1wWk3}
z(_wo!nuNrE=ZKIpeYX2n0uw0-<gy4g1s+n98c<>m;NrfM{^fx-5m~WB2mm3#PlDEQ
z5*t>>kInnu{=c{lM%B10dH!{Nl?KN=keJS&R-u0YJET*Tml}waM=<j5>V611iYuab
zULsU`W?kiK9ivxj#eOqk{NkRd?{TSCpYLU$px$3F2OH88J_Fmo=u?3Yyn@!FiQxOo
zsMHs-xbLa>9(H$U3{~jj;X%Aaq)ciGDsl}*$hrR17h}gvG;d(<;gG;sFhBf+l)pEX
z^KjkLcg7;VN%+80rC!mrkdCBq(P+)V?CXjgfMsX|pbiRk<~~+?mFue57n2H^F#7{9
zaY3H<2&dTpa|WJOiBXvK`bAA`R$zEN2Rw5NkhSWs?wNsz(bP}Ex+wkZMtrx;z~kI8
z*kHEdKRHgr=Wh$RvGpJ-e*O<OjsZe{QAhp&!fd~hZVl@l+$Arntu7+v!bRik3CB~h
zDXqGe(;!U2*o-X-_OH$$(#|4`Fnsy3U+ynxcS463N$ZXUzLK=F%$+8oQVv0np-DJI
zymW^T{e%EM_9(pioGDT{S`57r15V28f0S-e^%bz|G&@GJ%3%7vAob%x`bkD<6DOws
z`L7|?YQ+IBpm4o86On=ApPkvTfu;9SfC#fcU$><Vh>Y^~+jdfWAb{?F5VP5PvAs$F
zbodbsmf}P5krb_!6B=RLdX<8~e~`IX<nMla)=qtj0(g4A5Z&)YRCZe^5WEd_5jM2+
z$FY0dhyL3yZ-+Iida}H<fZVCz;{HW-|M)1%BS9c6TXTtxV=4F-%}T_+-EZ(@D(sv4
zJq;O^B8$iZhGmVvI>z+?&2@jqBdYtxM%tY~Q=?~wgZT%i0ke(277}~sjpYyc^$owP
z;y-f32dwu&`z_<?H{azj1@sKI8EhCFky8DBf34_JGtfA`w`(dnzLcGD^~D~_3w9Yf
zia&JYtNrg>%_l+iK@<tB5Qw2}+{lXA-u~+y#DH(8Kr4)_O=uu6)XX6NkQ|sov#ZZ|
zKf^Tec%K<U1_8W7{!A`zG;V&uM_AKRiVe&EuWjA~)j&NZHab`7QoW}gtn3XRsQ&mm
z!~TD^w_6r1%j|3se|d;f*uHQ>LR1rJ6=YV5&F}w@am4@|d^iq3cbIqP{^M#`c5JLY
zj0|5yZnvz-=gF}@@rWAW?Z{zRg2Y2SP(}RV{==145WxKU{{l@gRy^>3v*Lgc-s3;R
zeW?KI4Unq=9vl&JAa_O6g&P)<!D6c$2*Q6*rU@%>OaS-smnJOdB~ap53yqO&`}kj0
z+<*dje2XkVf$H~ftY8dq?JXJ|@Q*V8clQ7JAhC^*`76$et{t~;|IMYPo*SN>?3w>9
z5DIJWyYh+Cb~?4JZL%P2ObU7hI}F4gH`iskO2cfTGT=;WPj;|`jIyqt-ze(n#38P#
z7ry+@*hs{UH`d>Oj*JY<&JXdKjd8|oTfs_Oa^pjQ#reM@;_aC|!u)Ah6^PPdRPsvZ
zS$ll~!z>p(1LW_LnGd523n6_3L=4fhDU=}#$QM9t{=hDnsuB-QS;I^3L3{2)BX(@%
z*SzXwutJtu?v0mUsj`V7-&i-@^c*~mdOfw?Jmq`f0ex&ZkBD+|to$2f+`Pu`HHwcB
zHDr!^!<abt5D5SgJVGA~SGJlau1t!8ME1WUJG(k7BYuj+Am-{I-spa~S`H5i@&MYU
z$bBOe5?Q(jL8K>H$q!KwR-@TZPo}ZsME(^k;_Ndu9hF<JmvOmIZP0Lk6g7MsDb*D8
zMoPFjp>$r|%v4u6<50Jk0jn4xm2=Y$Ba^LVe}=ylNEFeB=wDl^lxeJ#o#Z8xViwLD
zEI<j&`6VGw>1@^qN2(ZNzmg365SWWMjy#=D57DYl!JkOsj=#GJ)|U{_*xZj7ejUV0
zNq(@0u-c8{h1h6hat!=WTK`<ApgwLm;fU==MaC`DXc`rT3G4nq7~kDMT_*f0*;Jg*
z_pjPdot^VR*WXk|SPXvmUvi<5ekV%=$~&S;CjbiT!Hv&y(XUuV4~H>Y+D8M+2v}~U
zK#Z12Te8RI%le3&lI2Mub$fPrX-S@0>LHKy?-v8)g6=v8W(uvIF}MJ{bgn1e(>mf+
zgvyM4QNz*aJzjcw`CEMM)@n{UHOkEs>zz_PLSADYRkiNjxc424bvsaC(T)Hn!+lY#
zTay|#nF(ijKU&aRbew}ES3x9>=l*OE%-lRv<M0~(P=gHK40QP&$TYfU%xL<mm5uF8
z+Ak<6<G}c3|F7CCNDeA#L0`tAv?b=)Bb`l<{2NGngc2xIOvu!1Pzu~aiV90}@8iqC
ztLS33D1*kM&Z2{PI{zM4(FVEb$v#745<qxHd?2#?3H(I<;OyHYjpa7~*oOh8Ef_CY
z`JT}L#n%gxF96d&!put1n<xQv?%XaVA~OMH1SMM6c|iu=y4w;}jIHi&c2`-ri`)C<
z!=Dsq^-A9v8{U)=5H#RCcnb0x91CE;c^!!QJtYzx5bupNk&YsC)#L5*wRzO#&<r>8
z+(i&o)p98rA>VjEgNGO~pYejM#UYf)F@F9yogpS0x$>i~spk!P2qM-_%f6M2Mxiup
zc`+z2CtO>C*)H`C%=Ue>#~#Xj->6>XzF(+64k=MlAcd^}+t0p_Z0w%hD9+!7KPhbQ
zN+EPV7nYAMsiV#_Uml)4cZ{98OMgYV@VKj%Qq^do72eA9?!<G*1VIC28+-G-{cty=
z?a9;3dhw|*aTZM?PF7Kk^DFTp$=THV@xY73LzS#2iD<b8h%U~NZQd2JeT?eB8;4eC
z`{LloI1ahXWGUv%9MvN3ABEq17U)0T_EQo;Y4sZ)irn|-_c7v^?VHsqc%=Hw??AP*
z5Ym~S{3ltsjiu-Z!E~QNF{uC2Q`6yyCx<)FNT%9_?dkK9pY_yN3^UBcnZ+6SQ|*HL
z*^=4D`vdSwf{U&VM!Ro$RQ3L>os&l8VCaQJlF`!d<Mm*+oyR+4>P;lxH~ai<8iQ3(
zhgZEe8UMJTtO=9RMksv^MbG~A-U!h^=zRUKg2UXl<m=LFN>CvZl#dzNk&l$WJI-<;
zZG4Y}GOq@_={BRGF?Z4Cc2=HF5B|!shqxk;t(F^3?o&Fy^#>GuG2xy~xZ`NY$Z+j;
zf4D_Vrs=)XR|gIC0_|X?m+aeYlwj{&eq$tY8M`J(VxY^xVU)-%)Oj&{#LJ;jf5}+3
zU9{h5G;F2dCg%)BF)(plMY#ckBo}QSb1$CCZ9b=rSIPFIj``}X<n$Kcb4D5s=wzix
z6)!MkF~7^L;+=7q;s<iCh+k_iex5L`dPq#h^tH1HAhdAm64-fvV)u0N=U%JV6=p|m
zgXQz>5Q8?E_yyYgTA0(!)fSMxnlo0mmBX&^vEAD~cn==b-di@OsFl&xH_@%~trOQ;
zzy4F-?W|QU)8@4S!;aa%?=n)B?iMDRRH;2O%tD$<4JPEfg^Ni%y2^a(gaV<F7)gDF
zd*w42Apy~9xY<O2Aj_6k-1Pz^nhh~dE8rzNYhRG2HxN-F6oIe;I6OP@L%F%zTgbyY
zZawka1YP!n+zFaP);dFuap6Et3wYi}h@zsLSmbNnX^yE&WB|v1`b=~2D?RNT&YhUt
z%ICtbnyGHj?SwirTy=j&epgQ7=n=9FJbfiiJ44-_=`w=?W!KPi)?OdPnMfLP@R(5E
zS)AYdh@(-4_wz!>$=Nw;Nbo#^a4G?RfpbFp9Q2J}_%<7N5?xZEa_cU8vkp$Mlb7ps
zWdV~<cb~Ec&tBNpFWH4q@Qm)xY|(`XE7f?iur;mQzwjKVmwkKr?tZ<8+1lK5ys2S(
z(X(gpzUXlWV^YKA;pRaq(<RTHoF=7M39GGy#*H)v2lJMM)*_wkL!qQ18hMSdfvB;f
zAo$WW1n6dLkEOe?rkiX%=IRvWSG8WO-uu+JPIdE8xx|byBKx?S>DUmC<-UYrhLK6H
zGmXJBzOx&qP#a7lugF~6sn5N6B^qz0^Tv9)#rw)V#buSXpD@W6KkYo_C(swfgS3#s
zeVy*<@dt7K?%5f4d}e0weMO$(%?{&O1*pOmj84|P!&cNCR$cvuLD?JCUv~z_u5c})
z!na4Q8zVKFVfdQB<o11hO3wBDkF;E`ap#$l2I{M0)1=01<`>1Y>s2()hi%^5KT5&t
zu!y^+tgAJNa7LP)PX|?5JU3ZIaB|pW{0E!w!};@4g_~^CHs*2&YrHx{M#j0bm%xQh
zIbxEH+JrBAJAOTOI0S4xuuR8J>(Da9^D-g$CvkXxAZh=H>ii+&6qp~$nHPvFUXE|_
z!s2tBy1;E3Ch_fC;z;k~EwEp7yM^ZI{`UWc@sPNg`91R}^(l%_O3ckh?5$ne7fAe&
z8^ln6dARkPg9XJLa>(TO$J|6oWUvA~Ox&MdUBV=Q>qh~dk9Lx^9#+VHq_BWc^Z{R@
zJsrKp#(84hqvzQuN36t@4-Gt9T1btW*Dv8B)2)Ta>485DHzi-Z=p4F6<m0K|g`rAv
z{#+%2Ho0hy@^Tu@gv+WM(6YLXVi7O0K8~6eBjL`R7xQCXdKkKYD=IM669TDmCE}b_
z#G<Omo-=>pww#guwIX%?Bn1imb0$yd&cJ%C3iulxW++l~a6q-RQts~M@DN_$dAxxd
zp0{Bg5<JRP3SRalx8mZ9a&g`a)TW<EkLU^CWiNWi>g_K?RB-V|m+?&?p~mt)cIgkl
zYI^T!UuAQtD^y?PyX<*oKL>WfuhlqqRwhR7Z+P7XG_^L*>`9->k!PKD(LXGX9RpoY
z8CeghQ`E>Nw+$=yC?Ifp+s2;==kbmH>nprOgmbQ=Q*WU(q6}N@#m{r*8ux7zO_=&m
zlL^q16W?2T+@s$qyb8;#d!HRO1POszle|p@%|+(UhdF3ktIzblJXo43K<&KOWP4A$
z{x*3J@#zzBBlO7BP8tFSujU_}FYbs^PA#*2%RCROSM7ZHxGF8ZIQkRbC~GH4;81RA
zQ`)C5aei*GL}P_hxcK%DoWafI`#$lJ>)uj)=d1g%WE17d_T$)mAt}LPqrS7LPT3|`
z!L83lBg?$b$Gy09N#MybW4Z9j=6*F9uAhxBxZOQhcYyflz9Fk~02p3uyz2Vof|)jO
zXRABnO!myo)lWML<;9T~%!Qpc3brjeuLP1}T|x76twO`Yb)@hG_8|@iVH|5R&SGvt
zxLdFW?K;CzeZO?B#&0r?WzVbiuA%;$9(hg8v^h+gdM#Uvpkqs9&4LfH&|QUjHO_~9
zj{WNhwWO#>&}Yzfz`myO*@PYMtE~nVnDNacZnBrYNUbnGEPr^mpSSWDoai_nhz`_(
zPEd;oPRMK*?~2dZU`f+ZSTtUV?feEil1w3upUX-7tEe=G2lJ`pmS*c2yYt*7esA1%
zePXwcU9$}kF-Oq1yCiDKI_hLK#ZUX>RS(v?CqJ1qBoWdn3{kxqIJt_(`Kd{km$*Nf
z5M$X*P|HqSJMXA$E&P7jMd{<pXLk8rMwD6^JY99@;7ikK^3wS(sA0AEsp*aGASl+n
zimnw^gBOLzg`WvClWo(iIE-`N7VsKbGI(yoe{nPdwzWv$JuMEr5_B-CHLVF7q04q~
zOk%oHX`kK}^uUH8?K~7;mV0uO!%o-?q0b*ZJG*i^s+l->gsGz|e$bc^g?PcG{p79W
zH?`&2>xy~3;?a4b+I5KsF!y;{gqeHm=9k_NUKg_n%M+(wAAZ&tA|c7AOP@)^7?$NA
zNSFbGays-}#R(S2JTI<vQpxmwJ1>P2=IO>HSZZ@^H;&}$q)U4~@loAu!KT2#EMlrw
zlApod&LjUBYk1fL8nEI>)r{VrslcFRLdG$WINNl9K#3-DWoa`JlYDeJlgN0k@la{j
zLA3Ki_`cG+Q$g5=pO3_HpTlrhx~No$^91}oQQCN-?ydWF-gPI!!|vYy4;M;X8>)Xg
z6xdh<xFg&+gEY)P962oPk?U_ZnBe#;5SeT#J(w=|YNnE%T5V+MRefE3*tw|>FD;2V
zI%eFs+u{!w_G>7V?<}F~*gq4&{_!^CRgc%hgfju>v}z=W))DqlqHswM$LrzR`9ttb
zw@hA05|8NX$wPdWS4RXN;GT1lTpsII7j!S!kUl)Op)mABCem+I+W3j>5>4%N7pYzF
zX*NzuULl@oSk=PGO)1LsAQ<VDnV|4$B9??GSLAEG$90z;{SQ@$25<O|4<yRiPZGL6
zY3#_Q>Q!4k#y7O^X@iZAb4QtX`nTY*K^QaJ)%@qrRSM+$zA<dm<{K-j7TN;I*u9+}
zZS>9~-|#*|MN5Mk_DFN2*nH+SsO^e~Qh29bLoc&1*!Pa^_IIySft$t8(WYafrrWfk
zgeVrBG}f0rrRpv+jx78~h2D7!#uMkI0tZ1!y;$#7aQ&)6GVX%u=v6u>pAy=@VxRN9
zwmxtE$)z`@H~4H=Om5+h<QzR*)!lF5nq;LM#7CBEKP<fp$O#hiJh4q%KQ%{mOG-!o
zT4H@9++bh#DGzh^aY!wyxj$^$S7R?iUUATECyVIO_(**(P&03wdzytZ#~CkiI`e9D
zi<B5JTvmyR6C`VFHaX5Dl}<JRdx}d&#*UMs+d{U#2OMa-$3~mH0@$k?<7d83ly!AO
zamj>vM_O>(p99vWO;^TCS#;H8SToPh#+jS=ek7B_wHxT?EX{eIHCI8dC8jcu&S>vS
z`33iCq{W+GbM!DQRFbL}eOeeY)|_A#W8Dm(C{Kp%kKA__%fl*Ni)}uGEtEo(Rx^Ko
zqm(g)j}x{tzVCau6^t@lZaM)yT#x&b@NKWJ8ybB1yC2^i^-X2=W_jNjs4F-f)8u8b
z-W?i|>JRR6XPW&HF5xB=7h4`3PAww~o0`&?39xSGt^f9<`)A1eo8?mm`M6j>`xU4l
z8IH64E{-4c{(My`NjkLw3PH+qnM0`Gnd`WVst;C9@pg;`V5>P(ZxSAFEU*JF(mT!7
z>k`ywhEjMQa*?Pd_wdqEKP8@WTlY*FL^=!H)%G68#qVZ*-ze|1?`oWCW#ht;V;2<#
z)QjG5NY74i+#ie<I|E+<n8XXlexX)AL!C;vk|PGs2aF6#?k~Xgxx<Am7CZQ~#(mKh
zSS#M4-=vM9&u6lJOLqX}Z23f3TRF+H`nt-?{9he)+DI0XZlH?>S9_*9lhbQhfU?O{
zz%pqGXC!3la_`F3*V?-9Sc9a%6)4U&R_K2xyXbNe)RiQ4;n+f2V(TXFe$p@PCe#Ia
z9Bx8886@`Ingao!u&I<Ix&GgJyq>$(7MMd`DQxN~+}ni(a@YpXC5Ys(jhuSK&bf6h
zqXwE4XW+2SIMGCms^@7@(X(wZr|`<sV)*yN`qrYswi$T<kjAD_eK^xgXQt(3dKV^~
zS|%O*<NQ+T_l~ez_QN3!p#CPR*JeSOB3wK{PMuXr49tm37sa}5haX!^T-XZ!cs3r(
zvcOgBJ+pt-zV0H<sY4m|GQf}geam+3T|jHgEB>PA#ByBx*`z>7WRr{jl)}lT)5koC
zTrZ{Q<${Tq!*dXYKdWniKO78d{-X+Uk#<`2=JL&K3U-(ArW-~D)TjuEg0^uC1ePhE
z;*UW#--@*g;k>m%CY$wi;S}NaB@BPKugD@}S!~-FfS0M(a?79i>(?{SZ`W%R5TERc
zn*{@(*Gb_KuIoDeo_##7dwbz1NHD|}%Dl#njVc_Uw$I>s+=<b05xp|q<h-ARi)7}r
zRHky6d73t7pT2KjyhKx=PPk?m@!V3?wqg&&sGW_tRa9X%UVoO8wc^e5;exeq{dgkS
zHAO`=hU@?>80uB@%|GHJTEsU)=QV6l&oe6ii=fa^2I+Yu6N-T!UiZxA&m1fbE~K`z
zTCb%Px)WR*_K8>!n`lC=vVI5Uj*}lKeyW^us^H?R=MOu=mcS|OM(j5INH-9j)4~C^
zhgQNB4M3-im+nGJ^9^ks+{$@r4<d6mUYnQ+x434I<qxc_VcVbxlCyhqfIGfV&yRdj
zD05nn+853zvXEBAV3`D{Updm~X?xb}^>%sHp(Wn&Ha-10Bp&17m=*R5_@}F1Fd>~1
znG`oN*V-!Q$fuvbdWAX2V|cCS0^aq>LV^Ip^(EOSJyOfTy;P#6^>4Dbb${L^mg{6s
zkPTxT+97`kZ0c(Ba4Iv+GdlD>RCtC!HtOOgRU%vzdm#AbU{%j)f=EyZQ1labS-~>1
zz4gPDpwiS!O?Ep&@bsck-e0yV#TsASF4Gaht6^$1_a6GP`ORWeQtW%^5GY*IXLF1Y
z`CbR0L#lrfN-Z5t(smq)b^HBkj;^E^-r%<an!d~~M@{Q`FL$Z^VoR06)~zH$VCiE#
z%LS~{bgvg+8i5a`%XK<ZiA$7T@&TT6uguF|n?=|{%Q1lW$!sTL0Pg`R;|zO`{ue(T
z_&4$P#KIT13QdG-qxQb<z}0Nyk5u2pGbv<x`dxqE9~N(LkvW$&(Cz(fEF{{l|3f4|
zLL_w4QA~hU-^^JcF6$KZ4T17kE|s15$|B|p+p1oi(=|ad$_Jy};EJ=0-4KzI>pTQ!
z+*{pQ#oM9qr%B=umPjx?5cmmr_r>;!r)A{;nBGS;xc%Lt<Ol7O0pmV6YdCj)L#~|v
zbYNuoBp#VA9*vjJ74;LN<%MDI<`kJd-(8Re;K3V}9yBIqh`xe9L(6>U_5csur{j9H
zC2qdqtYxBNMeG5VR_}{nl?r5Y$&m}MI|EYe%wjj3wu))nHxELVt+28YtCNfussU|6
z!wqQuC?dYqz3-fc!6qo-Z0sjL3&-y_mux0BcWj!yvru2lMn}<~rwIuB=FWDfY3~I~
zN9vDJeze^n^=i_$P{A@SiU7<*$8oN`fQZllBb2ng`U}s69-(SqU|cYaGX7$e?rhf9
zmSqZ9P&mE(#ROoKkfE`;*^piSClT?F#QyschXvAtPNtSGE&nFys#E-+U+VfQ+4b<c
z2gNZ+Nkn)^9$AX5s-}G&e!N$U5c({GO$tL=Cp7PJ!;>l8Ato<p#EByuRvT=|^&d#p
z@{Vlp4><;|&Ub_li^|-O^9zXJ+Z|GebP&G~b9=To>`W_v`YXY4Xjru8JN)7^Wdmo@
zK?#<0VnAWtAZuzktpK|p3}oGaM`o{y5)rYvu}vidaxaSii|uBiUpIxo&IuC6MiKXi
z4*_8BOY^K-pH>@L4^`z1tpFPcK$vPDx?M(=<hy^aQrimdS=cr_{PEksCB%*WncRWV
z(r7u<A%7?6C*a?o&52g`sAdpYQlzfe0v6=&p5fKqF*fy?en5sdKDdAUGae9-27B+#
z$*It0x-6g@QNaL&o^a4K+%L?*N>infc~k#ygnWCg<GZqM1TqElbm}E?Drt)@nP-dH
zgxC<lUk$q74`gaeL;Bww?S0T|dq~*dZ&S0E1uqLmb_$07{4kgD$)2GUP1JOdz}gAf
z`~6|dnLIvfv7u^K`LriFr*_tD`*+^XJK6)4%040Gc&en_t+#}!Z56B}XL?w}uF^Hj
z6z^oR4jyl!ie;tTSstqPW5=GV;g!@!Oaqd8F<M}BDy$;pcB!LwcDn9-+sx-|J53nz
z4LC%PD#psl=D3!q*E9?OT6ho8U@Y<%HXlAXboJVkI`z?jpT$w616d3xf6+$aVD{4#
zW%fb*ZMPm{gr9SL;VA(JJ0mJy0PkM-bkm9|8wCZ{z>e5cXc7?nm30(WRJvBdR$&<6
zpm|`G8r;)!n-L{^=D?uFcI#J%bo#6e<far?(tj7X6+;xZt}xusQ2ytjPSk}jtwT+1
zI5<j}Oi|S!ONlz{X|}+sg1|#yLcg@M^obwuHH=Xo-0Tz5sHn%q6<}A@@~12BKX|Xu
zh}(WF&wu}sSFN;Yf!YI8aEIJnqvPSZLacO+Cq<~!c^)lkYMBtnX!#wfzc?2^xGL9w
zvlgqwn~?OV_040p;YrChlOHb}Hz21SIppij0eK&p+i|CkF!*q5X;);pr@WWOz2d|7
z)#^O}Tio3(wDPwW*F)U6XpD>@mW_6gA8yWmX!Z4-$2Pe(9lon|)epf8m&=~jFqMNb
zs2IZ+(MGCm&92tHmIC(9x_Ok~mk7uTTDGos<vx+aFu&gYWNzB@bIywx8ueaYFrDqW
z9EpQc#SoLp%<UGHr8{i#y^v56I6OrH;7qU)Vo*Kaz^$rAN&QldPvgKhGqq4FQ4rXO
zKtOR{;zSam^f#PHGVmf6y4~&Lk?t=?fm7`nHg3lP%pXa^UcI9&>e~m2Rx4y#>EU>g
z`mM!|7ptE45Pu71xBn1DP0OIPV%LiU>m_15PFB%tAzITw*-wkyu{^w3K7<BKzoa_@
zBrSYB%;piF78=R+9(pVo)HN~%SvD}O<zAS^kp|FpjJgH|%3BuBJL=`d5FF1pAN~mW
zUNcmQL7Wqvdn95y$a(<s`dqi2z2_^~TuQU|BTYyU2Sg@Z^El|OJVzWiu48P9iUy{H
zXZDI6XsF{!j~l%x47JrXd04eabZWgE_wpmSb0cMLQLxTty|)P-4)Qu~W8|<ug{-W2
zx|*jKAh$Q$lOK8u11>Ed2aeTER6!)n+$-0;LU&Jh+fU!uNh3jk@U=84F7@8{8_BWe
zUh=j#Yo$%c77@09{~jBgv{jgs4nbUjeJayAVOgDSQK1aLdU5g$=#AhLrDH-PY*s7A
zMleqp%Di&vQ$4|Yp|2EioR@U?ZHIcnc-)*Xj!(44yW;6&#uW;6!cBr}pGjkQKY5RF
zZKoowr!x&pXn~s*m3>_DTnoLahiv7&7GgEMB6wGR>k~t6p_Qn#p-=GGH2}}qei0O4
z(Q!B^vH#@LiW{Qm*d6d%-?O{raYCUf&D7IEWI|a&bo8jAB8zOVRyXYB4-C><(WnJG
z9iRGxY1{ctEn(Mve@j98QfrUL??(%zBpLU62U$r=H{fO1k;Ugid2B*Oot1dEqi`Mj
z$&R=5CWk7(uN3z1iQ_NWPH#B5xQu%+xYxrNS;R-k1TQ@gYi3s3(;Ln&|6E&XBZmun
zWQDm^!x?JCSp{jt%GoI~xyq;hagn`l`gI^L7rjNGZ0Z@Ig11J(zKN@%zdRB-BEYfq
z5;<eOaSY^*+wp`~B1Hj$$#iS2mN)mI%>0LqS>ABTi0x3r%N;CtZ*J`)kHbQ_m97PD
zuHcTCr;-SWTR1Z1Fx5eDueB1w<Qs{)jUlou&(EB+Q)fD`ok4^HHbOUNH}eWdkD@{2
z1rvZ(+ig8&bgIP_{>n3^I}Uzo`=d>zD7)5A43Lz3k@J=oAaor-x{|I$pF8ybaFw$e
znerG=mb<xkWYBURG93MA^b_tN_=jv1bVm@@J4vBZi%A~$xE03NngOg1`;)L&j1oNV
z2-gMqw6@A&uZQTnY0V*BEyi(OChCMe?K)5K_6{d74tTTI-ir*R$Ha_vzLd5{jo|fN
z15eHD@t^wvKp8sOBHLFf=WEIkiUL&N-eSA>TvelRYI6usDIN{Pm~C~FKN-#g*(pnB
zv=H!D+SG<zBQM>8qQB=B7n5KO`yfZk3%wgJ``$ZwKGKPxGJ*s&-}hTP@Q|ohbGeNM
zo;k)&cD_W$CSr6=_uBse)OQ`o_bbPP1pIXU$>@@zA68nkXarB&msWjhwXh3Sd*W+t
z9G2s;f>U%;x|f3nJ&)@nJZUwybDQbO(fLKLn-=VFz}-}%hGO?u3wyuqwla)n9`02q
z19rP+&g&8ogZY_^8zk`yAtH%{x?CvCA)hvu&Mqy5z&I*cW0HD@^33ity@l5x!%EG=
zO8^@m7nX{iv)cT$UF#uO%vP|&|BSCaCK@B0AE$5%qJ;PD=HMq`Qx=<B+jbN>N`fho
zxdq9gBM||AoKxvtr>NY-VWg`ow+#b}UvqP-pRS|X*7Zo1FPGobR?mv3#nNU9M^d5s
zL4V!|?@mHi+ud=9{m#(Aqf{Me?SOg7PoAn=GR@sf{fgMa!VLe1c8Rx8E3FpOhh(Wb
z+%FZsjGo$$k2Fv!_msrZ0-Q1Jb}zo&R>r+>e>}Cb8TsrsKZGOpg{#LOCIQd3UlGFg
zGhra?Wc_-;2kRad6`97hQH`>ZZz;tAc+vE|1T04{SWO1O&ogPs-{`79KDz#07fDg4
zmDYi0$E|nzV;foz0~{l7ruG|I%4^ef_^uAGy03Ho)ZK0Jlms@-vsE`ieVx+TeoOD!
z?_@r-)*D>Qs++APl4+@THR0D6KWjAC#NLR{!)Q9*8Izia<qr*#>2x*><inJR1>LNi
zRoYpPo}QLIJd>ft3io6KQ#rBmRSI*+cm_~nQRAo(X{FHNr9V;hN6V@Ie4ds_ax_Eb
zJ=?Isl)34w>Wyy7$&SfZY<0bQ8E3D3c{;~k!&G;;R%L(t_X||(7ZTlYFz2tD=IsNE
z92`%--0tKub<N!y`gM-28|_fIxE{B!8v_)CVr1&<d`pU3A3>kCT+iv(T4y5F2dwmh
z4>=s{?8E7aan5epbBk>B%tt%NPd6hQ;_K_vCskM0R5S(xZL`m3jFy(=QNFGJz+z&4
za=YAjt)kT!vxB*+>h9iNlhO7K9Ly6zhFaGH_514$h3ntF<X88HB@NDw{mF4ggoyYh
zk)+k!oqKLcx1ig}+wVs8_Mf9pteyv@Rb2+RjjY3Zm-*3fIP;nedc5M`SnARY8`R7%
zd139Ew`JN@#Kv1-o*e(q&2@pAkc182Y(Gjo8TcQi0Gj8HPrb!Lle>m%f}9<m27Juw
z+yebxWmtakR4zo*34ZOwWh&)T%vf33L?)ur6&xrPnbAzrO-(X?q`}(`%XOYJNh(Bg
zuK<^YXC8av>83@v<~j~3EF?c?14@hB6sXxje&X*tuAGly%1=IYA=!%hxaTs32qjP}
z*^w1LLA5Jrdnh>EI&ydlXU;G8MYD*R_QDI8z;a(GGVrq69Cu%7fe%fmnP%g>ATp2#
z<<}KX+D5!!K0%00;3Oxmqe$Q9ck4I;TJVc>6CKI!T{8s%$ID-P6Dtww%&@2A$|ly-
zi2=2_Ff5=%2ML{w=QLJD_~FfH;!k_w7!<k&h+U9Y(LDFx*%&8t7>2#bxgBRt{`K9V
z^Iw6akzhoopm%n2GaRgS5ut#kB6uzxv6+t`BHQL?&?lP+pNdXJC9CvY2c8m!3p=Et
zh(4JPI~iAuL_`BbCTp_I`qtk|vkv0Telkkia?LD8TF^GN&5xG9x`+5{;lrTJuXhUc
zjEnl!7MZ-Xzn)hypugc6U0vY6ETp#tL@scG+WHDPj&8bga&iaZC#Hw^!H3?RT&>o6
zPnoj=X?-&j3R61m<RX?dRTM)s6Q)9ybsoWrw(I+!rX)RmG_l47zPE*<G$V3R`uu~X
z*Bmep1k3DR$%#&^*Z0+(<t{aqd(O$C1ALLq(K;=CcR{M%>;CzgEH_k;(}gIZR4a#J
z;H$Xucr(3%5bsf4;@vg)Ed+7qa8^m^Iy*dZFpX`a0@fd17X=W832{q+?B@VKFUe^k
z1D>dVJK??<rL*&?*VV|aIOf4(<yFgT1gn|1$W}>|<!U3#_(>-j>4U83#joi^l2|<P
z9_OV2UEDgmrMf2fqZjGc>@@8DuP*m5Jm-tbmN8cudo(=?dpAJo_${kvCOatz9~U^-
zTYGZlZO3OPLcBnf4~S*O6UnmzN1yE+NRn*32M0JZ4Vmmm)UXf@?#`{@Ivcc;zyECG
z2Gl1lS$Q%azuPL3&{rud#~!E{$J?g4-y)gPq)y8dZhEqCs{4kpJ>QHm>>xC;9S4^L
zJFBk4v%-VL60txlPraF#c<eh;lR<(ZxB7|3izHP>)2Zr_5wj|2X}rL%?G~tq9(_Z(
zm&)Z$N`A7@1ufF!Xqq~92Vj`Er9FH@;QoaiY$cm3u$+^YMjP?I)LOZ7UmOE3&bCf|
z)GwW%5OUku%6oe16)wPp96fTFy;x(#pTrYWq|_j=8jJ(JF7cM>F&rnYuHeKI@rxhG
zcOS4ZCj$@W%PuqJuq~rxVC7@u<Ku=knpZ)s)9@eH>N5rN-@&w=jU$3}0V#3{#7__Q
zsmr6$+uZ2t7oAw&l5lZx`#aYhHF~=0O=$K8-)ITZYbD|&#h$4w4si=dMG1X~>tXNd
z_klblOo0anuj!b=U7T{d=m?iPZ(f+#WXbB6c;%#lr?51&mO81IObiix5B4PbF5<Dl
z#k)FA5Z3i+WZ5@FLyg)704=sB7wluxWL|t66^qt~hoDJ{bW6e$a~&={xac(<&+}`l
zcS~yF+t4wnVgEp-lh1K~hrD-GtFnDZ^-;204UF}!7&`Iv$aGj3%$Qi_-x(yydp$HL
zqh4n_N3friR#@VDR912fJw>3T9@p#*?z>vwd_-%MBfW_V8|Y9fx`=UpdiYbuT=dw8
zbM#8?#@gn<ag4~9piR*JD9Y=ES}U0P6`bWR3Orz8jJBKEMeh5y>Av}Oo2A%X1`<}Q
zCpheV!Yp&)rE$#2+%i&W`x;ObvvH@uzFs$Y+HdeVUc7=_U#Y3<V*+<YkKTc)DqdG#
z_PUfAOfD!SXyXIsxkzGFiLaQGSX(VN&e--|>CaVI_O+2Q>hSw=Oe}JJduBuBa;+RX
znYqED+CpTtSW9B;{tCIH>|2F+5L~+?0hqbMs(D1$;sZrOx8$)S{Y_#r`HcCR5ne<r
zw2${G87XiMUnN%;d#Q;V1mEzz(TWYeB@7fphLyynggry4wrio?%Jj~3{<B*_mx({E
z<~3BH=W_=kX{@&6^II4C7@oCvZM>2;t$-<Y(*Ucf9Mrs*>os2@p87VvTbu3h1TL!D
zE~#~@WYPrr_@r~^ELpq73p<X)mpvKH3!Jv;TWi&_xf!PQ37$dO6gHEv>^QEP1l6)^
zUzhG#&EHE=$zxr>lil7SU5FLAoWy?Cxbn=Q&--x~L0q@F0c-JV(%TcMLDmRG24>T7
zwI&WLN%_YE$MT;nPi*5d9xkOdK;5xTUWl0t_$I4Ae?+(qw>`$7@;YSZ(dwfJyjcZt
zlqk&*ZP><3!BJG$%g^;6=Uo8dMivo;esA&LIgs8w6=j$(UFz8b%EHsl=|)MK6JtHB
z=*wObt%qLWK9<077~1prkQXm>clc{`#-Of(fk9xAl}-syRz{xL9cDC;^2Q$Y4*4*@
z6BK<)-tg0FrM$F}qPN22evf{{&3?n{YNq~Irt|Tvx~lV*$w^t0<;c%Q+%M@4M1W0N
z=MU-br1Zq6;k_k}EZU&MFDioX;YZD;3tMct4+~`OXc%#kSo58G5<3=yMvy79IBO1V
zWfP+lRPu!Ef;z1t$<f3>D>@qCr&`gvW$l}u>)$4|<UFV5VZG-K!jwi;`%ZIjd32Y4
z|Cz|L1?R1P$kU&H(r@Y4i~Tddn4JwGMH#&pev9md1lJI3J5v8}P-eo;;qmi&FZWQ+
zxE4pOx)y$H-&k{O^;<6R?U|{@GgW&;>JY54)MqvxM<g%ZJOe05K>GwWH3Hw?TiHh4
zl1NU!UXu`7IDb+1WaiFv+wY6(drJ0J3v~u;1ZHJ{dFU_5>W4$yazGVs7Gfy7u{R?8
zX87g;aDyg4S$`?tOt%IQnRN|(&KB)22`1scFNYdg+v%0E49d^C{VphJ16aecomP1!
zX)r|k*_zFyijjIjlA%K>a#9^V-R6Tui%hNO;UnHZ6tV(cgK>BWF{!-JRqzzWqVo$C
z>AQy*HF~In@FSk0`Jb^HIk&TSlz$g>xC@o;MS&!|VVy#FixPnE{riZ~;xj-8d&C@@
zV}WXf(RIR=#sut2z3SC665!LyVKBbsV!1A$3b+DpVUZy1rJF+5Bj7LL@YoV#6QrzK
ztQFVl_cNdhI3+XbeLprazK_`wtcZ#YXQw4#F`0j0T)p_@Hb{JjmAiuj4|~%<GxZpJ
z+c~_#J9>ZRv1h-NVDFW}_4|-U|FoS3vC|R?hdOL;3M{PunF!x#UX)D6h5b*e9|?{;
z1#<84J{M@)Kjr}LWp#gKd2PGgtX-W-fgC`A+;K7)Iw;rAtHHCgkMpGMH2l=V+m_*+
z`6qCv3yWD48+MYQ6%L$T*x&!BA4^2GtP~1lHXIQ3lZ)PrIBr(!)o;NjZVRM?Ks8*0
z6vu9y5nR2Q21|O_g$%Ol3CbyuhfsXsfic&mX;;BNCrRYKhYM3#7xi2A3a{+%?2Kw=
zsM?lFO`bRrGQ8}jTpyrg#<2Tn!^lQb#12ZXKdyvC-3ji0X30y<%V$Zl3J!exMq6JA
zA6#6i{W_A^wb`6)7QREu<2m}PpR#k<Q=vK;W`#1TKLBdLs3~_O`6+><kuABm-=pvd
zvG-5^`Tg}oib<2Vo$-n<r7Lq&-_9m16}r#IN>(u(?tVNITxjDXME$hA*Qn2|tq8Lb
zd^@cbuZ!5rglYm5l~`DM($=P8==6dgG}p85DjIAydhL=^c}^v^1$_JCJ>s~4Sg&S8
z^pn31blL*D7-;Wf%*?4Xi><47Ox&ZI`3Q?Iub~a^;jot-+(c>pO&1bt?Jiz|t~bY%
z#ps|f#ZM)u|L1AgR9|Pnw@<RASPjza$#Qxz)?GUlEjJEh>Uhg8FKL`x`+fxfa6y~Z
z61F;%*PR^f0(HjJQ#*anF)8dItW<3VUTX5br4xJCW4tby6oj?9=H)KRMI8Dj3+B4F
zjhaJ2!VFr*q#2kE%)rF~z5%Nkes&?|;cN~0#ZL+&xtH<SaI>-0O8EZHJFN-FzCW<a
z5TpNDV~v{xP#LzO<OrDrrQ|1$<Kw0#HYE@i%e^JTI!}nq#!B`!oO0)ktmi*kc@J$o
zASmCno4pxx;V0xl62n<=+hZ!7;WE$5N2Dx|Z9Y@-W|Is5Udbg-|LQP7-J<zz?NGhT
zS(f8g|B>^sB`tj*@Bc^ITSm3@hTnprv`8sZXmKfSE$-T)1&X`76D&A{L(xK!;_mM5
zUJ4X<4elBW6t_u#|9d~(nOSSrWaUG0Bq!^<a^7b@``NouJmIyc%iJ0EWtco1n?6?g
zz(r7<fkRv#ObEc-k8G~9;|?S>f+<=GUSp9gH4uUD>uDNH=WLi#6cDpJFF9yi!rU(<
zTX9y0Z*t}p<}hP7mTt;cEG#8n3bxn%dmuVTX%2ChugH^H8ZSM3zb07gK+VgoOF4qT
z5Q$e>6vE>?V&vh5$*z<`IdOhJG7sKTe*XIz6tnHT1{ju)rIF6xPV`1SO=uRB+4rD>
zpkpP9{-CunI{-6V1%QS7F-9hbJTr2;;(XSsIm+-h)$qJd<dgz;SA*jtid@(o)6gpi
z`aqFku<iLQEf7Us*^31VRCz9ra`{%XXLI&P+E(yXw$Y!3M(Q7n#Oq4j;Z}qV<~a>J
z?@FNnkR$&7)4##&0V4J4`7@rdc6p4bpGGR+O!jv!C^GIX$E7y1lC9Y>W7+TflVK!t
z(44H;S4&^DJ&sNf`b-&zl$F$MWh?6}o8q(Q*|Rm;u-hic<uH$d0&;{s^MeXn=yy_T
zxMs!O+hJ3ihKOgWFj{Lq`-V`hJmArL_VE%ZyZwbo5@t|O713l$ChJ-0_PHm#z8QnR
zrBLtlmK@yYS4rU7r4iG<YwIv&Npw{-TuxOfYQZy>6fde|XvtQ8!YJwTw4^J&+PWZv
zoL}~;uHFjUbIF+MtH)##doeeE8HmBMBUk761GIO{bRsjC*}(KWMN-7xnoxLD(-i{?
zuuoBfi?5js8JI&8<w{ty_+q-jwbFSV9uizy9E_c-rm^pH?KdyCv46E{J~}F{WIV+G
z@#4y(_0D3z6*ESbVf0i|Lw$46>B&l3@!}V^-@jSs0d(!$YB@(Bi6!*7(IG?NtK7U*
z_l@Y(T#$1vGtF_5H#1>GxcM{FC_TWD9T=nA#g5U{;-RkPWGN(*<inAT3wl=2gk=~a
z&4}dprZ@hUU3J+C&5y3hybaq(O)ttnkWe8)BN;zYTp5Pp$0oG~k*R8yj*w1X5FT~;
zT(W87*g?=G*bE&Vm{^h-6TqG1Ob`7qXd~yAMqa^qoH%uOblRE#;LN>FOabWkoh(gu
zg1$@`NgZe^$;7`c#IAuO#d0S_uNf)YtXK!is;Q8n&Be7Z9ORuh+TWdx#LIuEUCRKx
zi^}v+#PGn>XA~fm_$}q7hAZ9dmf|n&8J`#q?Na+tS66`311+d#dxReCjn!`~$Us?D
z+v;6)U1z_f!hygagGK-55P-b41l&lr6H}Y3ViMx{1;wB_wpCB2*vC{>$6_z-6Qi6a
zxM%>TN~%y?e${$#IB6d~O`uO)+(@^3(Q;LOJal5{E96GkLYJEbwQUkYlAyj&;^sAz
zd^*Kw#)RRYf5Py8cfW)DjxsL=B68T>CV17><e+k@i@HKmFWA=T1NihcN#kt?%8#8u
zw`X-6^b2Cj=<t$Xg;|2W3=O&y(S=ZP{}NHpR?2(Ih`eZ~v67{F#hIPmNNFRkTI8-u
zN)ip}%ARPie5jwHrua~9b$+`Pz{@U02x1HCagA`g&cy;2XKLUboQ#z)Xkd-mNbKJl
z(bn;YdDk9#*HO78pxr}!0384hMCUlPNl@NZw1eq0T~E751i#y$=i7_rw_G+4*rMPU
zfCVlB!*gEPexD?$P_%CK^&UWPAi7YM3FZ|BEa&cPbFqONi`b#M+;ufhEpH6FAzP9O
zT)%k`{CQO(Y}PKf;7p2%dHK^fgu7vo?RN`>YSUBwZBQvNg|Rh4a!c^E9Wn-fu-oOf
z33dT>t%I7*3(nj?<MtK@OM4=m{P?a-hqu0~LZ>HWR&$g5t2<4T+eYr7CYB#rU7Ihn
zSd!K%%4Ir5R1CRVTvtO@x7_}=gXK>2@y8;%c4sE;;+TKLOkk;R->u2neGN8N{%?iB
z0pbb%2;g-gVpvsy8D@OV54C8Nt$e$x1#c7u>v>cX8E?#Rf*PVMgV5j6H_<YjO^C<8
zfBkzB7-I>d;&~N2bXpb*hQz56F*G@@<V7CWNY4eo-+}Zx1g9U7TXM|AJ2u1Rnm4zm
z6f&XCg?0Ij4*Kkjl&!fAi^#c|gucg9q3bCDz>7ms-yKiDZQV!)avAOp@_9@VnF?MK
zzEcTRKF{-?#&#f4=ey}u<du>ZtueB?`?Bg!&w9dtQGGS5-?r5nQ!AGJqf_oMP8&Po
zu;F<9d#b^X-{S){{;n<(jeY4WvT;K7hZMC}Mh^2e#e;ipg~KW()H{!~ttMA^ek5rN
zfa?;pZa0oggN1f7ELYfaX2GlMfbA$RkG0T8Pw#%F<p2xeDM+-9l{QYxIN^FN9bKa2
zp*K)ea#}b&m%oZz%t{=;dQ$D#@Yc&0HtDU|?|gy!QGO`+7lTcy?2m*6B=oQEtKHus
zRszDPUDFUw<iO|#gnG^$8f7Z~E~|bT;F|%#rSr#8nSh>l5!*ZAgnm>|iu2HD0w;7t
za*=O=y6T$r)X2feA5lP|(MDc5HT9=mfuE;QP&?8|65qe%?4>_>B@HI#xo*G<Y3PB+
ze8$W*s~sD_iCjeZdvgl+tt+bNqXSNK4IWj8p@l3R7f1f|!FrETonD-aW{CLrq)1w^
z^FX-|d^j48hw@ZvbR8j+F|F}+I?c_g6@{%7<|vk&rp0#O=hhM4;Q4|K!*Z3U<PW;o
zZ+CHchA^m0cokmJmWks`vD<dENRUtfUR37a8p>yG+3q}Tqi?+<ns0ZOf~pQygeGl+
z3fN_RE|hIY4DZY}-DRB;)ue&p5^P?IGA&h=JLO+B?$eUxl6N9Ly^-rNyKdhoF6u<0
zWs(?ZoTt|aKMk|I&}wbASKM`jD~de$TzOcE!3vA>RJ3ze1?!pQo`;GM*;|6@FCNQo
zTLy=yE+hla?u0Lk&8HtAcW0=Vy;)2XeNg25xOccWy{27u)p!3|1;9l8s7dcYP`ct1
z!Im<ddl~%qJA{QMuuSx?&-YRtH?$LUH+4>80p5F-)eaAh>zhMeh37xq_MT8nU+r>_
z9eber5r7D3%@qxjA=n)N-1-EA_g4dX!wBPUQMw0osFkG0h>`NwP8xu@W)Cu(EQ>Li
zN>p1S9dagntkY;=1-2a)UO;)<9OW~mTOwOF?c8PUQ+J<ESn<Z1E>GD$W(Y#BwK)ZM
zu0;Wt^BRC3kCSP1Kk;tiuSfaElHA4v*|Z98)wV#H&x$U?gkEE5Ta@l&<e2XYPtB44
z4Wf?ht6}Z=LjAMwhz9OJoJIYs0=vAp5frupMswEmQw2Xj_ACN~Yscy3xJUbRe>HN>
zGs0RPwQ;VQ>7NqE6ZzR00BJ0)ozK1<^JM194tR3E?QfvSA1-7<hm;yC1(0pAg_Vc9
zWfqKz+;et6Tjty7%F=4^KEd<3Oe|%xVAWN1Wy}v`m+jh%npFn*QSm<i6vga!AOKiE
z<@eRs7ux{?&@Q57y8Dh5Ce)gZ2RjY%A7A}X(_o@@4fPvnoWUda)h+6y?KOzfi(=&m
zo4Br=1nt1t#6vSRq>VUIi#Sprx%byXI}E<>uJ<&lC*jl_{C>J>Hr7v&vvd?Bv`fv+
znXQ9G+*pkkSX)YNEI6hGXwIgnbO)Uuj5q=>Y9kz*w#P&BX1*nUpcC|0b6aHmpd%OF
zcX=!7?rcvX<C^zse{thx)N;8+(v{voTWS1sxs<}omh)r5Us3bl{+wRs?H)7wW5Qbs
z19DCFW^<vImxGTxZG83OUhBojBcIt8))fQH1KI0rzb_2&kdvaWtxy}xcAioMyMRxD
zTmQ<A0BXu~Hpwfg1Ev<<`Xipgh&=pV<xyib4UHPI$_G5f%-LBKzf1Qvn&Qyn{RZnM
zBr|E*tEr?5f!B^JgcU~ua63Nq#p^hU_ey@Ldcn(ofZU&Fy}8GCt{1>f;}C@6X6yT8
zw0Bs~O?K6Xfyt+g3<myBpZMja4%_g7qt=^|$^c{HdOumT{6I*>e8L5UxeW}l2cd;7
zSH8RF|9do3SowZPi5ndKizX={^fTWQcGs8)K334}2krZ9lZmiSF;JWEZo$ZNvqjW=
zidB<adDa;%_Z_23EmsYGNR<Sw{Q2Mj6B_jnqKz__;#@B#@BTDyUcQ)&eUlHg_2q$#
zAn$PNtr0>!^96i~a%grS1tvielZH=4TUyq-(JLjqr6i5v*hP6V>aKJ$r_5~S^ZIBf
zGPc{;>hTOGtScQCWfKJRrHzRWdaYhFIGlQ`<#RHHA3A&`?$D_#q1P<#&I+?1cCmeK
zh7A@@UW@sk+Jr2%-KQX%tH%Q=@Nt{L?-!@;Lh&7!0n%_}N5f6VwK1e6(YtQSE2NL7
z!JX-QV@DwE8L;Gxt$yhKU8>F{=5nnp;xW=wF!I3sUH|+l<DNj4!4;IX9s`|@j_&{V
zns$kU3-*mJFGFDQvhL8rKG{)M{d`gs&HB})?x^Ve;qO8Lp9CIptSTS|lb#?-dTH*H
zN*_O9ViXnVndz%6U~+m;lAY>4+lVC%)=t=q@_LSK9IoXaKK3wHN1tjKqI;5>0ogm*
zr6AX@C>jlXT5$Huw}zwnc_D^QpeQOJ_LC~AA0uiGLtP!=G^wPj-;Rc8GYz*tYg8bK
zx{XR45GTth=1FE7aLygX^fgM(GF@L>re!O(-R;+<O1wWmtrb>zL1yJuo2`zXNH@JV
zbL1{TR-mKQYue|*ztCu;B8Q$g#o;!Qy{g$N%>G7D&?_vrLf*~lVOCn>q^NYpPg_#@
zCh%PWQkA^I0i4@bHm?M_n*Mi9G~|PJbN=6j7l$gSbj>pXH^7HB3@L-Vao38EZg;kQ
zX&j!jB~Xf0m#Gm?{`OIk!R({}*zD~xvn5w)`$|*&(?(6oA1KBwe!cH{`-Ux-`=k{}
z&iCK~a}1Bhb6P&iU=kYBpKa%~vRYT;;JXi|=Z$azJ+pw0VD(a1i6{NVrW&yKqgL^K
zCw@s6W2L@81n4+_kF}$gr81X91^u;myUr1vNM+~&1>LBgtn-+7p}rFP{ML_^Z`T&(
zO8)jbHYnc`sPFLFYt%h-&P7S&3L=NU&Wp<uG0V=1x3xaB>nEsQp>ql0#QltL?KHI<
zK_X;PbSC^*KL7CYXQsH0jsPxhY*sN-5=}RUyhl4GJs{-^XJ6NR<>xl9qN}%3W3mp(
z6eg(8jW(Yg%-)U+bNQ~zK|OpXn^A+eL`GovL*Vx2^|_RTtT3;tARE}>+5`I4+I^b>
z<VXP0+!Ut;QEh!~B9O<5;G2CDRw6Jp1z+0VEm<ie4>iC<&j>E4e@{LY%2pxJzO2cK
zOM0U41bEC|9HZ!0dv7i!uI^`0Xn9|p%i+?s3El8mib=H&NvEI9&OdrqK5R}DD!S8|
zD-;~{2V{MqennUM0qMxj0>rqH*2&jmI5aI&+ev~5Z%CHC)|x6Cd>?OhL9-x2G$R5~
z9XTId=x5#p=*L?}Xv%^67YWXa7gJM^_9d>DKv(nJtJwypojTPbn#TOF0-U~&G(jrb
zbZXZ7vnm|=OI+xUuU6rWnbtcos80j$EI;n-D2`oR#dcTUe5z_;N2?&2=QQrC;a0aC
zF*IN|>$z+Z0!gS6qkIdb=219K|5KovXyWw*S7M-f+U-4T7v((uj@h-fg!K<21jw;~
zLOg}S^FL3?G~J9)fcHi<s<?!S_|M!+zh2d=q=?SF#?=JKrUXb1DKE!(y8J~JDdzbj
z*g)8Xy&nyS<M{ew7FX;5sm&z~7BSBwN(#yg*2OMlhW~B+G{63OFeJ*0Cu-sMp1<AG
zBM;FEJ%5*I(&Gg3aflu#{zoMzFI`Vy3iiB`e>abDH)GnFgEG%$z8x~Hq(9>;<NCM<
z$+=MfEUOSdJLbWJKh(9yb`)HDul-^_Y^u;h<&4}`*ir9J{@ma(4mQgnrkyy8+^-Lp
z8EDmVy;Uiu*{luvjw<hc+>EYE&@r)fha4qZtQtSOC&;t=HNKbIu=Q<0!{2>?(_AV&
zVPwHy|LyXnIx18jg6rlgcW%$~UY7&xTeSema{OUcP4pR2Cean?xc^(wTPb~-Gu`*(
zuf>{>W_;SPm_@w4f?1N&3ON(f@NOEgT;IMM>#BPoHL9n!2y8~)HYf*BGt0vk+q(n>
zu_V3uo0bXB=9P8J*+Kq4(D;CZUvPx*+CM~!WcNwXY%Y5xO|(|6Q;$~8EVW`>yghRK
zP1u{xXN!EN=h@v91-<K&3$ujeYhY07Pv!Fgx8#nTL`(3Ijih)*1(-829cnVFiO5xC
z;)uy2t;OD<K!by=1$<>+H*@k_ysSHzz+Ve1Ywf0)QA~2Ntm`;X_y_OEGQBCpuE-m%
zI#38-EXZcl2B%M0D>*}+twok75h0P+@Fluy1~E-7F}3GQUnWTC7nFwC{<U5u^H_a3
z<IS5OGjv<`XBp}n;-Vy*GeV9t+O_>$LtNb?Mg8*1H={zd+Uf|~uwr{iT~?qpM<8O6
zQdfZd&}y@Ioj>gys1#^~T<J6v9I$fYCtQ-Tzx#7CP2=iL8Wzq+x;P6w9d<YP0y*T|
zWfZfh6Gh!bxo&)Fmiu9Eg5IG4FPC=EXlTpj6%-clzAJ{l&dST<DlMz4Q>rsci^R)8
zPpRU7z>ypU{0zOs@2JFnAMs67gR-cJcZ^|}M(#qWKKEY$eXrHq15Io=E4IZld&`ur
zPh{+`|4k++ZHTi_)NQiX;?g2}7ntK}FnU%R-0)y`{&>)JC+CLAf0dUoHMXC6_l}Z=
zWiA~55mF*|O6S`RE~Rcfp2K2E^Ih)1He`SLb!g`-pT5vrT+1CJf&Hyq3ny^X{9b+T
z49^>(!Dq50N$^E5;i{eICITY?sNd+*H1IMoi|6|xfyYJ3ji-Wabl{Lho)5ymPjUTy
zz>|hE_&HUTMgMf9kW~~XEM?(b<0O-_MlteaD&AZ01ud;ns&d}-->9pEna)MZp%Xzw
z;2w`u$y2J{S<St$JeHLP^FbhdCSGG~3!6YAM(xz>V7OJhG322;IAcomT)-O#5glB-
z^mlAa4*vQ<w^8G@7z_BQZVz=WDD&>_#C@6b=Nsft5}-G}sh4H9fsoO!!M1Jq{M^?2
zh?x?kbla_8_=x<`cT;ZlQ_n>XLL3lB?8_+si!O9Z_D*BFcZ`fnqA;LSHyZbHIuLO0
z<a{u9+C~3|vwzxT_s?EW$O|b5yQKwc`>tM6fnIh>ilRA6KkD7BS*{Q?D)D&RX?nYD
zT02z-B9MRIW8@d0wcqIJz@vlH25&`?)wBOH0+9g(p!Wj7ok4uK!v7F4M5YJ3-|M9o
z4$?m`904~r_x4{m;z(}*ZxF~n;s7UFnMwB53z?iR!vw@*=2R&k|2xiuGBB&HOsMmz
zOI0CK!gnFvgj-$Q)7-p+5S8j#)_-SqikFl~<tlIbe|+beW_@21`B5hNbp&xjiFFPE
zn?bi8*Vq3JJN?Pu`2v$nq2FsE`9&91pb)K&GU5`zzsvlu_qx_Siy~5^z-E2C+GNXX
zrmwoM=Pj;xz!Xt{)O&^hNqUGXf$R`CK4pAe^_O!`HO23x`U><&epSXjXfsD)Y9|@S
zsnJiT=xGpGQuD)<?M_%P%YXTl%!Lz+H&q)0KB<iG%a{zm>E|z4(!b(#0c`wCwh#R3
zF>c6>zFt*0jq+O2DW{+`lWGKTg*fxs8mnXen0t)WZ#?{}tkH&(3_X1?sEgL1awqRE
zJBkZ7#P_(fq@*KMT5^h0S8@tBzP!6CUV+gmrmsUT^!4>JZp=dllX`)A!-zI?{!*96
zoy?1sk_|If4wY#svLFFib>4eUAD<qjDszZp-_6rAwrJrY&^VIYJMw3gzj5B=0yi=d
z3mL`zhx)PXpqAwjS3+|1Z#<HYByXj<aKt|x-vW80uL3q5?>pB_%Us*R?l3SRonI>`
zD~LvTNi3#fj#0AMT)uhqq!VIdz8z9s!H|!J%ofvDqpobbvk81#-#V`OYYyxu@|Eg#
z*wTXpEY;Qfu@lwOv~|FB8Z;_%EJM}Ky2?daJXSAKRNP8mSBkvjk5N$3D`qL2`ue%Y
zdY2?Zsn>Oh2aPZ4nbjA6p8A~b51<O1Qca(B#DC#1f1j*$d*0rX2K%Bc>!t5utnX|<
z{zP3bzHZ&q+6v&tthnFea?naja=kesDXS35?(yrk1Z(lpGt9n0w0X7+QdMRJHbi-`
zC5VR73?@Ol6^YRDBYxx9s1cWXW=<rKKW~|GtV$^8K!tM-vPw#u3wn=*XeoX|>NV2O
z7elu2=6C0hst&L$jRd#|!N=`2U$RHYgLZK$g_rje@Gx^>vC-J-FJv-rqdIh1w>Qht
z{Xx6rOLKve35>M+GnJl~bLjimxlKYT7D-D}hy+eSOOBinflljp4vIVu>&cOtX3XBm
z#VMZl=95~jX>$+b^#EK``BIGCFk|g0iweWlyp}e82Lsl|g5?TX6(-83J7<ld2F#%b
z%Sr_Q|CSw;EjlTcHcxd&0ngj|qA7-(MAP#vP}$Y!$vP$n|Cttx8wAl6#bTeW{Rkn~
z(Rx_4eF$&&ZfzkH_m<2impys*&U}CamoW%4t4cg1KLdm1`Z<9C;d$6uum}k*yPXzK
z7a;--vWhM4oO(FBX$ARE7O%V+1rO`j+yvqQf*uNrr$Yg9rQyomRZcY}Tn`QXNR^~A
zifXbp;t5zEjl(5a`MB8%<uRbD`oA}@;_2kC_qviBM&j!v%vW<R+VtD-wYuLf?6z=T
zw9*hD=lAmkhafmPQbq5*_)XYAdq*t#qw*IXaA$^>zASzZIEVnkJez~i&RKskuOI_B
zRGH~!QIGen@R_P{tZLw~*7Uql1Er?kEuY^SJid%q!&`d;LNjjw6UQmN^qUV<nJ=Jx
zEqh#!Vc5iBa45c;O|75tQT8h{B}jdagvUnmtGPrr|8lw{=nZ04Ng)LZZ}yGMwYbJ&
zt#}<CPkhjAK_v|Mu7VD75&MW%O%?<M4aJcAUMuH=VXPakK~Z#Xs$c&Zq!=3A%7~+)
z?XB!$1Cy4axdBFJ7UhP!)A1mwX0lhf)I}AxI{d){p3r%o_ob9U4TIxz_N*_*yj=!^
zy+IyAE58a^$kT)l+gXQLi_mpExgt$VA;Gk}x|Ad~{yxJev~hmAr1jn=Q%HcD%Hiyd
zagSdky9cSNKHAq2ek?Uj-sbx+oucu|vRv9bYB8_qhKyk~G|a@VYp7p;z<3Drbu<wA
z)_H_J?ut6CR3ov@QDEYCabE`n-cx(<4e_9Sk~kbXNq-ta8e`N~u>~0oH0CdczWC}`
zHXE{H86GnvC)aIu^E(ZjZeSdU5fZ8X{$Em>6k#FZnsy!qozu%rTy>qJc7sBL1FD1R
z!6eh03#lGY4^fO@*eG2fVSnja!pP}wSZi$X1y)?;qMqi7QZXJ=5L0Vd$kmy2p|3$g
z(cqh!={AWzl0hmS)Eqi#KATFzrUrqK;tZNT!h@c^ti>$uY8JBypj4=-v@2}3`Ak}Y
z9n9&I3Jx~B3H?gdoer_Dj;v=Xkxs}N4m?mJPNCpQ8&;oOSoQX-NzmY?v%N16uS~Bw
zyus47?HpRxs=btunqMFL=3!F%Ev<w}SuCqG!g7v3WWzDe><vE4RbHMNR1mVWV8L~u
zU^@pN%1iigMY_}ia5tI_CE$_#oLC>Ta=r;y5kvn9zaan2%AmD@^}In!JUg(xR1>@O
z!w2wbPZuMn6qk0v$jzv@y`hIejAl8k+ElZ7D)Hr1O*Ydj7I`u7??CW*&*3W&n|9|@
zhh`^};AxmU4J=F+fO=Ix7d8#S$p{e{%RUn#Az;SSbypNP6Wde5W<Xt2i&s&!v8nFQ
zK7KFcn$!WWRTMYTr2qHehJc>?l|J|`icbkNs>jtK1aC5HH`7c3Ny!8H02Eh!iqPRm
z_aH{f`|<U7<!AP(nh#LBz6*y@R&U5f!>w<P#Ls}1+ZE{bF*Hxa4pUB1#Z;XO6*RP=
z)m|=g4y16Z%=y%`on=`&wHr#0r2y^ie~1da1O`XVcH~As{i;fSUE;ZfrY^L^r$qBC
zi`{c!It*nFMCdqN{|-~w6J+Fs@j)M)Ai8KhSqjoXE}{#xJ8@F<wdzIIbs6;(@f(JA
z>pwW?cs?%2kixWq&!$z+h`r`<A<hX=O;;;Dh@83G&agqZRh_(;+vQe8uG9ylAKL0_
z(@zhA@Fv|D6IFtth7ZfTshao8?uW93-jyQ*^wP1;5Ns4?W{0{jQ+S6L4kx!`EgCcy
zt2v%i#Lt?4;)LoDa<XCE4T)*BWWQ4GvEK_aeg0(@kzmW<{mH%7@Is8?GBId0YJub3
zFQDl>Vt?q0{QXcZqol?=WAnMTqcO`eE!aBj?GRiey&^iO5Hr(3GPjo3huuADej6Pz
z7kBc33^p$4o)fle(r%&Dug9^X<)^`TC<8yzO1QpuPRvyC3Z1)K>MSjl+f*~OU%3C%
z%%Y$FPK|i^AtqVSfv@xKkacC=ncVNsJP^{LrWQ{i@8&Tjz@TzI){onT@{teKEHtZP
zkobD|?vCe6NBPJb{p>+%)hmKl6#<tEe%gxCHz{IHzdlB{*GS~_Zco_tY(4fxaoLtI
z-}1Jye<Am&o67S>r-T4F>h*n&RWG{mM{g#lIL8Lk>z~>&2u+=|*%H90(o5baSHJ;>
z@sXCGNs89_eqpb0UpT*BqW`A=XWrpdg4h<q1j(H4wVit;<b>n<gVM=J@eq_<;fKE=
z2xG_glCZEA>3~nHCVcD7%;Pl@SLS{-!82^Q^*H6M(oYJ)(FsMA#tHsGw%9o(qaSH(
zJ}F-~St6p`2)RW6gkEd?`RSL=ZGg9hC~<281+24w2v78;t#Ea_2%eOFdYgA8DuDfw
zqEPg87~G1Yq@0|rqV%C;ld&+f(f4tf%%t((*tpLD&8s9-4kc`p=rF(Zi9?X%%T){W
z-Dq+oXDd$*^51~p20d#UvQCi!RYZ#Ghnhq9N$Vl%&FiE&1xnBFiTSMn`X}(u>3U1i
ztJxAT=*{4?TMZ{I^;#@t^$x`yBE2hpIPyk5JB;czO%rW#8I#vk5OxLA3y(M@e(Dbk
zimG^K)P&VUpr3^3hK@EyHmUfxya<wkTM-xZr!*={J-8yDmI+2szN??Al6ZB?dSj%#
zuZK<jD&0r;>XG3dNl6Hp#P$vqOFKu!fG*4CxCQbrHdED(mo6MTFC10^RnP?vZ1Yz{
zWP*=HEIhlvY?>|=ZjJRP1zi}}bCnDDNTXq^K<5AvAxOK{So}#|x51}5yXdz-yJ<hd
zSk}V)aoZmw<BRQThh}evZ~&IwqMA{l82dgZP255tht<mfb3_+O^-~IdFsC#t<a3-M
zDj%=T$5!lYB)WKBR9f+8$$7NP^>pc*pjkd^r;pNVAwGCMh3lpryI(GBQpVkTBHMK(
zrp57BHDnGxdZGSSIQe~NaKT@Je`{x86y%|-5UH%Lp|MT%3l(H@cR8f;be?&4oI>1w
z-F6NSwTI1e1JUd*Gj(TQ2L@)`6XSc^a=O2z4-gJG7Cp5WMB#KD#&s2uaDS5aWwYDH
z6I+`kYEwXw&t4_L_{eBIxiw5ABa6QKM?j6(qHg{C!9H{vB|XO4Y2euCZT2^?guJ~r
zz9!NS4Wir0W65>vD20VT#D34Ccu#k}qtbWYtR!wX&H~TNvE<1Z#L%>d_<^F+&bQLQ
zgz{=*5ae;J&zw9$hVYiw^^?yb6{iJlv!3vknwn7FfOER;6s~x1H2Ze_+-1X`yH5Cc
z^=3HSw9lu*^ychQaJE8zv&~Z#q#_d`8%{|W=BM;Blzl$IY0sOIkSBUic}<C^<Pg&l
zb}KnY3RKLiv0PZCT9MmA7c*T_R?PQ)pSLqw?_1v-mm(Aow&WEs{BgXk=KL*rju;1-
zSxT)6n}r*|+R$DWMMU6q-HXI#yFG|a>b@MWebtSci*Ohw8yFKhXH$+F(^A2e_r0~g
zS;ORAvQCK0v($520PcBLg<jBH_88saHzmRWme5zTZ)~2bG!<1DaF-?l);5PPn$p4V
zQ;}crM@D>4Rl00-Z%lsnj_j$u;Yn#&z{RmqTDa<lQocZi#^%sCfO);B-EMvHpyA6!
z9yit-B2|()INN*Q(gLLj9(JULRtCsC`dnk0EX}jr(KM{J9K*AYhTX>Ba2GI~qeQ6}
zc%|Kn^zSo~ffk?Lmnd>oTG`j(Qh<}b!pS`Q-4c8`aUh)W^^~2xK21nY69gBpwf@iD
zC-e!kzR&Y)90yd<qeB`M@1JaDN>~NAw(J`0V90$b@gOi~PErD9NX5?@{`aW?FnpJI
zN)s)Qore$CR--Cxy+|`}LD|#f&?g{98JD`i96}tXCHtf>u(~49a@;slEPWTNAQ!FX
zS_Hpb$!lIB<8HK!EwiCuZo%WX9w>bja2}Vo*H4|PS9klF6x%}5sQ9=RW3#OM?jNTT
z?I$aiU*M0CwDZE4$I~co1U*vgBicIX{pd~qhn=w~(B~IyAviU><Zq$32fz|N$Y+A^
zXNnij>f@w*|0A8)@32hok*-c(Z)Q;M&Tl(XhRIvRLz)1nX>-oBcGB#O%#d^d3}zRP
zjg-tL5t*GD6x5dyI#aa#ga_Yy2=MiyANm?uPaan!25VGrCjxolb`Kvk3o__h3H@oK
ze`&ps74h^8>b9EBm&F}C01jA$TICXXMXq;Jdt9>vN$aJVM-HLPy_+%+hL=nShpDOr
zKN*6kWa5-dRK@rx1O0IL)ZdDPh+~pSd4c(aEXKYfzw7eVPe{Eu4CLsg34BLdkM%Tf
zR1^G`WaxA}b=CN4wm$32*8^Gq_d``5Tz{?zx8hXrj}yMjz2=&RkOF=uFS-mD@8+_f
zvRq`;rT6SlT(L4cyW)R5pIHyg5iEjjOB6K_>$)F1WjI}Y&@eykz@g+ikdu$Hs5>me
z75hd0-zeBds$zeRsQN!<h>}L~!95A%39fqEITK9d7Zm)JD$gnF_ixLU)kc#uFgRoU
zZHX|4>k~^4TSlBVa4yx^GRgfx$3g63;KwqqUBK9(qxS4IX6$8~*B&=Uh0dM3vujVc
z2=GO!fmz?XCw6mh(|R8?#enu*9tW*yS%-l*NOx*YO+BeW_@rz!y&q`ux+n!1X(hY_
z&1C;TaC6-Eevmn~u719{xi!1?QKCf;=YeYAOIagC3vv8`J|x<$Z*Nh;+4&fQ#FdR8
zkyXZ83YEN*X(v7xdj=FuF4hMS3OjNZ_RE*~&*K=A8jR>|<aj<^)%)eOWR<)`bnXFx
zm%4=+eG@3*xPqkhaXiTxP>d9<4nf8n^^h^q>2yLr`01w!GSDttL{Ta(u5pZ=gm`yF
z;ABM@Tq_r777F^Jk?}p)e_VJ4w|eMbBoN66dikWwU_(FQ#i^=Vw8*C<!BQF~;<O%6
z8U`Y#Q?uW9^Uf-*^L)XrfZT%?kWtjNI{TtvQnTgJuvGJX4~i<I*UA)%zJtRBDK8%l
zL4crYh@f0Z9;cGhIN^&f@u@Bx+4ULMEjrpy7Dqt56ZEz%XNV)G09{|Xs<P%R;``lS
zPw{A)JTIZo7hc%|93RoFIKA?nTV1pbTA<#B_AvX=n<qOhF>9_LN!R*!-2qpoKLhC!
zJ=e3AghAscDN$TA$CA@k*?TM!{@jkVjVR_EdDK$85E!wjy(9c5T)wH}#Oi)OncnLe
zqY{wL!Y1<!$q0f~TftMFQ^V9+C4YFcdc4HRKuP_5FhwMYqo4^7+3^;S`L1px^|E1J
z?F9mrcnvb8r<Pgh=f@>u!hAH!`evu2=O#G+DRI=UncZhQ-!@+^Rh!QARixS5n%M55
z#;y;K0psEy-#%NQ{WMAZ)3A-LZ_S-AYls673r3PfBMo~Ns$xb<^R9RE>-0QH;b&YE
zr*x~z?<`&?T?O*>uKD@RX^?H8Vy{FedbVQO#867=O92B1b$!hCpYYr`CD0FUUXY*4
zGpw$LW-yF2;kC;zrhD$^UHI_|i3sNrD^nEIUD7akR(DE?v2l+_i)G0D-W<#gJB}L=
zj=&KkwO8Et^S^gr$>cP&EBZHstt*gHqVVk&KKtDrg&IbBfK}uBM~|O!tH<=iZn|)+
zf~V~iGpAbN#=Cd@KJ>3+Q{R6=FY{^c4-rneOV<Rh*BOUaq3*#IC0JsS?JN!E>>;b2
zXG?{d@QGhM^q{&vK(vu16?BlQG6t;9d%3*^DQ<d6`c_p)BKe?nVP?6Twt^5^<S#&z
zXq4Z3XPFQyy>FoFI}8vDC=qF#M0~s21cb=DSUf}@P$BmH|9J!d`{X~Rc<#?`kO$#T
z7SdwL7-`b(Q0@oY39A2o9&vTlnX_LLmcLW(WVGGusnnh|en^VGMV2bMoIU<t*l}TL
z6|l5I&@Mq+FWC4Y(LB(8p?%|6F-p4GGQ;twTo{dOqaExm`-rZHej|Kp^QIlueQ*3z
z>^3t%l%I|{q=U~sLce1_@2F(=_TL53{1E=453i(>T!>@i^u!j>ml|euEnMguhdmJt
z)NkZb0(A#KcQ1n5);aZ3!N7S+`$Z{&P2gnIo1pR}T3E4P>wWCs(H)j^*vR5zy5WRr
z3LPaHp)qIMb^Fah6$RIM>|XJRi(S~Z17wq(Gs^B-4m#>e?OWkFA*+UUm9SZd9k-Y2
z$H4NdxzWY*i`F3%eYo{8Of|Xsd?{s?d*Qg_pa$XBaoySsY5j0}2~(iu=B}KRrmEdR
zI6l8$ITmWGs`8E*y72X%N-mbg^`Bs13h4Gk9Ar7NP({hmp!5&Secq*o(g~1TGQ}J;
zDLZ+b#JM(Vs*qXjd2$*{iLr^*yGj-9I8p0eT_d=tK^q8}Enic-rGaKaFHE6_Qi4k1
zQzB3)8fAVOgu*X_x2^7Irx(K_Lr=G+_Mw4wbqT-H%gmKT0kr3>0mXgp$FjT9`a`L>
z6D-yBroT$v;Sp+KYJ_!U0PyG5Eg;oiNwU8FDZnY&DK`tv+*?tTR9RkY@cf~)v%WM-
zRi9rKJ}%fj2pwt$r`zgI5V%)*++FO%dGDapw@IMymkpfh+soh43~a0DmAss4z*Z3x
zN`sVh5K7Fmt?(<U)-LVb>-E$a+`BBd%xzA<=deim=ogO3<F=eX0T!=}d%7M=nAE1{
zu6)fWa<)z65WFND-_JG&B)VAXe11yS42=<Y?!zsQ2tPF|=*||I+H6g;c^8L&E<*ip
z`|qZ*y+UQJD!2Qji?o;*>vH0=-t`yRxD2Li4VW+vqrgMG>_Ox!ROatv0|-8LRl3~j
zGG0^*-@UbaQw)R(h%#K<{3P~!qh~+k2NMWl6ELxueb{k43clk3Y5vL=_KJ+79pMjE
zniZ)$Ng6U=p3=N3cvAwG(3-$GU=FjlntAePa$HFsI1u)P_Af0hO-)vOTzUIt_S=Ch
zxr)-bud!=-^e4to`oFirV^l)=a9-_FQ_HM&*vt&FOBJ=C0@-B+%}8v_l<O}gV?O6h
z@#jH9urR1yU5Va3pD_BN+9zu+AMhHhCq1nVI#Z%<idgWG$Nfn0c-|GAF4(Ffl;Q6;
z^g>@92^2;{X`}6Et78d5<V+A_XawOh9FUoiym7$VszO1nW^XQ8vXvlCFVtZ=d(nGZ
zVTS;+ePw6??(T+Hp0IE^7|4$|x0XsS5TysdO`&+i4OBkr0p>L4up25`<k_6esIHK<
zKT&R>ri2y<@;BB}Q<BxdQB04dD^=4(7_cbJLJIxJ)ONQn`3vVp^G`JTTSQ6(_j8Vx
zW(}KNJO`8mVpv#h(^uV2gKtZWPjz@w{)hMr{C{NrP9-Pd#j7<EV`}KtLJemMlNmD{
z7-+}U-HI$zRmG|-9{Mt34i2(gVm{JJTEpGtuWoYUaAs<bQyc6T)w&t#87SGnsg9%Q
zw7=*AjSy=$KvVEdZz1zby^@k&xy#ZQ@DGUziQ*#857f^&O#fJ=C?0JfdShVH^N$PB
z)5@oHP4W=Bx_H{0IaItpl?ClZ=e@u}MBfx49UCm^Sn_RNuwMNg{>CA7;!hH+``g%n
z5=qV<0g?`d{?YcUCYRtDk}K?RX<-+`11LN$Azfbv(Eg!@${>83?9xa0tp}No`CVYc
zi|berOO(0(Vw!WZ0;8P9+XjR&eAFee7+UAnK5L@iIVWNd5lje(d3(sie^d4y+kQn`
zO^(48k7=fUOx}RAiVZwfOmFt)gO+Ywha*%Lb^()9s2VBCl;vpKzY%QR$s~hb5Amkz
z(U}7;&6bftIz=UWtf_<UGb(hN&h~;$;2WfA6}nV46<o7+N(?91#>hhjhv{eM=8v?Y
zxMDGOLt-?<K~u-Uc_l?3SWzjThm|0Z2Wn!;c{UHB+1~REpaULsK8F2zvI)x>t9SoB
z0{;%<j<VdX`YHA><$5UgKgb>zGw2c!tR|3`SDGzbRB?~_g~kyh)Z4yjew22jUQuI;
zzd;P5T@E={z-r@nGn&+K26{{rdS`mRevf$v@^LhTNrSTHF0x0fE5u7531|>wx{>dG
zU-TtVU~Duh8nTQ83OKp{Yb=vMl99;GhsTLPz*wz?*K$xBSbV7I3jHB>X#gasthF9i
zNi2MtA2k;Y!|bq$2S0iYqi5p|+Wcf)@txTVb${9%kaNCE!&_?pyPOpH()a(4qDzD@
zazmB+J1k2!!O48`|H#hOWTAXh1Ah_AttB--0v?hF7$keP%a{7i+7YIEgzvBr>3C|M
zg}EAVm(6vV5sm*P^bXD?mQCbpZZ3GM=V5$uvNJ+rprN)kNg{64hOqwLcVB64vpZQ4
zvVnd6J*bnsTz|N0YdO4Ebp&%baVtLfy&e>Fo}0k!4G+fj{`FtXY^4J7xtP_^J@JH&
z0R$j>n&(yT4LlEv{*Kv`#gkJh{%WjQYWOqjKS{QmPMQSp{bm0dg=XB{7qH<2VrcV`
z9FA%m{e^GpY8Xay2&cHXC(0(q5hF+P`^wvSQH3ZsMOd{Pg(0`F#-~KD(SqPnlKOfw
z+IVjZ6@9mQi{Hg{r%vF<J$OVf7JQ8X1Eq#gk0B<j3>r3V^xX@x^A$u1MXInE|Njf|
zR=Ukj)bAnfyvEj0E2Y6&diw`!V#Qv<Q{Q>U5!}+~YLMt+q!`)sjo(W;+f{G91cuIY
z|I5RI;pO<+!;kHvHb2QqFZ^&3?od57<G}v3YND5l>ewNl%bq=`OB`F6_o;bzG~vzm
zc8#z%u4fwW2BHqG<NoGXs4$r?;40N0SqUJF06jssGy>_446=6zN>(mlzWbSdGQkX9
z$iwab#^&rmhol+Z|C>uNOm<)QTnvWHu*!ee_YnBwfD^u=Wtjw!;!>lLkOuy!>8YeR
zvtxDi-W=uU?Z4OIbtEbI@)l&p@A5OWhFQH4?0dafl8*ZGMY&X)bBp=&#FI3r=?jnH
zF_)jo^Cnh3+`!-db}^}~B7ov0W6h2~T#ldC0*UR%hr^CHjxdz$S6?(fF$mf?HiV-!
zfuFrYR8-iE=DnW-5VxB-rTtlP<Vp#%Qwv=F6qk-tc!E6u=WO{$tEDLNS|GJSOE8Y}
z6tV-9(=->1Ng3!i*Um`7XkLpH9xB5iNcBTEAwn*A%XhibbgjnwsohuXj<mAb9y0Pr
zs~nYQ7qmN07U_7!Zd#%40=@dCke+cAo9KS#FQ1wrx*ZIV80d>ac0$d)FPBUf-1K-i
z{$i0KxDfYeg$*n^aevph1~%Wy9Bd(ig#nKDFsWZ$$~w9*Rf{8T5b`hk|6<<-(C;_y
zK!NAepjm$%qL8f&sYp$YeB`P*X~r>Y+vf2%WBQ0=yhM^oaRz>3Qg+zqp=`Xze@{Wz
z(~>42W7>@-d$PRjG^=v(jdD*DVvgsV+LxoK!YleF-CP4#usB<<9bFYX#sHaZ(1QF}
z>GXWAt9uFqXkXO8v3^ytjO(p-j;=QFPvVm5k}{R9s;kUJA``z8*LZ>nTBN@Ah?&gS
znx<_3Gks}6lXUc_u$$v2;bML7kvB<(0MbX`iK4^z^BjIHfzJgQDf)gOV+*f}=7g}u
zarWnF1-a>i#*<RFtAihHS4&^DH({8!wwfWL=Xr1QTMAm9Nn`$&$4U$I8*mQIIkY85
z6!|LqhHT<T&3#uzZ+4I{UQg3!*7T*6nfxF{gWHICU5BWxiq>yQ%iOsrXjGIdRiP;c
zR8!_i;)o!AIKM%pE#z)YVc-Qf!~cnceR)6)#HWMBCA^1DOoHcN&LzzY3ssO1afDX5
z08wtBX7I2=4f6#?!3|+HN76<^(Gl0Tyi>#)qpb~bcS$ysPwQh9ZyfJcVW@E$B>Lz`
zTtQUAGUc5+F&V1CS7(XQyPMO1QCI*4KXfCy5E|vOWg4P@iYMD`CTzd_DZzX*Fd_7u
zqB-ww2;|SH2`9Tg3OTfoHoFOl|Gx12N3-V*H|k&s6ZdlVOdP@C=7|RrS=Z<SHWra%
z-CR`XX0Z!kf%^O4sn&hh$$8rKv43^7<iHj#n7s5gFi;RpBGQot2`K;&{q({iPF-2c
z>}_JNevat8<op9;%U;V-MN!kY?^H$aa3`MYy?aJQ<&XRGwR2`HKL;mt=IZV)w>4G<
z&1@9DpF9^U9X*g&*m|JLt$*@3eRWqJ7}1BTuO1Q0^U9U1%r$09#C<*OPC>ZjW+LkT
z91m#y+Y<uV!;>{fBh-0-rPngk9=>&A85Gfwo~io`_A?(tLD=F(CjaIu$QFBl9ery{
zO=bJ7jpOubzq_TEw<@;qt<|=&Y9Z4fXnyU&I+ib<$tOnzFx6@Dfye#t6p#BL4;p7f
zbFLC}PD_!ChSG{#^|BfcW|;*S0qEF_rlH=%gwt~ePmmunN|yvMWqcAwTVgS%c8y*<
z8`z9jPW4q;=zxFhbG`Z}^Y@E3KgS2IB778O3({e4D+QTVCh9aMzdi5jx*~^Ki=TAf
zZ(hwo^98L7wGWS;_^TgBA&Ny$!R!UzdBkNE9gp>+75e9Qz9&f-2`y&3SV75o270IZ
z)G{IOTjp<~n>M(C2=50UbNS`lXdT{Ed24CSgV(0RQ8fEkrHv2lU#<+uC8#E%y+)oM
zm#m}gPrewmZbXq-KHWv}>f=}1w<t}TI{dv}>LlTw`DJjO_&w^$O<wYE?;xcCPNT8L
z!ZgeIO{(u=%wqj<A#lGxSudS-*DGH=*k`E8GxFD8EC2p85R^7D7}SFYDu<lWs7vI^
zlPtnm`K~YwuO~9eJ=S7!M}@B#SkZi)?;?2ZWB-zi;wlTo5;a`<!q!6+!(Ma?+Teu_
z9WpaTT9uTjn7=Owvzjg~tI*KoC{`a61r8ioo7Se)L|mi-KB97Sm#+w`5Q08}d}@KV
zhm_otr%_g*adcrZgTJL(U>^6o7o%-@wL<q!!*F-DYjx;F_fGJEk*ZbtiD#ed(IC%d
zUK#&IQA#FsYnYm%<a*_I`F(fn#+C11@Q0~R&yyWntW<;3>B7<U>!)ybm{d)-f{5ME
zhbz&B^Jl%d&1`8!%FA&*Z!A<~-Qb@4EsP;d22<|=QC#LP>Qt%nhe_h}!XB$=<*BvV
zkAMH-QDnF-hQMEP7Gn|^UTiyXe-UL8h&eV6U)W1)-TtYHm2!P-4v6qBG(Y@Yzz{wA
zbr8~V)uP;2OW?bO+=tB)muEeqex+DedCe=+6B8*UN<{=Q;aP6A8{O!<`JCgnam7Sj
z(2Hn)JhNKs7t!B1ir343^6zd*Q#}^fTCPq`z*0rd(jXnoGIELUPiK$jou-IF$SxIl
zhaaAFN=hBdD~tFFn_F~TLj##|l=)@$?HU$644Ckr6PbSb#VIw*uf4nFoe`5fe6%QG
zg7Lq4doFgx{YA)_)g^GI1(U?Us(c&)_|Fdw<IQ{<YL3@*DdwGXPl(1iy|$S%(@w`?
zgk)Oam#!yPMOXr&uJB*FH0?Y~%zCQp?ic73jJr#X;)gca=^Cd$*mruN8v|9?UH3<x
z()SzLmb~pL1B=NSmTx4en8GiQnGL4OO8R8HnWSbJzp2}|z{MS!4=F^2I0UBv43n1|
z@u+iOgsyQ}zb(U2Cu*reOJ0k93ujO6Nz`*Pc&MYMlVm>3;l{&y1peLKsxJ<652L|~
zBx8UajdFXQ#m{bv2=!U{zy9BRAO7Sz+^xHJJVwl5KVAJe!L}1J^ySKyST-XX6Xlzl
zdbFymQLZkrxanX`C2Iy_*J=YZ>YBWI9!J%p8KS0rB^74Q`tQ-OykXJO3h^`~!NjA3
zu<6^|So-PdA|`y*wYwO0=h+hGR4~}VHr01rS^C53{Z9;s(r>+OR#eqf!P$v2bhg5)
ztNiEX4iDLnyMV_WGN{cHG>lq?YN-(J0PH14a`z=g#Qe<weAdIw76Gs7Z-pa*oZ6<t
z4?&sQk0F<2-*;y0dHTwT9`n|lS39d7ptUPbhtWJR?|x=%AFlv*i$Vz8LgqLqgsg3A
zRg|<iZT!Gai~X6gB`k{Eb6eB_x;FN-<>~ESaZb%n2I*GOy!JY=iN;)YUo1NzG?lVr
z;TgkzQ);7>(~!@v3~1{wG($HJ3#5n`M{0M*;`O*<iV`S(9Yj#*#lr17`z%z?{F8Fx
zT}y0IQo_}F3&1>h7u3}Yu~ELdLrTxGAjWEg5eV82FVozD(r8fgP&*IrOQD#`S=pFc
zW3%7cV~cwolx)P`Zy*I<_`ggVJ1ZDxiU4$1oYCu6yNnkXfM6*za|C+<+d_64q~x1a
z`(;K3?S4i^rM&3n{NEOYBE)>Ft!6z9UPOQ6h)&g-^w3F1syo8Q^DDBE$RC<?NL1(U
zbl>uM22GAZ3wSKPynRPUo2&BD+I0Ba7c?@79F0lI>X!YNs_7>p*Go@rKZEwSx*eVh
zXn1e3Adm9Ci2CQ_PdV$spSJ^F+ty*=58sa_q_>AW-VfAMoIMEl$YLZ0U>Kg*XN@m%
zMkYJYNslE#hkB`-IEBZ4NBxRBT4e9^?hiijkUu9`$v0~f{#!|L|F~<9pdkm72~Ryf
z#;E%Knf?wdc>1$WkdWsskP>mqb+<+o1stR`cN)}Z1GzWw{@JvLP+H4}E&msshTOb>
z)p#Yp@#Nn^=olA)l)o;CdP{}I0voTSGS{EW#YeMYckcL$F%f}Z;Pl1C+q&Jmk-l@9
zU9%pg1s5G-f%0*kn+$qUVs)H|!E<O(a(HQJnU5Ra;!TYp{5mI(Sf-<HPK%tH@x%UH
z4EgXAp#AyjI7TDwPd0WvOFqRrkWnVy=T1@|IFO+?;d70uqkHhggqx%#?cQW_xM<m#
zw!iQgtC{#PG8(P75L@BFqiaZZ-OgCrP*KLQtZUvA7uPxEf9i8nEif}XThuT)cNrO;
zaow0Jy%oNjCb-o>KWp&VzFoQsOCN4%QyvckP*x(ZGTp|P2{N3=dBfSqFn0ygyl&j}
zSBHjG>~&IH+*{K|m~^xoH7`oDymu|+lR3)wBRh4QOp6ZLj+-D6r#^V4Hf)NkPlohY
z1+`PaMF?i6(BTKw0}<bIYWK@Lj{bQ&9S32%LGJz$`xe)oz=M|A;4sw`+fD3Yf$axC
zx3-x4FwNCA^R}7fmxvZsv9byP%*uF;5}ps^TtQ_F2ta-@FS?#ufb(_H$5pa9N$MSN
z277#QIJCZj<9e>r$N9Fgu>P0y-;7*({nN74={NBZgg#LG7u^f8X=|F^oD3$DjPPh4
zdqvyrxhUf5m=H(>cRc#46Rc7*^A?ysIF>#+7@2mzw9v7^jV^zCn)Q$rK%9BEM^sBu
zEGq#g36<+SdDwlc*mxpKHs!8jW1F5<>pVMn9x$g4Dt8S-S-}v!+enrsF`ew0#)2B=
zDZR#|O=sQzalZ;6{5`}X*y#?_&S{!?TSC}Dh*CwQaee~8)ATGn6{y*V05AcLT1CN<
zok+!W!BgG7q(mt%^K?ii#UB*7Wn_o30X?;KWL|U30S&jzB1^IABu0z|k?GIZUdIqx
zObh$Q#0YkGr)y-8-`D3+dsjgFMXu(<T*`^7n<aLRBtn(0Pa4h6ag?lfY+DrZ?f-lM
z|L3Ovw)CYaBg%k6&+*3)1=FaNExX@OTD_gcd!60p$fs7EW=1~Hcbvqca`y^yWXICD
z($<E$lP>@LE$NW{r}uX7_lY$v2vjB7orV0Hkw8tIOR;l@)g8D&G97-xx(bsQzR~w>
zv){1Xzy!(@|1aLYI;yImi}!#ipeQIHC4zLfbV*7h-QAr65(kS$q@|H=l$1u1j*G-a
zy1TpK4SwHx>%F(udw;(B2a9{pIdf+A?7e@#*|TRx_|RsYX?Y?oj9oWy|G5Rz#muSe
z^i}YC8f2T$wD&xdpyQj%#BRiw%OG}(eXCLD)uZ0&O|8olud3Y&Yv$pH?lj`P4*64u
zjq{03hMErr5nt~^P=F95#b6_1ILdLkUurk0KAWs-9yZER#2A+++;keGD&o8{L?d)E
z0WWb{a%uXt@g3hbmFM*-HTg7oFwtcjRUV;gs?h337KvFr<)^kjLQTrH@PJC$@2p3B
zi?}P%(Qo0%vfirIQu8_D<m!*BCC%JJrEQVM#ih8lm56}qa3Dk!<$;62DIVrOysKSj
zMA9o&(gwcmB8}%Av{aWyKQwH{=n0;x!aVaGrB7XU!XzYzG&MO2>)`6G5E=L2<rG&B
z64R)bU4HJQvt<Ce?fPF*lr<l|qL^#iVh>a(@m))gD=@#j_u~>fCM|A@c<s#6o8PZ?
zU#aN~vCPPN((`<|?`p9=U)>PwjR*NZ#Pp9086zpwv82{npBrmre7+y4KHldJ_g(%Z
z+>f8t%J;nd5P>ASh+7KUwzpnaETkp1(bZ&dMyRff>@?!$G>}_somCh6E|lnV5*WHE
zj06xk+7}9G;I7Z@^%}(19iS^EUb!A-p2g4mO~3gq1AC|6oncL#tgzrk!t0LP75Amn
zE@Ov2xo<6Kw@-3T#CM?FhzO42GMz<V)~u4h78PH2Q*T2(ZCjZVvEyC-pdGHnyR1QC
zS|+Yf52%S&QjpIgwvq@wG2(dZB=C5=ROBS1x|q>CI^mlyFUidC;`Qa`OY=$U@x<J|
z($eINkd;)18G6@5vJx2yKl8BFt?6?7QdHh~eZw!j>oFeE+(mxeZZP+Sjkglg;G%&b
zN4_9@teZg5!Lc~}(8&|nlrg6NpS3neHKl~i;7aG)rwp1Lq{z#K{6oj4o#H`1TI)q+
z&9#r-jb*3cPX;g+rPSAB=cPr(K@<CqWPDq%WOVpZ!#{70?XH#_7N-8yo6fQh$G<C>
z={e*ma{Yt8>GJ_>cAb{*i7%QYbLH#p=-F9c{bU5_T*<|5x2(CH$<$DR^!(dn$@{9Y
zc#ywKzvoo-(o25(WS*7=0l%|gzx!IG%20C6Nk)Xaf}oY3t81vqL&s9s+ibXM5FuRP
zp6$97aasDM;d?%9Q+Mca)rEbA^PXj@r&qgiUrngg+9P;5F>uS%1<99o@nSrOp3JH!
zvADo9{o1u>0iB}pc&3>lv9%D&8RwZsp6*32TM{cJjA;?Q`i=d(=K0tqFgduH&IoGe
zy$A18GsD}z#0w^P?QbDodX#wX*0$|8x_5m_^P9^yzUM!vSOZpo^Pb8LM`OPdS9hCk
zbcw=ifK3-|mknw?k<n343D*M9g4gzSJ_%k%2P)bRyobkpkUdKUjLELo9$9zz%---{
z`Hken_e~E8K6jogYSUCo7`)hjdt|M*-+vrmKqlGcEh2DmIC;^r3GZa!YnIp~A5BXm
zQWApBq{zOA%&s#J{}CX<K!pe`OPc21%@-{7z{%-q$WPsO@`BC^O627)kiPImeO3gv
zE_Cqj?=ofZ8fF{z&{XuRI*wBBp0TRb`96M^xzWCw+&~WIo(ff#WKDt1ozhLtyC;so
zU!{5UU7G!nLODJhbKKJN-q9wzUh8{~(BJ<PD)J^R>y^l^TUG8n?Iwct8o3|4-8e@E
z_oZAGn&xO+GJ<`J*&dMAJ;z_cj&KCQ??MzQid59;=xuL~%=1QqTT2Ug0UD!4>NI4Y
zrVo{RF%6>xN<<Ls{&LNi+taU4iOK_q26oRd33z&h9o|{?Ano<(Wd_Jbs%W>oY%T+*
zJbqOWJQuqh=MW;jo@h9Hehu6QdVn`<&=UFWu-YTw#ym@(mn#M(v+e(_Bf5<R5eE9m
z+((qGBR}a|%Si2drfYF2Q&HSbHLC~5RTo!w1t=!S=c(}*nsHDfUXC*g%Gi8fka;tx
zk~jMUn6^0+5-4j_ap02zHzdR3dw3Djdnjz0C<i@%g9Q|$Tv;?P*KwgicvabX+NLFx
zwPbp?T<$?!j9>XOCa(hoi4yHo(I?z@RcA)LZ0jKEB&IYCOC~bK7mXk1wsaY1Ky>iu
zx>-^4saoNpk^@{V45Km^r=32=<ENje;_K8|y!J?^Wjk-6sh!?V628v4ydHn)s&Tg%
zTwl-XC(@Sr>V9bePCW$A(s?8KJEO}qR94K&6}1mtRle|axhyF>HORPFURX$uX12?W
zEkkzlcVZbqTqrmY6w}bp&$k|fnPP`zV5CGGaYiNhUfVoKUI~-suKmkLYgue(WzJcH
z^6aa7jcp5>C<L(?XwmYmFNhWP6B1e8QF}Pfc<-nhVU&LcKd#mL>yGTQDAuzwFODW^
zX8QZ@{yV5fC8!qSw3M`b0(lT`x{>BDD9;C9`D^sOl;l{SS14!@G|vDny?@onnaoMU
zqmu#4IHWbzUc%SzA{rSah{ap!MX}#sA5U*WdvyP)bTcoJ>4KMH>b98=<Gk19h4l#S
zUHFLfbp1{YNhlGN(ye|~)QNp}H`zz}HfUuSV~t#slt!COYIGQh=f{#K4kXKZB~59u
zvCDc}d)2P!4~qU(HI8uEOpgV}tFNov;<IsIj0}M&t!YY8uR5e44B<j3Q1c0<f0z2t
zu-?hbmO-Psl~^T+spryi&$!<c4ZaahDr$Op4P*L879T~9OL_mL`&S$Vtak(!f0abz
zEnRP&iEJc57!cHD__Zmm_xPhLu^#3(JqMBvDn3ff-mTJBL4OD`5~M$X%Qg0rqd9A`
zJ*|sQbk~zRS)cmeyx()4qiyu%S092}q1)`H6DXl?N+zl_6#Ix49bj*}7!s5erKUb=
z%$rg++MC$U<-e>62?w=$zzF`%u7#)>!nn}4e4}cmdSCnkZYt7NZ#Uj;D0db)ZmN!C
zO;hw~NqLu|GMUnO5NFvm+B5@hQEq$`l~@qbv@n$Je8d+O9EN}hkFu%-kIT0#9j;Td
zNTZ_u2@lq2r5ctih+K%+uj+WY7Bj>`e`$fe@Q4klrKPq^gL=Cj7f+su)lXgr^!TZh
zgG(XSi8|_O8pn{k<TtnE%x+%4$q3dE^qgG{RI4o`859r{GzAepgNeC;$=u4zx$?pX
z2c8U|ZRyE;xW)BHW&58>lKE;B8&;k4xW!;|L1jq_{@J=F&npHQGFk`~^8dc|_qo8E
z!<~EMv7Jk~lFnbv%A?A?w;pk55VCquny`MBFBvywnzMEB)w}UQN-rRwjEg<-LpulE
z_G8F|7+1x+sw!XN$`kZ(o<yVc$L~@^k;Pto5j3qRXQY?858@he|HN1z8U>Ge57Z<R
z<Ye2au*l1BQ;zP4YUjz{G9q8Lbj5u^Lb)zEJQ__ufk%at=?{96a7m`i@T}5>n|aht
z7|L-)=@0)2t=v8}vfUeQ&MW(>eubnpXj0(>{-dVt8NEmB$f#bE2!X|doyOhr8j*G_
zh^wvJ5Xl{dX=X=Pquh5J_O8Udv5qj`zAnC`dp=cc7*vd-?08UkWOTH%#qn!?o*f3-
zfA#|(Memu5(k|->V*u-KLz3exyHNTsQkhaCI)6+YqnE`#4a9<gwu{}!gV6E^8u-?R
zR*lFIhCjLAYN%%Y_o8kbuE$lwST1${^bHPk9)pFPitN+wH2D702<|Vw>n6VO-^;>J
zH@Pg*O3|yr|NSoYD{{ngml_ct8SQGiKKG5@E^YVNt`y@&YxVAkig<)_v3}mA?CK4(
zG;3Qao{{&X|DgZRH5!g8onl5Qkb6Ds)Fz_kn-A~wMj>IP@QM_IAH!q*|GGjS2g^i7
z7>ggb<HyF|THK(Rd$k6i@4<fZZ4nPn=x<(<-cu8n^^)a@7sm?<f~yPpE8*tX8(3)E
zQ45PKr*Gbd5lq&dr@6}fd*k^oYme}J+338&=ZNQR9cZs){)o{Lw-Izt+VUQA+#>T8
z5ParzT}ot82D=!a5&e5+A8h^#GtVI!^!rX*vCJH}^mSe<Cb%&qOzmy(oX0-nv%3KW
zxtBHt!eCVYzHJm7hQh(3`}3pFDl_7;=saN@rnL^tS_rz`EdA80r`WK`0LeEzjI`;D
zat#nt_PbuazjfNH-=&j_O#D(Jct|eB2n+}gk|~H+qwFMGwvUV)qR-b?IqQAOn=aR!
zuhwN=t__l>iDkyV`9;5}jdqb*+ng+@s(L-ruWT9BnbmE^QBYFy6r5}#W2w*YRv;%4
zMs?{W7e5wFBr~wKscpX|UyDrqv8rgP&tW>OMMRB*3bFZ_Qy(($U{K}kdb<xYXdc4r
zz16`1%#iR&;o{or>L13^#-%E|(TwG^>u!VIi@MxY<k=y~<gM<fYWyi046)ANwai2X
z=8_l<Ri!x!b9vl;#8-K&e~tIpINTQTawxwl%kI8hr?eeP!i??t!18n#^DR*B>6yXI
z3Et_vHcR~e#qnpc*#79rC*KTz(kH<3b>KX9HCqGS<1<<|8j&9~JPd97g4(u=Ua7=u
zw(e)ExrL35NB*UQ(S5b!X;bNz+^-wArt5tI71xuCqEQiawkfCxD-{JjG6BC38szVP
z?^BYBiZ^Vted-kT>*|9@ej2{$ax%YwfJgOi<1ITuM8}xkiEH2D)+^e4IMY?LNxFkq
zM%N?z_^!{nT)|sQGkul|nE|9eJ>LT#U_s?#Cz#eDSF4(kJe7&XcopfE<?)qXjcgj;
ziIg;{dyGZTmuIG7-1cKxBEsiIwRPSeA{JK{^F#g0Bc)UZME85fQiQhJ0uADN1KWbO
zSBu0G58^s2IifV|*O6tg`uI?4&xT)5-6tz`#$hl>_Mg4)KRG$+FdWLd+4!3T?QNf+
zX(Ww8;t$Q8v6}K0=JQ3?;lXI&<C3@?hD!8>N(u_*{85S<c;=t#4pyB%avVB#TMZs`
zd+9oCAW~Pux$5BO7S6A#t-X9OcjQocY@uh|4*&w1nm`dB?1Ez>>NE|!Bs<ll+C0m+
zhh_tx=0q!|HchAbo-S%mh6MTn-V??ia`HAuJ|#;sR1t0&Ih*AqncPNt<O!t2I)-r|
zt^fQCf3saLbAFkSi>$136sl27?bK)abe8%cO*uQF$({Ha@NhFw{VgG*{iR;n9FDs3
zjAgGxcGocySlF*ChF+HHQ5|}q*{`B1yQ!m`(p^wd_uTTj^Q+sbf7qjKr*?Lw<%={F
znEqa#xLF<UeF8^G0b>+-vh(QM@*+nDdz5R<Tk01$^_}z7(>$j?$!l=5JU{X1VLB?!
zvh*BphMqZIaJFp_VX0ueZIs@{2F^s}ffh=bl&dk!%9F@LP{!>raS{+Q{oT~kkNoAV
zWwOaGPg)f1;{}aO$8>Mw^%5SRi?dG)Tb*BBRa<zeDTKXoK^bJA480#tUte$h&5t+q
zl4NZ-2q|*cskDiGy*aj6P*7l?`PzG~la_jM3Ej@YVW{3~f9S9BF=$`#scK~-Wj^hQ
zJG|2AzFDUD#;sSe@-RzZymfv1z<Gp>XK|pAJ<%Yoe|(wCR#snZ<eLcKv;j{c+~5z9
zS)>B5YljOB<JhI@YU?WPM&FOsdzIT-St)Z7KexBv+{({Q9T;;bp;|0}1E0Rh%TY-2
zX|^pN-krdhx=-4$wOc8$NMtRoq+<xX!QlpDQ=2(MZTJx<7OIv5mkTw$XM;;DGBs<{
z*67byf{?@|*QgM5pxX3Kl_uJ`>9m*fRNyTkUwqwQV3Df3du4JYXl><)xrt0cVe!DI
zWm@r-{H^G&fUT-r<a$DQ%3crH!%Ay;NR23#s`Ak6s8*gyrZ@JL?@~;H2{9pv|M*|6
zjtKgX+Pywb5p@}?I{~~^YHeb;^8CC`HM{fU@2M$+!=t04;4xiq2qK4MBwnc5N)Bk(
zohy<{sr=@wLkBC){4Pnw!dz}i0X=tLI==-fJkwl%B}f<f@(U+IP&HUWzE8V1!8J%n
zN9T2*uxVIPWkG)az$<A|xa1|(=WUV{uxqc4gTscVc?thhcG!2oO<nTV$G+7CqC@_?
zuO=QVjB2-&7&7@yUq@%WrJW|!cizKNC@f7sLx-S#r57-nmcG9A*w~mJe+u$<Fs=ee
z!fTJqlXltM@-h&q%Tj&Jq-?v6R_=TLI$kz=XkdUV-3Y1t@Hq)T{6^og%|=5tdsW7A
za=@@LPYuann<7Z*yYQDjaahe7xwYXuxvI=bjByhwqkIHW=YRcb?D03GJ=3B!Byh4#
zL6=G<SVAm3JUl8ZCnx7cU|DBn@T7?D!}~qON=5F4Rqk?8Hgj)tkge3g1!SO%|NV1Q
z>i?IIkvu0CP~qkorttP<xmvY>(I}b+bM){)lppo#(Ry?z*&{%eAt{fOy0Y&zr#ZMv
zA`0jTK8e`j;ah&6*su=Q)`s6~t%|H5V4tHnaDVp=DS$G0ppvVhX+7aW?&!$%jn8GH
zepDb6l~q-rvh?eV>AHEi!g=zn+8|9{m~UYH>9=$6%pG%$%}=B*`9q&mf5V#-`A*A<
z!y`zW`P##Bs)zq7!8kt7X@^++_04Ks;UAg0|FxIzh9xxTVf$<U`{(4Yzwzsn)X*FD
zqI?JC^9>zt=8Yz8yi0yVv(mA!Y;X62gPJO`c_#2;D?|s18mHkF?HcJ;x5*qXgpt&^
zMv{w_4J>n3o;7XYacC*-HxC)1-I`%LLW#lfH|4wV?Ky7HrLC?iXe_B>5>uABHIp~K
zwuj*_Fg8}<y#JWFVYZvB_KK{e_WiUVMEDir4Z|0ezU|Z#(6nz`Q0O4!*vSV}nqkd~
zER3~{(0-yq=2&>AdmDCGbx&y55ImW0*A%vZt%)GQC8$Hte<e^3p;NC6HlLNXEUUO9
zr6wmA+NV>Yd^~ZyA0cyAnZ>Ph8wwbf+iYkkw=w-=>{Yf&x*2tlYf|(B(a87-G}CP^
z3mMFl%y!MI%>dK2<*LvQj|{JV9A+i8OQ{oh8tS0k<Uoo}24O|3z9%m$u^rKNkA#D4
z-ifv?PWzz$*pR0=TnSLn8JTkKKI~lZ2>lMuKM%Dua8=DLTD%CI!z>>D9rxJYCY4QT
zz%}ZPH9kc6bc8nAP@kc}ZM)ExCDtwHj-i$=_3DjwB!yOPp*7Fthf8Kwpoa7v3last
z$A+Y6(54tyr(AR$QH>t*Y4)H@!J=0`GBF_tt@%+}$m%sPXAJ*&7F6IsaG-WgRH~c*
zP-jj${W4I42A+7_{4D25v$RD<cjes9jt=}0xB)9vGW2n8yjy-&Ikm!*->O;Em$Cz!
zj2cBJ&rqDOTwK(EQV|NwZg&9#O?u3vm9AZGkzY_?(~Nis2N)kL#v2;!ZImNeBHhM9
z@EKVsp-&BH9mBkUdwh~(t=|!oq<HA=?w+5SX{xL=@b_;XwOpLla$ib3i%!K#6+WYe
zpbYfHmFP2CPzJmO*jAV}QperH1AA5Gjkovk_;_J$Ex-NWZ^m&{s54pu4^_d~-Du-w
z?qJK29ugkQDCR-=wn7h{e&n+Uo(`JDvTuDtD+)2~C47-<CPzVqP`(Xe_)7}kR|U3U
zw1Ls$bmD@F-~2rZO1N_;`(y?*jz|wxs!6f+W}txKpDhJ3*<56z20bG6g#2HTLHUpi
z%N-CeV1gdwqI~OEjkrr50{?aHK@sJH(L@>iO;6S2LDBxuOX!L8F1RXt@bebLMq#kF
zww9=_t<A@zghV1~WMB&D(@$J>6r2SSh>+94Yp;{mk^f?+Wq4?a%Csjv)oi3hU#H<s
z<?F2puWleoU`D%w@>jP`v7xpAASWO9KN*s&Lc70l<7N3(qeMD#bzq<_;L3zvkvlE)
z_*7p0HV&02M5y{~$3W&dZu|`{6za=DbJNK{3+{s2#>{lw=!-Xc^Qq?bw-*EQi6&<5
zA9ZO2ZpM^zWKjALh`WzQZKcyoA(!Mo65hso1SZug&_wZeB|sxVRYajDmb4~d*IuAJ
zpWt$|m$z}UPgj8NL-{6=YkUU1yFiBsNl|uWWYV(er8J7ugmni_!%**lN0s-WlZB@G
zV`>@JKX{bu_B<0qGs%6qsK5uwK838`%~3!ZXwsw#H$}&7amka3#>|PM+yDE@f%4D6
zqBzx4i{5xJ@bbcwcDTX+Ra68i7Z`R!T3t7Fp*~&sR~NTs<NwyN5bY%y=vYwiK%&o3
z5Cxel@Z>kQ<Fez6#w@7*_XT@`Js=c&bDPJr|Mj+k18GP?=99ob)!@et1>Ng9fdcMZ
zFvEgipf7ZaC-XM}2T-GGw3j#j7OmMi9tG2X=F6=cGaL#25)G!Vz~vSk&{FUM)>$R_
zPM}f1R+&&-FbS#oHvYBo$gF3SP*P;g3iU>s6}cvgZ4js_@26j6@$(S)&FSK!=p%C3
z9iUzis?q8I8H{q%-{3-hN+2J>&95___ui^OKqycD8T&IgB*$G)B~XvZ%1*Tq9jp+R
zSXufMMaMY20pgodoSDZ*kvTcR#e2Sqq^%$qYIt<?Ci~_5Llzb@D)gBujfU>iwf>cn
z&Cg$)l*ZhGm9;sa?)>Zk44$V5*7Wus4=+shK6(q>aa{JRo5s%tHskLr@tcbkR3Cdz
zALC0<aJ2Qa5o&N_4Np#H_mUv<eJ#g}v4xzbr-d5#zT+|9g6PP7W10s@9QX|fsG}ag
zEa0E%V>6vsW;gfzkf>7B-*1>9K9CvZP_wm$m_j%{0kZhd=l_lWbV`hI%&wQO3J&-G
z-puCB-@Cy!qhw60cXPULS`=Q%+@tDUJNMm}5;2l$(McK*d{1PrYv1)XpL!J$<>x&)
zoOb^-{H7D-$gYH!&Zml_b#>JZHFY09%gaJ>8nSnXz0jIT?d`{Yc!kDI?JQ#JUt?=d
z{&akLqhGZ<9)1e$!^O+YeA2zW3Jk{6N@33bS0n>K2KxMjMaXtnY<OgZF{N{WnD7-d
zGc&*KAF)Z-X@m$3nDQR8!iW5SlYh?82Gyrkw1HDRm$GDv%haxv(UANKN&M=-(>f-3
zFZ@AIa~kLrE=C1<_jsg!DMw0M?nHd|1JcGsE|fTlwg+rp2}A-qs~}vG?>ghe2NC`3
z0!8#skyh1)i>cIczw{aOIMVgep$OjP4aB5t{oIz9iAVBqC5xQ*i(~q)xH9Bi!@v!g
zGM^~KxTy<1ZE`_Q)Bt=l9xCMoO?e1p9hS1=QM2qd{l%~UMIyIpfMAng+xSB$G!+W=
z2Up+D@W>6sKCi5d?-QECP}fk89X<mtE8$WCI2Aqs1}(%_C40Wt*S*Ql<y0+u=(_De
zb57-ZCPkDl=0BM}fS~~TlN7qufq<MGYy{s1TPtpG+2rFJ2hsetW!n7(j*s)v*Fc-O
zEE)4AA+%<S|DYLN=?st3K(+!ib9|4`g_C4kM{*+&1&wG)8w#W>JX_jzd@0hCD4-dg
zBTu9{4glfJ9V(QJl{DZ5-h)jibac4BSGxCr{r>?T(3;$Y2V(*yEz>UF<9ElAjt`G|
zEq;}Lnx8l}#$Ikeaqq_pegF4wcwVz351;@XRFRRvN#ET;CBd(nhHqq$I;iA#lCMr8
zu0yWKFma%OC#a6DeU(LCr;ABxXPb`0qkmo<jsK>e$!HT{LAeDf=R9*t%0k@qQ^GVX
za&?lenxm8k_iv2ubuS<t0TZAV&3XHRUf2_ixR^1fs!T@9$co_2%Jpi;$v4BvEe}-1
zRdG>p9Q_z>fI<1_85{HJwg!{#(Fz%SeJ)3<nCNy?RO5;tEP>(w*YJM=VI;=8W7%4d
z)-v;v?Y~u<iA3cV)&p=1{a*bak>BrLkY{7OWnz-l11$e3TD%2ELW}10BJ1_hf@y^H
zcpP)4UrIjonD6oxio`Cqz$ZQktXaP(&r&J{&6rwF^;#ML!rG4znngn;-^(?*=|EFH
zj4RoJQcyGQ0;LnQW|KA%27kIg=wSSd;ZH625EpuJ1^@G~qh4Pw(1EuHuClN1w;J>U
z74631jn{m+p|`-xGG07{UcIA?pt*5`q4rn9B7#+n6C9&5WoV)}*ASHbz<<B=YF72!
zZ@&}v+IBw2WEXVUiSS-q-J<DTd+<CS!T>P%4;#N<`Y=V1{F+zk)8t=x1haL(kpCZ0
z`fprzfN(dj)ke(%WXtE^#&v6z{TJ_>!3O+I+sme26EkGTIz1mMA0md>?-BwgAev8<
zn9dtF<utgAog#4Drd@71NJv+(oOT|4b#dVuFH$@Ab6XJjNdp};NNOs?ynEtTc^|(M
z4rdOPHXJ6`EZIhF6f=`|W1}69Q+$u|SjvEfy&=xQCYRm)`kwnA4kSP~@lqh5sYm|^
zKB%Yq#k@f?U1$3P;u|z$GQX*I)D4Ha@m>3D|80#rY8E!=j2raAdI?EHM(`!xU>MV4
z@E3rD@Lv9ZU*PrB0`ET{Scmh!-e-MA31v{Vliv6mm6Slq{~9(q<iY_E5bz4x3ujEi
ze}dCRr2-1c_KC@`@#2w;rp(#iTx;lcD8y^P3F-_sl3`2zHSHe7{j%2KbZ?QE8Nf8G
zwSdb`YYM2Q!bzRffGz>6LH%oRaga)gLr07p<r~^f>?SO9$D<3BH6p7bjFt*6q_;aT
zn4G9O$Z|i9Ghu=J2LhVjT}&%Qx+z>aQ;XmJmWTOS4v5AW9inqSStmi27N`CUX&pqf
zTbkls-bmUA??clcJXB2BUs43$6|}@CCa@+riUxZ|`ti%!GLhNs`(o)$p1X6pfW&cM
zIP*P#{5hPevbxcCPBhUUT^-?~ZtFGroHk)Qr(ApO&b7iy(39e4|5)q}VB~aPCTUiy
zC>oGDGPL;KB$)oK3V^(QhEO1CX~1l~zPSE}QNYzW|2WTo_!pj-C3B`Ibi)UpXeY^M
z=e4G<sN}~CtR7g%JS#@|2L)v*_VzZ3e;KB8M_)Zjkk?5`NzpmHC|7#f)lUIIGJAl9
zolGxc=R9T-<a}h&qFQLXW`z?bxLo1Y@}{!7dh*9wjU}0<&!VX|@oh*HhM4>?^w_Vn
zRB5u_ct;%j8or>SFvYt6-q^fFd2&*Jtll_f%%f`ZtpC>W<>WjgncN=^$RBk;8k4DE
zHfNt&KVzcUwBW%H&Yr)#YVt%+zvkdEavj94d_Ks_(k-bwD?i>R0fU<V>*xQC|NqBh
z{v0NNS(*Ov*z#+R=h9d4y=v%-9rfO4ks-NWn_PA);{o&lWk$j0yuHbat?dcbs+COc
z%S7!Q6sN+hX}LE&eAP>)+g|57M=TI<P#dHdcVYadW4W`itQ__VFOir7FPU|bqtt54
z(QzoC3#duhLsu$a>4C~9;`YB)`sAxDGLEN55%AA*ZvSWZKwTEMkab&WE6L~Rpqr;g
z!r1o&DOGa__>+^1++F(cg^S22SLOO@JY?65OK%b01@52Dd;07TLWF7cu}o|f-U-|&
zW;^_6w0LStO}laM_KWnhF<HrXqF*aNI$Flo;a&79>3KRt31J)cZ?kiu_;X;xy-`!I
zFyO}R!n$fr67KE(z9aoEi*j=!NC=^+E-A07lccVy{)+JDqnBqSG9vL6Ar0965Qb4b
zzh2G5CJw1Cv$C;oUUdfgb&_8z_Zr~64UXl7it<dke0hz)zQi0b$t~Qe80&UW?RT&r
z4;J0mJgXyvP;i=m%qJ&N=SxQUOb=FVl8#lF=N83MyzpvjJx#6fT34*(8nO{{ZKxMA
zKJt`liW&O(5V#=>Bf&e(@2Q4mq9R{uDwV#8ruRzKBouu$<v7q-x@k{pV*}^KTFTF=
z?7WJaLlcEEnIYoMRd>^))AKx$w1d;Z&HZDSq3X+q3zZOG6)TaX>#?KLvE9O;XK2ln
z`<L3bvAt%o_r)bCO-;j+*cDgZG>|%cUR{=Bm{AlPzECDLbabEC@9Ol@_g%XcHvG})
z(Ng?|uyOX2mb5ex?F0RK3OG=7JXfF7H%?3-A{NK$=v4L6&h+>WnV8cIw6ZPSksR%=
z;o=~#cD*-Vji3nT(?bc%fV43D-e#=`%TbYuNx4#gbE=~I&={6gk)?Kpu)CVJOV~6O
zX~Le1Vu&H3CyK{gFINirigTgT)oZMwrE*$Db}wbLSNQArxTROQDO~C(TIKtRQ_M&N
zb)eB$=A*ft-OLp#dHZeuR}Z0kv#e3r1eh}FQ3VBsg<x*vY%LRv-`Q9rU#e-_N^b^F
z5zdFPgB>Q>9*2JXuEjJuJbZW|bUaahakgGM{RR6SLne+E2F3S_E325Ho&EFe>yvlU
zN`ASO+~4}}nNf&M_28>}tr@RIlH{+JV&e@PUte9EHmQ1PXr1prqw8RG#6vyTNWMqL
zf2JYLH;M}#6F?|NYG}=kv!yyU4@U0;t{ToW={Bfsne5z_k(ijsFJn<*7)Sp>6tQ0f
zBJ5zD)@Z!`>(TGg;F$O}^LYKED1&Jprwa5aa<Yzf>Pp!}c&O2JIm?Y7S1wzn?J>=l
z=aRODxBZk?(hWzZrc(R=)+DQ2ZEH35G7>Op^?M!;Ym$+LwlZ)g^sMWQ9{VnPrG~ef
zjE01SxT&kF=M)q$l!IWfw4(6o!U)%ou9Yhm@#Fi+rov)a$5KmsS+TB)RgOQnYTnYe
zZ8TsVS3%8IFqZ$v0%^4xxv;}1nzs2}<Tc=NKV~Le5&AKmX20C{N#n%Rk{eO_k9|pk
zC2Vwcbf%7fV*5G0QCA<1CD3>KV-u@XS>Q;XA2&p0y@xCwFR1gb)#p!PuX$&;This7
znrlUsp~aNr#t^%@wZ)>=E}xLLex`9f7iB~Bd}w3@MttFMoEitcTUcCqe*gDJ)4pTh
zb<ivcimLK**Y{cO?|G4D2Jg6ie;r=knGOs8R-Ja&h^1)M_|4TtQua0@aX7;xw9{3s
zu;lWtfUjkvb`F^0+P3@W?k82HIKuf5Dxp1!)AZ**Z+2S=(p;7jEK|oOCrNWu=q<x`
zkNH;N@Gjh7cB#G^vD<7|Eo`R6n|Vb=g0nrGi29R*L8a^5Kr%mGU5l?-IDNL%&uODO
z8R%g@7ZrAokE^Ol-;rnFG+|<aYAUWS^<TIk$3a&me<%yYq1(Xh!wDq(f$q9)fpO&6
zEq#`?KlP_@BNdRCWTf~5zTeFHwH5l_cVO=DV7l+u5U=2S(YuI;p%OzAf3xCpEI>e%
z@nNWJ8(nl~USY28CMoIK#+sV9W#Ajt{D~la9-r}cY9lD~IdtZWYV<w}Gn9bUPYws|
zdtYB)#j=;*Z1@o2JVj*C^7&OB|Ej=p7`v1)A%kHtR}@~rS1@tOjnyJ=ZoYVN4A(CU
zF=LBdI8}F9_KO)yyjH70A%BhxaJJt5n$tQ-l+(Xtz@5Y#_-FQ({kmsk@w&(6*zn)+
zaa+*9I|mX%LPEq6b$DPy4aB2ZGl%-!wouTOw(vnFnf^Hlsl8?#X;(IVhBhV~+t|NY
z;L<XT-mhKw631%bLomNp+lvqw?QODa*9YTg#f7zHvg-J;cWD*XG&SSL1o$gnx4fZN
z?VLSLPnv$bUQ|?m;~*KJ#|-}JQ8w?%t@27rN|dry`uLW0Z56J{3ibt+3N=d|z$B8i
zBMw>{;rw0WLaSZV?GY}d4mkEZchH*kX@v9xp@aS|E3UObV>;8YZcVr#*_DMjqMcFQ
zAfD+sC64xS0CxxeoF2;sU#`g}3dq0FT#+*`s$ArfHiJd5@C*Eh6XbJfn!;~IDdyhG
z3_>RsHtkaPw%wDvs2X<=$f>M6v@;E>Sx)ty60k)U3GB5yyk-K6<?|pNOZ-rY=k9A<
z&$+n@$}+^>Ubi{Mr^3sf9jf{Y#RUw7YU<kg!=;TyeI+H&0zp&`lCp(1bd5vg3W`8W
zdl9|ncVjEXAgp)ISEmTrpw4Bn3-}**1572+Hl1~C+xPM`xY#Xhz@PN}9m-c-x9CgO
zei+*7vz+W+^LY-0c*85JCRnwXYRku+Jf<^D96ptQ#D&WTza->s9vauN-Q|56U_8Oc
zGxLJQnD7A=;W6pQH03Q7I6AA%qj5iFuutUr!h;~ywk?ck+wi+dt6b<~W}SR?j)%uD
z(L_zd)@;|geAm=kGj@d$mrLt2Ua1+Wr8xn2%sGjKs@GWW7L)EBf#`l%8>E%@1}~>B
zNRlGb^9uI<$TK+kp5Yz2(|0X9X^sS+=Lzy%`+~X~ca74b?LK#!&8@oeM=Ivpj*pEM
z0Qd9g<Em`3YtA=^)6z>jZrz@m{Q&x%&ZR;jYne{4ORK3%b*BpwzcOyMe!{kP!g&_`
zh4R*Wk+Z9(cvlmoXeq8gaXvW?BH97d6svI{42Pp=xOjM!YIoa6;(^|2;=lW_eU49?
z?DQ+Q=^&f6;dSrxks?ipr)_0h*u2Ro{d9(xp>0D$f71&>Y|P6N{6sWoTf&#UY#i)V
zTun2P_G4d~+yp;Bbg1P1e+Z!S)DJ!~jmutj;wr`;Ow({y!q}72yp|F~6u+?j1XLi3
z4?awGrNL?;Pf^sQiS9g;rx`4>AFo<!YimmsyPdvmde1O^mbx3@jkJoTxVU&uMh3-5
z`=0;~$%!YXVHAIY-jOQ{M&`YwdeqpqBTqniF`Kg;G%eQDaz~~&O6U4=`r3DPqQ*7p
z_&#p1gvmgz@L@iq!;jej*4G{$1WROUqwp4b9b%;F8@+?F(qghI#ZygjUvWRSK$72n
z@$anEICJC&<2J`*wiP)(Ae>4NcU|UCmCqonqjJyl)Pu90LQCIi4^VP@fqJ3Ao5fho
zsJ1UE_j7iVUD=oQid{=a32`mTN3A?OJY0@Hw4U33Bd5!~)Xlpx-<vJfAE<h63nPoJ
zTgXyNKFd?ZDlX1XcP!$WE`;sc;h>Gaq<X2Trj|uQLJ~b{ca#98AW4%40uIhcs;3Q8
zT;ly`^}IJL+tWOzyauPpV+y{0o&5mJZmSgN{iz|t{*`}~66%53g4v>-1Ccy*Ae32~
zNIa}L!jRJYz<QaBiz~0PM%xzVafspRfL4;DE4iyX_PSAT;Qg{;xq(GtLl>neKYul<
zf-<_(t<cS5nC-McMx*9R=P)XYSob)aIr(pNR4tW#Jl-il#BUb_O((6KZC^YI1FnL2
z+#IfReW$m>r7|}GGLI)EB~?pg{&63#vL6@KH|=lVzB;?CWYR8!&H8ACcY{YAxd*2B
za_Lob>P;8BVqw13tZ2W%+)MjW(uEdJ%)flO<d0tY+J`^d{i33u@KbYZZ%|etmF<Ns
zvNV3T{)MCA*KMYFf0QsJ<k?J44kjcinDcc9SYjRc@mb-rP?<IL64oJ<Lh{qT(?vX}
z<)X@csYUDu&@{M2A&HxsBJ!ntYt6mD=$PkiS%Qf5J;74S$Dx}Y7Ucr8N~sg7pT3&L
zd}wOCydtK0uJnb?c&~EAK%lg;^7-p#!z=PU!L__h;iJk@-_1pY-%&Y0->(~IW)Ezk
z3XR5P#)lDyHLf)z2QM7MUa6}uZjIO6=Z82j&_ru)H~Ye@xl79^Oa}s8Rz|p!4?G~O
zvm$Z2PGZwG9YXpFcMdXC{BWuA;o)KY$d^<qzjqvk5OU}*`bi?%>wre{6Nl?8PiPhV
zc+7aQ3Dg1y4YzSO+_C=fuW3Z_rsFq&<;k!AND}CSDF-Dzcsa#mOPS~h-3_^USXutM
z-viYd?qjI<`iqTm`Z(~b>4(VOu%dDfabh%+b2Zdc>YIs0C-?>6K1tX#AG4{J!-Y#l
zmK-7~)9jh;OaVXPOt?0XXeH`bv08T%4gz3D``u7ovz`Sy+C0`Qy~v(M_-?uGPaT$c
zC=gryu(GoH0$(1E7=jb+J^VDy|B^ZVfOFq=T9nIX58m}rYQwS@Ui~#}$}@DA9Avx2
z*g`(<m6f~rI=cL>%2DnF{4$%wPrEwEjo`mJna2i?{gLMum~-91JM)*Kh_n-YssvPx
z8mOB0FE*b=R`|3#8a~v7D-#S`{kFS7@2$n8?JWXolY9vP<cbZkf2ST6NO4VMH*LEO
z5(^v+1UD-NpT0^sMBfm=_<fXM<)i$zoA2YOa;KRr(!$)#Z1K(^eJ3Hl12f+Nn6=zS
z`$djp<W{$pi%YFfu_`Yk%`hV39h+rIHJNkmJ;i}KL&r!Fw!5SG<Gx-)R?eW3$mJ$&
zn$KQ_+b=%li<^*)j0F5bjeql_@yd~)o0)hzl~<~B<My}&#cbK=#vrhI9T{D9;c6ra
z^K7XU$VO!@E-sFCXgpn-x3#rJzdYYK_wxaaJs#dqn)cZ&y*?`)$xA-F)#yM>SZztP
zqRPieNuMCgkkZ+)FZj`z_rttF8F$PE4vik`1k$0%Fc<0q=Vcu0QCl{7o;kY~K1dzP
zz&v~&B26(iRb$(?l(Ol1wKF$%T+(=yIxSoKa-?yc8kJm%p9_xxu8h*5Qm}V)O#7^u
z%jo^)4M@(;32M;+sX7uFAyS!T$YGE)L8F%ZmTs|;?A+k2xGS(}$%=~~EMl4$QA`%_
za2QrLXy$`+Jq3klZ;_oeTW-~^mt+Gf_Dy{&>N4-zf9Tkt8M$~i&bJu%6Qfw2Aw`8h
zI*xq`$1!dbP;)Atzx)|4_zED$Wa1tnVRobEvBxr*@P20d6Mo%7&e${e_zLs77_96Z
ztymhG0<epNs+-gL8g6{?#USq4++^rs#5Txgg@Yn19Id|m@I5~Y+1h%Vq?lX(RY6(c
z2Sg_W2xF`)t$={QdEc|neEaL!(w#cu5#h_LlA5JNQw0Bd5oXJ-SRcr-8zyxfx3Bhf
z1I*w$Unn{#V(pS+!WT-Zl%<JYQ^>&!rV7|W>Fm(SryXTnPsYmhfBSv)o`<jB)hs70
zqQm2z+E}L{YkA~1GLafp<spl(kIq5%Am^el0v02LE?s?ROEM3X2r6Q2D)Z~ZE_alF
z*b!=Ol^L7TMCWr^Akrn4kG4MZMafN<=eu)vOzS4hJCU6V^ldnjAs65KbVpIkErE?U
z&C4_YtbD6XbM2E);Xka8Wz<Y9(HntL;EL_E5p=3*Z;F+lOvZ!-b#>DE`gL4EEV1WX
z(uZ!xOF3_ee(~4zZ*dZ&lf17UxYO1DTqK#vwsbX>R~oyKA=`tVr=GnbjheoAoTb<e
zef4kVvV2_SNQ}!c-|nXfoRwotoY+x2?zlSh{Bhsyfyv9TknbD$6<_SQ*JF)g@1ur8
z<ImW#k;1Ul-Za^PZ>G1m_dNtj?{@VE7xf8Z8F%R?&JydIO=rViAjzafI5uM0>yK%K
z&{6d9q{noTi)X}N-}tbLxxH#fk`0rvSAvgKB`Lm-;Bmee(i22rd8HKXy%#+i)qt|E
z(1`uqmS$ZGQ>R}=CXG}0`cu=xhp%52+CGTZ^US}RMX$`(aR>9P82-Mu<bLzTum7zO
zh{pepwsIsu9YEj0&5TtdL+7Dg#ZT5>5KH0|{TZ(k`Cv_v5rp6X>C>ECK4k=GZQFRU
z$V$fPeYBAnS&%20`6uq<JpzNh$!)*t?+A7-{%JT6r|3wN?;s2y8eB|Fyk;Kg**T0Y
zSgB|=>Uij2v|f3=eT(jtwts&_I(NarHd3wR%p*NpdTnDzeR?eMbLBnR%C!TOC(>!E
z6_&!H1Odj4;x*mZnT%sP2Yg<!^F&44`n(xYCScHA5Y#@84+bgton~eHNxj@3jkRox
zi^IU8{+}Om0izg$0|ElT*&heQrpcAuQN0$7f{4PCUj&V8mb1S;4ss-fO*UNb9Zw(m
zPGcST4I_0l3GW+xDQhR3XJBAhN&(!%vFT(k)RD1T-1pltYM(mfikM9jOB?<ffx0V1
zIgPiaBzWSDvRoC&!)|nNyV*&HMmI8P@-=x=X5-MTx-2)GED8M%B2Dd5_#VaVa}*?%
zsXdLr&ylBJ<3A-hbnT+Yc&t;11DQq@+zhUw75P`QZUZ$KjPA_pHRE`}opgU-)ote7
zFDpOaTC{j0dGI!Y-nWI6ZJ*`U7dStD;qkW-mR48uoM*H8uJYVOAr$#jN}T(K`Ic>x
zUELeE;SrzHZbOH&1zHgz5Rxd?t8rOBpT53oudS`EI&W;Ed=$I^*rh#qbWB@Qvsx~*
zUTpkWC9hHn`M^BnRjwU(q5foDjBNIT_s=ceOstdnxJW_Mp{YO5){E+27&?vakM`<F
zq1?*cxSyvnYPGe&{~03eY%uH`1B((UH6OsExL38*?n6UESqwJ|ku4BUEG1>%NvSYB
zR^=j&Wv7XHN!3LU*`z^)@oKKE_}6I-JlLPh8E_lmWqsT2f~jh^fl=JDZ_=VKJ}cDx
zVC(D1^{}Yt)GV!gVDN;1P)*HZXqO`7thZ|!BZMO4!Gj0<dhdeJ%)1+DCsz*|hp%9V
z<;$zQ0!8#k9jOkyBEI=+Y90-?DaV=!uRd2{j-3RAPtI`wi36`dielR5iV!z`ed%mB
z#EXr;-{+ee4~rdzboD)=ZndWS>W@eg1{_M)m1r?((8bDn0|di}{S?OZd9u#K@olCf
zQt|TkRmQ94_EbvEbNQGq^NVIm;$V2LcIuT!_1$JJE~XYEj--#DP5VZZx^BhT;C&Ng
z-$!F3Ojp~;Nan2#wpVDTe}@$i3o$6hT@2?KF+%gr{Qy%NTFZ(=Wv$N}VcD)`tHj5I
z0keP&s4&DbaB*`ly|p~v9Oq%Xcl#TXHV<WKVZm$xH|^xNsH*B<oXGXQ2yEzAroqp~
z_H8!Nw&e81q0icr4t`7&U5v<nuFbr{$L%KUw2uK+0G(5jF=YV*bHUNlL=Lv+e_WoR
zBV4VmLtZfncuxIM&@Le%{%-ZbbI8QbZsUg~YNSf++gEfJ7PqKiale@q&wF3p@Sc4@
zW8*{ns+WtV>|7?1{rIvQ6>jlAdQWzdegXc>(07+nh+)j**#{O{>%1B{#2n-bR2Y1M
zBZfs4-Pu`?6;Qt58DedspOl2seA0|A{LONz-fJ^n&qd};qLeqj`~KwXar<e~r%#_2
z-c3&*nE0UP@^Ib1EXP`!)FMQJ!hs@^@U~RJ_NG#_2%r75<r2Y;IP8W(HccLkGve-?
z!m+9rwj2DUahojGlc-ja;_<V`?1aRmzL9xP8)mxlJ8~Y0el(GKE_%#fv!1eYkFj{U
z+xIqsT2!E{&}Y)iTZZs74YhwrG&K`Std(NPo5o8|L4yi=0pr9ReWHgxd)4BDT!w>O
zBV|SJtP`UX<Y~wPzS_d$RZV`EXHIdXgE|J;-EW=s4f56YfB_zF`|kWip9h)9v_*oU
z%U)ZzumyMK9ew6W1o9;=lh-^t(#K-5cyYc9teIMC$E7Lex(-eW_`IFyE5k@n*7<b%
zS-KiSxhuk839(K?9IVX5ho*W<!eDFrc4EoH02JM-?Hny8)OMJU;2Q&4v2u@m<5gqY
z&aA*lq%|LzhUV7YJ?aGnH1}*_<UN)HUrJI5+K&3prCDMT9*R(Wcc;nsFC*@g1>sMH
z64cPy(Znz`M-HQm2~T%-ck8VavrWFQu$|ZXo2ysZ=&$n`J<1y|Gw=Q#&NId91W?Ok
ztjbsH(`K#v`cptsn=ZPi)kf3{WOa(~7#A<(VRwxAM`qffVNt#W(Vg9w3-S*|6(tg4
zzH#`Dw<#n&!>d1f7ut{2pfhFo<maKmXpa4O^?rwG#H`npGim?(?&kEaCOSOMl7~^-
zCL7;rgLMzBx*tfO=E7>Wix<T>7wzQL=Se>ME!YewYRT|Hx9eD@+Y{O#kmP}ZDuVG&
z_4zN(JXs_14;Xu=^@a?wHe``bkDtmlG00a^j8`W5|2f}o64|SU&#QNn92;v420yVj
z*P6C}3I{${V0&MX^&IuZJ*B;?URe|@n}^M&Ot(}|qYUWBIU;+@Y!MC`r8*zYTX!ZX
zyKfCWzpoEt9333>i?E5hrw{I88fhhAO1Psi;&Fa*^z%d~J2@li6uO|Kz}0tp%G-v5
zS=5=<fWENLR<oSc+^%?R!HD9ssCti|ME!+~->RJ9n@N!V+c1EQ+HzcP-Sm2|-(83e
zi}D-OU}&q!B1l4$#`x|E62P$yJSN?}Ex#%UsuRJC&gpb+A7tZ;eA`JqBs5A5NWIo|
zr-=oSvGR(FpQfDKNsj?eeo_v;B3<*&K6}k+U-f`qoVSF74c*3MEioVlrPU<$sOnA^
zb>NJ77D(_mCzP;zZ}L6JT$^^r?c;E9fh6iMpC+Bflj*Y+{wereI|k|d0C`CrdHU*?
z)*^gFj*9W7xl{Pw#P4d6qZ#?X3xgE?!w%B+V=nx8#k%s|c%|Ru%4lHj*r;dsMfX8g
zSqbm)#6F9&o^%I!-o+UGnCmmN+MI{sQkd_IF8llYrPAZ$l~Piyhvd_dmBQMwq9oti
z+uJvF9crj+!7k;e`^yNCHAF%T$H|`vKR0-q2aJ4}2Nw{QN0RbNKZ8FHvUt8-IHB+#
zZ0&Z}zk4be?D^q4=BD{=Wn9#5j(&H#$M@8&1sXT=@ZZIimE}Gwpr{aIr#wAsZ}Z3A
zZ!Gmi^=QWzwLNT{LB-xrA$g6+>J?f=)#_%y*P^UOAe$W}LrqMrG#_r5$?;LMh`0v+
z4$b4;58;hP&2u$M7v*I0K%@#qE_TNUE|yW6(G_lagsee#-<l^_B?fGtj{@@=Jf)ub
z!Rq*+<hvCT4JW9`uxYAxHh{#$1MK)KE%;QV;MT=TX2jKA!?y3X4#Vlk+>CV(qzgrN
zbNy$N?=QC-eVKGBHiEjTPdSWStYYBV$cGZ17p@yml5f$eKS&p2A3W{5Pd#JF>C34k
zgXWZY5zK}~L`+<kFOf-+s|``A-Cad4Iac2L_|7x`?Zes<L>00cDU<+lh{_44mEL;?
ziR|zVKNM9M?7tPxhPC^?`Ljymlc46lwm1Gx<Ya8Rm+}h1GayR9xo&HCuCoE>Bsmm_
zsJ#8#=z9+4Y?`k87+$qTMK#6qVGh>%i+k<V*R-E+cJ2#u+fT|;L>kX#WJ|lfke631
zbC~2W8+}q+LU#Q6gK_1#M<NCT-rZLDN6o9jJhKN$`U+QBF~5#|ITCuJBH)YpQU!2Y
zmUZHuT9|}To^feUaY0Rq?b1Gc>d6vc*lkfBPDx1_4pK(*Mz|E@9nC)C7!wAFVX%)=
zsH?Vy@Ugi{&|tjF!xDd?#b`(HE1&<iv3<Gd9hH4wL(|tD4N3^~A{nD%MqbpvhJZa5
zft+_vm(9wNMmyn|zkmPs+gDE>UCz$V>bzRgnMzwb_Qrg{|1vHIobw7#MJN%<mW|3B
zZLJ&kP29FhJc>f4dGG)I4?DNRSdj4wtq}<?-JVAVMbh1mV$Kw3PPHd8<QOe%pH%|H
zf)X#DWe@pGk7URE1eWjHdJ}h+v>!Mf^qj|0ku9!5dy$U*BK^FP)n^(zSNfbw0k?6x
zE?dRADwa84#>jrHObf<AdrciJ_<^lR@s>xy>s3*5Myzbl+Zg2aykt%$iD+Y~%cEph
zJAub6+GS>cKneo(dBVQ$bkq4(9qcxu@3EOakiEfn&tmRNFlvW0*cUTK_%&76+()_9
z#Oj$2*>4yxnBt612k-%3s#M9+d2)UAkwXnNPnpgl3qrb_`oPWZPjV+lM&b?2EfiEY
zm#DLcYzEZv#T9ce8kA9OZ>dV$&XZsl7hS9URI+{sWSIjNUo3!d{*&E6kqcvP%$Wnp
zw77V$E=QWunWVo5KFt)d*2g(i-*R)?&sL;Gh_7d{;lBWEE5)A>)PTvcK;g4L5yFbp
zAzD)R&v-fD^VG-YxW?2r(v^%Sp2@-(r~~fS8b!RJo)peTQycNm9xHvbIppJ23<fBp
zCXE_8f7a8{6>pW*g`x&PMgp?s$@P~d_>yU@BQtXNYd%7x@%pe7_SNM`s0eAzD3SyR
zo+mDQv98ew>+fm$Vil^Wtbcl(m?QH{!Ya{%Fc_973JwlV0S89(lrnekjgOBfNTTuz
z@iU?rVmw59;UwC|>;CKq0mcktzOL&VVWVJca}nD|C*6iu0~c$WO~f^eak`0yT4YY`
zpGZlBkG@A-`XpZD*EdmmRK8E^)}fEz`BI7?-vI$ZH#fIP+1y>d<Dh9kL{#$mK`Wzu
z;Ae=LnX9#?^>*IvqYB^1wGd^{EO97-#-Bx*3yacLTjMndTKWR=A$m4uTbhz4o86PB
z)xfsqQIP3BjA7=PSKqRFonuWr+>yr3&tGeKd3GqWy1hM35ZYR=U-$a7eC5eVpOSsL
z*t5u&Xpt`^P5@C|EPbtK8)~l2J`Pt^YW6c1(~MP~`9}{@v7r)HPy5}>oUl(F<nRoS
zTv_?}_$;`lolgjnaN7||EMAhnzb4JV>Up&U1sIzv8b3n|FvbaQ`@(6-GC3Lgd6-pB
znlX~OI3?M8>mv{<zm#;~j$k}F2H0gi76a)5nbR?z=U^#+Rqi22DRTFP7vGbAae89O
zhVgDFT1nU%M5{M|mXply{_y(1^M+l&?Gvr6R&@6c-MM^$WM~5jLLT|TPScIP2+!1N
zec6QZ25%3)`L^)#)i$QwPQwR;p%N65)5k);ls~9ww3{dU+%Iy^zxRwPR{MqEc$J~`
z$8c=ww;JvbYxMdqJEVo-D3SRv&b~Ad4;nl6Jua!+syzom>{0Dlk=SF81H&}~Dnsc+
z3*~cCg+Vrj=$BNo;^MfQn<+hMO<&Xs9yk_goxSqgF%y+;e=@hro5U^DJ~QJ-LkkY)
zF)9!^eK}T5fVf@6a{r?kyDJ*o7aIS}R+B%3BqW1iHs#&hw{L&JJ3CILIAR2>R+~2e
zgSNNqiX&>;g|P$(5Hz@JaCd?ScL?q}1a}D1KyU&CclQt=1PeY`a1ZVf+}(%Mx$oyZ
z@A(7ohgq{`t?t>~d)MA|Rn=8h>Ye-I*vbm!;bssx{c^2Wip7(h_3j@!Q9`kTsty8p
zh~L!cD#85}%HsEnMEQ_+&}_5l$w(YyjT_lx$(2s}Hg)Jp*z=Iku*K6MeSQktZM+Ho
zci=5p(e(16&G+WDJR^<9pe8mPx`)w?@)V0Kb-bjJ5wI-n>-+Gl>cD^xEM1<dV_b9)
zdIfLCT@xa13$n>+Okn4!ZYFnwI#tGvj?2}eU_%eFfuK)-Z03!Z8o_go%%3=~!Db?c
zK-n}z!Z5S?A-<8U(WbfvkMV^C6&_+)1)t$_FL4CAa;*$rJ2q=e?}(fnqsyBcPLA=L
z0tY}IfJav`^dSkA%omtI&?SKvJQjG3h=|y3rKgt%X8KTBEnZ8ck52~?=wl%@CrzG$
zet=-8J82&wAt4Hw1G)?b>C0YiU^jYC$M<SX)rn8>tnw&VS64fkySvwciALtT&1`me
z{^8LpC{!Xwvx<@tl2}L<ZEbDuguRZJZcc%2OjUGDOyAnKLfl5u^g&eOqL<@RO<>yC
zTdI(VKQDK(EI&4dzo+Uc!ZPQ<i9{EU<(?cL|GJr+I`3X~7hJ!;Qv|2G3cGIf0*Pb4
zc4CE(y;CfzZ}^jEQN1N25*!v~vva_eDzRPo{tm`oh4>b=JFt7&9kY87ogzL$*#_7#
z6cXN<04J-Yy@pG31hs70>uska#J+$nJKq;({_^Gh?qXy3J73QYA22*f%12zb566TT
zmCh7cPoiEqghmMl35qKX8e`+);!d1wZ6oI!9F&+}R?0KlZ4jLKi)pi^7J{l(n=g~M
z8uS}h-GBk-p;Q*VNv7f?+4(gfbo!;v#|(PbA#-rKg`GN{uAd*nf!pwRpydM^u&<P-
z5MF<|%ueY0h&0~luqaQ9^PX|*FNpL0;;M>p>LoAD<5hke@Tn9f6K6~uuvDJ<LKNoW
z*Nq!zE*yfTG3znQGh$AQ!$^x030hq_W`r=<(}PK5ljAy-D1m6Q9Pk~!zvI55W5MWY
zQj6r$g~tb2=eeu!zZ<-7H(^N~n!I^Ry${CIuD%-QKrc!P<v_P_(0Ppagnwv{JMpDW
z^kC6*eMv^<R_+9$O_wv%$8UC|EEZv`bqFzws5&4F3vyVbO_X0)6i%OQi-5uW50`3^
z4cVg22zT#0Kfl)^0Deg3r<EfJw4s0DX5H617hzwVowd2Xx|*h@bk3vCR<^p1p-r9_
z=s7UHX`bo0jqVV**@$L0{wD<Af2~gNd-9g!N`^F7g)1v7WBe0@#i|b2J+j!pjdJ-%
zQ`Jh)z2NE6|Lj}GruI#R=jR+{8tzhA8@mEyuu3~Y3?Nha(RjNY2dXxE1#NHuXUml<
z-JM67Sw%%<rszJ|TPKq(sDA8y%{@`slVQtfEZ@n=`=&56!r$O_Txjt;(r3*bqxk4}
zpf>9PnxP;^B+HUZ&)(kt^8D`ceqdl=KGTbk{L$}z*E0}$6VFANJ<3sPCrU<UR99D*
zs4xTM6A5W4en;vYAY1&f$VP?KKt@L#6R$EmwJ;;$`#^gCz^vYRcE(whL>R_-bRzI;
z<C|o@8Y#mDQu~-zcGJGObKZfXZ|8yb2N;*Qrj3owY-Quh{clCKroUi5Q{tsRMW0Ji
z(s>zjxk_q>KHfNwGWeAF2cI}ZMPUzp<i5b62?#px`zrWV?=}qjlaOX)#%82l_@We!
zZf8daE-$E6lHpWv$M^cCb9?))AYvp_V^T+H$WyTc6Dte#wk8D{S|!@Ua2{IQ^P*br
z{8{v01epZ$3$>c_>_SUF&wB>0UPN}>*{rd{xl7rcjJ`WOSq?W#L*k+&j^rw>$OM`$
z@W<x`Q{9`vE}95nncoQ>s*-OQUq@8N8=csnp8PK_56xZ8NvV*izRJ<-{;<R@v7KqS
z^I6LP9?y4f$`{kXlM7!(i@@1Cjik*x$P$IgiWAO!dM9$aLT9Yye2{szXY&lgmWo!C
zq&Dy*T=H0_PoPsdL?o`TH`hSc05mihyMi(9qT|+!QC83ggY5Nz?k|>02qShDOn`)r
zE{mQR#&aedZvq!<ZScCWRU;jiUY3pM5-~PXL;86S(XULjdPLHkR0i&|ElyfBTkWU6
zXJ{>fsB|Gz5^LCz(t6GAFLttgsrHl*V>P>62Du@NbnWbC{&Bi2qvzbCfF&%LuFl@h
z>gm3eh@6}@OS_gEMJi+;K^uf2a&RWzg%$6jq@*Q3Uc}mlna#DI^c5#Xx;Bv_fW|s!
zrT7IWssb-iqJ4tNWb_rpSyekeFQ}yJ^7A|Yio^aW4%mC6NMywzbn&FW;fDAcW3;NB
zs`M=RhVQSiyE!M_I8Oq%U3lSo%NRfzsW>AdQn1hRh2T!>ES74~Tl@>|Phw14W(p`&
z0v20>(uI5-k6UAmIyA`))=|R$G{zZ%w?NRRe54sio_ZhC7}uun@L(jBu-E)dy3Uao
z5j_-3a*8MapqT?*iXWZkSU|<h(z2*Os9*P%tKeKA9*gtyHE=ZTM}Vff_Ha8zKGZ6(
zwV_7MBq%^FSYgLWt^oH$na4Q=EqJe3UQto1#WeEm$t4TtVuxLFs*V5?PW?YPx(u#;
zY2-LB^Q&!!D+KcP`ER1?bq?s52AkH7e{_36(fC5UB^Xq>7~Q9Z6J<Nij?YjiwEE_7
zUNei|DF>LVwHd2mtkho?H1^ry%AyYprWrc$Gn;+*9_vb>0QZ@a5<faop@eCDW`8Yu
z-rW@pqDVXxA^ihTeDES#i+su9MF*c$X0IZ1pC5O|>_M<N-f*;wdboiCj>s~^)MsAf
zN1vEp$5O$cI`nR8e4G-!TaC4RBbhp=dgU{~!TP~cA)!bbmsk=~`{!dP$K|&YirxEc
z`anq|*sD-;zE^pw_3oi358V=2(%*Uu-9S~w@Xe)SCg*~6$hBYs(yq&*QZ%(E!PNUL
zy1{`Ngyq&9a4OSI*eF<7IMh5rVDLr262%<9+|-KL!r|k}YPsaN5^CPZ7SLM!jtfBb
zkA89`chxUIp@F$d^loN^)=E=#J*fK?<tag^EJLoFXWkPoS@xp26azaKQXLP=C+8&m
zj()`>QWa{g#PcRk8nz)+X<?Bi2M`37DJTy*%T(G2s@ks~k-iRQb)`6bFc>T6H1zd8
zgX05bCanfR!2cQn84C<&lai6K0v}2Zqjgg}%Ff^PwYJ;3J*0q23>?o~G<VEtxp`Xs
zyi{#Cpo?QkvN*>~krJ`sOduYDge}QMUdWkP^f#?m1#YTbAcP8`3}n##K@!1w^i5DW
zlKD5%8w6duwvSuPU9L@sh`o`Ks21ktlB%UspPKx-_T57zQ5Zu|cmU;#slB=rpB!!h
z0q-(|ad5^xU#)rOVM5~DRavl0*%CWrrTZ-t>gtPJNNr}0bg0Q?XL)hT@gf=F(aRf*
z##~LKB>rc#MCbwwR=vI-F(o}ceUH3uDw3sWZmwuyIOsRsNTv$REO(F0A=4;FT==t~
z;H$_y5uw}z@J;j_K9psasQ6pZ#9NwwBUMTkrRoU-S~iC?vi(8anu&B8y2V^FMvTA^
z;J#Slu#FnJF)f37%fBXKszMkhO^r=|AsFx&jm+$}KiW0PD2bAg&LinN5h8~fVkVHU
z(jv*(eY>QpgW!Z%mB&T5lRmBU5&I!LDA#$&V0H|M;In>N`E2PlRN?aS71-vc6L>z2
zIpaWoCjQk#uUa2Go}WZ%Z8n|6(ev~B{!}^r!Hr~u7h-0|O-ywe3g|Auy**T2eYrF<
z`Bnet_m-F!WXfsHDt7*4aEKO(-V)H!b~C<{V;g6lmN&m5$J(#jb!tKQ^r|;90jk2d
z^$-Na!A0t<v58WL+)gg9KJHilnb&@69en##gm&Bc^Ui@FtD`PcT8cZ<?ME$&F&yIb
zpG|ENB{KXTQ$3tlo82PyR{SJhhXBH_oU!&wS=79L$`SeGajg#*+84+i<O9vpYggP9
zXFoMqYq?pvyHPEx{jN3)=h*a&vj$_H$pX|@=i1W3!%d5NhHltjLB2pq^iAz=_{alX
zHwm4|a$Ano=>q?G9v-Q^`J4kh(kpQU<mtS2=Y5YK9{?Sj5BX_Sk0WvH@UV*xqfhNu
zSrhV3v4fDXLW$3U^14SSo2wLhI|w@GcVa@tIA#BijkkE<G|T<EYj<25P-F*;r!Iws
z7|G=SoY0}O5QonGh?AWW6-58OKGS$2`k|$uyte#5w@A9s_MhZ<9Y>Ya2QU<iBujdB
za<Yjgo&T8OQ@i&6FPT6>>*Q~%n+{LV<8k>Cu2HrUD45{QQK{=CzN_t!fSu=+X=i+u
zb|#ne+tl&!0cn~G;Bug<CRxY9^2k3^rT6&XlK$rrdxx;YO#1oQ^1c>x`G*3*_yn)?
zz@LE}k6q;pWdE6xf7h}1mYy^fmDjrrn9d<s#kMWpI4cr?9c(i6Nm5VueA)hUM1wCZ
z>C%kaT@hW*_ZESif$d($KqL>PSBoTM9hfdPPeu38egj?u{-Ln~+}4X1wfQ(t7b+_s
zUwI;ioFn}2V5KBPY_b)I;f2+AUOfkJ1s=&BjQ_k4|85l+3HkZj_Co=%F0UUBSM)(I
z72I_Hefufa!1W-%wnWCj01qPtxc?bRr4epW-meir71JQ9_vIRgU#<ME_#gQJ|FCxt
zAL@*I+(XwtlgN)E4R<VU_5a-20w*fra*ES6qkz4e7=((4%zPm9qD<(YnEYo>7z59#
ze!fd~TnJRaJC$aWnC}1ChBX)tMy~$zsA^e`j?X4>T<rj}gbA><gUcES_Y?E?LxbzX
z^F90jzAbl<+KRM`MRA38j`&@o7S8!A66OPe_b47R|MLd1ftagzgnQA(iY^{j+Fv(W
zUsb|mQ(luQiNKInZ`VRgKk8`xe*%Zn{oHx$6vo-8gTC*54sYiJY<m(uj{qEIw>G7&
z|L>J|Yh<Z#&+?ZaqaO<f%hn1jG0G6}zs|ib4mVs=IDYIe{NFjWW&%C*bkL_cf*DOw
z0tM1}7OG%{b`!jaNAj%ISoqnq$~e(a-@GLLcUsjI*N%*!m_G=N#DCxnx-m_N1Gx&0
zrUD~%b>D9F#ES?nuh#7UZDuF`?>p}H?f<)m7F$oxJ4a9l!Vxqx_<pui43rF}>Vt06
z+q^3{;ZBMLc)uv8=V|{^x7z=mWm5K&hXp}sW)O3k`+1I@|CSz8b`K_^*rqW5qXZet
zf7j|&B61}~B1I+g|KA?~+$^=PToP7vkPl5BHwbp@GOXP_JVr2rO*M^-mLWPivkmjE
z&aFGE`S9gWPq-r_{8t_F{B=X-*lqzV*1YrBwWC}f22)5HVMr1J>MVk>I|J`xHyxs7
zDs!{yKaHLQv3%v$S!T9b?5)||wnWf%jYyqw>Hv$NUPnJKH!lNky1Mp*k-GNnaL%FH
zsADh=XN2kh?j6*%&NL$<qrHFBwONoCX#%FR*9m2-uupi9b#sh+kWn#JOz>d9t==#g
z%`R{ItaM98P>iN??=%t72V6S=jkSv|k6yF0ebsg!mDnKma*&i_iaTF#c$z{VFY|(1
zrFM``53C4Yz%bsXR~)mB{fS=Zy=mLSv2kB(GY;60?9hT>WSReU?x@g<|8Bj|!aMZ|
znoS4`KWf~*x4!R%8817&SaBq}_b{fMy)`4W$hcKb755QGip-FyF1PC-Wo{8`Wp^gm
z9tr!;5mJc&LGS<p;Epgpo8c`385!A5?<Q~tVZra_8DTuDVC6kSMCtxYiE=7}Id*{(
z3^(g>L+~mz7w-8dWTK!{weWUNtoa!;m5-Mm=C~fbT`Mfi#c<g6aINZ1Q+StKln_tS
zvcr4Kud{qG7J{~R2naqi1)l=K7E%PwcQtdDvn<^uO;to#5R?$mOy4D1RHVdQ0sP)&
z?BZrzOLcsGnz=S`6Skgw52IQR$SgmgaR0o9vCcD(hDj3;jw^vW7nZ~8adeE@*RlnJ
z5@{<({O7GO5Fl_@|8gy^QjI_DJv)NTE8OT_klvxWQEE$^Q9>1x_USt-FFbm;f^23I
z&gzYeQL1Eq;6bxx?R?9{9q_13VC=n~qv=E0e!lYi_ye<0K%Jl7qTq-!BhOLKb*#=c
z$?xB2KLOM87Ur?t+lZ$9m8CtQvmMxC@AEPV$-Rb4k(0{N>c$xoSfQh?o-a{>K2jfF
z@)df%1zKhqIfGe|oIy-T`{-#8%Gixa-%L=<7krtLp*1N9#^<x6MqrySdo=o?8vS9U
zxypYU^KXIvtRo5}On$Q<bokwgVKe)$!0p~>x%vhi#ZuJnuNr(qU`Pbreo<xY{>t9?
zf#lk0HTJ|ule)~7T5f*Ezng9cQ4AxCb2{li`ZW1%ppe>)*z?YF>;AWjs%D>gFy0C}
z1Z#BB7aK4W+Vz1yswkcP{U{m=pz&0$6-9{xv9rre5M!h>BUE|Eo~&S5s|TXCK?@6u
zXI-|`=k0&KUV(Y!^>%i)yZb0^A<?;s_!)<xw1nwI3BoY%982f7nIk(xK+V4D4D2>3
zYIQl41%sa9c<kmx|0PyTuU!2fY==m5dfuWF>d$aRfHay!DgrBB8lf~#W<-R#O^Li7
z(WEx6ZA*L!L>SScTcquQF`(su^Oef$5ER}i7{gwQ(_DZZ8^CmPCewX9!+Rtgl%&I@
z{D@P@%F=qsrQLSLT34wr|FemRnOs&WT21w-J?XY8+JJ>?X11?A28;#l>gV{J5_~y6
z$;FWXjHZ@Cto*if(VD8iZA<^tQ`NNaUqD{Lv1-71qDkv+LG;SP+}vBPbo3hCFC6Hl
zmep!+f4FSQfHgekTfEqFcCh8Gz}{`6O&5ejhYYDhnxrH$Q#>F|26R2Y2GcJ}%F84F
zxtWzvH$fK@5lDm@+_`XSg54hgUR<64%z(nq$@u55t67_>eM8U>uHyaYr1&eBrRz_;
z*BCa>KD~<+{$u63J3d|}_f1PxF}bKq2~`I|>9IoQ%jydHk<_ov)~4(m#>tF&68^fT
zl#Uj>TX?@DmxqcWcG~ZocsO)qIrbM{CR*y3F}y+aBu=K3ZvhGOmy7Xx<h$N5AXkfx
zqni}f|72v*Y2=*?)AiX@*pnw!k5@Oxml@cIN~s=f`}ubPa}_1G6S+2ZEK!WPjD_wQ
zVVFZ<`gRhE!fKxv>5>Lfsajsr&<4KZuVS3f!d^9d6ZPMLzu3R;kxQgGaBE;38lKgD
z;_ngvsc6oj7iw?=RzoR9xA~ZW|E>X;BqihJ=Ee<fAl(#@ECb1qQB}q4csg?0qaZI1
zSfSofcA(8z97o56lbVu~L051TpRYzQLGS+hxEA2r{XldwFR%2O*KX#A{XCc7s_Ybx
z$e4wW6Z_|f>twg4rRPs$zAG2YxJ{d4_ZtarLJLzJ#_iwR*vM;D7Eyt>ct-cvabh*z
zW<v*HXONt__<Eb?ZXeaZpBh_VQqE)1h|YG!{1WIYr4fxA(y!WT9S$9iW-S^WHigg!
zUB;UQez)#I<>5hUE|Zog>*&$-iC9j|oEN<(-7GfKFUWQ;#@A%Kdps>aIs2Ql8i+;Z
z+<iS}<0O{ecW&Jc<8lTpjtUxZP@7EvR0o^f_twVz)+|xkN;m^WHHq@Wx}?n5eLoy7
zzkxB02y}!;SE5F(->mqIRt$_*Zg>m~j7mxyc+pDeuYVp5c-RL#HYTCHK%o4%tH+Mc
zexGl!ke7k~PoEFV!2byx22-4Tt{zry+J(VXIknZv85uW=P2f*nY<xU6xzAthuxN4&
zw3NjCG_QVsE}od?GWiLNw?5(IH)@1Lrp^Z!kS2Au_FHoyAt5F~H_0DfrhzMD!u={r
zepiJQPrES;=B2>>)>dkL{mj$j7po)AMZVZwC&O6_cl!jte7Srz$uO!=Nz_1Zktlkk
zGw&p65g93eG9bl@{OtOdBecD}hV`N)a}-q8zLG79vyZnKA;NQwqN^Ql<l>)H@M`IL
za7CB*whZ}i0B7~7t)eeNt>fK^YyrC1Vki~QnAr7-bm;l_iS#_^==L-Ugkk7-pLE48
zkr3yN7ZR6;6<N1(7}|$AsynJ(Yi#ey7Df5bCUE_+!JYy?SdAh8)b3NGdNiQ~mD<x7
zoy2r83L0~Z(kbcv{T~{P)amG+TtP%}7QGw04IU`)?x%zGD5kNle2SczbYgreX6C^f
zqN<F!Htr@AnG`@)4GbOuI?2obkyz*1j_M}jqwzm{3mU9ya2RO#EZ&<S-^JSoOe*<V
zSqOXvQ(;(!BvCqP;zYXck6H$XO;na!KM(cThJ}^r;D<oRdAJ%RCQ|W4D7rqvOt7d;
zC_`}Dgo#$}Nv|4ygC&Z<_-9Cl%ySQtFQ0?CtKXw<?&DvE=Sy$TTUdvYr?G+Ea$$vz
zr;PGN@lZ2TP!Zr95+CpKv#CqHk|Fua6fl>TUs;T8G;4f)Q;a^p$bIj3)A~DFB?+nh
zxMPKE#3|sDPJpRbg(C{rGJX#&HV7)&{n&N9V4R#Z5`u5lUk_3;{Ve^!9!+^!YJ?Ze
zfsU=_|DDN97h56-I%!Y+=}V_M``D$}ODYznYD=4EN5`jLlUdr++y;NgjSx?tRlr)N
zU6s(-q$LfPb)>FZPwIOU5jTGKw+fmBd5h_3Gls;uJsxdv_M^>yZ|<hVSQ8>Q2UcK<
zkCnfNb4zj)RG4SEJ4201OvG~&bhWS$=%wy8%&Alr9k^Y?!r|~3QPtZneoh;M$?$Ui
zGegoa5Z(qV$;$S<0m*I*?NiIZa`v(QudlzgUK!1viNt{%p4`@C`nF4vG(O#~2t7jV
zT59hAI4)Wwccd%z=+*=EOT;>TW$__#6cmxjOlGn=Y{aqW6xS2{s`mSj8s&Jp_@B49
z41gQqpB5G-PmeodfKoiP8YnB?JDfH$7!|6mfE7~%W`sXGfV8$Y#9JWXeXvqX?7d($
z%~Sw+WLPmuej>#1m3V+9ni=6&isi0bSSjIwKl)hucT$3G)8j1dg~g0mi1WZTnN){<
z-H$ug?Qg!(eZH<^cYVADweK?V4@xMf9D-SGs|}zJ+J0g0J(&A_^mxqH`f;eJ@&z~)
zT0C=tIntWtJ{C5<|9}F#uMdl2bC-UL5|4tU{w}uMz@G3^!un$XzLmBni-6zlideO=
z)q+g}5OA)@uz>*kX|_tgmKZ#^r8_(Q-g?0NyDlj=cArx5kA#7!M`d3}dK|)<x7I9S
zjygzK`S8;yc?TQG3crfEwhTcItWOj!F1S!p^DLnQ@=^1oTjoH#hUgeH=N<aZv6MD-
zP%M4j^o>Ah<+pV8f99qV0hIPM1Ef>kQT*eTH(@w93?J-Ll1FoLadm<04U5NnpPubX
z5v;RlLf!JWNK^p>@9%N;6u&07a!O4>lotLDk^A(C31~oeA?mo@Jg16mj>qCLf6ubV
zxX&N;tA6bRO!zFuN}V3_^Q)?3Q>vOw$txZpXMNeNPWWM*tRlC=bmTF)W_R5UM%rh!
zxt;yDV!1_mId!V$@j1WUgYj=p7vq(B+MFz>u!4)Z7#GTqO^hCmn4U?p9?gsKNdhju
zAEE8at2W*@)lBN;-bvgktk4D%q1EvVgzM`sE6rdQ$wg{xDdh6bt7Bd4cjNaK;ykmU
zAbhZSu|ZF`Hjv|96yKUlgQPT4KpP!GZMhFjXE4^w<)K^Ao$DOoRK15G<rP|>l3)ap
zBvn+SDuKPEt>y&V<6%q2DVC!}fP2K4$Z7lneY@2|Wm7KMSnmVxR6uwj1!Nj+UZEJG
z+W_Fv5cfvN)FhNgA<-x5mg8wNg~ltH7bg(b2*|L6VaF8cS-*$l#ppsr*cE1TESDBc
z?H(X_yK|vA(V-z~f(<pyajlVSQiHk}hJEr)BP6Fn(r6GA(Y_V}=*e_=dH=KN$`K%l
z%+Hsq&zH<jK0^k^CbM&LzIM!Ka!6DF(yH%YP7#fW=Gbp!5Zx;m9_6*|LAk!%g!Vnc
zFc~*4$%eo2?7r+P2pBxw(1=AyLy)kxc=H=|7W5M{zZ;pVfFr>_^L()-HNKFD_MMzD
zL6y7jV8W4|aGbkr#|=Lk>>8um<bF0LCbAngYRNaYUD@Jd6sL8;gl}}qxPJ&>FKwv2
z^b{Rf%OO*WMaQ`fuU;orE`c2G7C5ZmSuV_Q?D713YHW-r`$Rs(rPolD*{roe*XUu%
zbAlY?r?|8Ad=_mXSWX~%+Heym^3>lbNu)NLZ!v4j(_`TCyl>DioxwPWknoi<NjF1T
z9sf1HxTLghWx6acQ`q;>M0|1}0!H<tMxNvfPD!A!f4t)L8+fU-Kl4|Igp1-;BAw@9
zZg)owtEbuZCQ=Z6(5>|aH2yxtT2XX3E-W`=9lR&}{lZiizx>$oyEMW(bBo{Rgl9<B
z)Uok$rX?C_XNY4lx_Ix1-^WQ$u%fxQB_N_qA&qx>kt#HasMJsg7TdoEV1suep$iup
zk>>4z25g(nuRr_xI+G%!y3-e623WXmbd;CK{6odusGEUd6En-pPYrfpqKCOKIm6U=
zVDSOyX9W{f*v>~3Iks85C@TJT>0NO~y+`(HbvA7dkuoJBwi?Payk<;k?e1+e{TYH^
z`-98n(H^y9&79p(WfG{ny?Hp^1oaHJHm#(EkaB~a<K%M9kx8IptR=(A{blQm3T@8-
zk;F){Yp*cb-}65mF!O45yHq(#eP1|Uqk4*5y=^n#TT5ZamgugN<8Q>SR<w9;@sAbP
zoOCXDj$4RVn|SFsFMg7O!Q(D6+?t%~eEbGbJ~_rX^xhZ}0Xoct6$!=)%g;`0zwq$U
ze#veLdtUK{k#+n7B3f4OSAJcbOg;qMk3BOa!A}TbFslo;>A1I%DaLW>?pOc4x6RAf
z89YYPlVr{MgsFEln4NP#plvgdy@K%t2^o!*BVrfZ)fhigC!Lq}`yWh}PlEazZiK@(
zKkdx9Q(0RQfFmh`+p824+K`fGT<5JC!(R<0{>Y4*#Cdx{ktOu#jM!DtRdy(S5^3~i
z^2o|GJm~a;R$%v(ctc7~8osW&aV5ljod9I2lC83rNbRa>tf;uZ*o>|)>UuYCLlKN?
zq}AAHj0pCcL)zoe{kkYA)8#iYF>n>+P4fLl`u4e;fM$Q!M}lun|2=M_;b!2SZqHLY
z9<xEJA^$Wlzh<u7xSGkBDsZpapt}DnMv*yqCPN10RL1o-u{hNz$QDxfhasIMrGLw$
zok6J<{Y!(;mxxedjvz6;f<G6e+v74Tx4-#uP&%El#xEXUo?FlW0S`xw9hN?XCwE?H
zVu0^y)APe`W*tNCUlJ7ahCw?sPE!21S!ZF@<6lY5yiY9b12&#D26gBUAdp<CodoVO
zJ4jv<Ne}DR+byPA6BK2Jl#gAp)A{L)_g)UAP7l^g8gwz$ZfCA3hR*L2w^aBZ_g@y7
zm`_K&XD32s5hm~MZZg>J*jpc?7(s1YYX|tn1kRUeoVciiFAZbVpd0txcbjx4y{JRK
zZf|b`f4{#<oxneUV)~O)+;v=jYQenANzM|-AR^~@(ud`KMOfyKI6&R7&YG<^ilst-
z8SVe*xHcOiSMVw8r-^Cb9KAMwdsx+9bJ6oBFYd3)n0@1K9-lL=d5IrejN1Z__ICl}
z5e^P&Z1+W(xH-ZzfloYP<S|^3-N$8`I1V)yXkFJ9^11E{<d;I>^$a0Y)8<?7Le5)6
z%)i`ML<W1$wJxg-nKapwosE$DJV5wj&ZbJ0Duu8Y!OLgpnhCIFi}MQp=LAOGowhm)
zB{04X@@hLU+98TZ*=rWUnRt5u%vSGs3HJ@mu>QWF3m~LEF!$EbARb*$5fL$IhoCAU
z5;dY0(3}0CC2nN=NK9vhrTfyDa07o?3RX!H(x0Ym3Q4M^%Q7U|P)>T~<NDN+CT#OM
z%uKDp0rVK`7<%p%uj+!dAMameh7-qaW><rwsy19_Qm?z5NmF<D?PYfXm(iwcin8cq
z^RbH#({787E-xdEn33;(%Ue8N^<1qFUWWnKvtO<p%*(teHa{2QF+30*lh~M>B3t;6
zaZlC;Y56A<S2rQ#XM(490vVBcofC}_+M=z&8TLz0k)Hm3j*%E5^v!XNkAy-Ng`ry}
z50`h(tCg!O-qMJYY``{<$Q+*gIM$IGpeM~uEF+D@z5grk$yJF)VJ0&VFUc7pJes81
z)Yz4(d7P6M*RS&zcUZKdX#ct#vQG1_$zC+(xPaaDFyw&iZ`G+*>6E8>8T#@zu58WL
zYBsaDvx)X3tKx!h%|GHl-H|Ur^F=46CkIc%a~QBP+Dl;O7o#;my`y&#!O^1f!Ri%<
z{dn2mw1r54W-LO<JUe|W?0Q*f?5S4=5apkU`=?Zcwm^Mj;%$vwQL}X9dk`<iV%0ko
zG$;>)->lTr*r%#TbE9|6I%a=ey|-NHgm!(vI=Ckf$;TFBQYh-_LMjRh0a!*k@^}H7
zOz)~PNdK9Jz%U;CFkGtN{ZuZ@)WXe;He~<{8=;%y7R&@46@Nrug7ZTysE^fnrXAIV
z=W=Onjn=t7^^ZJJwCth%9!FD1Z%lbcMzMM}5lWfr^)|^LL0pC@c$ezbb*sGN27V%;
zK*Tt2iC;xG7s~AG{XUgr{<rQ4U&aA-k1}p8+xr?d;G5fd)4MpZ+FNaSBrKA3@#RS~
z2)U}H222RSqIxdKv75E$=N-jt%`rI`aX+>O`ry(U&+Stxn*yH<D9mnZ<G6+XYJVh-
z1{=D?TJ=HfZ7uxjLUz)1J@HBpxfjGnb;nL@4<S~tbOP?lSt&EutO<XEUH!Ct$I->T
zRhS|`|5H%kfcUkr&>TlyPrn@7O>&3mO^rcE+nJTB^>+RBQ*mduk+l|<1I}(&&&(!^
zqptE>IAtk<mpjGm)_PAtK_VIo4VO+u!u5glEy)GBeUmIKX89K4x{Ros3Iwt#XGJ=d
zM7!&oU;%e)i287<?t=HrjItz6d0Ao<zkw=XKp6=MuTA80sOW}FLUc2`#lxERJ%cYd
z^uDJ47<+`oFV(g~53L(>PwSlEP!6e^hXbySDNz5ai5@8<a9t~*W#*l{jVAX5Bt(uj
z*h+scCG>-VlG{g4W!#~<AK&-K!h-btlQcBk$?!Aqjmsl;etB1YK50hE(b?mBjSwsj
zsK}erLEn!0FL=OI{_kM{5#Je1X0HC{`<m3I4W^=tln(YdnBg?_R6k`}jt{WN+RzQ!
z7^m%xC%tQTS-K~z!b+Y!u(;hL>^(yW1zQETgb$pM6!HiRnB)kD8&nw%B99(WcX)*?
zt*F2HtY@g%=cK6lT58ZZa1}@@;7BT*6O-UHpkC#U%8k-^jW8G+o~qXma;2qcai|#S
zFtU&48lGypkCtfS9N)FrsXV<8_w@&!Iqv-8LkX7Tq&_9pv@6@|=`b!gtPNj44vsCK
zs-M%_vmY4o%zHLCg?6$fs7&@=)gPjG>}{9d4DCp6vm1xn%Jf^)*aN^l=HcoihfUl1
z$ASU8yGTwxk$X+zNg9^cHJS4}>W7DLOkdZ80hHK-XQJ`z^N9}C`W-K)UvN-`55MhD
zl(;;(UAQCJ{m&h9<Opp(Y|d+L89zdI9#jM3Ru7Gark+%5e7q4SL-V_^x_iwO98sw}
zaP-MyWY8R}88BqHIRVy4@wG5Et351koWr3T=dqKMF3i^Q8?n+OYT_eL*HI)YD#TF#
z%WY3i-MPLO7wlEP;!A*iId)yeDMt=CT#isEk2^Z!gjFCm(r!-pu@9swdRsuv6GbU8
z!U{WbPTHPiu`Xin4SXFd+9FTQ$bwsRgsr&&eTtb@Km!v%0MytgoC&<>dyk0FN9S%N
zIfl3zPFcp5tbUq-m0V?QTJ+b_@uU4M&Gg@Y{$%qKl(h}9yF@Xc$`aeTiMP#I-Z_0G
z%9(`dna)NOt6a`cUpLx04QKm2{0A+31|JwsNpSlGF@EJ!cDO~HLut3{v1hMrE2Euz
zzo{r0ZAOdv1F_flgw;k1l8Kd?<OAwU@1%WN0}so>n=q1OU6aD;F^&5yQN^%(J^ZsE
zBvOtcot+ZY88QZnXz3*-AN~c5bjUyMgvq)BqJZ%xRkxi4<@}<sc=HwMwmZEuny=pT
zTs2B@k=@-#;)VVB)BYRAR6ix=Fs$GvH2m?}iklw*GB>)^_3?4B@0ldJ6a&60*H1uf
zG53+v#`x2l5;C(g8v@^)CptGF+#-W9Gp7?c3FljNo)jzhRI(Ecb}wp%Mlm4qGAaWb
zp5`^e=Q_PObkiT>W9^T|VHb#oOP;4`(YYcIG&wnb3Gi)k%83W*nY-KP4gBZL_d{uK
z<7$P0jzov~5qm-)c1JeX?4ZZ`<@pnmBh+e-|E#l0^)z<ItCqGYIQEj1PersZE(Zpa
zIQaGJLK!a$=S2rp*C(XC%lMk$lXv%d#oq8R9Z2_&c2r^WYw~YhtP|#8G_gSlgPR)X
zgqKo4Cn^|%dxtXa4=5mc%)UpXZLl)i7b*ct%pe6gtat?pi0UzT9|P&dwM=lu+jXI5
zhIJYC`!7>$DG@-<aU(VG0UrHxpqlm&SVcnpjW~P~;+_2e2nD?<9P>YdGM~|G=S}1S
zUnaj(3BP^c6_enB41Ewk$5}zTFyW9HFFkfS%BWl0TJ!f~$0E)*`8EP$sQ~PdS2t|b
zdtxi=_>+cuG-j*I3yUVM+%_AsXyK{L*yOnvNF}kt#vugXyAOzd>;8$QKxmJX^Q^V#
zd%ZoDtC~j>8ux#L{7VgtBiTdH<7EK;aT?8w%{<ddrL-`7=`5%d+i%qdHdrAJb~#G-
zNV*W59H|^OYERk$fGeZ(JHm{TskUFymQ3<BYCRs9=$7#sIAO>`nVOzIXz(jWjRw|W
zRP?{e2Dbupt}tsh>Qm2#tAWl~o0$m_C-@5;<K8LE=OAzpp@mG$rfiS$vYe5WRgA|)
z#q9nr*s>Gicwqt8DYT!%kn|<zXhxMH5nHUY_Pyi+Znh=>Ts*WLc-x<L{2<04Ro{+l
zUhV!CRtpD-;;Z#AM<dCy>3@lfJhMrFb^O-ti{q%RA)@#~l})RFOnX*oaeI2{OJJy=
zO;Nz+_ztd)PFOEVe}LwJg7RdGkPTxz_oSGaw<qelc8<TD0BaV}#5+CuYNT1bg070V
zIhM_;c&HJ$cPP;ameG1<#^RDj64n2(E6HfLK2Z)&xn9S1`-AB`R3j3z<Bk=A0J~_~
znVXr4F8Ls>9zr=}RkVq9FKV_%^E4<)iT&XYtvD+R?p0p(T9%K2V&YwSr<p46yMJ!a
zhr34tM_ed!MPr`R^N4cpdF<&4j8GT#F}I^>PZQWIr9=4TzBgIBGnVW0O8GM-$TkHV
z-E`&U_FVV{m&NEfyU?R~=K$k4e;8cohwyTj73Y$=rg&lZaiiNbvsERGRu&(S1uV_+
zPg)^VHT#DoVO0~;No!KG-!~EgcfR7~?xY6H4=XfZ+4bYN1?1CWH+@83)W$zO+!P)N
zaRS|W#ZBp2Tt4$?UWc_O3Jum=HBI3|)dv)$`Q;C;lSFToRDL)u%7m2E9P$#>9z{O%
zTPb&`VId`uWqNHiv4v0#X|tKZ3ViB3>eN=h{%&B+&?nx@TI?*aLep!tr|R{KUy_b(
z&w2Ww{)h08tZ(3?*lI-*Vb$Ws4WP^}#{)8sDM$qmQ59(Isj)A<rwT>tIKm`T`308{
z@_MC$DSJ}kW8DXk^{$nUDVa75$3G2d&Dzg1yWNxk#iZ<k@UsoZeS`PhrN)?+(BJtx
z<+CJ_5OoDS#z<<bO1XF(i(*a$BBiGQp$sa8q<5jqY4V?+=kB>lt3|Hv?;KJ&jDa-h
zIE{DEm~&HZ{01cfOPSU=b_T2=wMExK3dmG{nlVRF_esLh4BMsJ<&wtqb6=IcXdT>W
zMiDC;HY3$4QhJ%(N&Hg?LUW0Ul6C3tH;c$<JFqiwI5&{%Ikxi|bWdxt;cC(NO?q_R
zKyON#1K(3pp<roHcm4PYP4W|x08Di=yc0iifq|ioH&nnC6cNfFSPgOm-^kv2g<0vX
z!a2_HI2`SCI4?#`)jTbH&@rlC;$Si_L6cxhwRjFu?0oZPAo{(F%+F-Yo4s=zVx%zn
zaxXX=uDB^NnYphed`Y#8WINGft5AN5#Q`y~siDT4xe>CCmEZgn3s4;Zc=X+_pZQ>^
zhG^qWY6C&9Uc;f?V8@5%yNGmuA2bv1bhL1G{tDqy(4>}dvpb0LJ!#{A3ifaLUe4*W
z3(>2QuF-`(&-<PT$j9CvKO0S(o!gK4-nlnVWgjQe(NblHNaJ)Opu%(UU4KTzG+htG
z;7f^1`~iKro*Tny3eQIg;F2dQVaYeRN}l1d_bo5BCfa;zZrQ()9UC4UJ<dT&LBe^O
z*J=CI;8s>1Fjl&6(0k6CDWS~$^S~wPWU9rFcWVjz=M-I121&<k?A&e6*l3?u?ZZIZ
zu+j)ZFoY-AmRQ;X`<qH~q3mz({TidgPv-odJ(7b>{@ytQ`F#|Yz;vVmmZY=$Gh5b%
zSxWW1Qn^;Xu70Z`85I)tqP_5p)bO$YWxe+sDpo9OsE}2)(y#($(OUVuto-=zZ`V!w
zGs4%)gJ$))S@9Ng`klQ}sl!cG#>odx&%&PDIe*vpkas!nBleK!s-*|m)$@mgHjJw}
zo(i?zmDVil4UH8q1IOkawc%uU$W3lz4l!0k3pxpZ$o?wmxhA7m9dH_@TUy;@Kz%e}
z+nX?<H^MU>#QJSL1?5k<FEu~sdsGtZzKG2`c~Sl{sOv(ly~|0!1OD-D#n1%!W~*PR
zEiYSmOGA_Nn#}q>KitQ3mW?U)b5;Gxl=1krY75(~sK!Cw6OcPIjuiMOY`WqZeV}<I
zv)i0ot4uB5`1F)PdFm12RDX&`@Z!sq&j?+$!c0nU>Ky&gr-g&RCePCkK6kzBH1QFI
zNeh-4+g=SOzD6e(uLD8lcZ}fdPr*nh8%t_781v$kj#j0&n=uJrJe?$N^UKIa3L=NQ
zwVOcURM|qsF)&!!=eCgH_;M5fNj-Y~SMSeQ0mP?lL+5*9uwptdR$Xt!Nv)qZ`f4nT
zJA5{iN=by%{I4omi3V;yJ{cDLLYm})iWY;65+D7c`s_NbzOi(r9EfXR!zhYABRwVs
zTrliDR>XyQdjD~KA)y>erMEmNOV*liXd<3dCXTfDE5Po23q`@TNW?o2m7#FWIlxvO
z-bq*JHQ(;<uDiP2Y+>Ur47WY_f~EYLBXfZL?kkVJV+&WkWogh>c_9HD3JD%DE6@At
zKp6`??B5EqdvULM3*6uXyw`jMCb)dq`(CtNEWUtsA5m;>muHs!9{TGZW=}VC(89iR
zWu)_C*cgzXXWy86<Ct?#_3XUZx9#w-@W!b~GE$+nAM<+H<Aeb#YubydN@G~4mXwjS
zM2l5JosREy77_$kz_#4(kzJSztPjTb4ZtSkUE@ybI`t1ZvG5ixspfcx*?oh6Jbp95
z1j#MU&`|Rb26E2*2a~xzm*XAZB7t69RH^f;7T~xi<)y-l*Lj|wJ%NP_Y~vqJNs@m`
z-oE)8>a)r4`QSj=Y=Vdh6bW{FR4TSBkrR(FGv~7*Hh1>cwMSssk}JH?#CMq>kZiHK
z?YNcrGIF5~^B3~%87~E_e=t#X;k;DGFkoJZD;;{#Iz0io+}|OC`)BQ@X}lV{z>?$u
z1O?@1IL{0*i(eR5Md(zmHLVyX(C1W?;YVF;>u}HiMq@WuFm{m?17%w<)qZ!!!yv5b
zGRbVkdy<mi`$_lLD`T(p#c<8y4CVs!$h$tbcdh9xIXtI^aRpJF!orFy_+Y`ViRl>`
z9^&OCSBE|Z-1ztGLaFSNyne)GL{akqdgw5^CrhkZbJ8m|g^_AL6<YJ8D72Q1#IPX4
zf~Y3LDi%2Lu|y?O?_k)6AY6W4SCl{KM%|_HV+5%$p=&8@M6~N~&<+rV>#fD%^~Fa=
z;BmG(&;RbrcpO@q1!M1Ue9$XSB%kqev}b9tdCv9&9v6Qdy<Sjj^}TwyT}%`OI(t7?
zZ;uSE{$6!>q<!|9&)rZYXdGF8*j!yde)8gL5Ubgt75Yxj<Qd8k6~_@z;>2Pw(Vil}
zh?UTqNTo9p?`FN{MDpEaFkuz~jr6$X#*%0etK_VcVG8|2j24ssM&qtiL@ZEz{o$?2
z^f&*fyjQ=rUujpou5BXao@bf&19Il=Q@S@d(SPIqnwqj)T)f-yJ;`Uq$86AiRqW?%
zbc(S1r+(KYe_G^5b*5AqF3qdW>VGAIE^(j(ey;8esorHXOe`~dr1fO`xqXWws1Xq?
zz$OL@KAJVYd9_yc@9S7oMbx&R<I4zi2)+Bi^6`w0fdRBXwx;G}Vys-;AN>;{AAhm5
z?(XgsjaRD|Ka>;a=k;7;)e$B0^xrprv0}%e|F)Z_pWn|jA$G$EY2Aj#4YT~Lv@?Us
z7YBc#SFe)APV^I1<sp8rATJaTZ8-W+2}c;Cuh^yM<f~SZk&C*pTJLd_K(-jO!@Bf4
zcJ8lRFF-dM;PRrA5)HmiV@BFSVzGb8ef))zuP+HQrcTbW3>hZN!fO5r-b3(1H6rp4
zYeC!KJPgA`m^9+gIqs(DFJe+omS0CEG&zdrb+50oO?n+F3RpUY!&Z8Skn#EST7ErG
zgIo9UB0p}k;m&V!pxR|-u=cYi7X5)a$-K^T4A3xmn7*Lw^%FTTsKJbDi-nO{g=<ox
zgiC64U?Oq9;^fmbC!BNH`lCALZP^O|<ts$G^5Bhnp*1|D9D6X=?f7GNn=Pg0@YL!=
zr&E^SE0Ry2B1m4wYKw4kcQX}Zlacvdt|QC;-t1rKo~d7Zy>3^xGXkHR@mcI6)IcoU
z8X5Spc31Ob7yS*m#|aup`{pS_Oz+OE_(23R7VwDs>>WRIUtePDIuT0n!*x1JD*QFs
zy?43R3M6BDTbkNs-Kp)U@|eH<E?bT*)!<EB-?Jo&%Ll&9CvgLV#Zs{9ths64^BX9}
zSSI4!#01rT5RSgxt5AgEZ?6|*Y}Kk}Appa)oc_AbAlmi;<hz;9JB!Du;Z@c8s2#yu
z-nZGACmZEV?K|pMcvk#nv0%}_t3Ud{iUpzTgoQR~s<Z)dpg9{#yS%4+e6DD)1{%ED
zEBWFL79@6){68DB28_alle$QRg};(nCOMoHLZN2%ikdDte9mQV1HQYy>L06eCjsU1
zm#nb{#WXYX&Kol4vV=FWKi%#bQx=(t9~cGcJn?g&oXoUOJk=D<_5+DNPvcg!A4sb9
zPA%76Ua92Q*b6iSyVfhoC(Y;1zw?4WQ!(7yWL931<NlCS^!H7q?!-NlLmwQpXaWh4
zS%#P9Ux1~1@Q>ec+G%#91#^uz;{$LTn?B@I^DIt6S3EG-aILphzT7j7aK!VW=;VzU
zbRIXcDECv80++<Zjonwqas6pH4#)|^M|i5rQys7842d7=klO|H=ux$N$<R+`LpT21
z=}P8$GpV6i$vMZzUI^cX9V<J0E=t5yN;Oth=o5z!orb?CE2}nQU}9v0{$HZf5d<*L
zV*c8$I=Xmjj~#5#lnlR7GbcD!ftaRH9CFY+LJ%4qgpWXlM9f>Ai4JE*2x)9KZ8tX8
zt+jqSxS_DtQ;pKesVOmw8D5Ng)jU7mfI6b4B}UPWuw^D=@wS)){j(gcBn!TshxS73
z*;+&o3$!$A>;;<%k4ylIEYQrV%)=*^Lpz^RRNWE2{eXlO{XVj<5dHNHI~ah)r%P91
z)7=)(`<6_aLYA+OiXcYKiM9$Xn3<=(Mw%Ez*JX!$z5G|@BX*$wpNy7w+@m~I>*`nE
zc(c9<7EV*Eb4OKFxKGLc`NHPYA3>Bad*vc`Qfi;npJXF16KoxYnhq4{vZ{M3T4pIt
z@u{<5TL?5oy{i@0n{SVbGU?<Z9?v!;hI?-h|0o~yM`*XU`Xz8h!7W+d<X6a}!05Ny
zH_l<ye<5qo=xSCYy;s%Z9Q9u0%@^s-!m|)4;^dof)%Nw6$LY9$h#lWFB$^<|8|jD9
z&+WvPGs}JVHbj<tVTi!4EnRoPe=*k_j-)AJm`*=I4jfqT>LAz)IE<8|Juf$KYU#FX
zjSI<ZtE^N;Ior%#eunM@iM^3@uQIA_Rzz|6JM?@uZEGrk6Dd+1L`ff*^pkVORw!Gh
zM6+|Kg8OA`XDhvn2KAza8kgEn+aR8=*)CX$6o=cgm={gJqUYJMj#GL|q=tC|Z`+MB
z?mW4~0N>jW+heMI>eIB|<jc#ihJJFOBQ7>@qD!&!#H6H9A*N~ap5kb1w7e;($!Yqw
znBit2rx(4S4Y;H@ycn|2oGA%RF%oW!AX`fK{fe)Bhcd(->C2z7ErQXAFm%&u761DE
zRhh}P3PI=}0O6b|oQ@g<#4hB-a{Wj<bw+`s6KNeuEc}waZjrj!EZty1!f*HkAKXx&
zJUgTxir+{@ZjtsMNxcffSzF&YC=Ffxoi~jEhsU#~`Z1<VHPbX&Ke@V0&<mnmqPtdb
zb<iY`SPUk7LT1q%(@j?zB<)(~iH3boHsczNq1Ty!V*yRFG;_>M(7|kAJN=rS!v%x>
zsQliKwf`Q8k!W)5YGnv>*o$y!IXR4IRNoqxKKV|?`B!=zy=d}Ug((H{gz2{X`QSm_
z-WgeNZr+IiwJRxA`##>&OretS>^2%#FEsSuHX@81trkhYLi@lf=@>vF&iKV=+K8@i
z3;4Xc()nOqAD^&!rt=&?0+JxN_{YTB2U<0fY}_s+R5QyYUot5>U^<{ND*bVPog`bs
z9d4U}LZue8IJF>Geb^i@{1bmgwVOlSH;@uX6>jZAg<QA!$8Qk^BW$|Q{rM9wrlA9t
z2u-dLh!3w>1!S68-`m&-BVUhE2-2oUVF4$H&<n#a`ZvN5c7alhiq<~}wz@gN#970g
zh9Eh^R=GW)lz9R}+@t_=_2RUsuk*0;cfi6X87U+A`f2`WmJ974P9HHVS_tBXygxq5
zpKr1F*BA?ZVH4VP<NXuv8XkP1Hl7KoJ1N}7n-^;#h(DKmuW`H3tx4YdadW~dwH1)*
zAGN#C`7Bmgp800}Z*x8`3O1Z+BI53YXvaH&hzqeso+ft$j4$`1E{u_proI?jeSJg%
z&R<7{QfuAZk%}){<3*(%+JtUj9Gjd1Q(nL*5noXkCfa|`Ln=iD`5IjwFz^2%h^$*m
zO7{A2zQy`-cLMhxYE9qC^#YFlg}sh4qzD(Q96PR?S7>BoA76_*sj9j>-Fu{iz{Liv
ze83kdO&#xRTy5s+s(~CI6Xn|UWyeR2X$@b|yO=AWJj#G&q}UI>+OUV+_hN@Y(Ytq}
zl|E2G%2ue`K<xV6%2Rso<iz4YeTOfs6?a@=Y*n=>>O|YQHZ<ia6*$X&<tQ3%z>@!s
z&b)?D|3KfeWU$WAV8*2t#HqwJr)_Y?n|pc9jY(tXG8;VwXqgaOjCeUq^{;q}gfSCx
zNG7bL8?3~&9K&yor#quwPXBDzp(d`$Io5lV;t4mR;LP4@_|PF#_-8+;&rO!(fMV7~
zL?MX%4W{by>fb10L*UcW*582(-8=P_2a}V0EhEAw!*40K(G<^&VneVm7!$ZYTTr?S
z1bI&-u@KvN!Y*s0ov`1J6Ne}t42x{@uy6JA>+>Gb;nbi-Wu3Vb8z>5uJ2FV+UQk23
zaGhrpJLRU0A2ro+*G4Va##m%5NnMRBu!gTYW3L2ZEUD{M#Q?Dbs=8=zwy+>D&(WkI
zcw3V%0hxyE%#z+t5MNHXVn}1?Vf<h1R#8zqrK1pO&v)}O5SKsOc~cw^oBqg4U;H@m
z&))DUvHd2*{Du780$p)yr500ltW4o|1Ft22qwMV36f2{op`EFCxsc=Is=izuI1%^V
zuQU391(>O+5GqYAF?mfQr7J%rt{}*ciZRJWFg#oQYQ!Udpscs_`DDm@O7I|^c<eN?
zF-x9_uOsdqRaytdl(-yGYv9h&s<d2CQbGs@nS-s;R2Ip6fd-L7Q-f6K#zuU7jV@lP
z8YT=St77R7(wRH^#9SA>{)avqoEWwk`sjWjR=S)GXAZlja~58SenAM%`BiO?xng5u
z1(}(pJPCgaX*E$~S>E)v;UqCDud0&Bj4q%&>+=0e<x5ntp`|{#YdMQ~1HRUnV>$K$
zBj-3@hU%xKidz`XYOf}_0`u{r7v{<1y>NeK?e`=7A)>w1)BDYpxj7ibGpS~hkf8)<
zIL-X*WaBXF5@V$rEA|rK`xcUqP2DfG*;I4S<QuyVcU&$DYtXJ9q{p&{Gt=Z}@epSg
ze8cDI+0`#sctBW=7k7Q-8g0<arTh~*TPM?F9@PDRcsk2~IJTx+5AMO;Be=U0AV>%n
z+}+(B8Yg&ghv328Wgu8^g1ftG(1APWobSDV`geEj-CL?wJ*xz-g$1rF!{&7!)pu;R
z<92&CSLX}2_Y%j||GzmvZ69BdyKQN%0iAzN{n1dAR(01|W2%q{A0Ozuw#Uj+RI)Xf
z)O>`eZ>!z1jY=sVEBM~5AD7qex!p$OIldw3Dz|a2Lcei}oP@07!3&`qN)z;vrN^ly
zsyfDrk@~FdzhO@wN{xYT;*XOPjvZt2>FsrD>#U^HL3Z^*pGUL7_@h}AQXLO)-YYxs
zU6z%v7`yg6gJ$zPL?{)r=et>>b?4#XVK#I7s%WNG#~fF(tWp+AnfY|~s%AW0|0w#O
z8!YjppK;MsjvcZewl44U$2XKgL{a^8O|FT!ihY+W=%I3kdv1R*VU)5&J~1R~UQy3t
z8Sf`xvS;|BfAn-Y%dO%MY@6!_PR}GfMte$)uFC@F^8ypT?u=mi)z(&U&JC3)v<7;<
zk7cLwobmq#?s#IYK}VAySrK+86#ea=8ayB-WZ>k!-ddRN@~-OnAcE3ycd7X@Y>knx
z5>l}T!aU=5CQPw2i9&9Q4#d*r_~qHu(<B%duW|QVTTplr*3a#}tT)dVu#VH9Op&*V
zIesd{fMZCOA{EKQTeO5H{iaFqS@74V+JHZ66al(pvfK>GRIn{5&l#II8RdTa9&poH
z5(&jZWCYpJgD2|kuep@5Oc8cIzJPr%b|`Eg7z-D5c5-l-C~|1sx<Xoi(E%TJ-mJJt
zB~!vf9=d45!o$q{?@qx$a{HFNLl&RY^ni!{^=6!DQ4+6UY`p+MRISxEipS0Et;kIW
z>_#xAh$bx58kDXG`e;ZuL!a)RM16-n_^m(a^|(|SrFbai;m_{`q@!~grb7qrre@}7
zRnmOTEU>|Jx2zO<L!1%GO`ouOl`b(KhxWEtP8$>tbY{1B*$b$sL}fCQpVD)vOb7ay
zOCOLCq3ZS}<R9%E93H1P`%@cG;Y3h}P$kPkzpd}`n779K)TyD_qt0nMqC&qj>@0`k
zL|d)aN{X%-{hWtwGCcdp$ojqGN?Uj^izWwWy=w!jh;8;<hH=l=?z|7=-Jb?4LBH_D
z-aA67=P2Yef`E2u2a969>4iPs`OfULNO4`4UX|BhFNcsAv;8+YgW%j}{4IB~0)vaP
zdVS~>Gc1v%mnh-j=iZS@lZ*K4N;iSDd7R^Nmrgp9ywmkrCcoYN=s=yERm#)gc@G;x
z)nCVFhGI5$Ha@;iOsrWGn2p6**&enSiTr+#O1O2Q1Hi@!iQ1BeDs<z*w)m@^4pO(v
z@=`=P0cZc)`eY6V5eT{|4X1<Ldfi-$|3=WS=Z#qN`{}W>^|vBU;Z`g7{~LXEj`WVr
z1dUE-X+;m-u5%B#S1;%UFoqhZM1_SRPMjVdzDU`P!h(v6OQfN|y$Pa&bMSpJ<;y)#
zUTozrLGR|wMY8(~ZJhNVi!c)EPnQoJh}X2D4?_)eZRFk2QlCqvUD<-I&<peku^X{#
zk$*lg&ljnPH8mEDG<G9Ti#G&Jb0+-222n3BP0oZ(Tcbo`+1VWw;1Y$2DbAQdeZ%g%
z;*=xfFE8VvEH(cMvk8wlMW#0a5uQM_vKhfM2N8SNoW0?5w|?x|a__|w^G{>!<yfUk
z#QD88mWWRox1<V%+EB#Z6&d+I7>+-pY<<vPmTywV?-M?^wLJzMIacnuohHZ@v5#_u
zv47L>%WBH;SI%DDNTp8^!ny2!LSn%qE4GL#ShgQ!B^EF&MzZHfJY8Zmg$JrWrn}6>
zipwM^nckqU12=*lrxoikhFZ(cFNXb;PLQ6sgcu92yStYFD83#1ZSHYLu=&-OM^a%+
zf1ibgBnPg0Hv-@GU{R(lVXq^vGUg$6|6>027N$$^!7e(whtk1|GT2TcW_R81Mliay
zKvR~gvAfPL-#qIwU3>YH6(CgeBvHR>vX6gh0&}iemYw}m5-#e2z|Mq(Q~r#Ycym=x
zkBwVxxrnOOhu6Soo3vG!^9%5{XCPgxE>zq^2S!Mp&QNC25yahwO*dtWf|l|ogb-F;
zDyBL_(gK=D7VoV25JG2NS>3V~Ir4H0EtB$(yXirDhY&-t6k+dPfPLOBvxW-RP%IzN
z8!|pi8l20%z8ySThecg73W}FRO(yTbYd;KUC|GJ636tUzvX~A-=y4mgMe>h*GP@jZ
zfp))a6GCog0$noODUrDYuM}4#H($smUtdKoYa~BOEo>?~{@~G(q`3=PtXV@5dt+!G
z_YiW$NdyNU-#3F}V8+AL_gVi(W6!Ezy4+BDx*pk2L1n~rTJVhH)>7NkPdqf$Z1~m_
zqq)j;EZ3;%x$(AJTIEV_JT!#AXNyD7#;8`^6xpJnb9&kSx15|RWFoEs*^0tp>OnGG
zJ!P}U-<6Fs2#$HOKK9=cFV+(V%w{S|B8%+}vHnTdf6Os+0nBJ<ubat_Db}v*03k!S
z8*&7;VVokj%HSiaNpTc}roDR6C)LVx@W=DT=Rw=gS<!OcoxAN`gY)YOLnvqSp7zmx
zxKH0AiC9mC9M&%Nr=Pr4zjEeKBK^>1z6QGP-6`l+!&e;~r-l<f&$WOlP4JQ0!wFn&
zP?{7m3H65*z$mdn`9w(BCiCaBgQ%YV*Q&c1^9$T4KHCP@4qZ+VoDxA0WDz~?_IAug
zvvcS(&fQ8cBW=mT%?!(M+zAMp*J<n0?}E%EzJC`Vb}V;%nIndD0I8MPyifB|)N~C)
z#b=m_f`!dJvUC6zKUDkgg1hz-H2ln_2XNoaq`G+k9;}P>YmxXPkV@!j974+K2l0Ty
zHgBO2)<;R|kSE_<Fbdhj<2+d3@7!nI2J_~&*5h3N@$vB>i>S!dO}sX!wF9kMImG%4
zX#3>--jx~KOq75?3<JT#=EUFn3SMqr@h~hRY_#3E0Xe&3MfwHqltKMkbSvVY@hEaI
zn%BVcMmogL6IVrM#MFyvWN$3<SP#6x_r_z@<($xpIN5GF=HZHVjkw)vVl85wZ@VG%
zT{OncU5$l9m^(OxZL30Xo6P@ju!FPb{&vNhFY3dIzJl<!kZeD!kGp8Bj@v@ZB^UZO
zR@XWAO5@xa;=6bvagr0ydlBy^#KoFR)qLO&(e!j&0;`l$HmYzh<Dp(H$uq~hX{Wg=
zttI~KEQaqxNiPppl%{3pq&3&VQff+Z!YShUNt8F+MA#=eUXc^4ms)GBx2rI|nd~Bd
zdxR}Fv0sP|g+}F7*0<GiefUdma});Bi)iOYw1h3Nx%b)=s}BM4SEtw1){`i3&msWX
zcb@;9Ep&GN!=r_Q7li#kF+n))vf>`6g@4XZ{^qg$vlpiJGDTxI89b^`$rZVThNYH=
zNspgy5Wj8C-_@en$^;F{LnV4HC{#94pIRPkr5~EtMDlTQd&*=tDad<CNu{k~6f0Hi
zf)s|q4$GtJ3=M<ZE?|zE31B^MJu=O0BrLmtfr&>V6cztS5-u=2aD84|=g_t7(ikec
z`E}=uvf<UG<Xt6gMje7ElHbS!^C9HEsDn^$W2oBywtQdLZB|X9$qtHvb6j2``gZcR
zx*jiv#kBU@>S}04mhC0x2lLU71MfVi35GdZUvw}>4f;7g-!^|8N&=j&iX@r3>HfI&
z8p@QtLtTUgIFe!UiqCNxxk;BsvfP)fVvc4dprkI!r$NQl)`fmGvb(Sn_t@8gQrhYt
zZkl|(-{0e$n!5WY{7rn#8h@cyw-ZT*2vTfJs`wD=&Pq^we0N>eHm-$NEBUpvL&T_2
zWpTbXnBiOU0BUib^#)>NDasn<Zw^n6ER21T%vi@x7Q{|8voI_i5U8#XMB`<$x|Jp7
zcCYXU2I_oR{azClm+j@6nA^u?-8!P4D;kCqthtDa6;N@DR)3TUQ{Ug~QEujARByC&
zQ3-gMEi=4qe|U`>Ie)~U@gDGEY7U0me)76rYQEUpUY8X}*9ROcwv`7H>+AUrQ4Pq!
z@!~>pi!AJKX<l8IO0?2*;Le0`+aDG>=c$*2k>BJYU~|e2+gq46%$+IyZg+Q>h!$Gq
z&e>Ca4#$mP&A$hak?ZlM`=XT@xMA!ajhd4p)+eI^dX-lc^u%S-qciH3Yt@YK&8!CF
zydLNIopWZ2od9afOKZPrmWRSvU7_hD&hoD<j(-b~NmP6jJ?%TQ)vD{@!|;C3w>jS=
z3(BAwu!i3}YpmB<@*A~KisEVe!(Jwm!Q)ga6o9MF#?CVU#n}=0oM6qyiqH|TX}rlV
zqgNHK=}Afp?);ffW?d*}T0^*m>$yEGcB@4$XPXFov&y%Hn??74=Eqcik8>UU#=94(
z#fNwnsJJK;B&ES+d%jB~N*UrX34#jpaF?4dg)ocoFhy>D6AnvbGA{vH+n%CX87yS0
z^$yO4t4nJGY({Pv7=P=090LDt`O8#nwWt_~+j}P*#!Ey~q?tOJv0CrZD+u3;OG)3=
zI-CP0h11zLf8TJjJH01DYO(@)C2Smr&B#hd_n0lFSA~Da$NLQ7apQ&ucgNvQw5Mru
zAoN3`_fnizmWrhP`5g@--@U8P^`gPNdeHzL59nW;ZYg+QyBF2_f8gAH9qvt{X^PGd
z8Hi($t%Zep>rh@)uD`Ne%3!6{=efK)*Y*PN4M-rcc6z4`<qF=@keg3F`#rjFIiWox
z>fkJLl{mJXtWQKgK6LoqduYwG&kuQ&YVTyPKMOlwl9_+{F-b(!H_E41OYw%H%+0G1
zf+;+WUM~Df!rVt`U1`SXin52<u5M6F;!Ef&v&e%fAAK#YeT_K1<4b*5=7v}qh;sqd
zTs>5&pR9F8HQ4bIN0AiG!d?i?Sp;k^8@I1>aom2?l>2WF`2xKsjw5>8R8xVf9xkNs
zgV$e0*FU+Goj;`y=6crEK&#S-Iy~~QYTZa%@DRw{Q%LztiUw%^2-Dy2q!rY?+HEp#
z06>bNNIrMhhUP?>q6?uoigrM5mN+j<H!y45u=1c^5Ub&d14-a(D^9-Z8=;y4mETo7
z6^+44W%*YhlJ<=<a2U;@>Y1)LkC*STC5nwVT0Es`*~?(qh8J}mqyG?J2#s!1sMZEe
zMmDG!+vSfQmgL6nd&$rfXQ%!4zkmQQ=}TieKkRt-AT~fd<ovwT;T5<Y2^ajvd=RWu
zW4y>AMfrjnY|({eRJ`E(GU9bmvQEqCloao`eZx#?dcKy+Cge)s*I7-InO+Qb_<$`K
ztHNv|6ZJ_*9(YAXMAArPHP!4i=ZsA>n?HNa(`-y9M}sBj$#H>Ml^E$6;e5Q%(Cj*S
zMo<#4pcFh2WJ^v@8wG%?bP>5^GT&7EbqG~aR?Qd0<TS<EJ7@)e8ab?(bDE&N#G@9X
zqv0}UHgA;PBTT<5D`#O&#5s6L7U#G9M5lUXEBKlr8Rs_CZPV&;M3J-`j8axX&yBIF
zaa-20%?KU|9)}Q-<1l}`haLGgNpNWVctBUc8UB$-@pLWc0T|-!97xO_UWhflDqp%?
zE6eP%bGuKBYH>`lbU%PiWi``MP2O5h+R~vz4B!gl$Z#^OOA%F0ne~*CMX+OJrvIw%
z26Mq3o3}r~S!h_q{KCXU^WQFl1VF^URm0G7!BKTvyxv~l-VLHw-p=c+--Q{;Syv{?
z(ob`ZX#o@0-i1k8AL)vwimenLyVmm>d7x5;)zkn?T}Th6kd4V_V)!21A!uH(LSQ#Z
zB@D_b{}8Pi-HY_*yUhEv6+h876MXR{B5}j&lb$2Fx2X7^szQu@Q+*DsP{m$+EA=*L
zHvO0N7c8r&_#*{zF4zb<b01jTz?@O|WeF2XWqJS|<F6xa{2AVq23sQSTVcc*y423S
zw*rEKq>xv?eI(Jx5(j^X&AJ{c2xffQR5)cM8K^E0&N(=iX9clLb6rIHGdzLCZ7;~s
z8O2}A8dafP2r9Tc794cgv<4JK+BsC&M;{1|f0WyN@5<Tj+qOf;tS;y*!0fHLguqHm
zQ2@rS&PfpkoJrSSCzjD;ItD%68QWs5qbsjpqsLPd<oZ&4*)T<1zjZ#*y#AeVNb?^c
zmx%R){HZl_5WGG)I{8gf3ZMLK{wM5ha$JdSSy^NO8HL~l5vIrk7HK$-^L3)=ZiY`&
zd~JP87#fcGs@6D#K<YK(gu#s_<PVHU?Gs?4>ID0EwNVQvNMwo(7wiE6i|&-9QyRIV
zh7f=M9wC-FJ6?CdhV)lBwp!?;fq;w7?c_wF6=3jNr!Yw)uaUo+F-20B52MiA`{8Ke
zYm#zW<AF1V40R2Nu;;xaeA=fCs&6t8TIcs<e-1W;3@Wb%m}#*E9YKmV9ZS4jInO}K
zE54(+&(<GNqFgTrP1XNfY*G#U`*mcCrrK@Z=;w1=RpM$N_Zg3{0NX`c>vuj$%69*#
z8b-Gjg<7{xQnL;#_1XsnJP#aSlN~yZz0JMdp$v#7ofJ1~CW5D{IKWk9Z_yRx(%st)
z0idQ#tw)2RFHQ~y(n!H0Kx)0mz5?{bJ2t+k_j9wp`|?{u|0HZj?a4F4s<~ODSON}q
zea%}Msji?j`T#;u9RgaAFvziNfgNozvGDQ0D1`dZMcQ-r3r~&t7>N)o5$|2Co{!Y)
zjvjE2$^GQ|*{+@4V8Pw&DA;4I{*JR#m_95_fS_VJMS*QMNB(jXz>HsbCQMV0gbuyf
z{07HgVQ0~YMdGXa@AB`{=|y6xDc)N5lbC>Idkc@$oO~%u@_)-K^8OXB@g^V4e#9{@
z<?{536cmx=cA{84EE4pmAf33{87~MgDMq7&cv1e$B=Y>y;j(CHwdeR=t7fRU%*9nT
zccA;w^?vgPv*j=s=)yz^JV7u*3!(1*-clzH41(fDMWW3#@0XCo3MhqC($M>mhEkkk
zvQ*`g?t^vwF}31}KEtfS+Rf6*AZ3eqNcp5u5cfDSQbjxbv!1j{tSh=RaK^pI0b;h!
ztzf$5kc}`jpYARrG&(apfb;ewq3S>E)5fPrZl{Ft<pe;}u}XLAAms$jgo)gk8eDm?
zo3@Jd%wG+y4(k6~N%~7RH}hgt<j;La>SSneM$Kc#tdwO3XlX?Ak{;ht_YD`Am;k03
z1BzD<zp|mJd0E+qCll#GQL2!8GOR|Xk+qu5d$aBr3tUj=(i?|GF!1UG<poGL>-*i#
z{sorYj?>5}rESKPHrY(JF^#jItY`k9hf&vPcx=n>D76mPV*cPxIX3Y^)sd~)Wmiv0
z>&@O^oLO_qhmbcAQf|$t(T|Hf+3L>sv!R>UX`P2n`0m98mRdN+Lvsy)`*L!}X&2I)
zoOW)CyaJQWpA@Tl<U4hQN`431u2~n$-vQ13$u`^royL>`9}j2KdEA|18t9!@5l}fr
z_G479_w6;GT5aU<?}v<vT%I4yAh<RcrLHuoRyi-9wi63y`0Y25UW?wf)W+$*6s3>l
zg6~(&jgAZo6w=GAlp=W=IV<}szu^%%O?H6<1H=oZ9z;@V#H?RV;>#yV1S;Ol0VTX_
z+hdLm0+Cp-gVoA;LK^!F!RuVcM1|!&c*uEwxJgF`^2e;D<)E7t1&ong9>n80pV;F|
z?R_ozP+w;9aqg0@Rn%>7iL;l&Qght7t`maC=y*aYAMzh~>o(%63|O&GcD808WqOXr
zSrD(iV%P5K4GWWLzyLdPl5!0{V5aA?_$OW1i2Xm6lgMX!Ql)nxhQ|-Al{qa|+kbM`
zo<$kmg&r5!o3pdCZ-pnWLBj0(S_I-7e6h}Y%?u%iw!SNOYFL*H@Skj#eR(E2yXu85
zKsAq0a~vYR{VW$A`_(qJ9LK58E5IN*`Wwsw#)Nco50l2~j|(X8u>kUuk8W+A()C{`
zyOa9t&_uTibZrhZ7qACU<no=(Iu75`N&1|zEAZuoe;F6Top-|)-*^%+cpjd&zaLHo
z-zS#1ylUUX(&mtLf-9L*g!U`AKfOgeH)&&z!R<`Dlm<&Vl!#Y6;L0%$*WJ?A*+L?q
z1Dr-oO3f=Q#-BS_4hUFQ#)pZ$&!Jje`|NWLBKLz^s3kFd#J^cPPEU(}|HMjzQ=963
zt_vmJt&POTFHShLv%f+NZt~9VS94b!ufX<x@|%-z)ry36x)R%(FV6zXVjJU<u%6Q(
z5zD-<%De*K=U`Fo<Ny5n`hCMoMAmY+Y=s0wzC(k;kdNJ!59o_p8)7vlG^lOM$&<l^
zNIj*Vb<v1kgNHhDj=?KjJN~=nH?<%oMoF(%f8__ER9BCJckUnu@2cTBgZEwmB{nKW
zbTMRR&c?7Mnz|t0%Gi9wCfB}m|EGn~@LzBLyGuOdh;MkUfj{6xfD@G0&~5dt^@{Km
zg&t<sL4ckty^TB1wPa=ELZ`*~2+V|=-sL^6;tS{GtY@m#O}%%QeD1r(L_Zy<pry#*
zb>fvwyU{v%L6m0zH#|-$C&%1&USWWNr*=1!T`;VNi%oEgsFcpXYYNn?4mvrO`_9aV
zCp)X|Dn(;ATJ^p~WK9)D%_&|#;x{x;pr5jX4^(?1#LK`BqDbxD&&l(yUgoSnbuyx4
z*g|yu_HEla+z>8iEBDDKv@9yL>z?o{xmC7(WbPFcj<iCF{LzSNbI+lLjGOrC@3||A
zU#m*mUt2!FiGaukw>QbdTX&oE;-J#;0oJV-?&Et_J(jJ|-Z%m&%5`M6Z0Dad)HM+)
zfa~=}Tcf4^a?MxeO<7D+tPUeOI0+KEFPon!Kj4WYH>5>*Vrd6ZYMM+DS}MLveowuH
zt|~|$H;19~5W6~WDtc#Yx`9+sI~KO#pV!d%9>l}%DvO+ygmGUE_XFu3-tKW_$+sC1
zQ0t!0C{q@@b+prJ^jcjKIa(&0rx3lb0~)+mQXq-;noR%gyejKYFY>SV8xok{k{2)(
z(_J=uG!|ym(SPUnv?!qP7F$Dy$D!*WKUMESbOHecTNscE0`s%6T@3$Y(0!oQWQ@=*
zExqWppWRaRrB&B_e>}UvVMW&VA%$f3^T`<=hjAVQi~bM{?N9dx^v?!5K(y@;wZWxz
z4Rt&_DW_F|Zw#->r`Zi9^EgAY2V$rnB}GZLyLQ1?u9?<~>v5%z|9&JR%LgJ(Xwyk8
zR0!&pZAW@8y8pq3|EYp|(45a8KHE2;MdagK<-i;??9v#lLsa|hiWt9&ED&p!mFtUB
z+OtEXLQ;a}XPt?#4`TKBz>ED$Zi!UGoP~WmyXcjz(2AQu2NTHzxn~()mkYv2>Miz6
z*F8~)0P-+D7M{4FCQTJGtT<NVZ*`O@<gA`YU+O+x<SN)oR}j!8^_W1!?rmZG({|GD
zJHf!LPm@KJ7Y{f9^ZnL7sqA|6)Ih#k_o&05hRKZAS#Efa3q;!xsLCmmzb4JioUi5&
z8=0;hnohjBM|(3d8rE;}Px=<}2-<Kd+J^%nOu}^Fd5&CMT!iLAPAq)XEA+>H@4RoP
zfOgmA1z-h1N%mVMh%%Kc(X;GIobKJx((%{@*c(P@2VXw@=A-axCa5^3Pdd(vR7=vx
z)EL@SJjv_L-Q5DBSc}16%JsWH+9p~A1~20tl%0QB*Y2L6uwbJge<yz<yLOJ-Qp-N?
z{m-<_+rO^kM2k5!Qgw!u$4@2hwV1Au^CEP5tddsfw9#~xEem2ay}8vJPKmR>6m2=*
zbw0J6zrfY!?B{|{2c8Qi%!{?|&K;s9ufxw-6oncQD(L|!p<>*@fbNWUbVZ*?#oQb@
ziL8mEo68GxmeuE0L=k?KzyMD81r`iJ<APL$)$!+x^?rX1a-vuV;YxQ1@@~kNt`l#k
zwXyp02&E2qde?<OGow%ps$q2*Aq-esdp&2tPeC@P$?H{>g^A?fi%Eaw`Sbjp$iweg
z>GfM(fD&pWR+`vk+Xc1DV|hN`M+MmsNfSE0arA=n|L6W;aKV-2IEDQth$348=N?`<
z*)G$hjyPRxh;_(h>~vedg_Os~Km4gIwwub0O`vbZV;Jv{)j1XL<dnWBj>B?u$?|_Z
zv|VaIspPIYHr67D-7kGTpU&;vRiS)p#{>a!aQznBznb;ZACX2ls<i9d!qFxSz?O!;
zT`CU`VVl>wqB@^wrOVY`lP7qdxv4JD9I(v2o^96daZ_z}zt;L*VaFw$G6!^<W8sBa
zf+(aWMU;4ZsN}1t--1Ma*^<O8c%&Fi@)=oV$_pFYEGPbsu1@SiI#@}L6N)dtmw5vt
z8T-8L!0m*K9pq-}^o1Z$s2Sy@Oy2PuUe;W4i<O^hhyBP4Ju4Hzf5EHPvG0VmE!%^)
zArrSwQ-=+}@Q{wa``VX@&f8Y_ZUK0AkOgctC%VaTJJep5TSLz+`OrqbRM&j{Y?Uuo
zLWrV7xfE)i&F6Z6l|u{_{Q+_5meNFs?rp(qO<WJop`$Z=mNA*R1B`oY3|e!QI)g{E
z<yy7I2s!(kUiwN1Rz%U`qxVpI;QMRQ$2s5yw+4w$G?UkLIk~hPUBbVkoYN@F`wA5*
zbzS6ihRekee*SGl;d_sjs1hnIGy$wa4@==W$0k)zCG~5S=705AfsQ%^r6!>|c3w-;
z7G&fmbqv-V_$6dr@jUp_X!+%e7`2}d4pVC}W%><I8T&7fptHJyFyh9pO|_NzW>_k2
zL+COqfcX3X6&b3}vs!1qge5_EHKHf{`Iz4P8?kxmS?k-~JJE}cxY+1uM7yFKv#?2R
z6Pck5?sD4pHbB6j&3Cabdx9G@ms%7U(>)T1)@-|2cL>oiSoMGTqW?AoYt)<rTKDR|
z7CPES)?mOlx3C!64I-(r<@q8ljT9;#Xvz_x9NE<+vb3}WwSVY#TSdI5r!rn{kv(*P
z?35Jn`ktIu3p#Fe%frJ^&hBq*LjPzt7Dp2fY%LKkU}3yiUZTQa{x!=iMc9XS;c@{v
zJZ@Bpj_(!r`4Aee-F?RTs;8My3IEFj4N3nK-8{I0GD{ykySTdD3ANKX0Fg`Wngul&
zQ3k#=Uy{QDduW!2=Ok$EO2S8k>!H?QAoZ&2?@ephl)+zyvq*KMN$H7lSbLBm?lUuL
zfczPdi>6s@>L%bm!I9aV1(@!A)WrLDC#p_um_xi6%-PQ_XtXDf+gSV#qgs@-4o&9k
zh<~$)A<RK3lM2M|KJ51DE+vGX$J{i40|y-1oEovT;-Qlhro_a=q!F_a<S?IlCbVg;
zTBayXra6%C5BAvV^CxIE(rQ^|M4Y}K7`t1^e0VMqy{@FCykDG07WkR7MfA>3=nK{Y
zVh84ZVr;CZtz}KH8e^MgV_l{y!y|YN;L+II=&|}snYDMInR0me%da~ZdMX2sSsACR
zAUhBH5nBhe^a{4(<x(PaS`=o>gY5X))@8*R>pV(mOw3rwZ`Fc5`>E8ek1(YGlB$GS
zAYOkH(q8TL((O*aIz9X16T1zm)VOU^!+6dp4^YE>Zghv^Wc}4V^dN!S$%OA`Y_{Tg
zKG!=fiV@ZQkM8ub5lQTcm}8dpmlcU)DAv*9+9l_QNghLPM-oRK$F0ou$GO?m&O`a3
zR0GdEx%W6w^d!~pwJHO??>qpNY70>eI+2ml9`It)V;2*@?=>{$*<SY=Ih}5Pz7KC+
z0VecbQBJ5FA+i%N@|0-sPk}ap%_Rw63#wTq6%{kOa`3XVQKk-wBJQW9-BL%?I2Jjk
zrx9pquA>!q(x4TT35~xX$`yB$7aK4`y8G#%f`H!95fa93#|)!_JHUllXBTfn#{@)J
znj6toEU@gBv&w*P(pTqq>cQ3q<I4id)sn;I3~H|*Vz&qO`2)NoL_nE1;#1ho=F?4=
z+et&x2J8Y)N}4;++QmO2>N0<Q?MCD!#44C35G}0D+uHj&4XCumFSTnE<1mreo+}mO
zO(fKDEKl{<txy9nr&^{qoQx`>bm`}}aggSHzlKzIx9Ya9qIlwYpx><75=ZrWn@VY8
z|781I3$X_`;11e{Ay4zxP9pde9iwS_Ix)ZCoq~|Pi4KkO_^L<|m)d-RuKSSrNOasj
zpQ~xup8{f3gngKe`ff19;pxtYrSb8xUZMW^*K(orIN=hY!xHkXt!VM5dQO^&@Cc!L
z#gE2uYi4(P<}T*dlYIbxrOTph`Dv*+Mep{FL6m%KiMpruU}P+5DO_HPvb0_OTa0*V
z$M@#LI$_&;gcE#xw=$ZhA^%3gKpJF=&_iJu&`qoh$Alyh*kVK!KbFbcOdLjygoHE(
z?Lgd*0{V^3ptaq^?)N<xE<V=X9!WpSn!8<eSD##h4AEQQTZme)G@sCUnc<pYJwWSA
z&|!=q^p@g3t5zv@H%MHk^f!abPyPwKfdR-iw8s_WdFo?Fit@(<!vMB$!<JTYjM&JJ
zh-szJT^pIV95I9zi!b-KZNv1m?Wfr3iybxZUT>|zKP%<GO)l0TT{&}%@3ujjf4rNm
z)chmV+EXVOVM+gakO8U@gugzoUC;daFmYXR3n$<kohL2~_GTl&pQsVix_}53DWibv
z|JB1BqX#e>(t`5bOl}sJgjTPB<0#3QaBsW9CC$;>R|D1W2WJs1Ef!yV_lQ`x_pFYE
zDjGM@1ZH3-agF_7tSRWV8+O2RLLQ@qHeRgoz5j~4u>m+kj7NB}p>?j|iWHLfJwl~D
zKbfm53wD1IMok9bz#`CnrCj|oBO3KMSuOjGkOqqfCfCyIl1DL9<+`p&zpu<{DJvtD
z`%D8l1e`Ldfh6)LVIsP?v{q)#22re2M#P39XwiV_JoF>czp=mp**ZV=k<D-iOjPvb
zpe)S*J+F<WJSZu|-qbU6*a6wB-AJ1#fwbMYu+W-fZmZi28VsV&k81zbN>+WBh|=2M
zBQ3X*D*`8W*E0@Y{JavIXe5Xx+tv1NGK4PGIpagtp@&{?tXt2KSbsmMcs%y~qQoD2
zsLZKIDP4pO9=of^+0O`9ceg2Z`@L&UrOJ&3%upl$yEdbtgECjT5bv!T#6Yeob7|T(
zI>D8VP02J{Hg=3fb_Pb}8}+3<s@kNtN1G(w^z<RD@Hu$DxC<RIsLPbMWS|cvd~rT;
zC4A&&gf|cxELAWAl_ngxpNz2JFjPm82g~YVJ;R4MiokHL4dHR6Sk>;c{xq65z+NH+
z#`;);a8KZ(q(fezP8($cRi@)>62SEuxKY`{g6Akn+-mA|u5@gyhdhXwMFq64GpCcv
zm~&S@TxHMw-`iJ<faZFt5pCU?Cq9`l#1#E$n){SA_q8bEu`9M!w%^xaP}g8ksK_{{
zx*%r`+rUbP-mVlxK)TNegeWO*5G%KY;l<L2nvm2P%YNm-_{vknq!UI*s+?5x<86pz
zVK=t8DniT5s@SJaR4us2RG1+7ScB^?3zjfl$XIr=wNw#%50$Lj=Dfvkn8qeGP!imc
z!wwiH#&j->?fvO(K0?aG4Kbdz11B{5#yGUkG_L({neP-DK{v){K=M3n7zWX^8hj5@
z!B^_NUdL-pjCT5o*(;LEVyg}-t-_{N<th1x(wqrd`Dx`ZYc?;`Q;vud(ro`!^!!6%
zYEWL@8_tl4ezCHRfsR&LQtXo~^kZrD3_g_Q$f^k^yZR=(3Mc>cjx4LbO!{@r-8Ch4
zSiL{&M-Q(YM2!FxC#8jT^Sp1OZ?qd0?@K}$!SY)EjxdrWIgKT$5}AO-P4!8&s9SO)
zvK#y6nCjkF+%WN&me5K6q&U@<OeR1EQAN4YD*x}+OQ>R?q0ru2C6HdGvTdMv2@1tN
ze-LyMEWrC$s-^9{Wzz$Ln{v(zGvrxPES+DTX#%Pu`DFm7wDX)c=8Y}h(`^k{c%7wt
z?qCC#oT!Oi{)EP7b;V1>ImlK~tRkC;r!aoTl^!{=4iGR?9;SvI`0tv)2phn>L95fv
zstgAX*+2d?t5I53G8J30G+ed5*TV4C-H%LT(-U>@y41Vvua=4$Nl|z8AY|^ST#mj5
zqefl~=u27%dv7fJHs!rF@uy%b7VBZ#z67o1Bxn@8pdq0D^ci)STe?QufmcR_v}Yd&
zUPo7SaqC`kPlA#j%j!pEit?a$NEMm_zORFQj*++!qB4uwBv(@Qm$nz@DmY_K<Z-wx
z0~&Z1SpR{yRI85lH(3R0ieLB2xQ?;tGC?)KDv_S~|MUT^B=u*eY8jwbroE4?_`13T
zrBbhEfg5kDau=O}j4Lv$ADt=6Q82j%1x>P(bFkF}fgfyQ+~q4H@*@rfxLLGey}Fsc
z!#Fq2phJK4X<9l|ao+!?$s$NISd_Rsm&ZDgETu~AlA#her#dkf8YrNAiLq*3-x*S+
zJj*+xma9BlqI)|e80o9_^)EtfO3SZqTtrzCODn2qe(yhB;tZIjzH+-Jo4EKHEv28O
z-=i#3nUnU}e*VQ1u_*Pyp0xh!m+^(-(WT<ibY;B4f5Lb1g1Uq@M}5KX0+;Ft$td?a
zuKGgqiF8uyOZ?m*4?BR8sKS;RsH?xl2Rn#;FZ%=Ek{L_<-FwaAfjX|*w0!2uL(A|S
z`-3B0Jj9W1x$mw`hef*9Fg=JXLhD#9GHMR1oi?FeEjcb<5}Aiy46=fzcXW3H^V8a;
z$L>lSNjkp@Kl=t5V!UWy>(*~;jJV8P>k?wwAc|6^;RIDs(`y4fv)^Kx-eJX1$wj4^
zja8Q8#~$aGtA%VEsxy2lXQ7`c_(Go$l`1ve=$l#!!76<PSs@;K&HjQ~0YbO8nQQ2l
zWC#5!pLa0Nhb<+pWk-h%+YjWsW$RiMkHVpm7I@^j#<TAXF4O55ueu7KU+eGo#1eGx
z{Py>EwLH`)X915p*9ku(L?U#y78o3)&mZ4Qa*`#Ph00aWVUucy{whzNbM9Nx5C2sg
z+elu!IZLsY>`soFuKeAYsWQ1A?L9IMlGB@5Vz~)nVLuNy4>vupeV-?3_1l@7QP2<g
z;nx|Dw*@|J<&5R}=5tRwcOF7UI2rUea;U3K|4`oCGJwZYcXGI8o*zH#X8UpQrTTK>
zT!kxs(^iT{7U#28Cf2(-H;IkU4K0MFHs0Je6gez}sW+lmR$1kjqLERD<hBI9-Py;(
zS%U!tc=vVOXg1$|Q}%(SuvMH~4!1GFuF?x1Zc`}8!<9nZg$cg;Ax2%Ds9=*8_HkYe
ziq~h@A_AU2Zt^8~zbmf8uB|0D)?t6}?K}8pYEFor>;Th4P?IA!YF&;7FBq$F7xK)j
zPF2@?JMHn&bx>@qj8thFCKHD;p}LqK=2sM!)3Wm%g6zB!JzV;Ok~(_Z%CvwIA#eB;
zWLfNb9S`2UXI){Qbu0$U!GQF6_+u66GY@<PF(MEnhnPMwZE$2#p=rvN`N2j@vn`ee
zUi^J(DHd<WbHDOd7&Z5VN#&wpm-dIU*_uq|N59;!^bW-rJ9YXtxgN7DSSMje3Td54
zfx@>?3p5}R<eB-sx^$-LI5oCtIJB1OKJUaO$g>8&Z?~ATh{XO=Z`6Y8+cJ?E_RC6i
zb7~+er|x3_I;`<LwKaDHS?a>|H#kcC{-LNju8^vNWdd)8nD{Y6)4GF0t_-7mW67Pz
zz8IR)$)cZ<=!M*m9EcC9b-T&~>T^?!<XBu>e<pFHCvi8>#E`deL%Uh-p$x?XcgPYo
zFZ)7HNYrZh;R%0>KuK+_krG|u0;e6PDi83xkh@UXGbevB(n&XBpFZef;7gO77*9dG
zf{iIB3B67LR)aSC2qU&e^%Gz0#D-yCmvDlgk3CFJjH$9Zxks^oCW;rSwSNxQLKrxk
zKhd4=lZ6^AS3l3p%_`9d%Yw~4k&S#bGiJeA!2`QC-Je47hIY9!cSh$@l)@t15?3HU
zNPZ=ihGcjR1+{#YC8cE(=L{XwAv_ew!D@kfac}c~;KB3gcKAv9oDypIA^8_0J~26k
z`NRg*t}TI{C12o#)QD02tnrAGC4z`Q9(A%fF091#=X9D-)yP2Glo#6+ae>ghV=hR*
zv5p!`RV8+H_4K?g2X;U2uf8Grb5|g6V=p!{F4M5>e*@?O`ss%6O>|nOuOnMmtDLQL
z{&6}kEJJ_B;O^~_eV-I#;g*=*!f#!Qce#=WK?_b7yu25@bC=~heK}D#eo4;<6Rvs3
z2lS-E*#l?Cv}zQ647UZ#^rl4EGZ_mC!3hK$3DfjN7^qf>;!DWaO+alz?XB$aB(I#r
zj2kt{sW`R)a*!e_)IbPWeIrMz{z;S#KKgy!=Qk542x*-^phM?!Z<rxG%~P5*u&3U)
z;@kZ!-YvzQ|0k(|>><yj_!tFw&qW{@4slwAAaR=@G$?jkX58Sa#dp^1Cz<1Yfa%?+
zJk<fr$PWQrXS?uTXs)z_nyvHE)<f-l{JD|ry9UbSP2=kHltTDKn|gl*pXM!yQ|X&C
zg%qlioWvZW3X<OOFeqt5dh*I>BrsW^Zs~0UcTkWdU&6aIhP)G<=>C|$P4xB{7Va8t
zFDq0RJQvN^VFhsh?>;uc0r)UzrCcu`MUiM|76dg1cw8A`XaJ4*`SfagWj9^zuGd<F
zs5~3IX{+H@A)gU5nx{u-w{o(1aQ(>0OiIdO_533FAa7Yl!WTmXO}jX=X3_<6oHPFa
z{yR|z(DUJmvqy4u>*|zbnJ%4L52hIyw{JI$FlKI*P0!_BnZj>bPIDElzK6Hw)JT2z
zq@;X|Bc4Dq>eu>+$X(_q6^^Ml$&DzcrqL-UFUj5wX9F27ZYpXa#j96=)#->*EQ;o?
zNjJZd&GWuR;=f46RILB7?T_A(lT9~eER1ffsH`qz_FLs>V3z+T)h@Gx8`v$_z5WJC
z3cZPTvu8X{OFwY>+={7MbH$HqFo!sbO*sp^bNvD!vDhSI%_jq=iBzf6#4My_q8UaL
z(J{(wK0Vu0$pneGFtq1i@uGNJ1HTM~RJ76V*n1rB!v@;jFB1=}P)NJI^RUArIuilM
z$l^Z9;`^-jM}9n^47==te*~?7W-opm(*7VEK)FBEh7EbZdut)Vf<Vt1VQ0_J)*R8M
z+oK4eJa00+tod(^yU;`~v8W^bjLaOgu|S4E*AL7<aIB!fWY;E<^oLP=P^x_JQa8w_
z#NEl#lqhdw_))+jg+Qxx9%Wg<SK1zraFvhZ!ekK`X{7t~eX8*`$gHYC<7iRcfT!2>
z6(l_{K)3J0#7olQ1rfNM!r5jH|D!MrWo+T`E>mf?#=wz-;;nOCgpp55OLDv)`9X#n
zJ%bAOBjL*Ut5g(@&z>!3lG{28KkfLb8DqYy85CIU*CNRx%Wqa{Sn7deHMHLSwQoTd
z4;zU1`sRd!?M-ablu2-r?IIhxtKJ}&e1ki2xiTs>ygt^Wjy!PfUF3Cp)8X@XMH^_K
z<1+EdXLr`(C@?WCDXu}4e9QaMUi~nYW!ozzu;R19K;d`x^3bH(B%a$yJ8L!hZ{DP^
zoo89yNN-|a<oX)l?K{vmG)N@nLoua#A3<wE81?(|Vc~TvE=<A7kscE*9UeR|q9A$P
z{IoBNtrgj0i+e9!;@%$Y7I(YXrM3W#$zqckQ8rmO)wj-+ZE0rSl``Iyn3%RFu~n25
z66SRWE@6XV(<X9q_SU;ICh0eYj>1EkCFDZun+t!w1wT0ib<1*4myd_6KyzxR@EJbB
z51+Gs>KUz{eRmkVW&BARyUwPkHuYF6ar7*3$c^MugB&hp$cE$}qP-MkL;4eF6qpfq
z432BjhBsxRE5?@aN~8D`jfeYD*QPsNGN?FMFri;iQ)=(@3|!SD=BW36-D9O&NBkfc
z9^PH;$-UPgb-Cm8F~+Uk-(`{MaOktbX$FnMvaYVqcJ_l;icRC`{$Jzt^2Z)*+Q`45
zwOPuiWV3?IxpjU_T(ucfw^3Tabc>LoPO6~jgeC!JaPSImXOyu(Z>Vf2XDaJg?ez^q
zJU2j@JD~qBpSv?$J2jg+)*Yw@Izx^Q_u&G_?~g<LrtR(-Tg8MHuD1VVkjAR%P-j*K
zgnECHT>AL}Gin?8L%qoBlwtgeqxKkvs^BAFnd*P@+w$?gPsyn4`-nCGMK$QMNQ>ms
zCd(Qv^Aua<9}CFR7bd}reZ+!?Cb#Ps`|kXjNGkV2Lytl=SZ5W$%{vnwhLcP?L(nf3
z<PSApx+m4yStT*C>X+%sXSMk{oYp8ltU0Rrm|<s~*@opNkE@V?OBcj~{JelGM+))~
z0Q5F_+0mnEMR8jwI)Ix<Lwk{a6U<#=Vvh9AgUcgQ`4kPDi+a0WI@6P>9i`2j!=aa6
zToXS?FdV;;7A2V6kZ7Qyk~hC-cWG)ibPQU!DLePp$7}N^f{~Ng6nb&YDMg7I(ePXI
z0{5&5i^K_ePS13uw*;0=<$M>clJh7}1G~F95<Z`Xq?0MB0=!uj>;ecBvhn^F>7(Ls
z<zUbt?T_!`m2;aA$(b#JnXF|!tdx&$&YoL8>Da+7jU7$AEq=t79x$Rp%9Q65j@xf*
znU?J6?Ol!gyL4tH`F?X$L1CHpO`t=Gvi34$nP1<}?w%AuN-)G-ZTcUNw(hk~GGgMQ
zDa(ti-7lkdfUUjge%n5!HT-6$KhvED;OUzM^<CI5r}-poa&Z2pNTph{Z4Q>MP-TUa
zf2j5nB}1%Ru}W7;H`fBZ@3xQF6cE}MxTYYnfD+g#^50gF`ySLJ0rvJ8)BnPd9Py!5
zX*hwjZ#RW9&W?X`!JN^s0N=5bMr*!aQvxoa5a0%~2WA;V8ofD)`|{k^Tlj8f^m-Lz
z&<T*P9)u($B=DjnZI=hw(7EI#kOQ%{iq8dE3@zXs^-|62KNl(YxaqBRw(vcT&1-Z4
zoda!?TpwIxRK31!1;Q;rg5eu!)a?@41<gAw|KxHXj%YU;FKPaU&I~hGF~cb#0lc@R
zfIEZ_dUO(v(dq3vy~rd&q)Es{nPa#Zwjq(-_1p<$GWzLxxl3a)-r83yKF@7Om7Bre
zVR4XN5I!J9JMbh@i)&<5OJdN`=6`l`GUdT*qwp@WP_Beqfo$YrvXm_L-NPE1TQQAp
zj;Ct8>yr|>g$?%15;@gH_3Ya{i4E3uAPn4NM_a!ASjF`_N9)}weP8J+o9;(u+x)eR
z;C|)<R3lW?+*lz7B_DX}pBSG#l;x@C@V3OG-4&>hmcgIX*%ss6oe7iBYBVJ~ozv%j
z#JJqacxY<6gQVW~V{qH!@wgI(KPQ(5w~K=Z-rO^~1zt5>d-O~$5>f2s!66Yd13O+0
zM)AD+dzPL<7)xRMlogLXiM6V|t2R4_#X}2SohO~=@1H1rzyE<e9gq@J>oDXc{i>W_
z)YLRQ{3Tfheifm7zW<QIqW}I)uRRg^bn)e18Jb%Om1*68!ycHN1#oUw_ExfuMyY=5
zuP*arDg3w}D5L8zuoB*q)c+jV0mWQ0kh>a$<kZb)TDesBy;?45U$8tY$+C0rP>gxE
zH|K`6ymDhyVc6q0z3|8W>jnaX?_y~?Hy9kZXtZIui=6CSUysg9gxEgPB#KQpWI}<3
zf4E|x-7856QUzjpN>s5XQqt0i#A>pINz3Cul5i%jH4O|b>a}CmGxU7V0nv`OXJ28q
z4CK5~<G`&KIMV^zZ&@Idf?sL)>|g7Merw&Bjajpsjao37%yN8EoB!0QLL?3wNJ)&k
z7Jp}P76A6gde?0__@JX1qG2#kkAJ-aIHZL32kaYEIJEnxRNV?Y+Fmiz#wx~QB%@g_
z(YAm40y|ZsWjAy;&fNKQ1hmh;*8P#=c(!m~^gTO-Jxm(F1Xidr-8{FxerEAW#BG@j
z>z21yn8JLp2?<*E0=x-FZTIDyHXSN30wM$jbf`U?aBa%a2WfsBQX90xrZOyVlu%1^
z&0u4Ag`8%Md?IEXsd^D^?ud=D+5cwR(mRXu1(lug&syTQu{X$(!N9w3iPMG$7kgy-
zjZ()->4uLqh6bRNWvmuAQsktw3xk(YlR5my(}w=TFtD>vN3p;SRE%yL6L)zS9R53l
z2I@rqd$Fi!CyXKTNuB(zwPxfJ_v89+Hfd3a)!EY&;iB8T9$t8OO}$p1U0XCGeMAsw
z-DyEr*L3p)$@gL_4)8h_g?z~TGO|i-Ty3edPC8t;22b?c%**y%#2o|uV&GW_>bF$W
zy!PXKphUeA4VKq^#q(3AlA|JY_Ds_v1!O2MpXw_smqBOF5ZbQcNZde~0$=AJ^ak1K
z{oxc-M!mOcXYYQhmF5TsH@Bsnuw7LccsX7iO2^8t8!+MZ0Ut@91;%r#j=3`B$Ful*
zpPz+XTwFqoWXdMPt(N6ZGR*zl(xnO_bo8W=duC?vpe3-Ab#Sh8s~p)N6j&g;=|ur`
ze^TWsJA1v&<^=wZ*L5&)Nsy#-h59`W$xmSUP(ONyItd!rnX;$VA53W5JT%mPZ@N)a
znJ;U@l4m{y@E7#CcX}my^zzp29qC>9fy4%v7XpIK<azY4@T)Aol+988R6_r$A8RrJ
zyBAeG7L;AU9b|j^!&p<a9n#G{brGHsotF06mA<g>U8TnaD*$2>GQC=)MT<sHe?Hiy
zX<OTwj$4Nhw6UXgOeW>G&;IottW4K(`r=0D>-q@1|65AR#@PnBpZ>B_J^SZ8GqBWu
z<^=Vqv3xmCAA`U2T`ty7zicoutGtu#v%ZMi1?LINdC7N{w`$R<P6-x~9|;B8%xnIv
zY&>5P`#T>Zb<|%VChuAEqIVG%fa$RDLBn2saP8QfW-T?cp6)q&U0vDKn-4tj>h^Gf
z*gz<t<VXr?cMzzvyFc!}axK}|4$7<N7a3Oxe`8`Dbe=6Z*mxV$ck2Rqr#A75W9Zh+
zssnZOL<4u%TI3W93ClC2_RAL4auA=`B2G8`k#`}5H^akz6v;c@Y}V$B5eVGIX<;c(
zt-k1q65Sg`W36fIsOwbEDY79Pa87r~$k+qS?J@`do^C@)o(`-`j(+Yb5;5k+e`r!a
z772%~@=|2GR1u<{{d*=phBegK49`odOPs7`c#J2reYiYGAyug64RS5oba7)WHpc&q
zdAIFQrQ-K0{5-}$_d&MU;CXD~6jB7oxouLU9HGk+ZbY;Uy|D5Qj<AA9haYMDfcC!$
z%y9{%B$Av7vk2(&?{YaDgNdq7_vnf&t62X0Wcu3apB{}^qL95cnI{3IbQW9D75$t)
zuBcMma_HoG>O9YKF_@PVoU_aP^#a-PIHz`&7>(g}FESbU!n4~UZ!nNG(dYu}CU1L~
zVTl^JjDoN}gs_7Bc=|@`uSclg2#{TK9>scyo{aX-R2!RS_P=q)T~F0)OYytuyIB`?
zbM~f7{o=P(wI2RiR<d%h?9L)}?PY{A_cadW_aS&fSkKUUWh*o_Bh5T<LWsV-x97_b
zf|mHgb(jpSZ~g>?j?xG7N6vL^n-0dytv)7!ziw%^hJwF;$<yx&5vWI&1*nzygYP+E
z-N+0pxP~O!b2sw*a*fv)sIz_s;&M9`5cr?q42UR8{lLqZoMf*Fjj1g8OsX|yo>LLO
zf3oHCeDUnzdAW6G`50rmfK}a3B&vjENczpE7>C!fRqA<qWacjUA~tqqLn>_<Cb061
zecJ*V;T##Fz4Duz+%ouz1yKE^sKFhR{0BQn$eXaK>hiSSB7MCAwr0jP$Eo)q{>^=n
z3;!F@OFmB8Gb2lLM8QOw<cY*n#`xjg+IlVJRwgM@kl=h)w2An{J4a#I!Jf)_$775v
zZ48U@uya1!$|~o>#`$!=2mB6oGz4U7>)yp1N;CO_1P*zM_2xK<0-)ge=8-IUQ7cx!
zeu_`qR<KlXf*%vvo5k?I1r8K2bY(xR`Z;mmmuLiLFiyH@#c^JWljtWGY?T^ZiX?%J
z>9?BN{yo8xOWtxi`hLqL*4Ji(wquQATB$Gn#_@7ApO4Q%Jb;T}N+l<8#J?29Y&?F;
z^G22={SE0%<b;4!v!9%eU+C=hc^)^9=Sl4#5hbPK%N&~}{~McRR8}z5t3=eh@{zDD
zIl^_h*z<y_HGMS%BXv|gR2ZR0rpKJkLDG--+IpNP#a5;KAmituc*7@UVqa;(ni0tH
z4#X|tJp7~F`;7!VU*9{g7~A6R(nPH_fmP^~A%PDx{sDZa@HyET)rg}YRy5<B1DbFP
zcj2Kv$j%TQQNFuZcriS}D1ixK6;tQYEg#kyVlvCi9o#aw0Mr&#>xfLf%2VI&xMNuN
zP=5#LB-?Okb9pge(=K$Z47^|YIthQ}L)m@XH#8NG<hI2Ma~Pexi#7=Um3sc#e*de0
z#7-Gw4nQf2D^1566OmHhzR`kP@J0=!N@2I3F<sRv-eTH>m;W9a9bb^dpi=Yb`2To%
z%b>U#rfGPQ;1DdhI|=UY!Gc3@cXtbRaCdjt;O=h0HMnbVcl-9bpL)M4ihpcTr)K9&
z_w;mo=LmY92womucz51hTcJHKQm*j%a`6Sbzk;lrLiO5eFdzdM;7$Vr+HaNxTxnXs
z4*=!>A|CaL;*4tQ3q%SmjQi!10}Lzf`}HYqRizzC(rgNlG0FI>=+&`$*M8`fV`4sK
zOSej;^)-(6ixf73@yoO1zSB|~ohnC!h1M#HJ}iiQiux8EcG`x`{={X?BWuC*i<uQ-
z^YVZd2Y4hizTZz-*3=b-6xl*Codq(R$Dbliu8yE!m-tl<f+DcP7<6~cQJn>P^Y=21
zYP~02Jd^=fkzRi6|3h>f&*~-xANzK%t~*~F5CsdBJ_)M4Rg&P9wa@%B{bt-sRD-jO
z({EzDrO1CHpld>yhz?cEdb#;AJ5oI<6NUZq{0ufSSUq3AnG&3O0It6d{UaK6%j)}s
z6;?!+j8FtW%^sK+kXL}qV=+cz$;cN|O!^%iI0@@ZRsY(clHB)bYsfm-Zr3@|h*%#P
z6NB*`t<6BcWDd!6Vy0Gx>H1*5QX`O|U!0IXiA;xKHxRX1dln|Otr)k>G_~#Eqz#UZ
z6f*7>I#O7YG#0pg`8bd}&zWIIb880@MlL=HKG*iRIPu*pWPdi*$p)DHx@UUV&WF!|
z)whRe;;foEiyI@tKO}G(<tiE)I%YlwK}AU}3_59t&#wsh8SJWy9Oi6<VC&wdc+2A$
z^09f`e`8-HVCy8R=u|c>*!tWpD2=V>_b&a|syn}+iKAf{<vWQQ_${@rd@ot9eeMMC
zz4wg0U>_JaZSQ7rMKMU;&RK%WT^gnU0tnLBO>RU)DV}WMTMfb|I(>oK4_u#@<qto8
z<(HNN9n(QQGBfNYHLii$E>CWywiNy+sM}=|C2<&KR%UiYE%~^5>BxiPC1sw`^R9lR
zeJUZ03Z6v`Yi;qc(3fK3y)f^byp<JWhZ7HJ(RK2k6mvusywdataNTmG_Im+#Vd^37
zB%+I+NCOimpElJsFWm0Y-cBNje^tDH>tFh{;ey9cT~#lQG8&|v><#<5&QsqPds1)9
zkeA=6?8u8dbZ0lqG~%sal)&qe^!m*^7c<zxP!lWIA|GFT=l+OC1j9UkJzGlJn1H+>
zl?w@;pK;kMX4(NxCk6aVa|C$sJK6brl1mZP%W}Se<x?I6nu9MOFRs$TnpU@%$Nh%2
zEXX#lQSyDsd^!aauz+*6Re{*7JGkzS$lsv${$G=vLh#KR)eB-NBBT7WOruK485we{
z%ckf8=~VEAX)&;-JJR%Mo?(2pP2jV1Sf)AF$5Zv%$KQ43-ND{oKv-r@<}0*Lis0Lv
zpvm$gZpWeWzbBu3N%ZgNbWrp*d2CrUs$y{zkrawF%z@%_hz|atTyjEab3*Dc%y?ZG
zsNd1awep!<e50aV<hoxW!AG^`BKjIwX@+r;RIrGe^^foQo@lhjOV;{Wh)Ym!Y#9O`
z{}MPp6;~C>=tLmt0Pew5kh0{{sBx%dSde$H-5++gkl?LQhB&M)&zJHu0y;%1i-&lK
z-Xk}Idy#ZAfuH)7=+{}q3l@zO`%0#-aTs&J#d$lG>==u{?b1N4u|-i|QaPe_S6h#1
zqj>$%7A&bS>IQU(59+KnkF}~59bKj3`frTEcx$S+xI7abU=fGlj|nUSSR04+`(okP
zpreV%LEkRCOe$mUB6!b<+1uNn!>cE%czV5Drxg5u1%r$EWgDaJiTB0!<UOth*tN+W
zYU>c*ex-UQe<3v@?RLY$`VDH6x@~5k?*x4el6UtWUVN~OZ4;bqf1P{k<WunR=Wm5F
zz9UeQ%4`9?f3w^glI>U;Okn7`y)2BtZnV$G(w!$uBuzGD&dky;c8+}?XZqq6R^I5e
zlsu>mo70cz#ZWbY;I~4p&?MGAVEWCk$0)&E1OM!l#b8GKz<T8n-gh&&M{5D`od$I3
z_z}4pohE(n0M@aan!4+I1V3P5{d!wr2dQRE&iMeCo13_gc{<86L;{(6cNUQSY|PGC
za`JMri_<(OA5@v);gl@lq5ZK-4`Do)hdhDNKc+1kIYV-nDa`xz|FuEWhx~aM*}I{k
z#GrxhkJ=G!%F9VmYQwL@f(;JA8OKgtUm?3_%Yq3kyHEY4bEu6pKnBs14Yi~UuG|LE
zp<%#X29iw*Zb?bn#9tk&L*c%;gGSknJQ<%Exm=PbrI;ItT6pCH#c4IaXH*lsU1#fH
z6oI3T(<mYo%Tyl09s+Xng0iO14BFi~S!paa2o`<n+qSKLB+1C(S;BmA(}M{I8#-c(
z0VpyyQBhXshK4Z3Kd7w`!sHePife$N5+HvSW#<)8lKm?f3idNu5rrOu(?{Oc`C!!Y
z-xTbCoZvfgZC=5#t*``~0H}&e7)(u4T4iz*OOw^<<Kp5*HrW<PNZC?U%AK4^h6qA~
ztt=G%;;}GVm+N-{F1zdLGCrl=8$nBj^1)Q_M7gyzUrofzV~~E3wX97$IO`bH3Os$u
zZ)!JK`Tk5zTx54D;0OhaCPK~Wj_P~xOea0a#%Wr{(Aj(NDqqTJIgd|YHC0_><rr8y
za~*<}VxGSBFRvDDD&l>z8E|~J8v7>v*h#$bG<*2tbTwgjot2%6+E7LrWC<q*rIMia
z0_lpS{=)Q7?TKU)-{>7d5rp&x0z4)tJq@6C|4|?vpg(48LQl)&SHsQsiv0d_@!oe~
zV1hhp-Pv2U<3n`TO{^uqErz1CP4)Xt-pWjL;Oj9@Y`zX$pQ~^vNC8sE98T=%*TnzR
z5<n+s@612WRWxG#vU-wG$^4$pe?=fM6mwPG^)fZ1@EKQ3Jn#xz8_@o4LO);xTT_m*
z%xX0cTTdezP{{w|hu=5b+fPXCnLUq2Iwj36*%<m&aHU{8JYQw;H44TK?8#fR|17c2
z<e_3GDAlBp3m8Lx38vYUSmv002&4a|k+NDBDx2_!4L(Rx^?O|S62deRIW43`i0>{5
z$#nqqy(T@`Fr{O{9ne{HnCDNj+=tqSnjhMAjaqxCSYAP%G+NcXriaJ4_rC5}iPi0~
zkB}o^AA5DAqwS<g@bGHv3=OqrUbgGZI}PR;^RZ$64<X?~Fr|GY7WXJ1@P_}S3N^0X
zmw-YR%s&>h9-_Keh^tX7a5zGr{T!QT_Bz^c6tfAuZUI$>wV@X2Vv1t*%X=q`-Qrw6
z*!f)1yFs}Y>Teq0;6RmhNx_xit_<CZyzNgs(ZrNMv$D%H5)`>rK@tme2E8$=K@4%e
zanaKT{zX9}c5!o^M!2Y`*L~r~(T{TC@#+!3Uv@UK?1xo~T=uAp%KD9sQUYJ%YLUL#
z480}i{RNP9*w_hSDI;Cq<4!>n(F=@()KpOULTc@CZkyOhw<b8mtWT3S>{uxYUd18N
z^4@pZ?bLHk-iQ4=FA!!^I>pP55HwSKgOA(Yq91>R%{%-q7-ls;u;jc0_M4Mq9U`*`
zNtAIY^zh8~9(T=SK8!fjOf_D&<V&@^v&Yo1)d8K=tv`AEOZOp%_(Xy{U1sIm0?*g0
zPJ&(b%MlwM!`odL8dZ~@I)1f{1U%RYHV}&;t2}7-W?emVaT2bV7dtmIO9@?#<CR%s
z-G467?S{lwTcvistq>w47)QQZoqES0s2p;%3V;>QF{b1FPQNA+2r2JDLm|EPkGd=j
z1sWJy9jVPCO2|hJ%+ES6MI_9FRuFykZ;0EUDbw4!9sSXv^(!cCR@mnP`-A;sPpdmB
zxNVc9>ia)I#S8jAAruEM|J&wfxJ{j*R=19urqQ)FU3=((qrYZ@AzuPQwep^Zq9k6b
zvCc5Tdn?5noA=!(4ZQ3S;z4hhsSlA7<yOE#<2ELWir%RYRi+-<f@<_3u1kK8C$KHp
z_8(l4f&-FbpsmJPtbIFzJ3h#pY?IoWTdYd-lm{Nvlq3I%b1Q~P<P*eGmq3R{0ExzD
zufkc!9NbBhuD9N6mN}?^HGYmsy^5;3j)pZ276#FHvgvg-MZ1`=Q}6i)uvmcq4G91(
zp?px0Zc%(Nei{0D7*w|hQ@eg^xS%5yOK*USH_^)NUx_Cz&1}e9pyzX(27B|wmz*T@
zonYAO%u267V<U#SGse9BlkeZ0Uht!^JP{TAO)uJCkHp8==g`l~_cbs*BDuEaxlYU_
zrSyyb1;0#h!=wD>D^<?N>*2^C^ARB8H><Gxdi`dU^P%U{@*HAXwP`gu5%)Ev_W60)
zF~hn^q)t_AVF7kFPPY;HKix+WJfGieV%s1`JEdDCKeLID{S^xxohILdOz?kO2i^?d
zwey+Txrg<7E3SktR^PwJvXfce(x`!$!O^uBd4SA}F17u};d43AbKLj?m|su}6Qnq#
z&0=KY5*Ylq@zQ$o&ZxxuZl&$D4-|IY6P0Z8PUS(dVj{Yo2U(}{41bOh)U<I&w9C?H
zxg0tIpVHe9wJ?sA+dZD9!Q*~K6uNULV0L!%#6Z)P4*N_C(^_;F(YBpiOalLAx}fcT
zuRgo=l=XB!LXb17@BsA+JkNE1r%X5dR&~8M&lu0_M8~xlD{WwoRpqQ8V#Dj3Wn#uF
zm#b1|^Yg31nI*>GUk*IUH8ZHtwIQH%VM1kAZtX7YpuM-hi>b6kJH!HS?XOdtA1UU4
zN?gP!lgEE^R*{N_hlV`Fziq<?lDqU>LE228sZC>YV*9T-7t|`-0VTGpPIXWdxV|Q&
zmoTtgY%JqJjg4onj2Y1{nJ~1-OfFfo3b?Y;aFB^rl)k2ElJe9GY-IgCSA3J+_E?<B
z>a_Ul4dCADupI=G4*Hw*83#=QE$#vX7NY$bHuaBbm?pj9;`iq;3`tZWOwt`V`e@qQ
zq$SNC&j5^p^Y1T#fLUEK_s78+0Z`r@)8Fpu(5h)N?*QI$5KGDTXuhm5`zm+^o~->h
zF3dyqtp0#PDoUjNa>SI(%^CTllBD?j`+Q-T#yE!cPlpv`WAbLxkN)b7k2N8nJ6pP_
zNi<^f^?*~OAV&x}zjC2gTpAAIPCB6Uz-JE;9vPWBEB^}+NDS#~(@Lt@Ka4|fc)M?2
zWsNq1{=5g@^|F3(z2-EP7uYj-n3hI_?_+FvH(y@<{zEaMg_~32<4T}U+b`+>=1o{^
zj5D(03$~5&Dw}hhlC(O47inl)UyoskXA;Z|gb-*_Z+@wnI>HuC*QZhnleUhw{v+<?
zfp2XwrF9orEvryV>$FFnUV4}oG<7_n5q|s0(0N66Q*Q>>Vf>0Tm(Ru~-K5?pO&!%(
zK+<EwVQy=)HE%UOm2Kd2j|8>5Y4%(-%>8sLX!w4N%h35Oc(suhL9iw$`|EPDJTej1
z={Ya$+N_GfdeY98`}|uq`%_;%<@GXKJvLeJ=&BQ76ILjwm4%;_=Ei5=4FBQkxE#KU
z@>|K6;pfanI<$^xrz37h&H9>#57yQq(T7XZJi@n0NO^exH^^{8i%J~*TUgODSDgzh
zC?6I6BrgvFA#9DocEj}pb!n+Ea!;K*E<%M=6Q2-YIIC>Ohock0Y(ei(XmkDbETMax
zbK@1j<GD(q*a4JXnyK{KLhpmxnN5Qw_0%swBosf}*R8(2oLxPZhI{u`e(5PfxvyB^
z0IN5qece`Q@sJsp7>!!HjS@^8xn*QU#n5oj$dD44@4XYN$ia*j(;o0KgIK{!FV?QX
zt5bes?HRZFecJ~6=Zx(<kr60|+cA;4qy$Jfy!VE)LxIBhj*~9Vkuhk&25M+K@fI*j
z`xu^GNY2#JF!=Zbcli9G;hNH>(?iyLpNH8Q^9<eqmzCrogLt>~bo{>zvYbh<TzqmE
zf;Z&Q2{Xf%#KoK3AyX_5ijQ-3oLvJpuSAWGobmdZ6r`_qA{ZTQ`HK}-7PD)<!~u!9
zn8N*{9?gf4V6bIEH~ndL8g3TGPZG@>k0w?()cWvcJzvuB7g}&0h8S}kcHbqMrd)!W
z?yn#TVsFfex<AR%d=7@sy(#af0d5VmViP(#z16mcNie0HC-ZBeB43A)O=vMjw5`o)
zb!ae1k!<%Y&YY{;`t3DPwObLA!hsPeYURxKt=bwK{q!~;d&@1mvsL8<XPx%5)lyE)
zaov_++XJray>3I2Zn^zgVu$m;#M>PB@a&PYEDl?6gMJWeLtp(?du%GGVYw^k1o^_V
zxI;~`)Vmzx1|tra)HBVDu42-bJ~&{BUMX2}-t@R{UhSAYxABrqd`dA|+yMDjuT9mH
zc{jjuTLQcKk&fXLSb=g-w5V;_7;9L&3mMK=>WnXQ%aE!_?ATwsE+WyW_VzEcyv)g}
zkPrSPSix?pR~i{a`1DB#aNpc5M1-l&xUe_8b-=9Ip`!vb_-wbv-_u&MGnZ|ojMXM{
zTDIREoN#d91+X-&V`r7wfIgmhRAfH|cnThafV5ds2Ak~d(;<8Uy!MnAGorn_^6Fyb
zov9EUV0;bc_!VL256+RGUVnRsaE+NSM@JH-br?QsDb!3zpx;H}M+)o`>ehV{SX^}A
zXp*(B$zn>s3A8y0Im`C5Ad6w<S&;b&=|}|fKtm|aktFTJ=mJrIOUZY=Jl_qJ2Lw`d
zxYHiJ=B5-Y=tPQWBY%=Du&?2ePP?1(ZO4EOlE3k$&4YXbI@)*jVkvVR)bHR-ZZ_=?
z1yY+F{`Q9P-Z(T<aS06#J+oVJ2K^Tg^1no%2~j)wdj79c(Lg_EK`ScK%LefuDQ==+
z7z6W0$W|m0z`W&lRTTw;j@8(Ed-v-lIk-&6>J+3E%m2FXC#fyb2nel>JmJ&t=<2}I
zGQ&8E$%Wqf<73ADxPA<*%Im{fgOjDTgu{~)`W87OLm0<FYJ=VkxhGzKl4X(F|LIkl
zu<8j1<4vqMrDx|KeAT#5$kEd;Dk>_P$Ves@mdsyXz(r#MBmIjYq@kGs*trKJm{fH9
z6Bo{~gGmmyHZG=URFd!qlumB^ay9GQS}EwfMQwFqa=+YPM;X@{S*|;yLT)DKhip!V
z+2VZGR&~NnNe1`%+v|ta!lSR%g-^;&bvLw-fqm%PgFvXow`5bjgV78p^K=S0x*hfY
zIuY>s-cX&046B$qhv;0$uPyAZfxBg=@htC<AVgw?%~$X9U(agXPlLde7VvK6#pD@;
zG5mRhnVQKYBQgo`A?c;wPK86OvU$Vdai^XVnxh_DR4!``CP4&0@a+Dn*gG(yvEKI}
zIN&#C*%Qo8Hm&(nDeDiL$A}n&`GKn5^)<IgfWnMpbAZiSybi<q@e8B~8JW=T_Pac5
zIxe*m8e{cG=+ot~jb5lFr(d%4hBI@nkfbobW$a%k;|aQ$Xn`P7B-O0%K5f@fn9RDT
zb<H0PU7mONzC)rR#5<1rWcU+zZ#>ufksRe4SrVtXBD`$UmbRTxz73lf^m#Jp3UH1g
zz-zY`Z0#aaK%OJ+>NIzK1Dw#@&1ZzN;O6$ERgQEeREbc@T#ILpr7~AJJy{HG^;9!U
zXQa6%CTFNX$=`qM93kv>1Xu1i?^&YaOwgbq1i5Ymx|cY89d!bUeJ@0D$nu#WgehkV
z2bye*c`JJn`y>!8UQQh=hwdi6zQBxW0~3c99zJGhhlbc7S6dzrl>g)XZPt=`zqVRQ
zDAVYCJyri5Nj%blJv6_DqgFp{jR<s#%v<LdVtT&J&%Zqo;MUrBdeU!V>v_d}aSB(3
z%O*xgHg(|8;<94Tyn~q-{3;9t3x)1Iyy506!IZ4zyLcxY{6&}ul3n|Y*A2Kj#sl}`
z!ai?ZwCPSKYzG|Xl?(7PS>_FaC78N67)gi?3wT^(T3jwE2Y1N%B6y6^SFf=xfMAJy
zjyRm~v~~Q*;jhOk9XHsCJ0xGVGStTO)F6U8^<j9!4h3{E7UH3=mEeup!O{rMhR>Pa
z42m8C2Zw>ng#M;&hSd#31TY360>{h~3mBSuTsBpzCn{xTb&6opMtdDU{5iIBdV9OD
z>)*W9q2{{UGgHs;40`anEE(7PjT#K2sNLtH{7*dlJ#Sqs&TqFc?swox&;A3$<)qt3
ztTo5pyptYP(uAU(-fpGc$ENyr4EJ@}CV6<gx7%9vs)co7YWKsRN5C5#?qMU4s~N%N
zMKU;hE&FAh8}*0~L?ZwRlI>CDB$zK$8!bXsnxN4*I14D6M7L{;_CnDAc=TaV*);1f
ztNGTQ^1Hb=xOphKTdKd>>Gv&-ax1RP1X-oolFda)?lY=%0WQ0RSkzhN7wQkU9jwY0
zsc*KkYws)iKUB+L@PWvp;y*atbo_(HKA#_wa&q^1t$$@Kd8C8)TOMyLi+J^!socw5
z|8`0sqW<z6_aU6(Q~g9_K5XXMjio&DOnpk-9YQ&5-36gTO*p5&iHcgYX;o01{k#mg
zR4KXaM}-`lo+*@BYvu~3krC+;hBO_$Q49{V(I~XeXfSE+ZU$;9?@iN}Ob=h~Kj<;W
zm}+Dr5=|1CY?P8^1u}~EVgLDFgZB<N8}^`G9QtH)X+!YchlSMCSK8q<l1%7S9gX7H
zx{=$@H6FV#(my7-mCkM?KT4-s|JQVhKpO@kstC%`CPB3_uyHa^afP^F4SA6zJET8R
zeyLro$@a7dHrLBkEIq@TH7kdf>&-NNn)s8D)gk#yZqr$#L!$|!ZrgBNB{zk_IQ<!c
zfTT3n)$P|R+x`ot;tdN^caDrOQrm{Q9~asq@66oywwO$`hPCXrv~~K+n__q0YOFwZ
zoqo-#?Z1fGQ)p7C;K*KYX-*8%i;5^i$ykoqJRf8L?1#iX21;^zYmO^Uj%jNQdDb#d
zW?h_J2^Q=hNpT2Tc}Ve)X;sjrTEEp?d<*IGzt@&J-D}5JbFSqOt~a;yxs>$kX;w{J
z^PGBLy5Z2+)U-ZA)PvQbP7mIZlQNg@pWkB#$9^<u;<79wVa!RGvtuld)+uBD5M7;G
zw5D+dE(C)uic1%jwY^^GlPA4%JhNZvj=cO17O2d0U$LNyT<!%PdD${hevBpYW)nPl
zh3CDmUClTOELsm~ckQqWm@1Xy($TpF2Y9W<)wNOW#X$C)gL~Rx%Do7ogF7Z!Sle{j
zbJWGBXRv8{5m&51Ew{usYe=4`nrIPyeaGLxEp$8LOS2nAk+F$WSbN=rJ=p`u#5+}>
zGsj<*g1ioAR7@(2_=W3Cz!x5=$zBC91uG9BP3Of|eS_(s_{U3Y`3L4it}v@5ODe9>
zoF2Gl(f9Mv+e7Y2b1N{2Ar%gjd#9%*UTUz8*Nq%_4^_PWxU8*vvdnF$WBa!#<YodB
zj;%_hk%oO-45jLm&Y?4G&dx$9=sI5;xWr?22av4~_rpje*SN;|z>&B*qKnXNsOBOR
zj6!e?_nOY>lJC{cI=#hnWN=Vyq)f<!%A7SaQ2fc}!oKDqz6nhBk>(+O?6fmU1M>}M
z?p24d51@+q6E5MN^IqX&RdBNN3JmbiImPqY!I8!jJkMr(fR^}4zfFI^sa0{sEN>u|
zdR5pNfaFi0y65xP+|h=fxVyzDiN0u}`(}YvZqWhuX&f(S_Gh9(BH!sEcpt?wz*%p2
z%7`+)yZ1tH^GT@LcW}=iFba`KWjK6H>3#-vUq1@eHT8C~zG2Q{b-%Y3yaM&rnZ^}~
z2VnvI<EePesOdaDe_Kt6&+iZ%hNx61Ug%B_W{ZB{1p84@dV72G`FI_>pR&uU>_FyI
z)Mgdqetne$H`y;kEc8WniES2+N4lN)ywFHJ*T09x8SodA=oqM<qJOP+cs|^2*-#gA
zC67;3E8w-JjD!&gTSbGHbO4{UbTJCCnSMhKE8{DCHok!-ZXoLEN`1(Q+JWG}%+GP1
zEHl#&U2u+W!bE*n!@%HT*T{O#Gg5Ju;o0+-s?Hl7Dr(0>@pBVfpCGWihlQ&^$}z8_
zzA<M{(3k+N7I_wjhDQ650Wmy_&L@&*lvrBGe;FvM{JuxR^NlW&Ux7dD$WJ&uRdKXc
zoD9l0&41D;>rAsH#n}R=Xp{Drw!*+rT#?`koB+VgIPsR+oU*y4y^qA=+qi)DrNkd>
zFHn{+7mkG2ADNDUgd=L)zy~Ru3(0qs!0brJR(;dR`N6M9U@Q0mc86m%kC{QjQ};k%
zykELpNG;bhbha<_2DZyWBxzt8l|tS`mokWU#DOud#g=unOg9yfTZk`2=@H&rk$`g^
zv!1M~<kj0{E=oGeKeDp-vz}zE;ZPcJF*Fa%yziua54|_24$kC)O42HHiVj}Gvf^lW
z;sL<r{M_pTcK4s&FmTF`kW?6IE^W_E&%;a~)3O@)@6bE|I_8yXDakaD*^BINE`j{`
zeAHws7xC*~ug>XJGFw@s`jryE|6R6xf<-MFSEv0JYQhsqDNJ`YGh>tR#{$ih2ux3{
z+eOOA%N8Q<id$~KTy#%aCdzLy+F&$6zG|LeaYek`JhFd2%;HvQ6)LrQEnv*q;uHij
z9eamZfcP3iy`h~H;*B50>))oP*^5WHeRf-oUe8nHw{$DFbhUqElP5R(A6O#)97PXC
zi~ec)>sPC6Teug;*f!Lhk+2gvGU|L&DF0{vtiG^MKB*lKG^$7HUw`<O*}|k(y|Tw0
z%M4V(Hl`2lwT#S4OS*hZ+j~Jc3Mf)~Zi4ErYXjskzn^xUu#z0MdOf>zm<E91Upor%
z-fKA^SD)5<;|R`ma(H+f4$F@vfwOgNO>D#6@R}Ny(;(peg}wX=icT=7NB?h1u)mFy
zhq6DqJ>hC({qF<C6bD9+p9$q-m6$7Kk+3fyme#`UwMQOH2cL&zm2Hm;go;nR=A?k3
zMyP4X9_`;o>R85SV1OYp2?{FfwHVLT?_VXMtQ&|kY-}7Caf+693K|yAX|<sKxZvH~
zI$N=-_!r@&;F+V-ikpr1Mi6rkq|;ZA{yi{Zn4fYeerC9^$vk*n;8sl^8xS5Z`7w2^
zC;#T=WwKXJ@Q2u>gKcDarQK`yOb}?bAdZpci`Z>{WRVnNv#edv%wNhW7Uc95lC>=L
zDGdBk&J^2!O>rP%vwGP<2x=03iry8chF*(aYnF+qHAJJnEaM5gA&{8aKzYR_(~yu&
zU~vE?Nek5=`{hHK8qDSw)$d5ueP6ZFZR&QlQA8yxG;UcozMM6Ae;>E?xdF;bF8My=
z4(C#6;^clG5olnN$z@GmMaj)mse=ek?oiE>3^7oFN!?td$f+YuDe@qPojJ$jEI5Iw
z{7(g5R?>8?4jq3BQaLl(VlphNXhICdkQA91ns&)I#lQ{x)5A=}+v-_uvl{9u@;Ew*
z@IwotQV4`5P9@u-EAiYr0br&}<so4JKA*_a_TG_f-D+~RN3R**yIC=RSj=)GZbpP=
zqS7O&m(O!InQ{GM#d}P$yzVq0anjfmzdPV;QXNbsA`egaBAz*qQ(j&Uwx@8`IXn+|
zas0HqS|nMfdHV9zQByrgz{}acrIR8{#kC?aNC^h+O_ZRA4Q>IPRdI)e@XNdXA_u1R
zTEEJ<<S%Ek+9K@~-}kc5nt$oB7&5<`<Ao5pM<Q0g<3_cGDfx3HYxB6J6+95Y6mdB(
zLV#=0MVoH5uZe!NKVXSA!<j0|;2)PPEG1>cV#-QxX)TXl5f|I=<*lx2wa(6QyPd;c
z?RuhFw&AZk%Aw(4Ti}Jqi95qF5&u)^Uqg;^G*Od)eO5fBp@tLKwtfd5xARX+I-vMt
z*Sc|JZ06<9K5!=!_W}F0&>|6Z%~;b#L+SPY=sYFG0^bKU4zp)PBloGA+%6B+PF{`g
zLev9bx-K8D#|5{RdiY0vB@^wuF3_31&du+hdGTo~BBEI{Spehq7h7e}US~ePKLkB5
z2r0E(7ax4?1zHUc-Cqv4Slz_aait3AAVeg|aN@?HvNdq%dVC#vG@F>mhA!yGHQ`{H
zKG!t3lho7@3D4$2!}*D)=Z?6Uo_9Jq9k1!=w92i$ygA7IRC9UA;w68Xdaf*E_nzW*
z>8nz16g+(SaRwmBc8}aHVaittjMkn|yKf0;!h1Hg#26LLy-v)QC<qlAS}I2EFVGK3
z8>yscNX}aXUAcMGhEL-$3x+q&oXf+ESlAC{87&VG8A(6}Mo)+dOqrI;euJBhO5)Ks
z_TEJzjm6b>*`68)uT*i&k>aW_9EwjV9TwhYjX%QpuYj+ShNIaLy4r>H4Uyd~19Rji
zuOyOCkr<x>%brsPa0818#Ukk}#7w_SHZG)!6c%~1i5WN#G>!kgGldG%FH|q2rKFJh
z5FMTzzsW<kF&D*Ou~G!pZ|Z+jTnS4elOc(t5)oRHrrvD<doL5Drp0M!z>z{@GwK?X
zUn||oN&=9AROaWd6XLA|y`xx))G|NYDtUTmslL8Uyyv-PZS|64jPKK#YDai;M+D6f
z)Uz6OydX<Fo`;~6jEd*%EVj0a81lCN>>;5jZIYzRpb59YEvTrf+TlV8Hc+6$8uSjK
zKKw}_{UvbV46BbVG)S0wRxFH4bwv?R%gpHj<r7e&7Y3p4jd9J5F^9P}y4H=gbGawx
zFePl)$lI_g@Dj6zXqhmG$e0%&SoRijG;gQ4YF#jYFJZ>ZA(eS~{R6wz{hTE!ie6}|
z4W-y(%LBy#wa&{b=!Q{ut8Y1CDLQGvevB?!*0$poDMW5F1l51P92-uPa~asvU9rhg
z^#m?>qD0^vx!c_;Gqm7~^8GIGt$(&RqoRaX;W@RBJi0RIi&Zdbp^YcaoFJFF)p7po
z2ieXT)^`e1qg?(JVl8v3bcL7S`*kzU>sh5Cc>PpR-yM=;=Lf&Zd?PFu(^=Ilpa{=c
znPo7Z+LJ^?xZ*5^uh(QTmp5A$TUyxs77B2NhYW+mqAT)84)xxVg!dj6x*hJbRJ7O~
zRpF;-P|H%K%>oR$7x_O5Kq{*WCq3G@^+dNZBUVz`M?tqP7oAkOIw>7C$`*}v7m`Zx
zTP}9<wx@cG8w@{sP#q%k(2X-mcDa6n61XPzWaBr=5d*)<&8pdHhzwsasnO-DE&`}$
z9A-!()I@K1RcuO}wMsY+k#PfmxOzh|kdg|ejpMCz)b63?dG#P@*deBoz+;~QTM9W-
z-Cn_MZT^R!Q7SY`!+&*GtqQT0t==%LPg6M|X7NoC^=lM|OoQqGF3y0@9Crhg8b{<A
z()9kmiKU+u!Jy=r@L#RcXu+ieV8S6TPJ~?x_0FZHbfJx%!d_;?^CG?V=C66^%YEK4
z{pEG(aV`SQH}*?D70kK50;RI8Hil%AZ7!6MgP~$#y$a1)$N0i^VK`wj<UR@t#dI+X
z30fQ5VbJj^1QIB!Sl@b{B9g6Ab(V54ZS{*!l`4KqkjAJH3Xg4#&kY_3c!}N|ygPhP
zWFnxOP@*}2e<guxO+8kP0{@tj$5^DTbu_h{;5c9=jCr!*S8lLuHkYn>L|^YA{cSY)
z`hzo#zv*)`)0k?bu)yKE?N$*;OSGjH&0$I^g(jITgGpc^BeGI0Z%7hmEX^G>B#y|c
zqHw+SY}%AZ1T{LS9ajweo{QF$G}zMkwNp6xREh2Wa{I!~=Gf4DQ?2{NYx}!gJ$O)O
zp|iv69jensk>Fa7=*>mfHmCnDO3Co~52J_pyVD4g)`hn5YQgLB*EOwo+@>_2j?ZTR
zzMl3I;w1Z2F1~-Y&NIS=z!MP&OB_XMx<LCpbC6wIJQLo(P<96h(gCf(s*6b#F5-u#
zu@vW!;6wcWcl)j6P2Q(>`u~Xus%|<hY0f(yWI%dwH8$3BxhryGD3ppU>z@Ig{pv%Q
zWOS&gvM(%BFM@c!q+diROU3ebDColyyu+2?@+tBNp)H;WXlJBrRmv{UO620S+vU6+
z!#}PEjAVcq`B-C;vY-AcJVD(^aP3mWnq@?iZhA1QX9|f6bD%65vQTpAs<C{F!cJ3`
znHD_<qOZQ-CN~{?j|WmHks=YXTECl&rID==Y7<W<K`Y+M%a3N~WIejyC}%%8Ihlu&
zA{e$P>R=MPu>T0}2($cDs_HqMmbNK$LB$X9RRNk~_Z?Ik3fR*x$k#<+e5oo`%VB+s
zEm(M&m8AW(l9Pz<c3ttOX)Mqw+Yo(=7upbkbspb0hOH{}gs&d-z4L*>s5F{3e<`!V
zL^hUhz8*(m?Y?Zl{1z!!Ez+pe_vA)m&0mjH7{yx>$ayfoAP^M76R++*lRI&K)dArQ
z#{-R4W@+5-^eT(V%jzAyr*RmO7oM?0Luz({$9PCM5e7x7;1M#nv2c0CrMh$0xPvvV
z_uSTu4HAj8mt)#0%G!t>Hg;^kG)OCuhe8Vd+7*7xQQd-(b$7C)a)jljud$oNp7+rq
z#7!P~=+pb5giloW@-x{%Ajv$TrBBoaSm`Ceu`8Qx!Ph%@&)q=(IQxvPpr`mcX7|k5
z`QS6`cd@;kLL_mx<&+{Y2PNdUm3L&fb9Ag`afFo@o_1|o8p19fQDDv9gcO#p_$Q-+
zbL)~qyn^|dALQKPL}m5Sx!Cyug8P)(6ou)pde8s8Jbwn(*Kt_ZDxWz?TBoP57N|v!
z)g+6@Txn1>r}x0ov}jDlCERb<1rvN!)U-G-d8(P^DqO$W4V@D|F4tHwomy>?h&78y
zaad;la1D+7eopEo4!A6-cRIc6pKF6g9fJ44+)c*{V^;9_qyO)n5L_r64R-1f<Hw-l
zMo{AdO{F59*nMJk0S#174;^^_Vv7Bqs5F1#vSQ#THb^UF+Pe)^pP~xaU2oM&hv|v1
zRX!v*p-;TVBsM5)SGO!sDpZC_I7}f#E&YOdc=JnU&bUGQR)rw_$famGtB*}mMBymV
zxRi}U=^T{)u3oXRBpyeSlhDA6Ao$NEDb-%*q{*IxT}ke5zjV5<Vs>gi(Bv4$wed!@
zT5B<{)g181PcI9zjGXHuvFmXprnxEew>mD4Wzp`rn(H3MkW9R~;jO{ImXz`6vHhHV
zWGnTo$ao|RM4v&LpI8=CncKe2<;#>u*c|2p33;qYI6RWK6ZjU?-^mk<U+IDskP+zm
zhwUblpuN5MJj^QQdik$BU?3-j)PG?1**n!P%Nw{Td>0Vx)2sA~{_xmW3mYZP(RpLD
z>wab+;z^~t&d&BCELfoUv9@P@_Uk_n6|9nJO(*?58t!m0(-4~Q86k3O!zER<PXti5
z$CVs?GOULtMm@;ZXTE7_3MZbs8Ib&tt4wG@vEGb<3(=>mX~MsO>ms{(9O=S4Ue@Mv
z+PNY3b!+WPmz7=4m+VDN`mPVz&sXmwQhTEaBeUo{VI$=3o_RtwwZbNr;i~alxZ?Nr
zxpfzX=YL=4mai0kzYv}X=Z=DE${|ew-u2CNrf3H`40=lMzQW$~i^KmaArHBdw|T?B
z`+2uanN;WqsSZFTq13c!7+o<b8?YxF{-^q)_SNPE(;&B<@RNc$DU2=-jOK8AvejJ6
z?#Rc(l)x}{m(Q;)YuNj^kxwfeZp3PE4F-8ZJ=c!lP+nP#elUO8KQBcAp+exN3P(H3
z!oK{&s&GN`pS9!FT`hkSPLUGGnLrBFIwr;U^{fqe6b8h)GQr+Rf0Z9x44gBE4k~qy
ziG4BAH$S`5%cBP=d6MUD!ZQ`t!ZNjq`5;^1K%cR7vFb5w!_H*cCK3n{6nX2}Xx$I)
zKAbo5%Kot!KWZXL>SC7ZsVAL@ZA2RHfj22^e8$A1WYaX)bco<m8s9tg;O%Pg@v~Gi
z7){&V*a6;B9bc9Y6Bs|36}c%IAbs55sbRLNtuE4j2@0}&#K2Yh)|}py9KIiNEF&cB
zZmd79lo<SNX>h28O{w4aR^erbhQWB!SW(Q7n?2IW`sd0$GTI&55rDL_N?X$L`@+gp
z+L!cuvRz&qe(D>8ewuKS6xLL(@~7$3p>>z~fS-V7qJ|l>FOSqx#p2WS>gJ@IINDW#
zUO%w?sjplu%x;aM%^_g2)rsQ7N@lHNL_+Y9pDP(Gf3fgvkvU?Gr{LFpz**kx+%-FF
zRIW@cV@cmQ)L6u#hqioBN7}agZycWPBK=hJZQew%@JRU=-s`5#mw1R=IDe9}&tGS=
ze*<89F^#Xq_0OrWetyRv+{x(NJHo3%cWTG+FphK&;ezXW9@|vJFQcD)4&EMYataeu
z_q*O3i^B*U6zY&{0Q+CGAqa@5!!nW7>d8R{I22MM!w*5KQqpG9MJcoca;?AZWbQMa
zjS&oJp{3ys*lJ)8T^Exn;G@kT;IqUv34kS6e!Ook();LDoGdlodD{9Ortvg*foxMw
zBm3G1_h->Lw|prgWi?hhsPk}dJjrLM&lX-KyBZWyjwPN0e%T`7q_E!?)wppVpqyi(
zzgOhy7iknY*p)B{iHQ{&wq=&H>M)0jh<DZ!h0=4_*5WbNx3-SB5j^W(_@3oXi~$q%
z&?Y%$#_1R79~-OLYi<(&V>fVCP?0v4S>7eaYOZ8I`(l&h<~!*DOUb5Ij{PfCg^*w@
z3at#fNPhrtSLB9H^Q(1RY{^_r7}F<mYu3(<F1vtYHN7W%m~`8w*3*I!2sli#PgQi^
z+=VDr5R?%DXEjc<ix(`eWU1w^?}19ZteZp9=s9YlTCF6tBzgorApUdr$@=Tgq2QEz
zZL9#?5!=SpbQ#{#&leBfz^WDM+35ry?3&u$?VlDwOJ~f})g=C({|9_fK_70*s*S%v
zN56<12<9vsLr>zF&?GJL$cUeHl9b4Tf)KP6>@E}<BO$Quc|#uu<+HW{><u^0Gm?YN
z*LOAdxjb5*$1Lh5;4CS>{wFaszfFGn&wnSZkv613VJj5@;TBQsHFV!5Fz>vNqr~G~
zeBSh$xOR*A2fEZ$^pMk97g)gw&hcUbRh+G7Z4*Pou`FZ9gqhy-tI~_h9K50s^t_*R
zS8M0E+nfDl(P808Jul}0{uDJzTC<m5K`S%W;c74nB1g_3&mz$}j89~Q80CeWV{U%J
zR#D*Nxk?p(Su%2}$bP@Pi$HqqIm%g544K{Z^E3EG=Tw!swQ02@9Gl-+l|-Ne6F=3Z
zVvNQzn7>^QE$V$ndfTWe<=Ay*;eleq>xhk>IVLc^rT-fJogQX^pZCXcMyV8VaU0~g
za4=A~J(@;;DllcR9u{R^W0yUY5o9P~FncJZ9$&!Oz+JD+{Q9RGqRsJv@rj9bA!5iB
z<>dtJJ^?SEPr>I<hR?avB@D+E8;J|)T)ei)r!xUFJ~WB`au2M{NK*OAoZoYbD}zB?
z|3eHPC!i(7CjbjhjHB1~P{21fSXWn5PJ1|RorOu$%A7OI5UPJHufSZbE@Zp)AJc}>
zFDnvg1q*XK)h9upGe&!xgqbqt_iAF#!!4<=vh&@<tApb&1C6Gt103~#hHm+GWOS4b
z@TYFz{C#P{OI3d7#Ri{?{6;;3rnlv#f=amT+0>DD%?I?E#ItC^(Z}js+YONWL4;6{
z)F~VoVg0BU>eki`p?xb=XLjrAEBi1EnAd*-ZnWDSjTV`u_sNWm$hF&fmbeQQoc}~c
zp%0^pH|I7-Ge`2a?d{$QNd7IRnE4|-@be>s+9)a7Dsr-cd7X2&q#_l`OC9;=Fgl6>
z!R?kR)Gr|IuyWt6;H1Ow!U*)u@p2b#*s%twz1f@BTJiIV1*6a$o<i}#%}c9lw+OYx
zwg!W=6}mURh#V$P^)I?xU68qzEb4c2WLsA`rBK!Gft7ODKdznBX=Q#?`Up({I;=@m
z7|@yN*~QM=WCjEeTk@?89}eYx^-?lKkHdrLcH=;<9O!C{@g_TDV_+AXF>Z{AuWhiz
zCFi=N`Dd5zc+MyR$~t0VsHuo1+(sjvrEu&$(>eYKDKyIezH#5+II1lTrTPyN$FFse
zXZ3AJKZ)Ffm|7jIm@OMM`D4GPjA5Qa)0!Nwp1`y|bOyp$q_roXG|6{c|Foy~c`4~m
z11^9QDGt^0*AikcjPG_e1mUPi=fiBMO2v%>F!y$3#(1aM%?1tHB5=YbbEHV3$%`C3
zeM}f23r&()cL`Bv&&=YREYy5hzp9qfm!3jSG%YNgU@ADaXz~|W4mf}JDPcFl2nso2
z4mIiZ&NFf3xsmPG_B0(Udjd20Sj^@;0DjTI!@&S*j32SzIjkQvCi|s<!giNu0sMXi
z^{~vr1~SbrEimYNvSZY3G)7_4f?wgPZWgIuE2NTB3!4*QRi54Y?QUI}vvR1yjCiCX
zP8v@-_sLroZ5wT`)Hu6(#_$hY>Ku-ms9k;T2%_YoES$m>Ju_?9)a}-zo})H^+LG(J
z&i%^V!M~Mb7R(l+@v+%ji395qcb@3Af2y1mM*h0t)Mq{Dtm&8*%os>kU{X$<Nsnbf
zG5azp7};HJdhlW~DlaL4Zn?R6#5-D+%IC~12P5W`Uu`fA)2M!K?V1};o|Jisp~0dD
z&00h<t&1geiOd%-1uHJ=y~tYuh5yD*V+~n<s?+n$<!`^F27qu(jN*_;?f>`g)a3>F
z3&ATu#)aDMy2Z6=1tr3LQ^umB?(%q3E%|FXbL9NbnFmaIf~PV6P$it%9wrz)vS{Wt
z0&&&Q)`##u{x@C0yA4lw@b)Pt0nx}a+xA1C!aqdCW04toSmd|!DxmlooFsnb-Tlzk
z)S{VCoCTR{Qe<hGX$+!46``S(9I(wj`pqPzhW3M00RtLg7;DM(;`i@~g^jev>_c?6
z_7UPEmj%v+KS{;*o$JIJI0IZ&o~xhj8S4pC>|+K{hJz_&Ybf+4uQAfK+_PU0n&Hfy
zp}+&VIWnQ%HgYnu4B#rXm6cerVO=GgR&0sS^21;Wrbnzy*HDggS<A#{>+iFp-SDuu
zd@d%1($(6K^6Enb+vB;>rbGY?qpR-Lq2Nt@L;pG@7(Qft{@52h99c=obd<lbsVByf
zq~NZ9qANBrg3H)7D)AUgv5W{5lVpwRh){{owwfh`j2mq#2I7X&o)tYhy?2{-1?H-m
zY^7iXNQHC*;2>YQO!@Tw49!;DV)h8+u6%i*Zo&|28zEuwTnPoYUjq_vV&!i#S&+Kx
zE;SItbu=p|RufeBf8eO_L`y~p<yJWA4zD>-`Fl=@?6yAM#*W6S;vJz#>{geGr6wL~
z+d(uiAbX)N!2cnnyiNoVW?F_aTwWnXoQ7&1t?+kvxUe{Ozu08#taj(hS=;8T0AIP1
ze((vp$=EPc6x$MSPXA@c?dEz)P9@{1`uPTjgn!!1tIbr)gU@OoO)^^L!j_LLRQZ<S
zKj?n8)bYXp&emPqqb^?9cnQ7lkB`F*4#`2RKnfJJ(x7^9Pb{QpxFlShEQ3h>>L+Y7
z429pnThlekNplk1aeHV>ZGS$TS1HmRSo~C4w6?H@9CNVv`K_hsSD^XarWJ1Px^2SP
z{=Eu}9jtHm;mpdm>(su}fMSv<`@}n8Mw<N3iV1woh$pqgQ}iVe4nBLBQ4}V8&}$Es
zB0vm%jX+W`fa0rK1urZ3si(p@THG4+PqGNN=Z&#)M#;(bY;YqwCX#qJ*A0h)Pveaz
zqEV~UMbQ0NBGtYamE3>0p!$lC*poQN``y6sOF_fVi5k&iiNMn?+c<r6H1U2^5$BE0
za97F0`~C|0x3e#D*cZDYhdzk~yTcwQlR#w`9M%8@Md@uALR7fQga6#<0ypoQ8nxIy
zOyOLru-k!dv1?DxXA8|HH0XKnoGUMZC@4%aOr?tRKc(wMZD+6DenQ6kSxBVn6{^i&
z`skb<2=~$W#`0$^6|Z<-r|~yJH7f7dI$+W{!fB#eKh?AYwdABG?Ss*45I&u!UxEIX
zw685hA_yGmvW@|MCA}zc1phz5f+>V7f+$&tT1)!fShA)_h=N%}a=d~!@CeJ_Y*MH5
zuVth8qrik~Mp_y!RU}?9DRVyD(F#s>y;dBe*Z8$$j>w_m<V4qfIoc{hE<1}qg%xe%
zu6v!f_#<hs0n>J{jI8VoV9f!)lWI1Z9iticlRXm?6qT6*Q(6w~i4TIJ{Z1$5=7`3t
z9-7*f4ZR;<T$iM;<u5Y%Z*pl2A3utp(a5<_(uI5<a?TYeBTF7bWhI=cl$D#GyT-eI
zX25|j5EX3Ra&U0K?Qo4L5lv(Sw)Sej;GWp-mq<;`9GKJ|EIyhBmS;9>TwU?nxkiQz
z5hO5PPzseyOd@9DI#(AgDlOQdvV`dQ-2$SkYv{h$PVaVH{*)PdL*)lee>KZH@sVzz
zY)14w0r9M<e%!i-5uy4I+gf8+Hz8*{O!!dand8&HUoH#&tHi$<daQgAl%5<h7)Q{p
z$=TNvyf>ih?~8>2Vk-GY4=q1Ct+&W!(rmE2afF}WyL(-o9zNz32=>92`1ry~5cRP%
zL7ZP{#TYJgG}$u+WeHRMQ~&H+fiohUSV)=Z2$hFi4P*E`TnXz7lEbN+Emgkn$i`R4
zAKHIU=i?>)!SWA18MicyE_sSwHd|YJ0EhTOxByz5L3eKo=sNU#y!6~0175aZpO_be
zOr1asITjqss1sk|oWFG0p5^$kJ5m?ACP_hjt*x{I-H;bRJIJhAE3KedC@kXy@)Gg<
z4_AXJU?PyBNGzPNu_Rimk|Dl+DNbeYxb}}?HI#*PkGq4)!ItHtY0KuY{Lt1`Zt)5f
z@SSELDWIB{`M&;ue#TLJW*{f4-@>r4#wU)trBO|fx8YKuVnTONGgK1W_*`X#yN_Pn
z#MDr{)#K+7GBcxy7X{;kd3CEi^|x|O@<)18d{a=`Sivr|GPQeh4-0fLrXOY?WPHW#
zlH8(6A}uQJbgwC;2wd-g`|l0Pe;MUgo>2M%hrrA|hNO~EhG2RdW=gfTq1T7EyRLud
zx=#vC_@BccnS3tkWk=kJvviE~weD7N;sq0b%hgI%t=x69MMI(;j;lQ9D8jl@%M5D+
z4P2Qrxp$ay`M5<LtRdr3DqX!+IqWA)d#*J*A!z0>W#lzftl+atXi_{go^th~e#o7H
z{sC+=Mgx>_c>XxdKSwz*%K*+%1ekgqE*#`pOunXDxFpr0<{M&x_X79Ppv;4U!w=#r
zTivrt&($^F$G1hmKQpU86|LhU&+er1W$UC1+ekNGXM%D4V{DDxN#1U~vQo=ye{{2U
zV`J+FcK1NQ%f`HxnvLDn{P8YMG07}*7EmZ!F_%9ah)1IIC-Jr<d>SE4R+#1ZK57*-
za0=P;;tiC%aDsT&&EgF)>s87P(qIyTZrgv$+&DH@jmw$H-it1wxKzEQ8o~EAY9=Ah
z%|S7HSbAsG4ig;)oZxpH?ITi{P3jLg$bX+#R`%Li<Ccz|i-5rN9>%wS2p7J@2TJ|O
z_hso#hS?}?$jPmnR&Xj+RTY@ORK8&L7$9x^kF)8-0(t%0v;O^FRBH=vMdsl83MMi8
zLHDH~0lHp6Xa#F_a?sTw|LTvCye<2&%Zh_c<;)h?twJUgS!Qg&{AtOEa@-4Ljs;fN
z(TdQ_5%OW)V7w+^#_}qNx*E7XE&7?=RTJOEP<6c)g)pV9yQ!PpncdkiYL?v+?yV2;
za4Br;ji_96!gW5*R;SV5Aaj4HmC5Dc@6jnojb!1%^Ln;BrNeqdZWA~id}4TTO(7g8
z>Te@Sr)(&Vh9eSKXuGw?ar`s(ZDJ3a%T=VkKz%9YH!m}tYWZ19T_fNI8#9wHe7832
zDXsm>5U=|$1=97r6(_gPH8?3qdLJ!1hffw~r~&Mntml!Iltg)ahu3wHFc9uq{=KNK
zcLIOW{pmHroYH=cF9d~HLORSslR(e~+b6!potD1B8|-|KDx$#u;4mcJ411;7*?*Uj
zWCbEO32+?Ix1cmE<O6!#v%0P%&vT8D{gGlL4?+py8&QlwrD*KA@wW8Oh|W;xlx#nB
zw(A+a+L~{Iu6+cYw+@96EL-seZ?K8`Vw!fDHaTwO&K-0^IJUIzZJ@T^Um@gVHzxR>
zUfhRY+daktxVAQZ4!{n$`|?*gx{vJV=^Y`h*IssS{fu7eNq~7+^fi1!sYF*_%DPnx
zgjfrf;cvJMS@fw>H4v}&@zFOwneJ->&=~_?4DEM?${7^$Xc@Vp!?UH7qcNEC3xlQ4
zx^JUdYjL0STnT)h2C*-xshbTHX>Ugnu9oX5QW%Q1u{-@IFGHFpf-j5^mRC~>1@9G3
z9be9Q1phyt-ZCtX=J^`No#5^X?(QBTxVyW%>)<ZI-GjS33naL^dw}5X_H6Fo`+u)%
zKh5^eOjp;Q?yjmnhrE950Dz=M{yK2wX{XXMglg8)@-)B<H}~W1e~>nHrUFMDLP+uP
zbNCdu$sjvrGlgTgB^-tsbKG`&DeH_H*y$dwC-vX<-EC#|&CM~!sg;$LPgsKIUI>|t
ziI=Sm<)aH17Txnof8U^(Oi*kzDx?h8yg$wcWol6Or?dMteFmm1&M6?<TL<q0C=l^*
zW(Ye4H5s9hI3gTu#xIQ$cL(E?E9Sr3WFAa*qBE)O92+a|l0b9_25z^*5OFz$4%E$9
z^Po<%{X~HMVx*9MNUuR*LG}gN#nVSdfpMU+^4m#f!-b$^Nnyb^hE|WmtCcbyVGoPN
zqOl1Xr$eXY_@6)ws}nJ>tL=H^3=E8?>hD~1-OrZl?g#L62f0-Y7e%pPgh0B3WlTdI
zgD6K?ag6e~7)6ihQ{c>Vp81t$owM4XA$1mwov&dDnNn#l(%0O7ltG749M-m`@BWP+
zUfm!+CX!{=*?i#d8A}Q=MZ!(}bOw??hxJ!fAFhvm@&YEkZP6iCMfEZhN)2|IRWaNr
z^Cg^X=f6=fOWqL0#8NW<F1w<kicq7??^$>`O9b_!2|j#YGDA`YR||;jNfQCX&PN0}
z8bCDJ`=7Y0j?HH_C%K&YCnWWS>aAFhPTvy}Xqx*|<<0)o$yd~h7}esaS(iRAp-Py@
zK>8NJ2|y4uTUfJuK=x$bb^43<k9+PL(*@@UMEp9Hc+m18q=D4xCqCNNi#4W#dgl&D
zZz^^02`35nHNqc}wQdc)<5tP9#)Z*;1j|ojBT;uXd15yg^ubioNNJGEciipnoP(@O
zSH6C9D32vdPOPJFa*M|SSjfR!%FlQY4<X3Wo`7BkXA)I_%RI;qxy7!|Jc#r8>&f31
zT5=@fXDa`o-CYaLC?X=_zbT%WLJ*yWUi|;XPCmn4;6Nx$DMLWdg0m4xyeX9C771?f
zzg+7^Ez2-FSf`f}PL9ndI+rZD2swAtyt*cY?$<u^wMLkx<5y8ngoi0J8)=$7UD<R3
zpPliO`JZ-BvxYG@dOaB@*Ea^(>uj(FIqPhV9omd{W#V>8GQO^@i0Wt#2(ShvPomm!
z2!txy8)#BLpCW;)u#0C8r^YbVyDuJDnD{<%5QS=oqi@N{6-O|Og#}VM$VAvmZL*t4
zNMV3;vS&&Vzih6~hP|<NBP)2s2foPw#niL-b?s!rzHfV~2}0%6M4^<qWcgnEJOP{(
zyHj0gc}@ERkE2_$Q<eH93i$okR~A*8`uf{jy@|fw7#$E7TltBMEJak(JG_QAKA~pU
z{MoI)7e?5dQ+MaIm69u-`s{y9#yNDPxZZ|Nf^`!|R@9E+dM*o@W6T0AgU9Rvcf%+S
z^5w&Xjzp-x=I7Gx>}UD*YBS=)v${OBKBPSe{muHC-;<=CRd*4XpAH_E)B*Qrg5H~l
zQ=V7ShBM(m_&(itc%A3Qn<FCciMa>*A}@y2RdgF1k9s=BQ+uzc9Gk;V))D8gL7>5~
z_Zz&2h0QlJVRi2`hmU`5ZjK*;?3Q=Z>bBRMIH9`^9fZjM2Dl?AOH{LRh;kTDI8nyv
zfSJ;H!plFR^|IPOcQ3RCY>6N^(rxF^ctP!f=F2B!(hVb-)z78DCJ-0D4Tv(cyHHym
znNQ)sCl+&bwf9N{Y=v`vSDK+OslKjgT_;m+AN2ir_t}Q}<fi75h5eQU%s>xHu8$Sm
z7tU>dDDIFo$&jZ~a=VKC6_IY4a*P^X#RSe(H$ZbPleTyu0RKz8qC${cq8LyXAuxS*
zvr&GErK8h;`t%n9)7=S^0yb0|W&P4O6L=g-RDYEUS#m60IR3W`M@B4iU<>IPr=JKY
z!@dy2vwuhVwmN75xYu%q@1depUBpgopXT-wFd5=F^LpZqHq<%EJ)Jv2n%iNXF9~NU
zeW>fqF~gC-7*HcQ?@>Vth>dZ#z%ASb({8rT@B1%qU2Oldv9+ZTjMHwxO&ru~^_w8b
zu0Xb=uTbbAAd`T_sE(v<gR3^(N~^d0KAjRMN^Ugs@V(0z_;?1la}RbSztVZAKn2Gu
zi}EWMOjk?ahUHclQ{PFb-`CE{j9mAh8Ddlg?s_r_ayR9%9~gDDOA2x3M?6VAwlaA=
zk06_y7k<nbSXt?Nu}h)0p5Bd<QT%m52>furagTe}ac)~#EjXygVR-AMMRa~6uo0wA
zD}GEbeG9t}92DDmJL_~b_x4*`$|grRCVqyusn$ayAd<!>JN^KVI;9KY!!?Y8h#q-*
zDGgEZh#4=Jw;@KHc?Pv5n`iU|vm!AiS5fLyh@`p_`&D3^;1gL}tCu5D;Aq$bnf=>)
z+Q_(pjFg_s#05=7u8EORAmIAWa<%&mI4wqyFy!O`c8g2&wijU0%HPXt$Z5!!zqlS_
z;DOAbB3qpMnU$}8rxE&MxL;bnO}G`trA({7S6h7{85JeY4sPPlr-`^reik!RXVf--
za`wIzSS^Ea^Y^;5H%tDwykyWd|7YXTw>9Of&CqBurT_oc5)|8K$e-Gzb$qs64P}D_
z?qaWk32C)(>nyK2q%P4C)6n`c$YPD(B#AGL9e;yVBaxxL)jLUvsv&3_OG8S|2vE21
z#dU)c+m8iTRNucj^G#GUa?DJKlg{!iK4JIdIA!!p{VzB<rH2Y(79*S_N~wg7uhdAQ
z%&jw;cS7Jn{{@y};y0yPzW)y;0if{Nil^df4=)$!MO(G)^8p`Q?Hf*{p|cSTDqO{n
z=qqiykek>g$?Zq@6x|G}S|GqIToGN<_=Qer?uKn|h-vQ^{o)d_wuZma2Q$$J6KnoS
zjUl{=iBZ;`>>IZ6+=@q7@eo<=uLJ{50gn_jLCw8hcrp`f>nMaN@r%LS7cl>;ke|UY
zvrHp}>id{aK<UO$6Usj}(2EI6#WotDe-S94D8l>mw849Y9<!&JlgzOA_;4bgPjbZ0
z1SD*bDh%P>cfS{FcAlq6cUgFAYkOv#bNyQb&;z|UAFHBe#xWm-qtw+b>7qtc-y<*U
zBsX66?-M7J`5a#$aqmb5ZviCynUA>)j(;vJKajMC#ZOy;Tc9a0Vz)V5j#jE0FW41p
zg4{v3>oQ~KVXeL3yBoasy>0yLn#~yZmsVeVz5NEJJ1Gn!w$Z-2qRNFvhK@8Vl!xrJ
zMKOTmew8HGrK<SwBS|O_1D?6&(_KujNgZ-P9F#_PfVjDD08X<DP=^9P+hpl2>$jgs
zRzPAisGURDkqP)*<T^C^MDvh(eX{4fR4e{wp5{`*tH|G^9ghRI>GPmXHy%BeWBaLi
zhPhj${lb`-Y~4;`>4WymT<$B(tquvX!bb+B?Br6mAUgu`^kUk{q*-fE&t!v-i~7(G
z2d(SFF=g(hld^e8faUBTr-uIYA}Z=A*jSlj=GVxBw-{U(H}SkB@F~5XH*!jId>Aly
zL!6e9QWB>A_lb`lFdj&~8R&n0_8jB-PM%Rgx+DbO6AMS%HF=HxAw4pF_iSRio}Oa0
z;#=LnMMkdV%H&j6OW%|;oAHL&ntB!ZZwB8ChoV)2WyJ-=VNxhon(2sgsD_u}s6JyX
zWTZU`Zrq?is8tht%u1w)ye`Iduj%P6%s5)mSnltFebdnjPgxY%XstesBV{l$K`hm7
zbF{P>Jt{MNkLgQM$b1AVp|DX?WNTZ%QYotcW{-Ce`e1_t?l-m<h|wQ1gDoD{WtvDK
zP^WH0B`Uzq$+Gh$7K;wBk;z+2$3(*>n7Y;t+X%I4&vrBdE})9F4G*RGs$ER4+G6g&
zQ(Ps2zX`uSLQM(rfss~^cQOA55AU=pWU|-MK$X<-%P2#skoY{w;6S<ua&n0X6n&qY
z5UIzxJG=J-uOoh~$02=k#-EuO8ci)P%*CeKQ$b)bPGsn?V{_p5Zz!~`Lug__55m<6
z<JCY0b<oHo!(_dOHG}JOJ88{(3R>;?Z=t-8^zs0V`3_TSweKp?ZhtCno168qBC2AU
z#YMZfGb57(HZsLv+}#|A6*@h@-{(wcg7QdN!FxRWSKG&<E5h#qygB9mYy-2R>qt~?
ztD;~=r^Gb5KZ%q`zgRD%Nbv;l9`;1usR}%Z^j2=UGv|?5)b;nRkK-<eqkypzmKVOl
ziN85C_W{f2d7t4;sVs;RzR%j()5Hfm4#fdGgC5i#NQ&r|7~_?!O*30uGGpHhFr*Q$
z*!^4G^)p_zEzy~ip3&6tf~v1qW3`LzZU+H*J7|M%^3S_zD>Lli0Iof+hkwEWru4F<
z#$9SFszcr9<c4a!?Zu6IKYmA<rrG@MXU;%>GyIuI<37r76)^dj3W$ygQ<26QieEk<
zfWvW3a$!;>zgn_*ds}`Z8ih%99ek$!fuOj2(Fua)WfL0zQr81^_K_GkUmR8j-+MqC
zEi3GX=Rcq9I8~(#K%knc3!dUM8Dum4)fD44!R=(61J;%kA2fBkzHUrS3D;)YlO?WH
zV~9EcJuCt|@9UfQ_tYop1ca$99NgRkZ&jmfI=;Baw&$Oj)Y(u1d_4j^s$$EZYkcap
zN^0>LZ0LIZVEwqL_Pg1>V;@}s^k-wVd;7D*B+B5S{{h}p8yZ33e0^$pTRqR7oFoOA
z;+3pGfd3B@fAI~ghIuheCx17f3QDV0&B2}^Q#_4k+(66J!}rJpai6zII~+z%j`#m~
z)=%BtlZMou=Z)Ty*7tt7a+j0EP0!s#CEHWViTTUanDc!9=lqqmSoIIE;og;c*#=uJ
z_>LV@g%rb7x`(Wy#bOw4?#NWL*d|6uZAgqsi5O5*YHxRUCj@rmK~fJ6y*e1jpoMgO
zsxeSd#LOwONKNH}$Ki{TZP&CX%+_zk)H;krkVnBl{4cfzH-b*4sc{krkCMmM5(p#<
zaOIaz4{BWWuKw~zcUu73agq3Gja@}cGVnzj`nIdueoMe{;io3n03@ZRuPBl5+s?VO
z?<+OvX8k?(05A7IMC9_gaX=eC=QpQp^`m;-RZG~0yIf~xl|{wD0_?-zD9|s&1IqjH
zjX@T_GyUtmCw=4S5>yvgeV0-U<j&@J-8?X#({*8Z5SGI}ZZ_bU>QSt&UE7T})QJRJ
zi##djc0SKeOE?Ny7{f2W-a6cp&EJ2Fhx^chjHh|MR)e?m5L`7^*Oh0#6;#IKv7XG}
zvk&j*Ut?>lcpqe^+kMKhl(^Hp=SWBC9uwy%Ul{TJCy~y<Y_}~HGyRl%*<oEoJ{X}S
z^6Q4f1w>0ZmlY5dwZ@b7Qa4|c6^ari`oBaz4~qZ#=BWk(hGf1#3Pom)smgV8JVP7x
zp4*UDRe%t;l$~AdQ-4&N9^cSpu9nwLQH`MU)zbC3;OjyQ@Ae7t?eXFga6#T)q$zZb
zzc2(DoGk%$wnl5k_))KV{mn#Ha-#Wr77WgMH%}EnJZ>0^qj3A-(hNDNKt<?R-y78Z
zI9Z`ug(5MTxsOYd{);=PzPo6YB}Rs1IVmL(jLsp@@Kag_+{e)!KU!q3Vlg^W6dO>N
zF~uLm(UIcYIc5|1pc5T(8RQnlRQ%~i13$xK<@hv@y93V%H3FxXdlG~&e@mLJvY)%(
zZf*hS^AW!2*t4@EHa20Yt~<LvbCJHky6+HIVQC_Mc(Y-#^*)cLcDlUMzQ(Aa`OfPw
zI{_Io-my33d!>vaqZcjpW&Y>qzdIf2w5fK_8*Vgz7~*vPJV~7zq7MIV9nK^jb9QF?
z&FOn4%mqQ&B>baInVMm>b&jEER<*v_UlRfV@}uv^P=EI#{_c970-o6s2M8kkf(S;T
zLyBdq@IPP%LkJ=aKy}wX@(I5a<%V>M$_3QI_I>w8k(e<zb4fX9$@#_3h?)IUHO$p(
zq?k2*d|c6b(R(vTt$RG|?T+S0_itK+G;|AwE~#wOSEwW+TybR1ooI1AaE{lW7r_ts
z;^P{#6_EbsSZcQTYBh+OU3PoomaC2)U4S966AV_EXk%sT?Ye$$ZEhRB9Y^B1ZWG~~
zws~y~VFq2X1bpoDN{;^)1ma-}*k0<ezFFUg|49?a@U^j1rnNcLs%d7=y{93=*0;<|
zdy#2&EB{v*n`|OYwXSLVM$h_N7S9tfU`y_3hX4LQ1gyb;Amit&AQNa=tAfRsqVO3-
zmt9Oyo#Y-suHKgMNYJVXV8)>(=Jf}4f77V4ba&}iTymeB7kQdX{r3KNGWN<rBZsej
z=lDYY$6$I;&^x8yI?4n2-l+ZApeuqS<5#P7?9c7{9$Oj+T$`ZZ+=^$hz@vhcN$&tL
zi)a$MJ*T2y@F(c85!eqn#&VM&(koBuE6-vYn#U!wm$(IEmNgHnn+I+C^fpB@NU#&u
z4h|slSj(WZr?k+vQuB>2HOgvo{Irk^U?GRgf5H@XEB9a5sQd=Ux|<jCe1@R|+IBv4
z>Vd8qb-a}7sp|g$@p{+*9HjWw>)f5R2)n=xF27DEjZi_|3srVsh@=xLhktrUnRU|S
z^~?xKEGe_ERMgb`+1>W7WSaZ~bmPMJUp>QnbkWgl>|CRNZy1|X#msgJS>E}raU>1*
zg?J}UacXI$JZ|bnb-FY?se_Rr>{~_TDOetNHs{*TU9y^h+2!C$!1`o+V66~lOiu4_
zOs;>Z9L=3$&j&fVnKo4#cRvEhd%>qG{<X><1}|-rFNt;rt@)NyZo6WzBM^!(pWyj1
z3`!Kj=SnGiF}c5wgFN1H^SGk53bPoq3oz9+KBS_Hqf=4{XERc9f65gM_a*;?S}Yna
z^Qdfjh*y=b)8GgN4dme(`{4Q)CWgQ6Ui>xXPb8i0`+jeuEvjk*ZP1c5oP$W-LeP<Y
z(HUy6GF4l%yc5EZnofu7c^`o#=(CTKIj(jPdhohkC-+Qt#A)KNReT1tPfLn7wnu7d
zf0kOV7+)moXi40E_NJt-ntdCu5q*Chw8r0GwD;Ulhtvbr0zL7=h@>5UB<`LepI1R>
zY?jhp`~o}Fw+gTSik!i<t1^(-P*tu+aJYdzGP@Ago`Y+Qp~Gty%!XrVnk$vt<I&23
zUP)DWdJy5)9D_VZe!FY-FZUuNz{A1&G?=q%gCSK-O#`?@0!JpXS8OLl-dXoLHX>Ty
zg)JVY5HA7h$e}u@k+|?xNSH$tJAwqG2}v5X*`cE^-+!7L<JzbcL@+R^2>gZ#28p{I
zVw`n9+u`EIf;FKSWn@@+IDU}<PaNClJ}=7hDRJF<ksSP+*h*IJR*`)HL8asamh<V%
z-y^Ffd)dS%x#^oJh?F8@MZbivpHUr`))Y$Hy;A~NZ2_(^jjqelroHPWn54c1!!K*J
z=YHDpBHkWRYTCBJ7iEK_pqJNJ+p8%ev{OyLen*>=*G=%@I;yM5w@qvsG>W@da(vRF
zh%(!+=W;17Q!T<`#;^2Do(U1JgLau0kmxXMli6*<iIW=|WrLT$AWC98*4*O;uUXvE
zvMvD6i(4U`a7o>`4r&uUL-8{iK+e13e6s>uhADH)9CC$bpe|Q$KnMSG_bKhsHb-f(
zzT}TwHib=ntK~1D)U^qa?o5Fy+0IH@(?2C<#0!6ZLx{jcV#*_E(y(F<3g(ql5T8}d
z&Q^7uvHt<HXYr)~u38DYEmpERk^1E~K2QK)kWeEHwGfBQ^KW}4PiW&k-7lfB*Q~^N
zg3gc4b=}SR($qGWa01pU7v>gt9#*CC9(#1%uVV`bAC9jN%64n?emy@-%N>we)XsL(
z8$pc0ku%v+%|5pb$<^y4&Utsv*}iRfqWBjZc6!j|J`?v`9@1^NT%f1&Ffi)2^+^Jo
z=jxt|`0YU0zv9?au4NMMs@I3fm#7<aHS#I(qe@NxnH4F{kS~_fc^1u3P``Q!h`xqE
z8k!<o@{e3dWxI9k0k82a0{6sv_yR6l{<Wi~{I~qgrggQoqPP2=1p{z;`Qe!?6hR2n
zh_$lNJodZMe;lNk9}9jxeE)E|91e5_DZ4o8AY;XpK8LIMBc@3rtLgP=iA)l0T)+(s
z4i4`*5sUa`#XF_HKTV5Vh+Jj9pDTwz-{($FX6x`U^3+Lv{dUe5qsoX;Rn1`zH<n^M
zaK*is)s)~KtvZ;b9g2<mIXo8qBPP`C)bKJS+it4gL~t(>u4W6Pp=n|*9~;12YD1;d
zP4BUONUVfZt%LmCU|ckfVRRl^NecHaW*u$>_OXwb9f%&;r}o-w&`4&1K%&rPwV6T;
zk3Lt0;D-Znx^8)Op3fU`bMyA&5_0_*LS}wf1cE?sSC3xORG^Zc-0ZrCo|aezds;ny
z^#fV7foK~6bak<sdXglOEg<0;?VYRpw60R0x7qroejl4!0fJH04WsG9UC}saL?7Gs
z3N>LJ^^AE+P+JcrCr;g5kcwFDXq|oX932L=rnPx8ZH8Eo+T2H6HVO=_zc<#b<eCvV
zom5GpG^<YP-KOkX(m3-lk8~l9q>JL6*Dywmac`pyoM_1iXt%-#^gu16lDk><DSi)(
z!ex!FPyhK*m`nq*z5qkp&-;7>7z1&-g%y$ol;N)H>pvu6MOMlDbD5!zZk(}knp?Mc
zfhi~ph$kTJyYOXWbD7`FR2MjUh_!|paap4WWN<eDmuwr}N6h5`lUN56^|hLYPS0Da
z26RDdD{>IT|M?sMb~+-Mp18MtiHC^XS3CkYlUpO$(1pG!txPF!eJ>%-;9Lg9NBth=
z)Cg_a9W`XjwurrCfhx6**CBmiy7geHZ%N2~ld0tX6s*q@YkYUUDL*}9qvw@U>x3*p
z-5P>f%o(p3i1HE4(?}~joD_T--g^4!6@j4NQj-9uZvjAkIiAGO2SPtJ7=ziygs_od
z!CLHmV4iVtskc4Qd-4;_+ewr>F4_jr&FXG7?tm1ZevQxPir1FT7dTFcr5F@a-|x|D
zMrl4TRo!;7GEi(el!0CF$wUiU0U_aEx0WFNgXTHmD5hXW$kQ@{rBjW4Hn&{wJsJff
z_vXU^{Oa&82kPoa*CZl4QvsK&ed$S1HLM|;f^xL`mNt6*`reTyd(vMj^m|uc1S?;0
zPKzWE)w`vvccHRV;%Ei^IlKtL&69R;M1ajWkCO-npWC|8>}DxHkpQVSn~QFHI%Q@8
zpG#@3GkyY-I$*sWV2l@+u`Pk}0JA|aumHrXh%83lFRT<HX&&rxj)j5qa_A)o6yXL%
zvEq6-f3y63+orzIiw(xQm&pi-eWeTe!5;JcNfj0=Kio7rg)liFAJ^+S^T(;Eb&LX3
zQS&;;7$;1LBSu+u2qeSW9g7~`LM)b*5hTGf>%>*Xb2}#j%Lo?mhV2c|a;xck9R<#R
zvx!)qwZFrODJVeD_OtP5GZChYgO6`w>!j{!#e^=L%8q*ZF~;H%kAD{tL#p#Gd4*rK
zws8;KltYlYansG?e3p<{BtDR5_TJcqfFBrqXzn<t{*J9L48#s6<9u+r_JS4THak9v
zeUIY$yBV>&UGwr^R{7L$zhaFUutt<%#0bD`v{jxH8eJL_C|9@|yDZa~j)h8D<f$_+
z#&0`jR>4PCX>L@_vPu0Q<k4lAHVk^4-#mKBCF^uqlz*QKb84sogbeYWj-OnmiZJ2P
zNPo^-)q%^bcV^KFvjsOEh}8^XEVY)36lF?+v7Q=v)TgwtR2C7BGQZ3NT;Ku~UMGXd
z%V&A8{uEf=Lq<ksi}wT3{L%a5MtYcpTeAC;(7}dwhg(_G?Y`ch6m7e6Z<`A#EaO0U
z@jyg4C{m*x2xtm7@gej96KaYdlHbL}{qb21FMs?PLx&0YFkrA7(;TyAHM(wh-))&{
z)is(fa@M6(rq#9F_3Zr&w8@uAH|6lF-X7g&_pe=Upq;L_8lRL6;HcY8G_sI2C1@^6
zQJ3j2e=hc>NFEk!>*HO&%_xrk?7MR3Bx$WbvtZn;rmUqn6B!95U-k&UCt<p^(xthp
zq(eC5Z#iy?gI9U^csN;XX;a&Fmcd_K0v*boN^9_zOV{z1D6;7V^gnn69P2e%ZA4Hw
zpYhE5C$<|*cwQb^T<#l{6`l}(`ZO!}FomAke3F}S*U92t%ahvBdbr|+>&Evo7+0)O
zU;5h=Z*oW<;shEib+>%5mPC=Sx*SDED7`q(pih+AMr1{1h8nOFSlI3OzEGl|UiCXk
zXQ>q)?OA~P?I(3BAgtcp1dcH8E$39GHHdOR;@kE-&`M)ia2N}Xlq!5k{uo|do?!v7
z;~d7ZNA}<&^jzUE{gPz=irjNM{XRLUg_g&x6U`4`2zDgy%yEV=;Hrt-cJ-8Ibi8dU
z))=dE5KxkaSwYLWP%3bmqf};1aB$ubL!>fl1siJ$HXeEc16LtCyKQT})<_|lD?;xh
ztsD#->QL4q<W@yf#9~+Kug{T6#zAFs(9gu?@IB?RAF59e^S3-JS9!l*SL-syxsM|T
zEv>5#Z$d_yNk7pb1YWRXiu${6-gYP=6qyO{sy3>Yid$m0^=xU3C@`y~F%l^;jq~2R
zwkjt+6tSxTA9wlM_B)*tl;s8AG`0ti{eEcGIe8YJpES6-yYochGJQ-PjUP6#u(d5J
zDG95Ft@>GJfHUwtiH7#XC+CZ0bQ#HKN`}P0hlc!w?2JbiyPek)g%uT1v9TXg7&XP!
z)$y2^m^4!QecxYf@7?_l?sGQP<!bCT+zyM!0!@v<&p*{Hqr4Ron#*oNsrj3LPh_UZ
zpVuWUCe1ANd1X0Wa>ZLY7AM88iN4$c9$kd~ec~AwD><MHNur!uik?JLrl3qRKWTDT
z-pj>}Qgc1i%w^8pWb9XvEH!J<@MYf>UdsoDkb=U(w;x3-#>2|;_6HIoq(;XRmqN<b
z?zw26fVQmu+r_y$E7J@K(#fEV{S|8zRc+?;YWi0>rG~f7?HN!xc5U;k*|W}rGu(HW
zHp&3FgLK`$`!>9EChai4W?}x?=DAtP*!L}}%`_ljx2iczfgJkQHLyp%z|*hYG2&+Z
z6)c*QLBh9>3JqvS%uI==EOY1^Yz(_ihOkBu1#}x>T=$SX3`O>0I?{we&^1hWo3Hq_
z(j;ja1MI)HM?mv*Ti!O>WzY-_^OON5NJFahHrW{_U#y?_1vKa8#w;i%P0CE}_$P`T
zM+r->gNlE$F-1PYItUX8YFr(tlbP+;{M@+<zJ9$;zX8c;FMOG)YjZhNs@7~vh&Ku#
z1JLa9Jn!wi1VK+9+@ZYFfU7W;!(4KNzI;BT%!lQH^%eZaUfzKpNKlE_P_r6NK?^?1
z$Ak>6(h|iCUhgjHcmvP_voSwcGD>Bl*}4s(`-QywRLYfVrGIG?U3YN1;oX61Z{|~T
z+!x4vZ_WmsC;23_Q@B3yg4Jm1>e#Lx0l_^dg3WuxKz|kbuSH7vN@aPjt$y0niTPkI
z%hCE;TcS~<t~>p=UHG@$x5M|125%29=jPoLyoU8IZ_Ha{B&pSaY)R!!XYRHl^KCo^
zjbG1)a$bx!GE*tiQ(3Yn71FB$Gl<qT#)oXuWtLU6v|JtV7rij(J?lx4(jYl(pxYE-
zG_@+P-Ji;kz0l(Z(Zh|kzXB)=XwTaB7RfR(sKp;aXOt}1P)U{Lc5&yLSzH`1&xze#
zpy0OM803H!Snf7Xia5M7{yKJ#(kdIn&C}T)n>?x{_+*lE_=3Ht!(~3&Vrbw^>3{uU
zNJI$|=KJ~UUh5Tpi$1Oe=eErj(E3X3KNs3HC&Cj7_5+KGUxGJ+`*_=D)P%EUyIoW^
z?zH@*SeB^?yNiGKP7HUvh5zQWswH8<{UB*5BXc!dc;qNOC0*b_wSrm|*X@LH9oDRM
z4IWWuVQ*@W8M#V%D8u!y>LKNFCti()AeDS<$;d5Hs$*Qd1Ht7HSis`~Mtx2WkRHt0
z16rMF6{##V`CM_`4<9GbR=y6Sx|eFIIHp!tCfS!GkBL_t4OpiJC|;+0*hezZd2-FK
zA8aP`<W7FFl&ruM_4XA~XVxB=S-{O9Bi%nd2(=(0sFr&pCpM}TkjXq?Ojo96e1*eH
zkqYqXL=Ge;CW2J)XNOw_@DmYG4tvtF@Y0Hn`t7rsJ#}}#x=#<eglr!oX;VWDB%uDp
z<=n<Yma+58dAU1<*+ZhfXv`#&PYKnxnK<|CuHdY<y(F@4a~#gJ^YuLowbr*aXHO@<
zK*376KqxRJ6P)~n0OhlZHi$vU(J((ZG!*_g00I`D_eFf2U3QTHZ@up=*-cEd-A4B1
zp4&f@$J%I3vqHTH)vG?PFUP2t8pNHHFkp=6gYigtfx!Cv@+t?Sw|$?Qaf(`^R9S&q
zlHuDh*)@W}?E~n`4OLbYWi6_TIVIa~%vM9zVbxTgsRgU+M2TWgAKx6Q{yg$zab442
z$+EHpB^?zJ4JnO)!@`W((UB5M2bPQs?sB_pFq5{#QkQw)cKjiU>Daxl2S#28M=xqk
zbz#H$c1hfRS?jEhYujXCGr=PfyxZJQz<DHXBC_yVTn_A5LCv{{rp$ICIMN2|Q}}oN
z=Dh`GW3#JlaUg_#B!AOg{c=P-S&dMd+>0R^!N^#$6dwSs9`Ur3-2%*N!EK+IT{|Q*
z{v{7f_({aKG8bAQ_nU4vN>e!&_gV4P8guc4WmO6YsW!%8N5Yk^;rBGtyAv&9qcvr_
za6%8PD35|f(r;TA;^GxNhs#JDMq4YRgC*X$?$(g1PlX&Ut9xF$>p30e<M-Yi1C3-=
z5bX--Q(nL|^Qxa&MdA{1l)f(gS9^1KJSHs^t;^qcrzflRAzu@fT?jdHU;2;VRMEH`
zc5mcIK!M~4gWn;H5jo+Iqis<ldeWlFemDo^)oEO=UYUZdJGb0o_8Fr8FxX@w;McM9
zB5R2eAPF>c-1eE#?`|7S2B_Dq9ZsuQKJ@SRy)gkK$q_=QD@m(%o!j$FE#2EGW2OhW
z=2aTaGV_rJFMz*M-H@|(GmMDGAI0<4&8L<!eZdApP<Huhs?E_xrk#+re!J^sYjSxF
zZB<M?BRCgOdd`<=qKupzVTp-V=tAY&PK3#6PLfd{5fR$h^(nFTj><;JijJ$SiJtbW
zWC(Dj-tlm~P05<miC!b9&JcjSn`-nrdl6-hRjH>cKN(3G^qI=<s=@N^)ZLh8xJZFV
z!@*CNxoCCu*uuJ^q^l}+f1mO8*0MhRx1s)^QC;7|m-zU2aO+&7^KQvIG<gm_RYKQo
zc+)Wme^a_AuUQ>$R}!sW;LRk`rM;)38bGqJNQ(!R5k5v?Rq}BFan!FB@jV_;-`TA|
zHZd^Fu`Ic3t+{L0g_LS8Jx9!A)re#AIblLripZHsUmcpLTLtCNAdzAv*tV6Mp`*D~
zPROxA-=Ufmc@-adH0y?vD$^TT3b6BlKZZi2LgpHC(cQ)H8SEF=wn=x<2_hviz{pH`
zwq7SITXsC?lJN1`f2(LnKN;pI=(_>Q6!x7Me?YNE(zaXGlB&M^@lL-^s{;nq&FcTJ
za-cbAc>VS&*yRl0F+g)sv9ND*^%`ng-O<jBpyez!W%!xiRL1({83H`FgpNwd;x>`4
zT5D$NJ7kULC~;)oFO&evjP|y>onMhHWz3iOg$J-$Iz_!Ug;P>T{+NlB?MSkFr`y)>
z4eL_^?APk(Fxwi)29yCS_>5Rm2JEcVBrwGjs4~WNJ1zU8eg|KsPYFjmqW2k2vTl~}
zDA{DkdD}S8=3r*ETLxAK#xca)t$=2BAtm+nrP)7nah%@$!=XSAQ%Mth1oDIcPqKrJ
z_2CTF-P9DdJAdvy_Xk^My3uNl2$|jq&RD7=EeTB2Q>=*gX1bE<CWDe=dZ|@N(So{w
zwS*!QTxRiA#F0<Cb2v1ArHJ^CusBW4&0fyNC@Xy>OQhcNDwE0~!ib;U(GlmkFw-I^
zYbg?XVyzH;{5Sx?wvFOCiqRrGGdgT&Qa_svbDk91)It)vJf?srD($ij9q#m_GpnB+
z74gl@{23YSChUlqu|npd_UQQZ)e?1o+1V6L&Nn2RPw`C`&m4=3M>}*p3Ia9BLc|(b
z99oa+i7V8Kml`Jb^216r+JFA$Qct(2;Q5?%a|+W?L;VO;$khg>egsr8HFS}xQ~rk1
zBkJJao0>oKE~EbXi6z<U#HT@cJ;y!P!<@$4|1qrrL5)Esu8;A6+}o%_&3~87r9*5n
zj~l+U7edGaA(1hIz0?`6;Hf=dp;xdoz2I&*cTrDhe-gDQy^HHgy)qt@syYy@)Wa(o
z^Q_N)6yyqwp-ASDXrN0QKrZd@$~190FBE*un%xkasb3Oe>uu<8Z?HDXs`J^V5~==a
zJex3H=OjkNfX7IlDpP0f6?wbruCUP+6?<rj3+t=|!fc@0Y|WLOOnixWK?F~75|ApQ
zi~(|#0cGEzh$3-7MGAMTG}3za9=-Fsu&KVY%-(=hWZ4&z;S{)}s<P;qgw3{~og5*L
z*+)&qOZpV`wD0YY(~bHWa&UIjh->w`>XE}eOjOZ`jrBH@PBS>!-_;wl9b7-^*3I4)
zeW@<8C~~r6^rdw;Iv#dop`2ZhNvs%TNJ98FXu<XscR`!eG|OSYet@7tez{{Nwn^mh
zFIyEb_fxGr59hKQ^cJ7whn4^}Aeq7;kGTX@E|h?e8tMDI9dVnn?yaQb`!#mLEzDMc
zUhrj!Q@cg|LXhM72D6kDImKF|xNl|yL#Pr$55*ueYI!SU)B<8^#-_o{HRF16+(0w(
zb`pE3gJtqaFBN$riiJ!0ZXMQ4WIGM?2tI!R@Lj1VLy=a#5*DxpoCfd75Q*Z^n=G7D
zceI3e8?Z522MvGRKUihe4mJP6DhJEe>qHW1K(s|GqwOk=kR;QZtv}r37qoFw$TRuV
z7Xp=FE|PoBGm1RXKflX^$SvV~La{Rs*?2PCBw~3_Z|8TT+MAx!;XMK+s~prWcO@F|
zOkO1l|0DdX11L~;m@=f88rRLu$!!%XW5$v`XK<s8t~oBI-rXtT&?()gO?>&<Ea4G<
zb>?R_O!}9=P?yNF0cu<>uIZ%VEuvq|myX;gh%KSkIT>aV=ZR_0hn$2F`ivuqT#{u&
z|JKwI=sg-xF^CeM=f4|(al>~RH3Nvk0oj(HxXNL#-Iz=pcmAz6UooF^FEu%KAUsmU
z^_W%0zCSB!wP)Fw!`939=y@gBoDa}$hN>|lz@oKX4yecKZdUG|dGbf|6-XQ?vnOAl
z7PAr)kmHWhzblQFO{kEW&A2!m;^Q>yD-<?8AEmAmIt=DYsJ%^7v!YJ`)dNZ@;byN+
z!9|;3#C63?GjWsA=491x!jQB3-p?|Mb-ev3%e^cU8Z|MgklL`+-Oz`1e0{QZ%Feg9
z*qs&&YpX_^q~@a67p$LzKbD4O?DtT_?=4jISHqyeOEtrJLN0#XqS>bE;*YW?zrd(Y
zEp=Xl@wXRp>;WNz@<Bt@RKVBV&CsI_N`oq(NzzK^Lp4wS!@%CyiOkH+3+v&y@z3ax
zb_X^W?miU^jz*p}aXSw}!FP1~53?o;#_)0VHWpQ%t91Oe>L6wimxLodof!I~i(Bi9
z+W!#I6n6v|;z&8`FpDr>x#J^7ud>QPXZHDhXP8pzx)}3=_0EQwZ3BqioUul=wGS)p
z^VqWc76=#b%RER!BBSsgTK)Wsu$xWeYnf)6Kle2&N-16mhF*I%$Hvr~d*FNfWEC65
z+li#<7So=*?Um-Da;&O39;xe6<2_=*i18{y;Y;RKC-k%uXQ4pVceCA^@>tNe`Hi|P
zYyV(*W=f<=9WEHu=mm@c3WFKmq*=bKCt|f3iVL027tXzDMf%;{)<mp_J){6_3Ws%1
zb#Y~_d>f)u%Gw0PtS7jH@o~zGjM@giM$_F?dX<5aA(bmmP0~}osHY^^&$NDa%$DcF
zlvS^EtAvg=T$XfPIPwp?xL58lnD}U8_Aof9yM()`<|f!Vo`71NZ^vh8=M1ijSx#;Z
z8JQ;=zq+xhV$4Eg;oU@GYTm1`R5|MmB3oQnfl8g6f{ITloy~SN7k_4935iB3k1h*g
zbIkutnipf6e>-?o65ju3>MVj;GqV|$mBQIt*iq85m}kk;tdC_jb4Sb?OW1bSY-&9=
zWc?@j;D7cXfI-2jq8X`7{8-_^Nz!60uboISDkGl_x|%F<lS6=(3a2Q<HA$^SqJnz7
zmPM|9E?`Ed%T?2XaqpZQ6ThUa$<jav*DiLYw))9e9qP_%+@mi)X~LkM;OOYcV#K6O
zzG#RVb17vYGN<JjK1nc6ylBiKzvse*RC&mF@A{7vK$Rhsd$-d3Vex)dKlwrSi!Dxx
z-`<fQ^%Xdj;;;kDnuAkmXy%DOh@XgrVkyGPw}^H$YB#0f^19&DZ$F;eIi|8~-2R6{
z?*^X%R^|csD+6LWiW_&3+>)W%p4!Ez>5Ef(p3X-Hq3Cnt0urJm(|jyMmyZF-QpRAx
zu2slF0D+zvoFSpd9(tf6Jn>(M{;E4uz-+6W+BjT%Qm50mkt_9gI=E_(xT?5OX;!O3
ziFY6EUSoKZf|6D77FGu@GB0wrlC~dNzhK?lVD~yQTfnwa&S_#fzp-dGLy6D8WzGD(
zc5o?e@b^#oZgg~f)&McfuQQ5&oHF*QGgHhmfo9xH9l1jPc(&Ye?Gc+*#e%kB(??BV
z--F-@Wz!9;_=j=zNCq<bM}c6N2@HI!;xbvq$R__~uG;AkqzJrk;E|<Pyr|{RG?3(I
z{6oGciXMEW?!wkDMe8cocxgBzMs-@-nA!L%lupgy9lMh?T7>;;+eH3aa$#pDY+_ae
z@WCWs>SagivG?a=>yUmE40}h8ku4!U3l7%1m=al&sd5zpCc$xVpkx)DWmKf?t~OyI
z*SCIT6Qag*<7Z*XNgASuIrz}fN0AVpJ`;Yq=N%E|ohy$vYO3VrZtzZl<}-vfrNURq
zypUc*lwk!J*#Tsk>Yenb`U9SnwLB_);7;obM?{hK8Jk}CF>=s@&7j<9h$yPw?c#(|
zjXy$;*JALSC92doqDo)CJL<qaqF`>GPA`jUZ5R7+4^@Q^VM1hR(pPQ*62wfI8F~|}
zh3_ME-x8Wh<(IsathsDMtY4CGRLTcmNEjY7C7>$c_tjH53$efTf1K5MRf>u31B&qs
z?n%dg2gmGE{ylTjm^zwLsF5t;Ou=bRF7t{<%|}tw`J9i=D!9{No;#Y;g~Lve3TrDI
zg-4*qoSXQ7;d}WZER3M$$%t9Smu|4ZH!kyK{8PX@RAMD&T01?4O@xV;oQQjKT;dW}
z2!~o9-J?cxj8#?8z6_=32VQ>cE`S_CLMBBwjlS0cl0z`W9%`*owumoeRW)u^SN~a|
zt91RFKO2|2#mJcM-^a96-#BvAx$7a9da2R|)iMJi!%S|7yZk$<h*a<CuxE$#S5x7H
zoru4ja?eOyJ3JCeU*BNF(B%ps7QziwFu7CMmf(nuW!SY?Sa%<()h~nEBLO_lq&}5e
z@aB!9KT>}BmQD>yDrZuKE^muqq`SZdo0L%B5~>KXoV0o%PuAZQiWmxW<VQ0KfkeEt
z)=y&D6-0Rs#3+}(krEPX#=XCn!M3uz%^8hN86O6p$`X`Rk_rkGNYRPW9tFZ-)a32L
zQ~4vhJyaRl$EQ=zvr=vDNr9y{qEHEJW#tT|;l5kW0SnC7kMZFJIArwIz4uTyt2FTl
zLuSx~L@3!Lp&{!(<VeW<>?m0Z4Xm)zAC*A6%m5drMu&uh>$7PEX74~bca}iWBL2y?
z;KFwd>+)zJT`_ei74$r#@hPN2idrtQzP?G`2Up3L6qnn|4Xw+lM4-}<i-9X7h*GmR
zA_+u@Sa}*Y|51Z!-jN+&+VI6W1G;_OP{i`36s>>IWq$JOeo8+BR|0V`(OJNMD+)St
ze=aZrVm7n#!ex<T_a-5JWj%fZoAyPgpXZipv4+K447|)ZNjO%%gr?8Q-+}cA=)Hy3
z+1!HNQjc+LXaxEee$?VLFYu=H)o~(f$2T%1G*cg1@K_!XCmG99+X@|Oc&*gUH&&^3
zTZP(F$-G{qC5t$B{;Bx}RUw_BHlAv4c89Fqk0`^)Vbz^#Z-QN1lCKeHgt0S@#fX{$
zd&v2xeridB$p_xY8!wH(+jQqreReFnQX%sR7X2*9rvTu$ONN<HpNRg-YP?^p;V3}r
zWNeD##+^iFz!)Q`(X{)x|7qjg6Dmy!teW$fP?<h=ZZfo~7;fO|U0goXt1=!R&TK8Q
zn2VVGX*%YfDmHNvyavBG`t(-VSA_#oSfslBHyQ82T#$dnPYpTk`N5j@rPD2sEUob%
zGny!^5;%Y-Smarb#4};=`{CL}jy00odkyVli~z-|3icffS<Y2fY*B3nVr@LklnEM}
zY<I@w7N%@@4SIV^)!Ih-Z<hL+`Se<fV%u~{laBO{r1>xtJk3>JJ_b!F1L9a@M}PGv
zpmX&2FuVS;&Z^F+mp(b=aKIgZDfSEdA!_xf2;f(Ykv^_NSt!=HJe2k%gW*D4;QXQP
zTvVfGRX#hjWfG}h1@o<|L<{C1QLLocHrw-${Gv-^YmJ90)QQ?Fg`)1pZCYk@<O6uS
zk;M$9!4z;!8R%%agy@b*VaQ4+f`G=tO1Bv&2c38Wm52hh>#@DZWE{<Hh-;jr6rl9b
z3@B9>C0kpnHaF6*Y9%vDC)-p-rl?U#SJaCq_i1*GppJHWsP6D6p9#fZxrcMsK1H>7
zMH`fBne~0{7b&rxN&CFL_>)y}c^un1*uMKx-5F;8ONpPv54dvAl^Xv3$i&_xKGtEW
zZ>do=B^3#k<X&fXstH_)I%Uwal`C$UpMWtMfm?yTFSX4=6|1h@%DTyKsx<!dm>Nt$
zZ-Ta1B?SQyZ&DbS{{}GzruG{Q1u+@^d9_u@>aZa}?I!}4Km`=6X<TPH^e-iF0;~hv
zc`<Aphk;7;3R~7iK2;7)O4SR~Wd(ssIH=W1tx|OAU!kz<_Hbh_$}vUcLLW#10E8pL
z__E~mFUdDlVtm9Jk%dx5<q7z^?Ai$x!u!&u`;_c79Jc~e7+Lag6<C$&*rQ|3nL=?x
zF!PwDW?wH1B-LymuafXUK}CVVfWv&VwJn)Y#;Jdh=bQb`Px+tn;E(|dde5U$?{^qu
zf;l)wloUv7v)t_qbAdM!{LwK#;PAIT{WmcPdeQBQ+Tdfl3o%c6!O71UUk=87mb1dy
z{06_nSbr_nGAl0{sKyY9YQtiyNKDI<I??&S2qIB=l2g4Dh(;i-tmNA~^s!ZEn7S^~
z*bwYfUw6x5-f@Q!$Cswy>I0X$V=8-FmA|p{{ae+*A#Vw?4~YdU7@L8BMp@N%bY1Q@
zICkf+to-8J9M_0sS%i|Cijm~-80lJUmCU_|o-=7Hl*P?A+_|k;+%xVl><D3UwJzi5
z)`+|w8LH169O6%4n1{jW!J-OQ8Q$2&gj2qD?tH5(ds{!G^pT(lnz!Z9_dGMGsp9Jk
zn$>)Y6-79(mWa(ewR#2?vy?G}!9Ny*QQ#$T@@QSWg%IOY{t7nSzl;BUwu9@dLGR73
zudi*&mvxq&p8vZZ+xFsH-qmnjkzy)ab$l+O52NtE=3^-!ca!>Mv}&!c44euuF)3Zu
zM=;?Rxaa#L`m2E7xwn~-&)RRn>+9T10DM=#hh9id5(4(Wr^S+xY1Z2i+@hj#m{)3b
z5w14BTj&DsI3NB0-GLmz9R2v|c{6@|Zv$kqT+eqP5COyB?Y)gn4;ux6^k0)spGRp3
z_v)kL&&SZW<%Jbd`wI&#;1_(aMacW_7JccxUC617ZH?_W+Q8`YK~|8dCeU0B0z&?;
zf#q2H+uLHv%pn?!cH7mDROzDGtR^Ga9{8{S-&@MrpGD7f{nB%oo++B+;aqD28;IGG
z`@bFp&;9^+>fX*{pTL<D%*vil=KKC^rV9Xr!(M9%|M!xdj{<{^S#iLZC?PVoWt~`y
z;tR=4^p8-q|5@r{rq%f{5{Ea|c}`uY(}k`~<tPZ;Z+mP=?Ej3<i>k4>2^jMywpCbf
z_oY%Bq_`@zL}2~jw_ayD8?zi>c1Z~-ZEpeD@$r_NXhaGrJ&|q7*F6`a3;V??T>+*l
z3WPv_JnQHA$7`h;?ais4uc`WP^<<y@yfOyK{P2xGyem{|cYt+kGZFF}*f$(<t<Fzg
zwl2DTAG(2FSL;P#s{h6{%VI2EW05Xc=?L61$v*^(2{<1zX&}>S^178IdH&DjH71mh
zf^chIt0bc_Y&CGz5V(ZKg#L~OSilAE#VqjpgvTBAa@#^zbf@dFZ2DV!@5Sg9tkiq@
z`~ZH=oBN?8cx3w`{v>BXL_&0<Y`okF;6b}<X>B&x9EvlyZhcfjWn#1&z9>7lHC<PW
z+8;LO6Tt7gUVk@5$$d=)p2BQv3?N@NrBhh|pb_;0gk4eJB&ip|<aIUBX?MCJ@lzcP
z-v}T5&3{029~JBK*+|_@p}n13CMI;9#@>S#HOfGT+RNj&HSLj6EbZt#{`Y|CCy<jL
z)?@wT>E`g(5v6+#vA?W{!EBVkg|G7>59nnX<Ow^nDNx_GCZgxlj{`rJw$fmY7X*6f
zSN~^Jw?|$~@JN0EASNLoJI|Wzbx_vIn!3%!4#cawo}4lWiT<AH^!UEtOr9)t#~4wd
zNo{+dy+a8<Z{5G&CdmzN_%4Qt)JeF$_13&yadq0Betmfa+3!hArnXv@{n`{Vbl%;u
z%t#Ohp4W^TuOtuIYxGk}s_H{d<9v{9se~`*S$y`<^u?}#R0z`czgOV$YH3iD;On2n
z=nrV`8(^dRDG4Y1b2W^fT?YR_SIi;V8er5Lt88vT^`Nr*AO{WbuX+1b;yGw*Z*tKl
ztD+O9ZQmAQqYG_IvcBf<>(+%u&n@nhSG&ghln8iMv3=<fz6o=;U6g*`O0d=+Jhf&K
zhn%!w0i4}9UItW27#*b6L>hm9-ut0O^fHVT27@<$e`a~m@gBAkev3!LYTb+L+?_!4
z+rqga?Qq{tpn^{p@wdP_713VY1d0FeRkt6U)?hC7c{bh<Y2qI;^}T0-?HZ9sw&v5N
zet5rky>5?pXu*z4&$nF>pfB+lz6W0h{hva^<V=GRU8;@~0qyM~&&HMYeU4SkZ3kJK
z`{mE|r}VY@sK=>ewH;5=>f<Z*7N-4Kdx1=$Po4|aQ>FD1-AZv~4{7!CTb9kL{C@$j
zG+#ex7G^&V<MKV0jq7f2uZf!vU}$;2EpvJLHL6xE_-9Y)kaK#e2W@0k2@ID2y4+_-
zpI_Q%t<sjS@HJhBUK@_9fEZo>KGW)78~a_?nzj@d`eElud$U&#=savGYlX<(1McgL
z<C^_h;K|Wv@_A@Qd(&&=rwLit{iN#0<PH8ToxZ`%&d^4jt!Lrx^I4VDooD&8{m<`>
zx$;7D!TJjdclpGkR6Qy_Yvlbvl<`GOZs*Wsm9)o9H#SYW&zUdTTOo%pU5-GZ%XuxH
zPNNGQ7>wO>qH(7GLui-_(~JF<%_a@&V-D#Q#%<je5W%7=ojSeG-)eWqd-#oCIljNL
zK>NheY+z1K>K+(K2(c}23NEMT+9zXmMX?mrx~IPBDfQFjP{nE)@S7bov4fS?R_0)E
zqe+xJdwqi2xbb{Aj15VO;`Y-N8%Cq5-3cP{C%X7WQe{J+>~nnUskf*;*qTb7ES2M1
z>{k5`Y~5U3t8DFTg?5fB!MJbznhw55a&`9)EMsYoICqn9dRBpBcUAWEHLF!_vi9S3
z-q@gn$A=t1UfCEL?d^u`?e1D193v+~mIhr0^rk_C7`<Q6zCWFdh%&?|A+0**blg^*
z^BvM@@@Ka{!L}qvki!RzhE{!o`F2@XgL-vI=E|-+B1(l2QiC0#PbCB42z`O#nPEA`
zyXIp^lj}8Tn&g_ILhrguKo1=7#$Lx;)E#`H&Kw2mOqSXG(MBZ_|KTJtS!|icUVXZ0
z0NWoY&31k~11PLftlY=7)W>5GC@vzxQ3gGD2M>nB7{VB1t<4(mIZWcQYSV|odZDuS
zT9BB=aYnh`h2M2~Aup==OFHQ7%#8W91E%J&f#U754m-y>z`TzQP#oqF?&sLvCbFsN
z0bI=wSO<Q%<<+$%yU=^~6RfnH>9iZc#_kf|;^499O3^1jZGk64qCF=1e=}1_D}>q1
zVa5Ne?JK;Z>Y~1fk`RH1mR1P~>26SIK|(r3x<zTYfFO@ZNOveD;Lu$&k}3^S4lwix
zNXHB{ycc}lwZ1>#ds!?N!@8Vv?%w<ScAS0o=1mdqr4Jf*@N^XErN^Qjc9#1TPG($}
z96n2T9{j6OmTEWt)T*z3%6zCV<TBV1s#c;CqLHdzlB%^C(5o4p=YH#c(%MWlEhoV1
zw0jGq<j0T_==G)<Mfmp7)0Hm-x5L>KabCv`7LKpmIhdB1{=d3zlKX*X!#mI*rHEMm
zH<-_ZFRkC479+p@D!MXg8F9Y*HBZmVX!z&h;ecH@&kUa6{Z|H)WOjlJpAOEz7xiRf
zV95GrKV}30UJEnw<N(?d45Guybl!X6cidh5bEABGMjW5m%&<_ciiS``v*Z$+i3?J6
z>-?mkf6{Z{;6CpAvT(~_{PuL^m5TL-hYzbh{7=PJZ0^7|Tk2gdP3Oz53=z*V5^M3+
zN8FD)p1uI-MA8G+?g}HePlWmXv5JXir|49_qht;I-gfRo<GCU}L5ps?ttaIs+KrX&
zQFGwhd0(zYwp9enG`yTKb1E8*$v1$QzA>~Zccx+9qk7iF({qop(Q7V~4BG(QL#Sw&
zw~2~*@%Y4mf-m6jHE{a&#;;!pt7BW^8ASgwxx)F?j>wamwW~C1HEa;O+87Z@_d+uO
z74X&#k3LLLwb|Up?*)DlwPWnwn~eV6+E5h5yN{azA`Vh<52b_mLAm0oFEY`owNU#0
zV=sp}2SdWJB@~40G^RC%NNZv1a5ck<y7ZyDThsv7PXrmfO`QAUmO~mkK|9b)yC=?T
z%f-@rjP;>-+VX_N9Q%&mm8~S%3owlfh0eIzGbwWSct6bgZa-FA8~g_H@Y%iu($&6b
z#B^^(9}hB%*0~(mZa@2GC&DGip;<B>pQkVJk4mbk?kk4-W>OvdK2fO4wpaiFGK?O~
zXz=JNa_|`_7f{kp^T^&M9w?Fa8!(UY;Bcxh`BtbOuP$+IL@hpgsYM0AT{+tyZ+d>U
zDiTBZ{2>MY;Rqy&)D>f-;EmL)RsLMJRuV5eM70To?VL5aN1BU!U+plSlLZ&URm|~n
z0rhJt$HzL(yhi8;1^io{<2@GUf%CW>XTP<#PkxDuuMLwF4I3^vR?+;J6tT0B`R09L
zlKD#d2ygxEm58uq18Q+c!h-P<;y+a_OGbVvySzttocUn41ui4db0^vij0~UlD^<AV
zL~z(U;*=NJDd}xTOl?hQn_brmOJ1NVP1;w-atZR9Mp!brch)FrHpa**Hud;u_k!c6
zF2^Y4Uk8ey>O0h2oYM;}hzJA|;gZDWy0;fjy=Bx&^oP|XfWM@uqk(I2UM$$r<wflb
z$1RSh_HckVH0qn*8CksM&bxSj`86=)K%&Ymkn==;k-VB<$XsGKIAGXPoij<EL$Ag_
z_+%!2{^z5Ic3j5MM@j+!rryDeiA#gm0_=6!R9qPub*V}&gMEIdksnE$8o_+aN0LQw
zYkL`80T`?ZuixZ{t#m53e7rUlOP~<!*eabzv*+N3j->Y8mr^ube#yKv#Rmi+;B4KR
z^6Zld$$2D9FrZDO``P3Ueh_kbgO{H(Z7`dXduEK|y-#jy;cA7#Z-mm_bbQSNI=q~q
zhD(1}1Se7FMVMw0r4of8W=X!Iw)LLIr800*dw*|x2&ZCW3v(eB+^(Ze_n&Zh52OuE
zOV%|9_D?d)bnLEH+RE5)qZ4mV?S5>X@4<AxXi|Gc@u7;juBh7WeW3iYy3fvxgeq3H
zvD3xf4;+bCplNCBrVh6*!)@kPv_}W}TvfjQV-|PGo3(xM+@|t`wJ(u+Bmfe95`QFv
z!H`GGf+dEX8w?BE|Ct{>VnWZ>oR7b6X_bG)<4daFZaBO?k`TYg^6na0IK2nZ(-sr8
zK`5zm!`at8c67^UEE?P_!O!KaPI?>FCCNf47X0N;o+rS`r>nfEWPJW)-vg8=s$PA6
z&fkhTM=DILkmnaQuag6ph|MAYOJA@L<=x!wadDj;zJ=!p?N%|n#{#m$m2yqd4pemE
zP|y2Sy+C4RCG)DShcs$i-{LB+2=3onDfd#)7VScZth-#EC-mh8ksy3_XGuUOPxW)<
z@W<rNgW!<EkpkIW0i=@I<iL^aFc{s|Y+l}i9k0{$rxF5AXu<!jOprYWLQzT}>Dtha
zeDej~8-YJB#{V5AkD?R&BJ&MHRcD%XC`RkI968vw{i!EUBz<^tY9fc$&gwtc5r3CM
zNL+reBlcm|<-Wk>wx*wZB>H^Kta-O>LUtdce}0C(Od748S-rqT5*GO(Dq&&ohX4hz
zu3;Pj;L{@d3FVK1Ofhz?S`P`2L<l9_u<YKYPiJLM`d(7hdgUL4d-mRBQ~db!k5KRI
zNf#k27A_!8S{=9(;<Ga!JH|kT@7VvTs5xV^qB)$gvVFt5H+@)KLhQ#1(SL5?Gl;FZ
zg!cFF{;*nH+ssgP+ky9Rz!pwER+?P+;u;Q!D%o$`h^njm`{DopPtWL&g~ZpKqp%ci
zS*y!r1Ee4Q=h6<bos28qm98&1XjeOLE6dYSccJ<FXq+WhPm#<K=T~S0!UGmO(~h2R
z<vY!J(7|!-t9sg7t1eC5%EmJ%Gbf*I@<t6sfh9%rOl$22U*=n~|8G#>1B`Tp_zR9Z
z?);555aYH3L4rEj0$L&C#ZRo>;|uk<`Wu5HbtP4U|Mqu4BfcX|7aBtYfmNfB)hsG1
zDqAIrl~^JF;e*~OsF|-s6<f;?cM`7YzVu(WpQ-wMMlsWKz>2Pl$#{Npvf&&Hc0y}t
zZIu!8wt+(9;^J<KWDMNfoP;vsn8P1MU4u<H;F<Z&ip*G9a&2b|o(DntErb#J+)(;Z
zDHkJj0%r0!)XaQ|A-skJa9y8S(7rgkoC^hTBl+X%c(<1pz5(($F&v)#sShsG^c`jM
z=|5kO+qoFbO$+Dj9NVF^-W!xa&Ia}|`|?%sZRWf1GTIt9c`i<XI(e5_5lHo%gD3HX
z3E%jSPP_X?a@!uatJ>PzgI7`V=;jGIIk_R5$o`ryV5a(no12?X&`ux{L1-ZPZW-r)
z;}K;10D~GOCvcO9EBFft(=&7(yOHlbnik*wNtidjo1k`dcxYbZhG<|VBPG@PXPXjN
znETNcwE_Ia<c~hH$V$rCv(~fi)+pIwncq#Yhp~jSbxz|7-idv9Kj;<z3h)VYX}~N}
z*;=S-rI*n|_AEDWd;O<rc|p6bEvaT2e>)Z|t#STDd&y7n_1zs;Yfm+y*3eH6jl<(M
z*J&3|C3&1bNW%$_@eo8VtB~>Fb~&ms0Rj+|K!(S$r_U|>3VDiGmDSdIPmlwcF7SrA
zX^P+X{UYijJ?_gMfsj25*aZT1K_sYdOhz^&iNi$C^n+q3eVt$^o}pGux-!Yrjfq)3
zpD;P}`KzNB>~91h@sMHMtgyb*fWRMPs@J}YWN-KW6!UlF%)3XQP+^2DP5S_t&tDoi
zgIi3!yu6HXZ$Fxp!2VWM_(h<litDG$zS~4>%^p-9#&~ailOtPf{MDCj-06SR7j5Bh
z;E$|4hSLvCu4!Y*ITw*69}xNs{zCzDFFTgNqBHI~?38`odC7YApv;l;TeKWDh6;7=
z_RDPH3-avwK#cH=9+d#)M79R+mqpg9sB_|QE=kTQrhiT$4w4To{*HSWMKOfg!U^!`
zI9a<14%(5Mnwo060b1XeqpGYIo4l26;5A(C&O07`7P#>l5HeD-2atKZHkKv~dxtg6
zg4aSHSX3<_Fc++HX@fHuikL!(@LyP6vEDMFjl>urK0G`+%0WXtf;SUWc#SyYoB!no
z6M?@2muJY!95eUk)mFvDWIA}**E?LoE55jm5C^Ytu2d#m)@eu(IYt#cJbIaqDhM?T
ztA|@19UYUZUDAPrM;Nht;HEaz)qQEX#GY9lWKOjepEP|>*IPL_c|b0^3rEbK4Ef6U
z1H|bR`!8(=IN)5N$h%C)677$4L%2f(^Eb~~7jp34Jamitpzy@F21~Ud-nsYw8WP)Z
zot&LbN5;m+c1PnwULDm>St5S7RFoR<6zi3yzif8>v0Ag&RzSWH&L&u~$uRXg7UkcI
zzJQ}I*pj~Ug>->e+i<i;D1!x@<}v{Ay%?J)FdlH1_{BF+in#Uhh+2<0g4>;5|K{Bo
zVx?y~W!g2c^3d5TL(oBh$CBeEMCJ;Dl83-qKp+WN;P?7nX|p6eum#Vne*;TYd46@}
z<u3X~dQPIfqPJ~d_NGhs*9hmGuW*U%_zwrh{U~Ay!7O%~&F`m{6c+=<$EK<EU?ebS
z{Z)Xfk<rv~Z*Olfmj)zWx|)%mNrR&I6QI#_e`(bE?pH>_w_(Af)p*kno5Zd8ir0Vd
ziBY&UX*IcOwfQV)T8QomE!>1pfy^%cgsP*&sIZ3#orN)i>&#7U47-LU2TE0rP>`tH
z3;Gdu69ubM)&Rvcku07ofeMjB+e+B;E&BHRPOksDPQMT75T&et22Y95uZvF=TG)g;
z+#5X;_neVU3l#7K_@e*QSNE^?;XlPMU_lW^d&EiYCHH1dxvPS6$2K*eTYG+{GNyWm
zs1$6S9Z2AO^VYM$Guks&*&(<8oN*Uvr+yoZe_TnT7cM;qfMjRd@s<1<-LoSD_a&xt
zoe%iZy~FlAlQX;QA~1s31|`&Tk^|qtMgG~`A}(yb);+t?6mYdFEUh1J6ifPVs<`1Z
ziG?d@A<zBBMfqTH2?8T&yWN!Psj!&#hCGO+Np%wcuX#svCscPIO}qfSiE5g*U(k%u
zgtBW#s#Af)c@m*Heoni%l91LFumC$gI+ndN_xPI6B4J%m#6mXjtaz~QKI@!Qz}8hZ
zI(+ba*{9C+iyWh$014T&o1ax)7;`+X{i_C?hLxzmt@E*#7(KC-i<)`^&ja_!tZ$jZ
zSMaYz@Ie619Fe3F=d;d8j*;K(=$OwP9J2#S0)pb)C}Bb|{-QK+@Es`;W+lxGnrxMg
zsK*Pep#X=u`<i2Qm=*3&Y--Uzf1f|Vr@&N#{UQzYakug3$H0vqkSRCJ8-`pc+TqvJ
zY2tpB^y>CCs{BPy(;IEDHQ*03oG}!TolAXqo1RIU9Fqq(5jZI3#~+HbX9V-auY8n-
zX|b9W3Qh~&vY`+%Ob)olOUb$1S@^<8GdvG3ZI`m4z1)Vw^PgRO8;0v3LAa->Fc%KU
zCa<t~qnvsI%-r}BENIxgN<I%}Xv*~r?o89<+I7yiXo&^SzrjfyVy=LzozU?eRtD$1
z@oENN2Kh=3cpi?#?tT)?ng7O6iu=8*M>}ud3xz`?0+(;VRYB3l9*G89x<%ZS1XwWQ
zRS%?L_|#UtTjF>|w@Ar~iZ-u>#Ir>>DGvN>fg`Kfbl8s~o@(dK9nx{P_Pl=+s8i81
zBmZ(^h%i+}cuGmKL7><3clQWH;f6f^`MKYg2jAZzWJ`1LU%qC4q(im6Y9>3EXAVL_
zuHzOAgpWB8ul){dY2H~eE{1&NC2}~iBq|KUuVSO@GqvdumCnU6UswK1$y8kWt(-ui
z#TV~@_YJRQ3O-u`9mSQ6eT3pFs%@xh*7`oZ{4~Kk=88>$-%cXFf4(6Me*g!1r>+nc
zl!z_-4}vGHIDQG9``x_JAeH<~=+Zp1TED81iY<OYLX1h<ZeZ*>iG`c*KO-$<{A;sH
zfBX~~D?ku(<J<>SSV)aprf=|t4;!0XLJ8Cj{{Y&Y8PciCkb)^?RlN<(@@tlR%2pBg
z)mz+hWt&BzBlgIxPD`k5GU^jNv&6GJwJc?2q#(r*^7I?MVZpv_7Y$S$6yAIRx=W2{
z$+=h>X5ofwQzl~hEiOGhlc`SAAi^pKvR=-`C*^y;h=I&c(RrKQ+?I@VIz|Zezget@
znLS```&xc?KoR+)79_{b`*#)Q1fC#^2xT7`V}mi0(N<hl8r&)6wC$#gGTD&c%S!2-
z8{+eO#|WRi-u*Pls|n*r*U}A6{6z8$jnhfY*7xw-G+7S?iPb2TT9P;e9{&j@q=JKm
z`Ud{|b0O~#(~JQQtgyeDgzUSn*03U)tiU*9b!~=5P(?7%GX=<vjDYM-vE>W7U1Y#I
zV)-C&@uMzD-DIe;3xUSR^emDgHI^GOcZf)>iNYba@O0}q3Y9dZOU&)2<*h~<ZM>6O
z9Kz4v3dyfmrd<d*hG>ESja@dL`;CH~*J}d{vPH>Mnt77}Yog~S1@+2Kv4#u=$t07m
z-8P?olH-LD3o0p6(8myiVwk8T;?2O!zkAr~0rYd5(Z<mh_z?A-`;XE5HEt4ce?yKy
z@arplb$TKIxTWYh+tp(RS!hkmcYl)f=&Y-q+K+v0ZlvQ3w!w82OovmXhXQbNBHTPS
z!O?Z|J27!6Wbm1pc5_c=LD36WHj1l6I`9BB;^sni%g15h#D&DTpdL&zHKEnu=Id8>
zx!K<U1|ytq(rD(F(JH(iA+)t_=yo9uBQ6@ozoC$*fIJ|^WksTedKb=Y9*Yr$yTL_v
zIxZfRba%At?mJwk=mMZuRZ|t8q0aL<SI=2D{nX?m#)P52#-0rNfDfvxE7jzq_bo_;
z!OZOFkChu~uW>q?A|b8PLP32mx(h*e4tctF@;+9G#BYQ8gTkOX&lz@C2C0q*yUjco
z;c_cijeBym|LpEAIozlcc4BX`b1j<MxP9z6=bc6!^W{LY=|5=!5BfVB-1z$A9tlz_
zFc*b;Q^LwJJ+?@#omT`-hqE7z&_7%_!zfYYo`Ui8MSqr#9iy~JiS|u5Sco24GVYj(
z4CE;fmoYY#-mm&ki?s=O`k5h=!8Ha69xgE8`xG7;VTZ%lj9trW{Eqm$0+GM-7XisF
z_q8yhscx$K4mPT|pUZl23^kEoBX&Foh-}#3h$PbCV>;qdQTr%xT2v&*QkCfWO6&ab
zW~+AMxg7*n*;o?v$!eK31SNA>`@6*##lUFN<awvroIf+{V$AAIS~$vIOGl?R5beHC
zMK!Hq6Ta{x%kuJ6bp?8T(g<+Hr9H#Ng0#rh)qrL^IC#77fDi|lV~c$yI&ReNx|b!C
z>6elI%^E5>7~Mzh9BatJbBa2%sh>b!h*@ENO!Xm;8mtsPYIc*7l5r3>*2;|9Vhvu+
zW|USs^hDE$ii%S7pT47pOG2UL<@a*5Yn{e9qsPZ3O_AzN<n;+aW5KnKxq<sRSsGcx
z=MZ-;b*y#L7;uude1~!3E?A0QuuW&JUxFEl9wuaw*S*CwSaZX3`65E6>U<`2Zfs0A
z>0Bz#TTj|7dv<baYW&x)A6PcH0QC?Tn5pnD{*`ao`A!M;lQ(1!>+#A3Y6b?t#p9L-
z5?~pJmG(72pO;Wh*;$o+@0}r%(q&1Jcy*V#{hl+}XmI$-a2)%eNBveY1ne<FN?_%*
z+j&yHPPtTp-RL|mPW2)^e5D1|#4@S3wPXKz7q}SkKR>4EwR`uT&n$M6%g{p0I4rfP
zd9)z~)FTaR@(oRV(BzGar3>Up-=-HxF`#FYcS8*up0xX`ObwD`Gd@sURo_~Y{kh<{
zer(ZJS8-|eT<H4rymNF<PZNH#zF}<750>Etq{=z8A;Fv_=W4-(C-|neJvyTU?%WQf
zPDnH@E+Wph)ilDaE$2&(ecOsw+3A4u?X2u{NyUMs{sE#RS*H8m)gCO_Z+n4WDKslr
zL&r{E;s%bq-VIuC$4BVvLmu>-{-bkV1r;=@)qcM3d!P7GRF-?UOmw%|_b?MLS<r(y
z`;~A`z_nMOqYjA`;?c%FCuU@#Ux<8?Rd&l=1uWL{vAL1jZOnnJ?&}Of@a-?Cxxp*I
z;eplAhM3D*n~H`@INL}9Bo#<!zIiQ(ou%xdmzW8U21jUZs@>xyhru{r8G@A^Yf49x
z#m>>N>gD!`+Up0}4xk<^Qif=g`kt(*Da3N#AI^XAN8S|)Sn~HZxQV+@D~^W~fIU%!
zGf3B8WomIg<Vm@kqVcId66K$)VP`%C-l2CxuqT0iDKqxk0MFRR_C7WlbI}3@>P6HU
zuioa#9a5mO1GlrcPCrpraq{6H_I<8w#t3}_NPPqCTieSrAI!f+JNH)vh;ZAnC<VZ(
z+PDpDm|eZsUv5;1oz&l)y43#ov<WA_x%p%#a7e!Ovh-*ZXf)ulpt0E2M1gK|W1I>u
z%_5&oe+|$X9I?gri=*3=h>7aTme$KIw2&ve6UtCk;N>IIS)6>A2p0^esF#d4RlIkL
zvbd9=_Mv|wY0$o!FV?K|g8(&mT7T%>46P4?#p>*d^_5(?s6~JNT)IbQdy(tbA=2?e
zUt=N|Z0+ejk+EiJ;a=H_5&CA3XMF=?tkScqKtVuM{5_kg3X6Wu-oC(Oy%6DyASSr?
zT&e@%jd>#cJ^vJqA{WoDw`M7mJ(xB)x|UJg)epLJmZ2rx?sgJQ6VIxRi&JM8`Occc
z+5{)e4pbRjyN5y_V18{mK=js*jDt{i6F!rsad0qRgWIzI_JE{z@~4&4Lfz?KcQSl{
zs>It`3;KM?kcSl0`Ft@r(5|r>J48NJ;rJpwOs`a{)F6|l+rO7VC7gvTMdNRZiMA5X
z`PdXzr+rfTBiJ1xBdwrqJYjM1CKo5?{N(KHIU4oF@?r-vEPHWi2L8?6#l_{Uyw(VM
z`VSmr4lMBH%l#<?0-@0Sd=>biijy0%QHrEzzTHffZ_aa3XTXQOo1&c-_buX+-E&;%
zXsXKDuam3kE)dB5;_o6)v1NIu1AmZB_>A~C#C>1Y+0}}fSOO1)a)XaeglDLEQ|t8j
zZwqJO_tdEBKg_KDPMJ~IWzeC<nUin6=k!HWNd6gT*6Ys(vclX^4**0TcM5OYaed|L
zMtS9(ykS;Pm=}r35#gJE!5a&p@m+@dx!!$3+ESHY<FZbE!wcxxnZnaBn~Z6yZ>X1h
zjyN_pGegvZLH-7;WP;lH<?;3d@wm;7Wz0@?#>~x1lE-suk84&Q(K63yQ%imDu4Qi3
z9>aICL4D*N`Kd&O2dqDQFDn}S!<IGalS(Mt<AgL({?n)UWJ`5%jD14pGI3d^4X@wX
zeWx=ie39^pJ+r@kVD-?(-tb{`vVUz+Q3tEF;Oy%5&>u3o({%;!A>dV4Z>#_c9jRMq
zk{A#W5VAq|b>-v3DC}v$*>Uhr4e@;#%ZRDeaMBY>6ULIAubjY}#8etc?XFQvbQhA(
zyTpz=O><*oJ27UIN=Lpl3OLn&)<4#G`LcwJId5z&tj3Z#XSC0KW2#obVkDRRaQ*kY
z%nGFG1TU9;oo}JeFtco>1)^0<e17D0m&IuxYu;0OP0%-=obyG3jb&3}$-QcCd}JrK
zm4iTj{|j-9*#hcwQykjuj4s(rO`#pXT<a}K%%DfMwze{agoHX|w{Epdi;5mP?|GRa
zFR=xQakM+U1YaE~`vhWU{gxk=Xy^QTjh$_VB_6gv-hxFxQ`D)Z>+f#x$XFb{&)lB*
zyWL~2VQH63Jw?N0!Z~eey40LUJ#muUePk=|GO=tpZv-IpC3Bp6U(m8V#5nPVWfE)V
z`}wpp>-1aH+n>RnT6w1{gf!@LCDxhRXML7=KVv0a$6)7w`lNj;iYqEA4$1kl0;}oI
z_noZw&u}2{XG{>Nn4F~{j;R0pM!T5PxoU6JxGp_*8?4R@9IU;gI{Q&H<~v1BmTNNL
zU5Th(rUPuskILDIOb6|~+i9gd%mWqG=6R=!mBbr#(ZUL?dJS8=Qd7tpTx-i<-jp93
z+Z%?|ef#aAF=AQO*b}bH^2Q;p^%*>xCt5!bH@;`i`*|y?TFF%Iy>ntd?`q;4(%zhQ
zL5WF=mp)YG5<BvFINUB-%r3rv{{Cx)0m&~YDjGoKd0>?w5Ko#Lingvj#^bqv{F}$y
z2Yx!s6%-V(dWbTdv7gvbr_i0vc64;yJQ-F`#5Y}P^YSMov4zHn3HKVNwp>QidJJk4
z0Vb!;gfQ8l6Qz8O`m+1c$r4MB4R<g4hI5k~<T%v%kOzkdR2(;v>|@=#n<gCUcZW^o
zsDPgRU<F29H=4e8;fVsnmglYCRHNw{H8FUQ{5QDy^~Eoq*mNj3eZNyR>S&<S*Xu6h
zyFEJ<E2K+-Pl$)~;CDa`3U^w`n^cRbOd6ZGX!H{SA*zuu0{o6jJ?;-ElNn{lazoxo
zr@Yv6HaWXZLifoFC2m;GnoY^8Pg}3X+<-xnF#p}<UkVV2G#`Y)CD`_6NpPAjjx1(O
z6L9$gC3m0R&3ACCHQ>+N*<Lr9WFr+|ezf%9ff(%?pH_Lsdn{=Uw!?n-TZKvq^Y5kg
zDcOkIo8QrIjvvi$<s;=Q=*|dB8rNnOhPRrk+TUM#Ro&digFu>o;N^=M_D*vQo&XX?
z1*4cpr3TVff#~hNwAOKOpBzq_d00$2iZ&#JO*B(a&x0;wt804sdEUKP9M&L_IkFy>
zJK8YeMWR>DYc}wNmn3s7_Oeh6k06i{9Gs^r2|~SAPURA|1JNpjlf@-xy(+3O_ZX+`
zHtZ>3S~Ix`$J3qZng=pljQ8cX07SyNT?Y>RWae>wU^${gAji9E#<g_DwQSUN@K;oj
zwsHjlK4jsCvEED{{kX=Z|5Q!IWl|w13qa$fHnSi0#3Nh&we#6apB8ie;RqYQht!WB
zzIpS;<AD@reQBVpH+`46(`sI)@iomM+QJKx&D=5%?HH_>yHjXcSuQUEjI)$I*#((B
zj+?J#TjamEX6AmPUSt|<7Z7k-yG%vZsI8-e=2WlwZRGZIGv$De-*rFuQVfaK5zQJL
zdx_?F0LkpN>qJgWB7J-Acy<gc>P@y9IrUVGK4t3DB#E-2FB^6I3?6V7L>Il3VxFCI
zuD6#<)rUhM<|dk31m-}JXw_J(`%K%3ZxNfMg#Y#|T^y5q(6Z|B_64EK)~7O;zBty)
zSuN=C;{5!))e#yEW5WNc@y5h0Y}cW7m}_37hS&T(A&j0#Zdl*Q$Y^qv!-CeVRHXMC
zdK^3A6qO)~F>x^{HL!njsb@Z)vvCgsG2Vhm)-y0N8^c0^tijZ~J-lHBg)v8QRZIWX
zl-ASJ)3{sY<gioiVd(HcOr0sTy{oJ1Qo8N+X7#h_oYMXX*dx6*Loy%vQ*rVaUX<lC
zuHQ`y2wD6TeP_L*cv7N+kW&xI<qD%%LyW-&RdTWYLHo`~tDvLu)9yZn3d3>^RQB-}
zf(w=1(%Nb;2(*L`+zQPmxdF)+!CmNfb`P4mC2@{e*Dq1g&Xd0wJRKMaTU=b+fsK2A
zK~2O6#R`&w<dxuDBL>2x3t>CY2kF`pC3S0OlIso6&^uGui!($#uu)n<{Wu|WuozT9
z{8DaN<SXg9xvA{2f99dB+bx=d_WEE*KB?ZY-V}H;;rz^ELPI8$@*LC&RS>@&x}A*E
znF1JDZD`$d3kwU8qL(MiiR_GBg0l^u*^<~ThMG09eQ-={?(1DY%M$_f0g(07SXz?M
zlM9gFhFR{z#P`)3=TC*?cHwvd%drxN10uub!bdvvZ_5nJTXs6mej<^T^YfO>GJubk
zE_G>Zt66Yx@W$q5l2F<Z9ubHI_aXM$QchX@ls`2pm!p@PTw^khWj%s~;u|N2=xsM9
zf7w~2p|X?oTf=rsrC>v5WA&52!g2*547R_*1mbcEjfd289gbE7kR{-uj*$Z9EBWEH
zZTz5&XP0sL8SGeW?&ZN?z{SxN@T_tQp+DH|HOrzl_Ib)-i?BTu=ZX%$vt`z^5e=p?
zRl#S+4-t(Xmj^xa;Hj>{X?`K0QOg`3QO<ye1C^YnOMVYRd7mOJ9`hv87(Aw1cXUiL
zT;HE>@7TF|FYxGjBrkZCcV7-LY;C$9ZBSuAjUNV9mO~T(U4jNcB750{b7p4d*viU_
zz^7^~r0e*&5XC+M_=_<qBk!Ttz8m+4_|7M=E8clhS&<4>>&cQ(?VR8KLOad$os+jn
ze@~AVIO)7_vHQ|KJp%PKMouBhJwlclO}-zFnKSiN^JmNP@|OPb=W)0fmcvfhSN7yd
z>00(F65U~vq$q+5&_hDWNJ4?rlh!#f!qM%8njL)UZgLS?=}D>4^})Lj6#?^vzEx1y
z$j*8eyva&GLKUx2F`C3R?woBhr~a{a*m&|lR95zj4$_P8jUp&QKOyOn?<C|<K2oKh
z$ja7MQn;n2)UpF>DX^dFnXvpPq}fS3XNmOzf%Yo8)J4EExH3_8tEIuhc+dEN|8##N
z75>*RPL7fUq!7g@0=Pi%@z6@bWypS&m%B$v&JXV)Zm;d#A-66=J$1chQzD>ecQspI
zM<?FBWu5cZty}72Ux@P$IADNKSWQ#x(p_~B3pcj5a>O8o%)J6Wt04Ltc|(#51!gbS
zM=yiUfzr*D+0dklQy%LOjWH>S=3u{r^uh`kj`Q2L1GCnX<KqQ$t-ic*wk9sC{+59`
zzQ@L&d8V<lue}UByxx6MtML3Wb0C}2zp5z{&i-zI67df%B$SsPQVV<|mt5DkPgx@f
zntGT|ZR%q6!Qh$n!o3b!vKsH9$GSgRAc;{e&OrSytQ2{u|8L$K@HP@ji4~Mmg`b;E
z#|oN;H{#@{Ah<auoJ*fomd`uJ9EgFMpuPUnMn5a^sMIu(U0{O;Rt0-{AtTx5BxoSb
zl8n;{fe?hNKT<MSxCdg?KBl{Sho+AwMPr6q0KARnSowy{F$xyMkiN8aGTFlc4D|rq
zFV0OWb3Ax==**#pDG?t{MMMJDW*mT_DGEp^Iu$lXhdFnUmpcAUrGsW%$1^&T5tHtC
zJ^ofCaTeV3?9E8oqo4Q88eC6S67H#rwz*}AladvWSF5Gr%c*abA!kXfv8~Um_;Ydj
zwMFHuXawVIWAmg64jhJ^#~1Rk>i~Glw%rvkyDu{+0V9P#{OD{)dHfIGm7p1H-&Qub
z;M8s)r$>svrm=Hq1fE;o3@hL()frP!M{IW-49UPQpdJ?%P|GPycLYQ1+fG4)f|;KK
z12N$5rZ%4iNogJ@e3HziS^Je|cZX<AlZ6^o65QpOlyF55^}z2{Jpc@2sLxqgfGKvB
zx!dj+7rq?_U6(SR3+Ti+P3h7)t^-7(az`oz@=6VIUTJk1U)?)<*LEJLk5EKq$9Qu|
zkdZO%$!7hzJu}hrHqK35ud?t~VuMCYN4e>o|9Gz4y*Hav9*4m&J+OUpB@(!dg$f$f
z&KMXQN7;P7-)dP2Ot(NK-+5bd9Lnj0P~6`QPSM~X01de2FM6fyNc2$`>&5S<!S<Z4
zkv5WE$A4D7c12ma)SDJ0&VM+}EEG~tN-XAh9P|K$tPha%vsEgc_;2at=Ia!{vy&2J
zI_#Dg_WlHmS0?<h;{WjTo|EF(hr-PowkDG?>7s&sITt7tNba|+H$CD_i8kU+Yk%4N
zhd{~t4cl%IQX;p$*FJb*Uz;V7y02O@u{%;XIl?AA!iHWVbFgXDk^Lw@u1tbKm;SAK
zB71eAu~Yo2lez;(PU@k3LmS6>c%d{7C_rSSp(aEi!Q@?I_A0xxUJgB03GnLgJ#t|8
zH|=^b&))?YN&jlLT6bE2CN|uM5*<6>2tJjj_%=|>&!2YDRQp=bxYbpiM3cR=^iXu?
z1?{P}gQn$$i@nl6AV*9g1IpHoF*CL?GZ>aAn8?fR1yEA#X~Qdec1!p$sT{9)p%}Ms
zsbPE&!&=C1yN@2*!V-|o{s;vl<0WOx`<t6j^?-Xf15hcJ2fl`5QtJ9MJIX?A_>j<{
zTcKNQm@J1$MqByh$T;6|0@UosKzG=d>*UhlIK$3P>%X>)FYZ*Su7`dIDViei(JZ6J
zwf1T@CmOJt8YB*T#}CEyM1q}c7c01(RGesbxA-tm=sK;GA@~sMTljEg3MTR1*$<KN
z6M%vDP<znuR%5IN<)X)Ab-hM;{wm+@Yi{UyN(vd}9x6h<vT7(#z`~R`yK>)%G;B|H
z^EuHM2hDq}%<IorDIkz9DG+0#@QdE`K@GxthYt?yirI5~hH^Sk#|ZuvUrH=LBW`dJ
z4J_ZYl^#2gy&xe08M+9}5WpXT;;wxZ1o-*<DO?Aet?)tYo^*up1^oGrG^}Nt&Wcp>
z$bBlALJ+}SRB}t_a<l|Jh3c66dQbJhWj=FC<9#CslWjp{<w2ImZl7`rteKW1tS5Rw
zdE#qxJPrghr3^8DKp4+duc71B8>r$VCiP{<@5>-Ajz<T)aT?O}l<lXif=g~50D5hK
z-B$N@y6($C)mA-h(r#MX6XzZ1bu!|RL;ml-Uj1KAVZC(%JZ{}H9~35ByqZV-vG$`1
IW$W<&0T6Od-v9sr

delta 143911
zcmY&<byOAY7w$QSZdAIFMg)}Zl9mvVZlt@LIY=rJN=kQ0N;eWB(jnd5-FXN7es|sb
zhikE5oOk#8>}T(Zjliti!H9Z;K8HYz!$kH+?nPF)j>=D9JAeB&vZa~Bd2GjfnA<kG
zy3&$KP2PW4=D8+rzRIhpu#aAnO^oQS4e^w7@{bVTl$xp{LdA06Hcb=TlFE3fF~v4P
zd)A3Lwr49VMI6Vsw~mV9Q@Qfh+?K)v!fT&LXwAK@`jUO-j#DoES_}m5KV8GGvnR2W
z6pnI_W+88Zw{N}isi-KzIzv09c5FGDx3;#5EI9eONy6j2o8~H+RC9?I9TJoo1GnpE
zX}qp|gER3CJ(7R^l!E!gw@<y21Ox=E<>ln8@)T31xId1Y<NJ!lJ*L$-<5j<qjkws|
zx+E>^K3=A^7n_iCnu<TAjekGgIT*oBAdVRiVMN{mG@pqQpPrsZv-FUBi;=Uow&s|c
znyP0A*h~CvN+kr>`xd6Are@Leoj)ltaV#!AzQuj%14DIAUY<R*Cz?{|5M%TTJTimg
z<PnS;!5+qz2TNBtIw~E-rKW{^9Fnru8=RRDZ0GFL9d~UQ-<@=Sw<iiqHzJy-E(V2e
z<1h#MXGkKu(#l!3DJdcu%!s4}UgCTuYVz^nrJPsZA~`u^F4JdvJG<;I8gWAu7zJUJ
zBJOe=21R_SFv96oGBw0;;d%-=%VSWs4j))YD7*Cos=AgvyO$4dB$!UEBKMi1(*kiN
z3O~OanD6=Z-CkS<f|qH1wB;M`GOaQ2rV;SPf*1I9DUA4hSgE8)%2^HK&1@5O9Y}3S
zwO6&Ic+ld_&uZJp9}p=b^Sq7MehlL?L&>^i8FR)?cP_WZ%-$0$ZG1jY!+i|tv{=rL
zE91b-^8T_GfK=b?S8V;<aJm}j%ty!Xv2hFu_DCssxHv4G$Tjb-<l2~p;96f0py;aJ
zg(9`gH7hYm%FAOsfBt;d8C?z(QfJzM7bk`?;Ni`TPf!sbJp4OXAt_Yqx|*sr13B=d
z(Y~yx=u>hs0yg*SUrOSiRM5U;IfqOM&`QI4&=QE$@SRJ)V)+m!JS!ez_y$KAE3WrE
z6?MzZCYJ;ztM!J5h7Mbv1J9qEMlA0TZk>@|PP=~an9rH@65g|=byQa$t1c=k(rMJ+
z&$@0#E_PLBqH~6Rd?Rfwl)B>diCE%B$rZx2)3R5J^-A@L4aU&;fxGWoZTUUdUUuXc
zA)`i48OqAN{M@y^8jI3`+r#>|JO&I<WwLOXOW~MT+!#N=cu$_A24tyh38nj`u}S)K
zqrt^dUo62EQoo8cRvVgdhF?WhN*lyvw>#b`j@|4qU~Q|<>Q2nx{-QH{5oLJB+}&*y
zgexA}%y@C!&-v8piCEh19vn-Z<Vl7h)%9lxV<7lP8rG-J>dsqsk&P~55k;xNUy*qZ
zU%RWxf}TL74nzc6X;>^Qn>lIv^L~R~=2a>}I}WKLm`X#))qthrg3m;VWqI6qL>L@*
zm>c(|SwJXS+cP&US$rHZ;ziynu~?&f4AVl;AKnaGC|^Q}?LKgy|IKr8nR32-u07*$
zN?3dHN!8=-H1@`>0s*NjV3YLwxZ$ry|D@{&D4M1vIXF-IQhfI74ay2Sdq`YgYTP=a
zpiM6x$38J!|AuQNeBp;I;{^#K@~<2-@n?gXiatNcSFw^1Ig3W}Ay2^Efl+A46@MlG
zbGq)$48jJ7Ugjbyc?$PyktcG5gG=S*dhD1;;iQJIF+AjhceqXjAgtevTVR#h-}l3S
zXtsYpKV}jYC*!T`L%BowwRO08Kd5bx8{^f8bNw}CYGA_m>{uaZ)R(46VGUvq<+!d3
zV?0P!*`nra3*;4F$~tekySb)rz9{#(+coH4Oy%0tlp?uzjH6%RVq$x~l==H5#W&mc
zhA_;5sK#KwV#M!7ALr1O5o>K^0lLU@BatTjbl!tLy4X+oFuX>a&2+r<gZ+3p=wlQN
zeyvuN>qhhXN+?H+N>xZX<r5E_gt?x0npQNqf<BsT1<VDb1()>Nw1#s37U;aP+}obd
z^c{nR3EtuQ?l%fqXZIppwJ9xrY~jP1EMvCz9n112PO^skpH4P(bSqw_0I#NK%V5_v
zi`Vy&uHWqT&Oh4u`WY8??WH4G$kKrarb!T_gMx)V2v%T3^0R&1Z#8p-0grI!EnK(j
zN42eP*Pj0V82fXUo;LQry?yzKh^C#zy!+~m`ZLnSdA3*>EjFH;FovL8lzp8xlk2q6
zj=Au`K!8t=t6TwPBoM{@74-(0*BjoTjWUxS<E0tFNgW{yN#^!KpgQEvy`EbNSx-n7
zDt#ZgdvI~zBxkF@#dCM?&7-MXzopQ<@N!D1&*sx>WP9#>oDe&;B1%oj&H&v)5DF>~
zwe#qP#Q{7o?+CJpLj}=AzwrpXVeF#h@q0biyvX(_@=2s5@S!Vn;savIwlNWMTvx#O
zde`>x@*(~D)uCqYTfT3`ZNXbpo^V7_N2)r6n=8ZpbqnN{WjKa^nC#rgm&#B4Df3tv
zL^5K$w6J-ogO!ar@7Fmrr`3PN1E<J!J$vFIg_fJ4?^{B5pZ8pLx(^uLOo%g^hpz+o
z22o4~#qZyH0t-E)l^TO-5Jn_MI*-ZWJy>Oqo5o~#i+7Q^W1B0vZkJ>OYl)kfwKBQ{
zF=KlxI~Hd9tAclMdkj}aM8D+v<eOI)=khs_55DAEcN2d?>eBuo+_(n^VEBLYZxfp`
zfUh+DGJrByjUC6Rpz*DMHwf<qCOZbzxl1CAD%Bt=fP~)2Cs_XCw~oebKvJ{r@6Iqq
z35GW1YnF?iAH4NYWpw38*vV<9xt{OQ2~&VJoLg<&cXdoUwFFbY+C~50*>-XTZ?(6(
zWX~$k*H{)d+b5K&#;z0>e(N{iU>}4m&R}bAJGRmV5Z!tGMt<oZ4S(x2iuU4_)UApG
zJ&@0WY9?+dw-sLjE$OS)gc|6cal4B+@^I;>2QWj-9j1#0jv=fC@9@c7(z~=k{j3)H
z5qvx+2-6o#<-5Y4|7v=t*tsHJ%oR{auA%+KcWLE=9+FI`uP;)qdD?&wk}iUeytQwa
z(cXGUE8F?y3`gtJoKXkLv~`#l>iNC|klX#(cmpBb#_*X#?~2(o2O-1o&i>>9k!|6h
zW~_m2N&#GEn!N}Y_~~C)PM!;43~smf^%M@uGhdz=5r9cM>x(|PD$g8p3vnEG)Z5*<
z8&6mEW~kD!ZXH8x6xP*vqS(<oc!4Q_9<>px!i?x6VcmpX3r$Fmu|giyu7S1yW7^)a
zD)YP@eotG^E64U>II!qg6&)!Vjvcw%y}=V_?f?l!<f9dfC&s9J!-yzm@Xtt=94bu#
z$VAOzwiSLzpXg!(;r1-wG8-Vz3$lp~weW3QOXJ@z>Zx?|V3((%9yFQ0bs>C6;RIM^
zUXD;|8M!TqR2qh|gfBuv%^2YP8x8+cpHjOyQ)RHjOpcclX}E%IXK`Jfr~R)6Q8G<T
zhx#@H=F!=lDmQq8YF2-XW5W6(B%Fp3u|a#gxb=|MK847}Z-Kt}6hp3nfNwOA$fYlr
zyxUbxRC_61upoTJH4;x%nriZq`#Xe%W~BUQH#y?7dOd{>@P_!eKQaLE1)1lfV4ZLc
zh<`piH9F?#<L73U7GXH<Xqi9R&KFB*B<GLQvTB_FP9u0*`}MD9*^KLIE$8-Ixt8Pi
zhe0B`=SWPVnQV(26veJ&7kY&Z2hX}TfU4k?o39dY#h7LKr4F9)6@pT^$4bQ+G;}%B
zvr<@w3$x28CtL`$>H*RmkTWY;x^tFqPqA-U|2*;NB}mV$KC`ehyAs2Qa^q5HAhoo!
z5VMrw#pd`)z)}25Y4H0Sp;ALFlG18EKV9T14hD@I-#^|e@K>NN2>hPjZA}G{@y~K1
zsxVmf;{8L0<15E-&UZ}l#W80<5OAMwyvJqD&{3oNB9Otc3n)Z&7zcmNM(GA+$A?jB
zsw1^N{C~Cr!L^c$eJi{DPYrwi`v@*JNqyGbs!?D2m{ju&(=BW)SF@Qq5nmH3d(U^5
zMDuW7s=e2Wmh(6a$7y!ibZr4VE>GiSp^tCT{IL%NAjPNU1Tgog9VnTcGaN^yXIY3&
zIu<v81O~(-^yJV*V4E<yH)nrAk-;XqG-gIk?9#m6o%l2J*i|<k!4~T@{PnM%)f-Rz
zWZk%KS<_9HWUh$J*H3c1a3c6m1G<%JcpbGTlb71w<FGa?W?-y1;NPP90}xjECKMn|
z8@8wU#u*VtMT-(RlalD6jS7NF3NzH1ZxC`5YM?APBj@?n*2=4aCfk(fyS<6J;%^42
zN0z@V{&{!FsgFR0RsBsSn|u201ZyonG0Zo&=Q4JrZX-GmKax__=bW(QJ`0a(C=Iuk
z>_YIM&V&VV>~kZ|r3@paKQ>Dil^R-RPwh|&bHNO1tq+bnOW3yZn%)Tvh%W1vtvDd+
zh5~{migswlG8U4$61oyBr!V}Urd}mxP>p=#sA_HhBx{0!*&YR>y&{EC((ySSnfr%C
ze8!!?hnzmTI#(RhMp?CZ3_|K1oxkePP?y;$$?NnwlI_;B3e{BSs&hBjMZDmf)chIJ
z<P|}We?YZHUz7hWwC<zD*1jX*WBxk85|3gvDrM~lXP+u)JZdnOTc{5XM?Xv;wbE!?
z@1x$|)55iRjh%z_VK)tAvf`*{a9<pMZ~S!Ax1Tm(cz3tMfxEm_wkeCX-?;R21XI)N
za{Vimt{Kw`lNIgiQMw$X<9$?{{JIbFLV1zjpghHXMII0ujTzv$-mc%4unRc&Xg$j7
zO?3P4tqPCo#UQT7qXWw?LjH4)?hN=JBZzr@(f0shVk<PTbq~flEJ0P4RbE9ibv$g}
zvu75O#vUB~yW-dBgvY0M`)Mg#m-4kA6QZYdLwP^uXNB^1D-$UMwZ1B382s}QzUVOZ
z>F}MonGE!?MR5gu#2-F(#as-WP6!9K=6N@w?4t;$UJch&j+xRFF-44uMzQ+wT?OK1
z@q=jXp}2ipDl~md<_6VP>4stqerJ}_g<5T*N}g{)cRr~I(<iw^hJCd%()l);9=Sp{
zSF8TY_2|fc^zADZ$}GDh{Z^0hR$Q!V<Po?{%hQcxS?HGo9>NRw3P2~z=J2e$Ku&nF
z3-@Ao)O+8$K<OUQL&^HK?$Icj6693$0`=CLbOjYp{L>Vqw&<h&!{OKskQ{NtQX~s4
ze40Xt(EVEC6<9RN#u7)f8$7VeKCO@eC5o)`=I5wxj)cb8l=^qB)JtD>Zk>f2Q3l7*
zQ3iigJ+85|w2ud1ob~Mn{0F!@?rpJ1g1J?!!o9Z%tvFtjO8niQ+h~?vy=JPys(o}p
z`NjHk3wDvYg*x${f@(tX&_|^M))TDXo|1duc<mNoKvm<^zHhUindJJtQQBMWaWtIz
zB3B(AC<WfrC*lj@hL1&MwYAsIg|+xr<uS~^$_aGX#s}^JBrBhHcIEZAf@-<TxGb=O
zp%k3L63aY4^1eil2pTeV(hM|Z8TbO*K|teP*h}i&4J>#X5{1C88XpNJ*8vdBu^#*u
zYhDeJD@cnR<o*t)gla&70xGAu4T&9=U({xP#FdupoUt}TFhE|Dvp(r&UhoHTroK>A
z%85B$loCKeb>n(U;X_ip&VJ^61Z|_F^~M*$c)*)rXfw#@e}ttU1&0)^&re-sokje@
zKaNOKCOYvhcXdK^7&kRcT3OZO!M}514(|$I!BR*;XUSpug|4DA{-cm<dTMT7rJ?s_
zU*75j<sT=U!_)RA{49^CGme{ntJv>VV<J#}fQApn66*atYcB7}%F6}c1)NqnG(a3v
z`=UYEd1m6C#C=%0JC$9ZBpXNDU2UMm^SJogvo-zWWl)LcJsD(CCee_C1;B6aZs`=b
z=|<7nGMIid@AK8N5C=m!lDOxDni(gZrH3VqVdq?+ZAgT1^f!v1O95W`knJvYvtKPx
zgK9&ReTzAcn*h0Et3sm=PJ2cVoWTm+dCJ^&rNEo&*T8`3kvZE!vCe)Yj5iZRWP?T*
z?XCu3RSJGOp=Mc}=C8kB<4f*w!hT+%ZhZ^s?qO?cI^T;P1N)(j_k;%CNt!J5&xfQH
z6rS76>q~eYZArD9dgA{2B3B4E2e1!T+gU~BnYAzk9ik2xK<G5*OEGaSJh<*3cIENm
zXnF@|__+;&CN<qeEz}n=#*3)DB{sJc#*4q;)AL*F$HF)>@=oIGsYn~o<e4|Ep&t<p
z=JO!FezJ5b@W72Al|tf+*H(KiFVnfXNUBS((V+8SYbAZ;H=_qOFvCC_*rSRGXp<~j
zjD7JJ<l{OwAXXNLdeqQU$hgN0%JmsW`_QzuGq34qk>;iF7EV(wa9zwW<s@@eguZ&(
z|9iaVC~w>?v(eI!tR7$mZX1epT%B8-lewY@Te81sf3bFa*?PP4UP6hS=Aj`r38<cZ
za}5k&dtJ=(C@lh&mXfn+0^V-Klu0-I8uQoaZt1wDm%%4onog+yb+w<5`+}l*ZM7fa
z2wsx4)Go8$=(EYU07!&vAWqb1>Z7qAGc=2oAf|X|;Hg1~?ZLu(zoO#CRecmdIV;Lw
zsma%Qb6tA>dlF;K@sPpnIHYAJ{K(AcqJj<r{I7FvHD}8F%t)T{qH$TNO;uU!m%Xt7
zi3C&f8UKt7s;Mc+h=A|zc<~MorIm1Qs-F(S{OFWT{}*MU_JOu=oUX@HXj;e-n#pDF
zSBCPV0Jj5txDj@@wXzf9!vRY&4-H|-Kq{xz{e8646G6|BJYtRHf#70*%cBwcyK8m#
zRLK42j_u|mgNt|0CuVcjo|3Lu2bmLnBBos#R0>yGMQpPx&MjebVe3sDS5>FSUfMSq
zj&?F&1`$)2!eeDX@O0gr_qLKRA-9`}K{3P0i=wo#JTA@+r7~7mjk_xH)2nCUTyMwE
z&&@$v?ZHmGnV?UBENkB<QuYWI;fgK`E;bC&LbXHm+EW5==3cY%db8H(9>10AiiMOF
z*QY*Vy&yIlqm5xG_9iqj5r~)*{QDZ*+ux!Q0`;V=sK(h!nKY@9-28`#Vp?K%jZ<s0
zrFT5?Ew0>zzFyQ*A3j^$L00=Z*<k@^1M>gu`57>8$ZAHz6OO5Y2woN_F%GhFk?;EK
z*2m7AA2_So>x8t)l^_U)+R{V+Sz#uBAG*`@7J_6(Z`az>Lz?8c{NzOi%+PFa)(nBH
zlls5Ms3BICfdNNZjgkqeH}4qL#^(O_2AbCu87aCNq{EL<OtZPa05ot}WKoGaNZ(@!
zNamov_%ic$W4pGRjzqL4kk&VIaOL7D#2w2<<iTRN(wbl?Wko81z=lbDA4B)FYqr)_
zhyOA;4^#~p-(ZY{=2o3qr8JuGpH9dLRacJ9jhaYU?`|KGwTx+>9{EI$P0<uHgBPo6
zTJXFK0DZia&x}|<r{gK=w&f_bWu4tDoV(qG`f0Vj8-@-6*air}mx5I%3b#Gx&$7_;
zaruuBnk)Rl<Bs3XQR_*=*`Ux~7{5i)qc~c@T;=siERjtYzL8-A_Ae)dejS?<s8a_L
z<y=i6FoMM;ixiSV5jjh-UtV(lW%g7PC|G%&A;;7Zzus_k_e4B&=v!%%gD<P7wl&Dd
zobVi4>P;+{>Qfn5r%-u53u16hlB7DVWj{^jR*l3rv?vZ!-RGf<iudxPs`J)E?SQ-G
z#57Vyz9`o$LcL&QCrpq!8cU)YL>ooehV%Hl`wGw7S-zl_ij+`9Y*K>$rsabIM(<aA
z0c>2b)`)r+LQKIX>UJGcTmTzAzT7N;OfZ2mBQ)RBpIvNowT_2eq!p>i`M%cn>p&5q
zbnqX$GU{@iC^tcQrcshzU!TZjJ?1bVbk6R!qxpKIgT0;&@fM@3ZT(m>2Pr5DQmX;I
z8d5zS=X9AcaOctt7Poe&1b(Wax5ERoUZ@>eACA87)IV<Tipy}Q%H6(%RDb(G$GQ6k
zCFQ2NFt0_G6={R0++}mP$&0FT3}wf^_U>vs2W4qtztaFZ9|K{;rY8ySAJT3Cx%B*k
zf<+XO3+UUoZ(k?#e%>x=h#<9Z{QThwgVX)(xqC><Y=b+8SuateKET%6Eu6NGWhqM?
zVH?tjSQIlgck0niQ{`qmA<=uJ8e^J?6>25vmMA9GN(H?@K$aw?-z8y*%xulG2({b^
zq|fK-Gm7so3(KJ<aJIy*qg`S}!>KLjz0(Z2QHy}`%s2$#)QU2lI%sQ?tgfzpBIZC&
z8<6($;@@w+X8rT$4-nXHWHY^o9(E5a(yVtWI1%+Bx@r`<WB!&KhJYT@E@yqK)#Z4n
zrmEUrHLfr3?JW?m>x70u$og)r_iJw=SC|8D@9}_0<hGxOw;MaryPmk`pU4H`K7IN$
zo;9>#ykOZf&!%A-NK_0hGlyO+nz#lJAa+4inb<kwkVhcxGJrn9St2tZ?F6JWgZ+6B
z8<dD-<gEvm<P3!4RImr4L05_vX40;}Gs`K>bn2z3h;8!oQ$}Xy`=upgkc6M8cYVgk
z$M-r-I3+ii{^o9_NHi!YXmoT`aAs=iHx{V<5pcH-$l<&i&ZdYoogx_erp%ZP&H`dp
zI5|1l-S>2X#H1w8o5QZJ0`9D&+%~O_WUoh7W}F9Biz@otI2BaREu!P%g2xi`QoTN2
z9<Ouw-CW>9KFf5VBElZSf{4N&)H?FU<Y4Q|W;b-|BNj7uJBsfrDU;XJTrS6plQv2~
z??G%w%;B6uDak4$ci_OPEanv+Z*~1)-5M+vG7mIT(BVZ>{*pO6PP^A74nEXcPy+n~
z&O8jY2)xgBGIDZ)A|kNe_GUg<CcZN_cQ^18-b~MdK&T+Huf)`bwV#A_GCq5jm673p
zb#*mvU%#2#slA<7+H^KGr0+9!?qSpOX3W=^|H%bq`VM6NF-plBxmzdB%8>1PXUz8W
zEFdd@V?Z!^ZOtr3rNj8eSdmtHP4nsV?-do7JqCC0$G1Dbv$$-fCY9hOeEo{n3dYYw
zrR5VkIy&A6=a&bGWRBvW`XLi~@HWTsIdT}o+T#doH}`s867HHh8$0*S(T|)hV)}_<
z4eB0(iMni+9n`6Cs>HKUd6qSmjhZrBR6rBgol|c65f}Z%hnlAx&n0dnmsQrRnv@*h
zCnyNwIhS76Tv}#jLT0_Ti<z}Tbbp4EcD+Z!`1SkuQck>nW^Qh9Tbp={3hiSwZkq{s
z*D^?m#;8~nZ*FXeGIds3j{NHHH(UN0{tRMQw@R=)e}6kKZHv0Y$1Z2R8M?XHf(<;r
zqvA8ZGS}Yrj#0@lsiW4`*1jp(ZZ@0dZn@}WoA_>uk!zV5vxH%A0n@hr{{4IH#Zs81
zt!++ze*X5vmfyW=P-{g$f0(M0P;7s{qVBk)^{o{n9(rzGp7cu86XO`9RuGwaM~*G=
z<BA=hKX=qGss2zK6>Ann%zm*#8wS)Qkq;|4kcAiEL$TgqQRH;9FML9y2XwcOLe8Ib
zEU_X9OTJ;}OMgfEr^cf9mJP|&QQAbnt7Rv#?6A6$^L~f$e%fQ;e4q!1{21knX<xZ*
z();%?MUh(<P}V_h6C&i!&d!JY@DNnAwS7Kh5%cP)ze-^Pu4S>MrKQmgaB-OIKIb`6
z-4~2S3I=snJ&L%sP);O+O_t=LkxwLA@3{6p|EGOhbvawo4_J%5{pNxcINvl%*UqNx
zrJ1TU_PwN}kbC0U%=c#MK<LrTfTy=F0Vy5taUIv|N_b%s+O>S)BfNCzQQOos`>VG%
zh69&cN)@uB1;0Bk&{GG*f@RxYgM|9t+jrUvhm0&p(J%2Q^`DHWrQ`jUnXB4^O}%C0
z)FOD@qhez{L=^XwCm+=d-y&S#{bNIOTK%0`Tv=L#g}dFg_b(M9Eqm{0!-^XkbNOXR
zCEAAi48EobJ;fLlI-gl~*E{D*8|do&%E83U+*WN{Io6vZ5MLq>sDi`CckkZeVuze>
zdu~jDi6-ml_(C`hr)56URI7B(ZQAz7w~~6R$}`cOO|9)!4fV9*9f^q&SU<6>P_V13
zt7NN0$@bAw7~2;a+WPhs+v(m^p`^Stzr>T1lR3q`hL)ObN3i%-nDrUoUY%;jb&eLO
zzQ7E4_4EaDer!7+8~O$h;!Thqn3WO{D*uX3LW#EILl@QT{^JAUn~JHmTdDY7_|uj5
zmW<zh1}RXchY<19;u4DNon(2a%&hsJc28PX^~_lZV>%BdgfEM;EG|(jxa!0a>YC@I
z3@(t-LST;5tLsYp1?WNi19f-9-yi)kvCtYb&m3Y@&3$bIOjTOemP`w^4YFg3XW)X4
zH3LhyH-3Jq5YB9u=F=Zz#X6G}<~YQ}#FbT5pHovQ?*5eenfh$&%#*kZ;mQ?MQ$Rao
z4YVW*AM+x3cx5*(cnAvj?4M^<(Les+a=tZL-N(0{+>U@FI4Cr@Mb$N-e~yrt+dbfS
z#-U!K+ie0w3jJ&g!f+&8$6Ju)dlg6|`A|`{k7SCcA31+uj1SC0>(Xs25ocn@j32k=
zWRy83a*^Wtt(;B#@k}w?jVn&Nyzu8520q2h#*ctactukuT~Bo5yCUg91^5RK*z}){
zWmY>jHXUd+Odumv3P0HKfQfLqTK;s6E7msLl?DLWgOfoC$#Tsd>Ynevy1RdDpSpzz
zM0U0Jrw9}j7G@R~7uQh4-wKb<%_#~}<W*MUjk``(+mc2sFPvXXo8knH)#rB^nBpA_
z%2Ud+fn)R3<ml)C+i9>;1{>TR#Xn?M<3SrnviDxybx=zxgPzblAS7WZNU>gAGuH-G
z+uAiAN)fPVia!0E01hZm#s}hO`6y~1C$P12U72zmwBp3+UiLo1f`jDuz4!OIUTh+d
zD*qfjKY1g|gCz7EBk|y+Pfl#Y7)z{-vB_(lZqf043P?&NVaGSsh@E1c)2`UdFYzc;
zGxQwDuuZJC7M<2oS{-GOTK!SRmA3&qH#?sYWu5j=W>Jbrb9G*_pX`{J?HkQ8)<noj
zJoaXP3g5c8xlxpDoZRS+AKOfuEp>c|iH$9{`olcuxlRs_?TdwQ?|l28b>OCrSQJxk
ztsei8D?n@C?F<&rK!=RGe&sO79?4VcV#j0!?a;J$KFxEpOM2y1SWsXzUIOUpL8Bdb
zUkg&Cv4#Y1L>kPvjjJuxecT+8KR!P8ZaSjDE~%(+KI`Aw8n|7mZfL%}{Z>+Y9QsgJ
ze<?HeK$NUHf}Ntj!56G5zcDIucvR7gDJ01o)r<LRF29L#`0=X3Ff+trrt{!yw-{x_
z&sRpZBwY&OFbe9f;An?3Js{k+q4wGZni%|}*HSV&@6rLs+o6Y-AX%7nA>$ixGO`C-
zu~MLgDimjIeH-W}bwm2KeVS@B&8=S=?;+R^qB=3Ktb#SxX1=*e;O4Zkqp~zLNQNnB
zexHGX0VT3aLQ9Kyd%U!3`!wP=1!~S{1jV9Ou0NkwDsco`VN(;(1Zm||kdv2h@SexP
zzr#M6lgCfm)8T4cWKT&+;f+wG4S{cH{5rUx_{wc-WjWdLVVLMPCibhOnG}7v0^96W
zkHEg~VuOZ$^I9k(XcG$%I-aFs$76TVSy^k-u%<Zv!X(MQ#>>d>v3w#pLDx++PUhHs
zz&vG4(vm|IZ3GNH`op;pW%RXDT9@Sc0Woq!mUmMOzwTs2`0fb>q$_fuegAxz*jbkM
zmU6bpUsL?p?T;LH)A4W_i>Q8SP3AX9Rdw}u=XFK0u8g|6x`t4fkV#*=xE&I@#{Ko9
zqoewDS`LNilM@#~ih=wc|EO5e;2_?E=*5dR5WWr9!vI|>T*K?L-PZ~1(8#WlTR;Ap
z)D~8MQOF2qgT{s<S%@-Y3~Px0#y6dPF9$a>v!6vDp8TY#VaIu`tsS)-DKe+qVl<*x
zGk3bs_O0|{7>*)!=1Yew|HzG#`E58J3Bq8>Pshd8Vl?f{MCUwDCRv_?#E*?sH}k=~
zi-J!Ca^C>WEBOXFvVHgQn84H@nzcQMz@ni*;;XjFXAraOOUB-TY>u@-;t^V8cDss-
zrmr~qzQHwjhnh2r9l@s1Bd;c;D6+;OP!~Pj`j65YkNA~;Y))Peo=z+ux)8GWd<U;o
zqTm<W-c;}CqO$gdbJR{9e2lQLux8ISJOn9zMgo*dw2wEnN6ypt>kxdKYinz--|hY+
zwWsCah_0`%FC#<FEPcPZX}-4dE=vy$2*_};L0gn@nTtrNVw-UrkVtFX+D@~l7>4{3
ze&)ZDM~sL-Pl04fAsNiZh5AY?PGgA3&2q!Ra?i!HiJlmy$WqSk@}1||hQBW0G)2^c
z<_TDS<Sdm7Zh6$<NJb{TJVA*pnq#P<MeR6Ehd0t;JG(z8GG1<3I4^b@Toc;$^xW3(
zJjX~2E=ZxIJ?;yDZ~_G4Zu@fzECkd06fLPiYli3k6V>6%yt7RK!A1+GUeeY$fklW;
zE?CoZBJdOe_r1CGz@qDwO@}$>rl221KoLu|&E$Jity!VNzP`SORb^aX`~#GauSeQq
z=UT)#OotI)k0e(#)t78VcvI?K?DmL^@BjGhYk-z5F+#@0>)Du_Gm;~;^#z|3#0B0{
z<l0#z<BkRP&Yr$H$uG3%i3xVF>+o`z+-mAB;OVBr1mNGG63?Wjo}yIm8VaxiZjlh)
z3{ISu0SWV7Iuhq=Us)Y%h1#s3l%zS+^Zszh;?uI{50T!0@{}NKXmC)JorsnseDAHU
z7wJuTX~{rMO%2%3DI{?ZO-{;sd0qVr@`(C|7?pOn6Hf_=cCYE`hVfHZy_yD|rmCvg
zu`%`Gk&*7czRvGO62U-AN%Zv0jBe!^Z$yBp7AFr+X}pBkNvu&Ka{jH|{UZbp#~UKd
z_WTKTy_T*1Yf6#j-@xt88Z{dHx)^cTq?5b&hhwz!4PQi?tfED7^01_}F<Q6@1BwT)
z;*m+)7_atnz2P*?c5_RrZdYe{bkepJ49b>ca{Qr#j6W+ea0Ix&PcUKl(gY;U(Laiu
zt#VcP1L`ZBX78@?V{;4XQ>XDYl0ZAV*Dc-PAMc6deFX&t!P8My-UtbBSqPGolauuw
zMO+=mS18`96mpDVV`Jl!RZ#FDGc)sc?5wz`C_6V78UD~=%-@~WtgNn{df_ZI2UL<V
zc<z6+OzbcQUVw;;X&V}Lm)u5=;v)wkbICD5e<K%bH~Z#6;k1jD*n6+VEn$?Cb|z6h
zomLagAY%F)K6-um&-ltQYY8iem_GC?7x;X4D>3X}g*zuO5i04s?4t-@E0RYODzBhm
zHPXMkzzZVohSJj5zN=m4ubukgN=`PuSbHS?xEhdWG=35`&09TE+NU_-QeC55aj8dQ
z#f@_fTRHR?^A=3qYa9CGoEP(yjV*F`SOpyeqk&ESRQJ?m9!e#2CTn6sV{2=x85gu&
z?;)5vG==bH+9WzwG@=Ofe?u^65DN>B?MUEed9Gy?E5LzwMkp4eb^iX&{dZ4K-9}~@
z5Gs|`)Q>VT-Bd5f^l+h)kdUZ%FH&83J`UUd&5bvmkm-{f6W)WOUweGVu!iG>LnTB%
zA3j|&Lf}7E8@4OTTe2ByIoyO^nzIpV#h=Mqon;wTyJP3h*voFQ<zlfp`l*l8BCNJj
z>Wh4<<m1G#GWw0(p<-SYY%7hd*_AF}={?KvFoKJeP1_qna|nY#M09$&9|~8}+z(mW
zy{WSwJ?-@nPr+0kCnu+gChv3oMI6H)?~zv4!Cg1kZS^_7Yg<s_`u+Xsn)On1`*c$+
z#vB>i$JseKi^rEz);O=m^z%lRWX|qxeQH~N5$bznP~)NN-NcsqtSW)`#VpXYqsO2r
z$HdaJrQILCp6VUJ=DR6B<38_;81Q57T-UzoIM@g`T&nJRuc6%5yMgR+=78(VQ|Ub@
z89&mc7GppqmX4dSbJuO8!PPF98L9ze2no!hTB325%=ibi;}CAlgM{ub3V9=vg^E^l
zI%_q@;O_U!jlHa=?9QJ;Tmbv;@dNfuu(&o(JPL_N2lVG0DxN|Frpp+iKXv(Ous;Nb
zEuT17kn>M#=T9F|guCiUcp>6Zm5yJJ1)@EvA2_N1C<`_~T3VE5@kd8aAjA<TVAYk8
zlKQESlxKdijSknNB=5=qVPj+$2Y3yrMJkZ-)iC9dNVQ>rfpZHS)5Yr!-=;e0#fwt4
zW<?5rR6*}@WLJ37GOt91y8!mMOWDzi#z!mNGrs4uvqC`A>D{c$h{DcP)id+XkN8dq
zg&Rt+R}CdL5{;{-=Ip+|Jw&uc+`4=teO=kX#t2E~^djBMCqw!J`W4<2CxxG;NiIJ*
zi{B8c(n<e5yAcM0NIu6Z<iQ3y(2#hwhaQ!G_!*5LaYYJQE+<lGs8(&bBq!@?w!KDS
z12aNRUw<wtEe&w=^Yc6RmC!R9bk(aI>sWRKn~8{JWp(wRmU$^sAW0K!<U*J_ha5an
ztpFOwq${HHKlr1jHy*4D6IPjm8$`qqHkkGRaTW>+eLJzwG~ARR;M5j_fMp?1<ks>$
z*^eR;1?<68K3-jUk&u$|-JXni`|fMSb%HyH9(#4`{rQE3R<RP|C#A}6DY~`au@2*6
zAH6e^{Hm1@@4CNxez%Dda=gr!EJo$37a1?8vRxTCJ4$D$U@pi<>=G=(7b|c6dgL+S
z_F?ki_ZaU$apVi(uIzd`tr|t<(?Ptk6+|w{%|wT#_Vvih5&3C1S$T}8&lK4-HY1N5
zLnXy;DGE0Eu`|YIZM^SINw#Y$nR29FKi~l%6~wy(!q+TOjgEqN=!a9*r7!H~8uwtM
zT)f%Y*?|=U!lWadlZ~DnV6Qc|4>&n!JWArSCJ;_z%PT5+?M3zO=|*a>lk%Waj7lF(
z!3%I7cdq_w>zjzGiV7G73~8U1d2360R^tu&!Pe{{EgCeo%WX+p<_DhF%!o@$cIq?O
z>Fv*NZCN!R1hL_Ubr!BDKe@$$vzA!z*D%6~NQ5J0--vOSY~Ssi%?ks=XDOw6P6Ke*
zg8saXVS<##XT|<o6vJHBSvoSt?w5z!tRTO5$VX526*+qh5!(wNTnW&~@)iVWw>CcQ
zv9d5_S2O(_<6;|{s(rG1))Mejw!?C=BIRddI7DQ!d@uHqD*R(uSXOv=ctxI4TJu%Y
z`CR+*AxLh4pqPOO6L4xnV=zplKlC6QcYUEy(STA`P*5<=WDJHB$b*4(ChY~t=5G4S
z-15iLZ@38^ShjM6UfZD95z96KLR>sNBCbD>2z?&t2*BxZsWTz>!!oZANM5b&HSFhB
zR75v63KBfm?f~fsX*;_;{l(I4in;SS@5nILdem`Opa~?|KL37>JP6HqBuD9rYu}J5
zn4gv5G;2Ao>%`FTUAGST<>EV8KE2HSxhXe*ns3oj;ahv2*;V%eQ(`+S1;Vf|a?0UK
zvWLFvqXTBA_sE<2LGvV@$M>%8B0HMSzWJWVc|6UBgi1Q9ed+jAIit_x#zmIUmHqtg
zbim#cNc$j_rDQi#`zW$2z%sG%xL@Gn)-P8nEy8wMGwzR2RR>6FPgL9LoWmno!Nu#t
z<t`5EF_zaOF%+RVRkBZ9(in@NjoRA<t%k23&#~)jTyKOaGoFm%Yv?*|0XJPh<JD0Q
zo2s(1=$ki>!U&!lw*{i<dalOe5fIQT@spbarQY^B+S;{XhdNp7xXb`w7vSe#36#KO
zhtyjXi>|Q?JvC~mZ+_G@RI2N9*Ov1G4(w*6j^sgVE!~Trn_WXfX{o*pUI=|mz<QxG
zLgIMwCoBbJR$6gzp>g>ZQRt%(b-WNcjkC*O#koNp@<BwB*OZz71!WAZ(t3KDrXB*A
znwyK@qX!9t8^)=+4Q|gryn=yE6WCLM{5Ta6=J42<l%5{B^>|56dAVchTa5a+$Rt6}
zmlfs%QcSBLVvJRlb}XZ+71K7d2YdLcwY9a%j~_pVtqr8zx4zZT>wHKGKR;m*(Uf}I
zJ^6qLGB&#2yH$eMI~5v`$e)05If13*iv+0h()^&@1h;ELBD=zNX}rEqe|YONxdMsc
zZ+=QFI;r+f8S|03`|VH0N9nD-;^qx~BD$;T%{%mG3MUUf;-yo7m@e((tEYL2N!+`C
zfV<<goym$2kh$fypL@+oV!Az63^LB?F>T9-3-xyAhM&Q(R1`W@1HgM#7%G_d`7?D3
zPv8d1bai`cz<|j8&3qbgcNy(pCkjq*L*GSOB2Hw*XyY^@7dercH&iAQ?LZi7SaFIS
zXn&{vBzW(?5S?~8+LjcnVo$N>d`%9a)Fc1FiMI!-cWdYuml#@^s-xgjj6m}jU8n+a
zO0~sMW*7*(E?WVR=FqCKBL_n<uzj&f{prD_4;~&KyX%%3*p!w+D6kM=!wA$J>3D{E
z2%`|C+&k9rrx7!U>sEYg!OGJ4(XOO54I{ZRA`W|6$My=dB+e68<PdlFUmX!kt&RHj
zL>_~V$t_CByyXobvDl>Xz?U?jfL4&fc^E5m01Q+mGxt2Nw6&)vE32l2jed^K`z$RV
z+iA$zZfy&{vwia-`}N4oH<X9TnuRR9<OG84AN<p-dN)5j)oHj$XFY}gnn$jH{B}~Q
z1!g!HbA1%Vi>{BdN4x}>RB%?{8nbK0O|m#cuuJqBNb^eyF#6Kmx0K9*cWbwD1y_E+
zz0Z|4{AE!B9u;*2EN4`;Rdx8Wc<5)tr3**4VlUq+9pUoP4ckuQA)cz!hJtVNvrcDU
z^X7T8jJE>h3UZ-;@GMmx=6;ym#jaPrIIQ>I=J!Qx+b$f3sSpNdhJXK5&}mywb3Z%J
zea#AJGI1?<8m&_N-2=zu&r!=S0sO`zDGd(S4T8ioWI?JxGftW$HxgX;=c;lY;;S&9
z<u-M?q>NR`5WBpT8F`o`8#7uI3w@SZiMDUP-D^zYavcH5)!a(Cw17(AwJs&VX=dU}
zUaX31K(&FT_FvJAP&wh5qifLwn;e8522A*$bN}zKGBBDHpaMcof_oAEE`(DbADg;I
zpp+o4A>>xdq}d`<T>SX*EbYH#cB6g5nprM<kCNK#Y)&B>32|wWjwMI!#H39N`}?!=
z()uOEe<OIJF}vH-TYEx${J!4<1JOT;WKchKPSiR^BlxU5a1~PjR@;NkFB-OgOalJ!
z`##y#Cpj;W#hjg=HMs42PP)zpX&4;lK-n<NWupJ8U4}F=GJu(z6QJ@Pt1T`mUcyd)
zPS8~QZx>wm-|%(^@y7pY&v)7etR;1oWF;f9JF@n&!oAw_q4NKpC?d+WWHe2W`C^M(
zli8;G5&f7s1~4kAKfdc?_-`i7{$;27%OLlKj+h^JXHZ>Ey85i={S$Ck;IA0GlA>rf
z5|yj#rZ1{#MJPQM!5$@n?Z2^eic}syl&%QtPh3*8*k<i}&TzlAh-=Cg@SBqdlSjD0
zUO|IF`4{7oVt-_#(fL*S?L=Gy6xW6SeH+jT$%k%21t05}Ns*{B#3$DAeLbJ^+fVaz
z;1!{ek5K;WPd|tYG+gETTF2)o0!;8GMZc|>2CikM-J9LIh5qU3`0hAu3@*-8H{p@J
zV`)K85cYqsGn9M%|D5z5vhhBSqLl`~uXa}(2kC45x{I42`2gtsl!TD<e=eej{H9x=
zj+ddG(9($<zA80n^cZ@mj7<N1o&fF=2Jj2C?@TqJq;+{6ainQ`RH$tAwfmO*QwbB4
z*42rb2n{X)a;YijV?GOtNh)`(b>@97Z<(rc*#_c)f1gVHz=01V@V+A<P10<zYw~UT
zRM2wS(X~EX5;HYA?)&iR3RnVgX<JupEgnNq#=(4^C^J$$iHSCw<=-EjY<VNMyD{MR
z?^_7tL9Mt+vdFHe8y*iUE31h{PkD>GMpc0SnucRvL+;P{^*T)-6PUN5Ke!!%o7#Bw
zrsk>Q`~))@wuM&P`R0J#>6)5k-?dGi{``cibd^F&s_W>q&<7_Xr;PF6HlxJfb8$So
z2EUJrh(;!c2L}r^f>3PnctGIVTa`Xuq$tLUbVE1?<?q%)fFcuq;kWtI<t~kzOAQeA
zM>{z?A9^(nv-{$Obxr{FuJSJZJ6bggUv=-KbJQ%9{e*`r!J`6+(6y~We&})~$-YIv
z-dtg}5-i?K#l!1VwrQ7#BWYwj)hm`cYP0FP8j0!;`v($4FsyXOs>^K2t6roz4LQl|
z2POa8OaS*6ejVXIbI!s4`#Y%!;dz8wpU&UFvi~=@Gh9$K@9Y>_2CF?C?hF(ECjc&u
zAcWPRd>FAgZ3-_6l1y=3uA)PJ&?isG<|Uh`@$h2fK;+idXX<N^NGJ!K9T#d`fSV6R
zIDq+4p(4TsSoIn=kS&cL;x_aV0Yp^@h=f+at4GHo9)(-)|Fp5KMtTbv+k}0L5Ak=Q
zdh$!r_hu+3j8KTNkL5wg7vEtElC4;xG=q>GM~>9z<9FwZ1O44cS3bi064c`4idjRB
zV-?KYe~{7P;$MW`Q?|GqW=dIF{XK7S(IM{rHNP^>D6GnE4<U__%-XLq|Ke4zD5A7<
znHqI5*3eC{j=C;j?4r)9k#fw9@Wv4HfNr5Br{G}~gjz}zqT6h|s`lmlY!^~pw|W0-
zfVoU0k>iI%v>$YrmvWDhC*`H}$8y`-XJLK6K8!Etc0r3{_}_wiS`T))V8=c@{Xpw|
zU+8aJy?)E5u8-oqa~{fzmKibK6qM{XH9Yr}hAqJk+|gx2u0{~38uJJ3NHRS7*I(`J
zV&0IEfFDcByp2hts|IQ=uYXyIPwqj}mOYYWEV5eP$IC{b_CMt_Fbv?Vc@VdQ9S1)7
zl{m0%5!n!DFw|`~boagI0wkX-DUcio<%>TX1|wr{&u&yM!NUPW6xd#t+zih+&?|v2
z$yYfvBtzepsl&>a$sC-Y5-hsSAy4_Mw+u{I8}4-r|7XxgxRAU!r5TEYOXF;MzmmC)
znf2+|Ra$<9r_~MfQYN@H-4%Yee`;Hz$dJgGo-;YhDpEZE8*0Jc5Ke^(Pr1oJmoM_o
zbprE3cd_K80;N53S{p>RfZvj1C_k&)XzO%L1mJGA9QKT~ly|uoV_IdPyhpB!dF1=!
z|Exko1%c_%E0Lvrj{UrdFv^$4FXA^+!+o<A4siRuC=<HQS=u#8?6Q4E2k0DPH_;tz
zw7c8rob-#lRR5f8IK`W>R9nuc^))H`>t7ECM@p0+E&&r~c>?X9i2-lVKWUle7Zg-J
zn@f`VRPifvl=R(P{_UpG^gQ<~E%r#i5;!v|muNVc`#G?d?MA-4$*5vHgxaTM2oa(m
zZg{8oe)0T8o~?lOIphPFBU9Fl2VlnGcT-5tGgX*T81Uz=jN}?M+G~%|4EO%^GYumI
z$Q56BwLq%9{fd^v+fiC?mUO>(nh53<EP8C>Y(}_hX8!!(x{(3W05?dA!;dxl=Rc!|
zef1vjb1X~vHg7+6vE|-Xy-~hnun}I)T|NFqlcm<ntG@}V(d+X5fBOQ)*~qPGsF<)c
zh~iVv`}yWXIFJxWep=62{5OJL;6l6+#Sju+IZ?^Pr{tRck&Q-=&p?3+M^gbb051WH
zLHSD!ZLz=My`p@J>eGdw0bPf9!WDPd5e$(Ww!zd5%C`KMJsuC)lY{0XQpH3C<rO+J
z$*JaFNQ!6GKl#F0`u8|gEO?JbQ7@DN!3<(V1?y0uRz^TxK)MmdMTNNQ)_V+L4R`!A
z5(^~P3%CQHgW47p&+dHcs8BEMJL9fI6o@39AAWIM%N~XO4mMd3DN+v>0F<16?v+x9
zG@{l*Ef7iILMD_qX-6}J8fmF-@J_sj8($^0xpaj8oMKD6x0#mZut|q7(oWJ`9D-i6
ziuqrPd}_Z)Ek!tObu(O!*#`VvhgYVarzQ9(eywo{j$CSEf1=c5a)VZP`D9PmPj=|z
zI+h`aGFBj*O_t+tSYT3){b+uuum!aHyVFpcXPzrxZ(udYS(lTKX4Va8?WSkvNq_x%
zx6|#6dA<p-+TC5qjx&7cSca?1r7-`kfT43Ng4@ya+|Re2fZclPuJV?%n)Ot@XT>j1
zu>T<Netx%az*Y8qIksjkn{Mkvv0uQeUi!s@#j&Y~%dz8kYhO1daqbOXbW^maXm7WI
zp@{V_m3Ou~v?_ARd2FZ9RCCpn-L_`xw1%IyQ$cc30y<mm(h2gpBtE~`E3sO_ZnCeI
z;u<%$n+3F@ycEg1uaS?l|JKK$Rho)*BFN?@@z6;n=6h(1u+iFUl!feQrPzopYPUi8
z*8is(jk(Q0kEsUA^#}zBF!J6T5GX4r#7|Qz{H+ggBy+zddWo;91N_&z-sTE@(p?e6
zVQvalH;d9h{X%cW8Ihc)FyQx-f#P!g81S~4Ur(*sP+k9;o2OEM(^Y=vQ&dH7#K3)P
zx;k<$FMrMfS$k(HW$m_WN5^+6FP)d6k+*$<M#1COx=vdJv5oU0wLsCn6}F##U&n9_
z&;M6GbKkzcCmboGPYm`S*hgvQ6pD#g(l(stuC_(6)3b*<%m5c?_r{FJ$GMYP0)<`4
z^byOMdfwzz(6Sb&gVklnZc>egxs-7^Dz479#<}VAa=&{@S;5RNzxjPlq`<d7ugn!w
zj^cl>1P*>4{_;3}Wo77ZXs^6m-#NRyMas3TFWJ6&j5ckZ7~J3269xgN%{4o(8k=g?
z2?z;!E*t%T*FCSceUH*qYD**pDW>U)1>q2jM6=_V?`WG~+1Y^X$)_bB%k`(}H<q+{
z&zv%=+b+4ltA8B$e+{?A=Mvtm)_dc5C}|7FDf|D5Dx~%(>D~=NE><&___D=3wP_{5
zb(`>O?k4L^2XRXR_ik<9p~p<*8W5gj*Vr6?kl-6;qz$kujO0~?ZCkZ-;=$E_kCtpt
zRPRpH6#F=!q@Yff+tL_Ki(Fmzlr{~H4V5EVG~XPj9pAkoOy(GuYk8Xgi5Qug$A509
zBt-)too?E>C4Mr0xd=Qzg-SB0k@3_Rt9Xu97KzCIt**uf^L1AZ_bEVJ>ZRVaTc}I*
zK;3b~^jwTOu@}ldw321KeAiu=dp#@fc6aqH*O2B+<9UYk1M;vyI(XV0D|{#7eNIjx
z`KKCsBdl68Zo}OaEs82x@1mR?3dh4|(JV_h?EF|dtMrB?e?rXXEeqUGj3t!HQ0!5Z
z85M0{9HI=Hj(PvNGyr?Qi$9a|>$st$iR$ZQ@1(i8`92?qv(&3)A%D_gjtXXq=5=96
z)JxT9lZug%L<Elyzh8r;GD^g_N}KLYOe;~XO%;>cXOm@M4qXu=L;+%ViUM;Lx&OY}
zl$p|S4nqwm=GGK(X`aLoHnSj8m)f1Feyi^!euMi4mpk;!34k5@^`UG6@8+9*n;>HW
z&U+@96+#qBXm3{$QQ->I>{zXTl8>VXC@<<g22v^g<{ERbTQjJYcZSNF##hVEU*yYK
zLvkRggmfQD?&uyaX1+<7p(<)G#Nh>m1EM!lY25$D(XgJXj8+V{Q9*<Nc2UYG>vGEW
zaK-)Ven|pJ5>H2K{R-hvKfGy~XGS@QWt9DvU-|cnzkd($kio@+yn{KAA8n^(((Yz_
zc^pj*aD!I|5BLuY;L~60OIpule$XK>S#aVFVzVHG2SS9}iUsGnO$mn(Ks>xULLa%R
zX+Jy>6)gzqPvTKRWG~qK0SSaygxru9Y?h<6R?$d((o|gir+_TNLZjz#GGq;6ftC)1
z<A|m+Av!@|5F|Jhjs}0!S^+-n5hVxu0SLr(`hwJ&o7%z$nS$lpd5s2&XBc{V)`0`=
zBpYs>oSs!Hh#}MvVZq|+eD4vBRHLFP{a+*1!4?=HIIsyELrQoP5)u-z_xaxLrc)hW
zzz=w0BFTkM^DVd@lLpR;*daJ@P0lmaGm00+9e&JQe+~CR?1J=I7YRs5Y;}X^jFsq3
zi+#!Fn69$Uqot>Bv#QF}sxSlB)FLLooAw}qn*=a83?cv-g%ZjCcfO+xz~wmC=*edx
zSW`+Q`o_q}=+lsejrq&32R&>pqT{Cl$AyI-latA)MMQvv@$II0Lv}={!%s~@W{!Un
zECZ(?%E%}`w?~0zf>RtfJVdB~+m0wNS#ZfV3MIJhG+kpK(!N-RhmYTxQQqaius*|U
zKPTufr|@vsI~iZ}P>5Dcl4%$i7$6(+z-Kd*88ZqCx5`pm=8vv#QG>)OAkT(8B+JOd
zmy!0eoSyu3@d9+vtRkbi*$*_EMI(SpTVy$9fGpb2_x^{Wgz7>C!a+wz$EZpH8t81*
zRD@PWh&fC~Y+2b!5+aPiP8crH_t|8D4X2Nv3|j=w%!z%gLW&-wzFm*4FmiX2vCS`@
zF-QX8f)uK~E#4a|PLj)caF?RxIKsuFaQDYLScb^(aYzx00|lHb9YY$3{Mxbu?d|QI
z(N|M@cYJ*-4DtW{`!}(EsXL>|Ys`@LmV1*gfgpDpHot$57#;%ne)#Z#pUw+ZWhLh9
zC42<>31tw!H3;$&x&b+YHX<1E!`Gqj5E5R~g_VGB#*-|6N<-8B{-;j!W?`XUh5dZ9
zH}wC|^wnWiJ>S=d4k-cYRJuE*Q3Rx<C8fK&4w6a=NH<7#cZpp3BHdlmotJp;=lgr!
ze>vQFX7--h=j^rDUSk!-?F7xWj`j>D0Fe<gE*{eb?8(6Ec}s0UF~*Ge_}_H$m}>uL
zfC*$k4B;d4sZbycphM6>T|)y#5k8_gkq1VO&%N*xPdpMrl>`>yIAeuCx)Mq^DlQd;
zADm5G<ha~=Wui2hq!_P}Tgrkg#dHmOJmJu5v~z+N1DdQTj6V;Ijw;oIi${7TBmbRb
zW@e)9Ou*s&Che*K@PtHz)J+G-q(40q2Ce{ER+tg$f4w}pUE1MzAT2*Xzh}UI^w^7?
z(K>-;GAKID%jo5%d0+y;i<gII%ll$y5dO%u!my)NkBj7?%Sk9hLG!<k5oP%%zzetg
z(W-rIvs0#!y&qf`^RMC?<)!L20f^P^@^;}-kb?pz9athmN8T5(U$|U}p%lG_M?n(q
zjcUcOyQAs-f9LXx8*OJfIJvo<ztNzR)5-gU|1YLy#1kRte1jN@@sf$gAi@_9q@b<^
z7iNoDQOMlF3V{@)Rwg=|U(dq9bo}sj%xY?OfUWk6joNTH_Tj*w&Et^^UX&5x%WC%y
zoGVZyuIgR?mtSi0Uw9-^{r<lVsr8mj4rLHHU8h|?kwo2_<D&#-5OvUUPy(BP%Yt*t
zeqfFeu?c=?v`I{f$)h24aG>79;{E&g+`H`?-EV_v=rDrT?C)#vy5T);=jz|V|BXr{
zw>kd)5tpa`6Y!WuMG?J=8kW8zc1nRyfB3<|L4?AOArJ?^0=X201FPudKff#ZFU%=>
zQ|Fx7tkzf^Vvhi-H;fmBz#Qh9B2Wg<0nHH#UWgdsz0yJy4n#QNqSWUfa)$m3v0HfB
z`DYZ}i+|^aZw`${M8PKOEX8pz(fKbL;{O+4W3jt&fH!}=i1A_|Jz0}!g}i(*NVgu7
z^(ufq;u<l4nHc-OfwuTCyQ%mLr_QX^|84>TNOLX&V~)9Je07+Bf3Y2We(1D}O>N_I
z1VUudGQZiRH&OCYtSGq6D9CUhlMtH2hF<wcDM$+a7t>9RnaI$BDrGj;*WwE);?Z-|
zC*OJ^-bN_AL-_IEIM0<!&ZuO#Xhk{B#mPrNr{rd)RI)Qa0(Sxz$OwOnuz&+yr1|*&
z{VUyP5qII`*TX}|YJ`)|4*%AG-|MIQPE35J(>JR&8hrx^#mN87?K@F;?_J}l4S6{k
zw(-YXUj)@zIE^E)v~-9N@Kk@r4B*2D+oId}9!<G*_D5Q6s>^>a&J`zn3@vh+CmxXo
zMH2ozB*Uy+E8Vz32kb#!|CYt5fZyGm%0fbkm>BrqT*hBVY`hGY0PskHnZ9XsGv!iA
z;yYVsjx|Kq`gG7RQ+B7|M(<uwDXf3?>LS8{vfo=ki8Z*T(eFIl4zBfL_PsrquBch4
zP$XSGg>-TBZbn_tSz<S)#6`^O9(=GlYk94Bl?Fut@KD0Qu!a4U(&erU+LFRgn1S%v
zY}0adEn4k;!RgfBeD?48k$PjJ9SDS1ASsO445Q!~(ffBIFOiJ(tA-s+;wLBqpVH-d
zW~JX1C|ZhBEV|c!|2`pGX<K(wnbDCj<Y)8YM5MH0KJhkhK67gR-?w19`YG|ZjhhEY
zbtc#AKWM{2!$-ERWl*AY?-z-^K<Pr);?LpQ!@R(BhEb;G*itF<yX(ahJWSgZ(OrY~
z%Y7_1{acL6<_(?^qf>+xUq=oXy`4{S%Jl%rqJ5N7V{;KJG$hi@_TzWPwqC>vW<(y;
zj>7upma6g`>cDVK?Tw=#o6hiXncjA>{umC}{nZhu_JZ;;`zKJHH|BtYAPMQV+)Smx
zH4U0eJ6K>ac+swVxrd#2sU;`&&{9!jU6rytNI7yWiyj~0lw+87xnxP6tlU<7`qz7`
z^}tjVK#%{psroeR?nqwdz*gRV(}E!^e|5FM-_)grS6GVYvcJ&aD|mmshpnl}ons`?
zF6aqT0o{9UYY_6Pet0%j@`3RaaCuGP+q(ZT#pLwYm1+hCS1bOo)<+xB%^$kA<&K-8
z_H&agj>-mo?nkKlI_k}?V=Iz(P>vv*R<iC)H4I9m!c^ILzARUN#=sk%u>f%;9>_;^
zHs?XDbW_mXd_JeTs$CAg$|^Q}z8Vn)1duNbV@NaTR}3P7DZ*_tk$!2ozsf6rk4Z><
zK&++X^TrJOxQ>THcn?0%xY-{o1N@k|Tk?{M568$``aCP0Uaz_~x}ix;k#K4otwinM
z=Cx?qVAUZGwJt}u)khD@G>@RWPksvUh&za*o~^r^zILU}=^$E*b;#6Jm!m!*00S9l
zAi0v0x39K8F$L_u(%n@`Q&Uw5rQMpMLr46b3wi9WCJLkByGFX)TPE+?+Lf8K8rdaa
z0n!LuspBY}#Xg=1yMM$>EwoOIs+kUlsxRZQ1YAas`IH`SopssisB>LsWYu-CN1Zsy
ztp2GQ^Wr?0x&4Kk!oWmy;w2@Z0xEx0?uxC^HlfdlnQQAOxi7fy@qV^UiR@bbxo~}N
zDPYhq+dB_f$caCQZ6}S^JjW?zDZUGqQPrHT+FK&AD<;cDvH7UG+kPHOLn?yQ%rG&m
ze8e|JS5kPk<_CAdL|cpkua0S9sy@b`h3CZ6LhWy<r!;@DiB_yG7ntV>s4ZuUq5%Iz
zdCK9VdHxmm^oB{1dF$>HADg4M&g46JLK}pi67JJAx~aUJjTVQ`++4yMWwEx-nWpDE
zdz!qj$(mtCPc_9PB0N$Wv6n6Sv;1Nd<xGZ`3U%N_Si2#Tk9>qkSk0T0x7!&qFG9r)
zx-Jv$;z|dnSZgayCbFBrg5qC8WYqbRFG*$NuuVjaM6M#r>ljCw<`mP7q?MK2ucBeQ
zSMFEgj@f+JY46c6l#2nYZ=)Z+sSK}hxywS@8W5Bw+&T-!Xj7q!kFOiH2Nnza+$cC8
zt%sp~=>ZfXzI!{&5)v*m{=n;%>~wMCG$vAtO}hMD=okN5@uOuBay@#bzG>0iVI6aG
zGMwrIiC%4y!G>K3bom}%S};SO-W5QgaX5i{kJ;x#7AFa{%oZOPldQ{7-P|62kd+-*
zl)p${xf`0Zl==Gh^AD_i;n|@#lz_S@_N$N3+q2qn5n+b9UjL7HrttWeoLN#)5vxS<
zcC-GY=UGIwx%~;~b3S??D=e~p1LTW&ln*AJexqlY|Bd`o5#*S6xoD|KqKZw_b&m|H
zD?qI5(Q6aCv`HVVEJK7feD7-4=wQJISF=`H>-ZbCSA?26E<a=+ys!?Vv`zAS>_71@
z!&!cGZ_pkrUH_I%j)O{5hAPVgv{DQyqMpSf(U@YP<|Bje%#7m^sLH6LYH*@ZRuKQj
z3Uq~J_=tG?3k;|7CKR5ZPw85dxjbIJsK&c(<9;)6h8-AWg2zJsyTCqyT?GjbAq3}R
z<dFb`X7Ozm#Eqg7GomCwdpzkPgS5!LwF5l=1er@#LkHu{oT60AF>tfS>HYhzb|ET9
zyk7?C(nUe~yXCgJqRZ4~edJk&Cadv{0;1h6>U<HNx88d@L)ovFaQf1`y6mo__Lf-o
z(u*KPDm7_;+yR?ouLhxxa-OM0n+9n-yW$ILmyq7<;?Me<Q8*`={xIzOddKuzM~Br`
zn=saf#LZ<iXu8O4YthnET8H<6gpW@vZ-YBHXbi@9-HK`W8D`fz<@8uo_uKT`vmi^a
zZ(g6hqC=ggmu|#RT|)eL_Nizg@9#|ogRmu9*`?@(QN_xc%2TJEyF!O60kQboUww>n
z_e-M%4VBz_f^K(3RpaYQd}#Jps!B<30v!I%0%}R@apm6dqWLcG-dHb_slLNpn>p7c
zDGf-9XKUK#(q<%tHtA4M!AV<`Gc`qsCGLxt#Gw~sF|Ye?yaU!_ZIM9A%*?Fui+~w$
zQIcuyjOT^mh*q&QE|O^0_*%m4&cQ2heVVux>t4_}cYEASgi9|nRh2((+_y0rAC)D#
zu*2Z!cb--+r)Sh|)jSyY^J1S}cP!I=62z1s2(jc4VudB_3__}o+3P!g;^k{$9qfO8
z(E8<@e#pFRnvoR$H8X?rv(iR?6gMTn;b#`vrda9TQhCw3Q7dU-ZO&wpuT$tj#!^Bw
zi(V(X*K@rL)ps5~Z7)HBi17_(r6fGebi66TYPE<MaJP3cS$yK$#_ptr5G8Ma2Ni8!
zPP+o;`I-QU%J&8bj)iTNsa~n8=BlY$^q$_FIb@QzulF~kP4^>vcN^Qs&&;adOYC1D
zwG@8Y+YvLjvpSxT0kh{W+L6`x4PQu&Y^?vqWdE05V|k~)ntS2ae2{7J`R{YAQ96_S
z55iXwHi1y#*2WS2zi)*dZbnqJ4MBRY>ts=K{n=O>u9+_U#p@unC!5x;_5rmn%U<IT
zsNYb11N75hWDzPgHd#$74wU5Y!PEdU-@7nuVKfpK96)jwq*SF76T>DY-3xzICPWco
zKJ`NFF08_RV0a)kE3@?Z*uNe@L%#1{pvUP9_l^+koCuduWU3{qrkG*?)IKUPKpFfe
zR+s7Tvyy__H1K|QdikQ<l_S8-R-7P2Fzj+jXQC^3GgOiK;rjWoQfM|L*Le(ke=Euj
zjpoT!eums4m<H=`>*1f|EmEN1iIo=O+O$s>k+ufe!076pt3N+K&oH0xW*z)oP?mTv
z3yOpGvvP~E?XJz!=~=ws<IKx3?3QC^iS8^?KCd~(iir#(rNQTG`a01X6L>`LyU1_H
zcNQDr%XHjqwdlp*Y5WBs1hGhdo6QkIPT8P09i92Rb#L(HrJT1K{wzP2l+fW7{k4b@
zfAfY>9i5<Hqs^@IblNK;!v)nwG0~b`Z^6T-`;K60GSiRo`<$yF!T4-(sLZX~-p~qt
z#W|{&pz~#A$%((XpRcaB+*iuB$TIZ>EIr?UW9n4{ttyjeQ%6;=G?2Q7EXTfK+fWdN
z!}{kMiN$G$_S=67^h($7(Qi$yd$cx+Jq&D)#<-#J5n|E`2zVfAo;IU(_cC8M+eSO<
z2B$KC+pNnz@*h8g$6>P^g8_7XuR2cAfbWKFb>%$8Y&yC%S9!EYSJ^Mf1;B<zmq4oW
zlfTcG^{=$EkNiE>Mioy4L^sqKj8ZPobCjWQPlkPHGF^Cx&mKX|wfODt7&>t;1_g{^
z#7!;`9kD<^=v~rq5z$ZbSG2UBhU+1Po{1U>o|3R%dqp62n|Y*-yHRHHtPS+`IXx4%
zTF@tx+j#H?2Q#O>>kaR-<&{M%L&oA$ORm8ukc{98D9+6j$g!rCP#=jQu(2YJ`)<rY
ziLuB1uBpE5D!()7g183udR8`=wKIXAopT%3&(WqA7os%WRzPHU^Cx{)6OC*MxTePX
zrB)n4^9?i(TD$cb+;HqPJnsuVQTDyfbrgJ+#p^jAyD57%w<2ymWUd=O&(>M|?e{Bo
z-i$FM6eYb=V5IU7=cb7MHKD1UnnL;)5ql2|;f5uz&5-aU|Bi>lc(DR&@CH#J)78w}
z!tU79VpX?k)#t^lGg-{Q!aqwF@ACNtbPPN?1@pn})-$n9Baw^NlI2I=$Q{|bo)%`v
zM(t3JMtxiBZV)WJ>cQIfvA$|n`{sMiurKchwj%1v!!&Y&80}5t1->QxBs_4Mma~u@
z%{AFx5Ws-^Vx2C8>a>G(dI0CR#0<+1!j%3NcN$$9HE<?Qr;uHIc(05_eWzls(S6RF
z7~HdMOmsAC+UZC50{Vw@h`}mSyp)gYb`5U^mS^Vbf2MODUY!5sC{e@c>Ut5Ffdp*o
zqs?9s>=PQMmS}dczacg_ZhbZdjCdeJuUjn_TeTy09MQ4;t*3*Os5^d#>j#(?*tr`X
z9P!O{ZeHlZ^2r?Dy|f5_5yUh-ug|@s2O4^vY_<+P%3xWr%I5E-Onbq<K`kOR1IFy*
z(7wM$syDhhPZ&$lz+QWT@9(6^ounV?3B3;4VwV{`5(pneeiu2IN7?6NQauA+r;%bc
z&mmreW-5)07O$G*`5XiMWFf2u44i~0^IY|2dm|W89YhVNM&dNrFs~+_-7A#{kYOh(
z#UMk%am4p1Ep>MJe8OY)O;tswQq7;HW@oR5!#J^JUQ$yv(PyQGBCnnh9ja?f>)fzT
zR6Tt)HFe<QfnefbVTz)e`iQEd{_ltfbaq}w_DZj#1)dU{*}^Pbalh*!>c+$L#;x6E
zac(VlM~`^_!Is&_RpdxU{+optAT)))UU9$YG=2IYuSr&(lmO?xa=G#0h*&w!U36~Y
zujw8?x4O7<L`^m?L_p4z_USxcTz|F}Q`_!V`p3^TVrpmulYnPym*1E!kY`}Ks!OTo
z@1&eO0~hkT1a;5CreTL!LVZ>Z)WfH{HE9K*RBaREripk{LJ<n39042PzC{DTwR;DN
z6w7LE)r|}$kLT+DMT){Xxs&`uU1n0P2Rqy&{zn2Mz(e7}TIKMjs_&J-W|kQ1Y|D#o
zEuhS-42C&M%t_%RuFtnsnC4;0NSY0FTl!P@<lGet=OgfaE9D<vSGH^RHv3Kf#;4hm
z8*=@wj?$v;yI!=3(63Z5MDj0!lrc9cQnvkQivyAQ#eD6cYndR&mm7GTuj2gvS2%DM
z%jWDcoMSTMj+#AfZlk;`LJ)j9_ob{8JAkMd?fG19>o%ntd}oJ5zcs!7XPC-6DS~Yd
z&(`g6A$ZA)b>79fs1ftyYA;Z<zPdUY=ovlqhWC5`q0ciPgStVmP5E5})y{{w^k*UH
z<68gd)MO`6&5~9`_u;*wt&~<&?fi-yE(%R41o9(aR3+8|m=X@}D<(?P(C8BN`<<yy
z_ipf-&T>uiHl5r0@C52g;eWy#`$561YP?2wtLd$BgK5+|<OD3$weWd1B_%wZYpiE+
zK3fWa2@X^Ye23?sD7qM^Wy1@FSRJ-n&AAFsPYLsf{RKFcX!{rSlD$A+c=XChQr@65
z+cljV(1k30ParH05#yC$w>`miRxF|zZVGM_>N@#he<!rCjtj(#?H68;jwHGVjGk|+
zOjDMz+(?wp#g`$Zyz5K*k%XTu;jHse{zOUP`lex|9n{!8&X9!>P^_JdJ+FOTLYR#~
z{hO0=q<bBb5oRlQ<+u5eMOsH<3Ufg-6imX{V3YdUgZvV;4UN|5$b4q*a=88nbzZpz
zz!ageDEn3FXLQdHB{@UGKXA0z>F-VYjS>LJ<Ix|kHj2#PCr}X4^$`!=(2Y*{`GP0(
zV;R<z;3IQjRXVgk>KJXnOr1WM^yAOJbMnv}6tZsQagxz(7Xvxn!K|dvbiolpQGKrY
zOx0+MZ+YJWs}Oee!IL*%!;CmRd|plu|NnxxmJ$&Oo0hBya82g2o$+|E;@E?dH6=6^
z88mfx7%OZE`sAYF!Vv88;Gdcy8UGMKC$F2O7TCVDwcbr*C9bW$6<KLqB$o6fsnL>c
z!fZh+)~a2=&K#e9VkrDAcG+W)Q33Z{1Og#-r0WWhqZDTSlo;H;`lLUFr>BE|t3tbE
zkHk=<NJwHrc^*?ID!RJ2+H>YYHzxHKFW|A~lz=^+($~<izNLfcQg=a6<q7ogYN|gG
zHTT5{TfJ14(J(TYc97?n!9_EXeiE79kgsU)ny?AF(){*4I$;L9HT$#w<wxJSt8ar}
zlb2&@5iQ=eZFmOe07-K<iGV%x{(2dQZNgOfXfhn%3HU+3zBu;!HtTIxwUxK}DQn~m
z3@Uq9ZJdx5-~8T;&Fn{CFef-iT#MKZal}m>GgU*{erXp@6QQa^#Dq#9s~bl5D1sQp
z#L6YAud1|TB=Ii-lPI(-IGUT(kv=2f6|2DwbTq9?Bs@I0`cH%Z?=|IT>Vrqo`YZa7
z9|U5+ilETdD*%TN2l25;^ct`!qUePPhGx?D=R0{u%cr5`)N9+O=Yra{<iHlir!gMD
zh#SI^S7R6adfOFRgnN>9U9^6)34?ydqCp3GsXzP4g?4c;axPz75p0T3|BGAdWsoZr
z%Q#@F!VYO|x`e(hGsrWT#g({b{Em1N&gTIpa+*@lE@UL_JzYXC7TAzgJ#5Wp!zYR>
z9fOL|SQIwYp{;z{;DumPtAB*)mx#&R$FG@rNOhG9hAq7C@3fZaT(v(*?qw6{K2mQc
ziGZQ(C2ZMvx(|)3HxM+xxK%*~Yu@rN{jDffeeNWBb)H9hO;d>{`_+z{{pqbr5AhCH
z@8LMAFJKmR1XKqPx$7w5VC~NUYYBz@7z6>Nrl9~P!det4@5+Jnqb}EKbu6kzH_kCK
z5ROpfnmXRq7Es|ljVmJ(zap@6PHhQd+8Y-9d1y|YaXl=5lNA|HRJ<ZFNRlq{J)B%6
z+s_>`B9Xb8@xz-&SQ;Lz2ExFluo!k8ZC>L}DdBVS5oGBvR;`^6qXXgHe`DNVtVA9-
z>DmwC@;ZVOHmuf2a0bY881O;aK``p@k|8jgKa=z6;rVqt;-Er@jkA{1av^%{LcHyl
zwWe?~;cyyeRd$ZdgU=}4%0q2pE5i3t#0bs8j_v51z*p|_6}80bt^Vj<;Pl0q)${wH
zWmQjOs;}H!s8%Ao#BV*1By4&^a{ZGKZW()D|1<!pLl^j>PnxRt;B(lLJ(<eEe}Fkd
zDFH0N=Cywe-EKR7U?p1Z-{%wqM;|{Z$zlNh%=m?+s8SQ>+?4NKVP>81>|N$=#>|%w
z2hH&k58d2a(zbN)8W$W(%`oE$GvEZ~(7LY#6HMEF<7OGiB>pE_h4AA?0?Dra-RLeO
z!OL!Mt9Cpy)W8LqLKIR_VO(DVc$Je6ytA~TvHA}wmQ^a^DAF_2O{Ix2xnISmq<~l1
z3@LF!Ez0ko^rA~iyzvuhcz9677nOftCG$!-U_fLmQ3MaZJP(IPGE^4s%dT=7`J3Nc
zue39g+t?h6va+@z{5^WVIa4VU7Pap({!UYa7GAj(r@+}=6ezQ=w&4rpUUvk=!Vg5?
zomi@xnyH9u4y7B;Sb@ZC`V5IRhNzJDB|%PUK=Bu-En-I1sq2%P<ZPF3SuKwf3laB0
zhBoSOQnPiu%^02;0U(LXe~Es_5@wcpF_aP%Tlv6}Hmq{Q#}~s*`!b4If0iXe+yBRN
z`d$&zoOb(ua1eOlt6FW+_Xm8~*eFZLfS#122ItP4+-Si3O6b!CmQmIk)xU^sWhep^
zQ8kai+7TB+&0+t1n>DW-x^ULpnwsFZSvpJ+_f5E>E>L*Om~qYL_n&~Mn64{B{e72$
zeuasA?s&H>x%f50cU|aK2+(Z>C3O})b{#Uz4%J-in+`)YXN9XqGcfZ)q0&ahz^>kV
zb6EhR_79@}!W?md&$K@$C)+`r?JUk@VG}BYtm*t-QS3+@*3PbZa6=W7;7VH3!Iuy}
z_jl{Yz3glH2^tp_LBHIZ?+VFzDk=W9Z|O|aS6s9>=apxTA#*3gF=lqcTPN7fMPy!0
zIrZ*{JZ$5rY4%=*7Hnfe{~C3Bi`#e%*KY#`^8Ou6w0Vw6`ukUm9<cx8c3A4#P?eT$
zD(fOL3s%HM+Y)0n96<>D&11CM@Xp;IdPH$SXIhRA;I|qjaDHI9bjq<Aiy#)AWQfIc
zDK~IkzFH#KL?8%x<73D~C~aUcT4|Xbz>^B!P0w{`P8o}oU~(Z-RpEfkD&M;^dJ8i<
z9{2rv-TK9YUf9i|t;BP?qO+3H=NhJ!YF5H?xM8ESHPzHySqM2z*Xl;rhFU*x3vX`f
z^JwS>GFAHv#(wkyB)y-Mv!9nAW4^0lWQlRM_x$_jJGG_2RZK*Ttmd#_JAr3YEPpeb
z)P?Ib@Sgk-#1OWHT#e0pZr5P;b#S!GH8dY<fAm0)M--!w9nijT)2fQhV$-?aVUN?F
zDeQ|ZpoX^&qJT_hXh7R|bN=$Tmx7_I0ivB&tDRJ|O1uG0ZhIS1fBp!6ulQ_mrIO_C
zY_Zdis&>f4Q%JSv>JDwlsni}}VX`9nK5HK}di+HZJUCCF8KU>qYDb59U%wjLUA=R4
z_D9n-fiog3Nlm}rawMNrlb9c_G}q(WAEVRu2Qx*;Q9J>X##nhYpAcf@0Ez<_jJ*gK
z?bf_Y`^r-Ov)#-ln&Td{RTNcZ8rA2crsIV%@pLLyd21r6z@a%5EFC1{{Swu;QamZx
z7TUyMvSyIf%Wh#+EmF6}<~5`$s&aOB#wK~=Jp8k5fdgKTc6x?w>oP&4(mo6|0ZF`o
zqY-SqB`%STZeg_U@k-r8#;6*n`h&OyYpYfhkFC$9lgEPnza#~8XurL7Q<4!<jlF*q
zb%Y-K&L6WY8v62l8fIH=*ToEz79ID3a@j6|Z8!EUkM~EZ;H-h83EYSP-UMHp80{D9
zMOv9#30<wM-tm^u<<8lc#M(Z;#-<+vdL#1kD&u^XYv-d`VMQJMo#1bgw@@+MG1g9d
z12rWhhHt+UsE^W8sBD=~xpw>eMa3}zZ*9Vi_vxb217|L?M{-RkV86k0?gnKn@DEJ<
zW#Js}W*(6jvQ(7aDFnA1H9XNm4aDH)#$b+caa0V>HH~1qAZco2s|P`fz?vd>ukYM5
zR&McB)rE{nC=*wmotuBLd>EOLq-Ugw*^ObXk70_{cllHsm4PrD_su5IXwuEi`ehdh
z&^fm1YcZf5Ieq6_ny(vvS(y(7ldzNE=&?^@4;fOKAY~~(YToSuRklUF^iNGLsdfy>
zKZwSw-w7Up%Fj+W%O}X>WY9zRQT`X5-jD9P5Y8?;`ybl|PpVAvgvg`&XMT4o$=j-g
z%mtQXq4vieHwkb29oz#tZ8zs?3|?Qgwh;Yh&9>)k_mJF3cI067H$I*P7di1XBWbvD
zN(;reA*m=$;lF(_Ob-=-0aD)J$(<NHm$z`WtuGT5O`B=9mC}m>_BiR+kaWlO<(nOf
z!?PEmLAPe>avJrUuYe1zFmVTY9-((Nf8Z>V7ihm%w;eqFGT6G(=!TJw^3Z)_sf<Wm
zTxVxHZa0t<Xw2l=#)b32on~aUqZdFckxsmXrAA-&=;Fc7l|7uZu!hLxJD*UoBUef}
zrk}jR_0VawAG8iR(SiVF@*#K!@%+o%0wstnwr>{CEUpS;dHd<opO_vH0;zC}Cu4>v
z(VoUgWR&E4Pynh}h;Q8dBVy!W;%&`fA~3xXWLGW8lhWgk{Q{(>aAE{5v)fN!$|up1
z+pAVo{#yD<U}#^wbn*N8WJRKs_17$$j`2#n*O~QNyFFYPO(JqoL*g(u90KSd0tWpt
z706uc!M?|-6n0ks29SFeFG|Z4h{YeAhUOC(PlOg`OPym3hLe*U%<cBFM_mm+e<n|$
z>tN@ya6}KU@&SvAt!RPvl@4FtE~3FnTw!E+O<*mngqK5$a?m1J6#FB$%!?@#*jU+u
zAoX2e^_&N>-2!Y<^p*aL@fo;xmVPEBt)G>s<WzPd#9zYxabL$rI`7RX0zjQ1h$N66
z9YJIcdaH_S#V@2FBfK`HZ*+y~VgQ><$01nnQd3JnCZtJ1ltD_-fJ83yA(=J5Mm4<a
zvMA<pJE!B6&<?DaOUmQsOJV3-y)derPr!eFd!l;~Gvohmdp_||yJ4&`>QW@}#&@~>
z>FyiK__`ww2iw_AW9lEC1Qrb-kd0f24IhVs=vrj^D9-N@RqxQaZ>!triY@7ACBS?B
z_z12e9av04^Fd+purrx7|12QIG@i4j&-^!0GD-q3Rp~sc8sW?H=|JvlCey?5A5~{R
zRppbu)c5};OZNyBqut%f$1%zM(NNiXKl4B-n#EpLLRxFO+L=3S=raggybBXQmAoo0
zQ7105xHu<<cR62O!P{5woS_*ra&7vVuGQdk&E!uzfi5vFZZ+!6IJFEr0qP}xC9c#d
zu2?%p3e)KD$H(o(Dgv`!J~2XImqLHmCWyb_ao?jN^~73qNg-Vr9#kMCTqb{<+z#j9
zGPGDI`3E9=O1*Gdsx!qWq6|?x^jAk-sFF=|smMS>8j(fR9i(OX%sPVSjk+4@FOUTj
zU(`b%|K_jEGh?ehYg5OqiGO0DHDct-+ywi3kj{tT)2_!rO?um|?s#1THl@oU_e#iA
z%YToa7#`?LYq?sK!blB^5W{t)4bw2VJ-q#@(r0nuWbQ$c-Rbq(dDv<QNdwe8v2hCK
z-s{-4I*R&btk{s7_l+)+8aExNxSwq)EcNM2bziq}<X4&!JXzBC9yXn~%-`bzBx-#O
z`2K7uw5v8iB(=!LWU#`eb-Y$}JvqExE;G?~^v<{bi4w1P&Sb8uqUV_e2{WLS_6gVP
zX4mY=)h*%Vzfb&38B>cS5zaSCSX>6{y*Lo?KMU3Pq<Z?^T4|KNQ+1#LJeyQ0l5NF#
z^GO|+nVjVDbeoYee)it9F68IWtBRAB-Fd2-8gksl`*(v`j)r%C@Y7q?XWwD;P(~K9
zalo9fhp>6y9~F&K&~ABM_;mc6xpE8X?V@_c%EZ*Y&~N~k!d(dN^4;yY;j&uO{p+6j
z-)Wdn|Kcg4NH#RAR&)Rb2Mrzd@@bY5&unjDL$Ge7SeCs#MN-py*xp_VDkR<v5;Sg8
zKA#$&u%l_}5+BXQ6g@v}9hc+!=a5~~Xtcv=yvIB_`D82sOZjk)Tr%TeR#`q=_fKc(
zUoRm0Dfm?IQ$tZZS@sXrWWszxyXB*?3!$y}CBn@{;}llf=wS}9Ok=#Gz+HEjXr>7w
zTa8-VgKq&kYyM=y#Ov!t%A-;EH<eEv;B)izt>H}_3?*VP_4MnnG$$(>vA-8L=~<<6
z2svX)b=2GoOM&B<!K0>)f9O^bjeo~+_-@-)T^YOupM-MGSZXW=2RQ{av>;Wme{W`X
zGF)*Y*Wqv7Q0);g<L<*?5Q>;PRIS<bB#?egOtAGN1jA9TlxPqxI7=kYGxrL`L9?$g
zD2QXZ&4bbtnrw8RPx=s$?+hqZ1|NL!_;7UazmMXVPSBTFs6FG&sfOp%Jn%mM7hl+;
z8toVJ%I!E66mRl;n;evgx#Ks90HsV3e@5`Wq|0!2667J=CP<+9Q^2esl&hF*?u`5P
zv^YMg@h3MC)vibS0pHQ<HntZI@(~L<u1(q5{~jD%k9yz;{(H^9VHR3;{*rnt-?JX)
zofMk%sM5chyOQ?3RlA1MXl_99E!w){Pa73)dU4uZaWSZBwR!T%B@uI><1tyntwoUD
zT_5#SBB+{Dh7(zj+pPuBkq!S-)An|e%<ro#MNc1nyh*9gdaHx4VFq4{2MOiMMR|=i
z7rb38JV$t~Ud{93{(O0^c8ebsnD^)0wD8>cLaWI=Ps38^EJpx<4~KOnBD+`s4*~v8
zRI0fD1NG?59f68l)ly4cIcz%_6tSH6WhvkYF8i<p<+_cB4#3M7f%5|7OQo3a@MyTg
z_Kp9}5w`D8m*KkTY!({L`ZG(W3rG)OkRsyl&A09B8=)~yx>J%1+Di{7wGcij!(~EQ
zJbJ^Zhdob@SAH9Rvjk!tXB~8hz-M3Tz!MVF^%{<3R>P!z#V7+iLSzReMHtoHotiax
zIFNO0|Mds-Ml(ERj_>e$p=(BxIb^DAGRu_hX3YS%b+!2k`|En1YD)ghjV-XGM;Zh@
z`#s($RYO1eK|!HhK0*z%>G0fr@SC6=$;{}LORb!LHaF2)bWaF3ByR#-78$)76g-IZ
zl}>t|c}OdyrG?g|anIlldI+h1c25E|c+IAr=1$D>v15Me4?v7m*4*hD0_QW`=1ye$
z;8n(PP=mFCCIq3IX;?Gk!jXzZ<PyKaIUj#W;lu6PMzW#J?Y}3OXqA5JWiMTk>&l}{
z*n_^VmR9DWTct@9ckpN<LwrN^AdhPaOE(FhQt++kiTfq4@JExQug_?<3V5JHvFw}?
zQe|jB)0J6}q@ITKfOB$uJYwCTAJ-+N0v?I7?P6Gj+iPUW-FL)C=BT|d?oDG0tQs1a
z#SJWBv*j4jh}c-x7vbUh<OG|SA13aYYnM3Hl3u3&tmn9{Y%}b!%zjr;6IC;T+I4+D
z6wRMZlqlfgLf6OiZyEB0YI+D(>ls#fwI)`<q7SOrE6~NO2CxuK(L>y<M5qkT+{!fN
z7E$Zoh-cuJ5!uaeAH-2v>Ik}ig0mcwxFLv2_I4D0oC?QX#ml0*;u_AO62<(YZiihG
ztBVu+j2Q{AL-K^zi!q8}ZboO<#0LShzKnxBbo1CbHH>(`$T1y>{V}-u7)>;vYQ!lT
zVV*tH^{kXVn%VXi>hSz!w$uN{y43*<j&&^WpLr#9Tz=X;5r6ih0(L8hhMa-ww*6W1
zsSM})y_b|a3a|QnxEOe)0&@<y<UiR@Nwj?25)}YFrQn&P-jVLzgeh!xbc`5VD-#3%
z^2f<q37&IizhU_T0l3*xnQG+<PpYZXL}ZbH=B<qv<eXZtV8c%F4qw3lM@k+gLX>D0
zFA78&Q??P|=Wl|1zqH!VAn$rIMe97#f{{$=t#f1ubGgEF<fUu#kl&7`Ra~vOj`0>M
zXC}$j^}N??z8>+2Sq5-2J_}NVF4^6$RGNHp;pVoy3x4ne1IZEmnm6{ep8u^BGiag{
z9iH7N#PUA)jT)cuLFVN8Z-X`38>{{H#T?56n95zpj7H0>eXQKFGjua+#a^mxZQk$t
zby~|!Z`jlGXZDIbFDDkF`5@vxJPRI4YX$jlyKc6L`|yPqw8c=io#(?&y6T)RcFJ&<
z5Rd^kXsR8^^$+&q1p!%*)GoD{AS3_PQI@uW`;;l-P|#`Hna2Bot7$VJymKIaH4A2W
z>V-H*-EzQ<Jeb4V=k|R(0R@On^b>Ry4_wV8HjWy6s4|H}i%}|q<3bNHi+c;#r*C2f
zMbq?p`XCU89L)F3Di4{dLc3XikC!bE;r;&ltNY-z@aK1-(c#jF>V!%Wk*tF7{G0na
zMs$S$E3Asd^a*tBQSN%$-EZepUxx$0lOj7hI~1`Ahr+vsL1O&c5&|c?iXMj*w!Z%Y
zhk={}3Zh^Q7u~MI8&vm?0TJ9<6a^k`NPiv1V@1;)m(*T8dulP@td&pVH`Ob9vRg#4
zi-Qa1#O3;f0baYA{W1Zd-()rl0dlsWD6Fy0p{3xwOWV-9r*UGUsa;@ETREB4s6prQ
z$Ewk?&EFjB|I$X$G;{IQ0>zeh@fHD{mSeWqa$JSk10>2fUK28{PwPiz+Hz)Qr|qn}
z;pVPU#o>PFGfA{M28ir)PH<s>Amn*`5NSFKeQ-;%x)6)pGRCBS@J$GXZK9@TG8@e2
zZl2y(VRCM@olAL_LN}E(9hN!oNd$|m(U$*-WIUPNflNazNd_pYI|ifX;7ig5vMYs4
zJWmVl5+D#F-JW|Hei;-N1cYq&?&CYNpX)`d3TdryL)?O=nY5dfJzwejSk#$=01-Dt
zAy!In1HmhHjX5-~Q)nmFPsDua-+p}j(XPbfWmDX(Z<X6oYZC|I`Qa7p<=Y@yOk~KK
zmS%BKV0yqU?Q2@LlOdF)Erl>B0{d1tl^rmPOX`-vjUJDXXY-Ybi%;Y5PndR?8bB99
z5qrXlA?XUp%iT^@MAg`9^lX9@z#s;!=bX>KnhnqZ+<}OHG6ddz7rPQbH#QWvEj}6p
zk!7Y*NvF$fkPB#^{5S4MvblMHGt!HUV2q_d>9sHrNAUWxbJh6|_4O*&m<$}<oT695
zP(DW<n-d3M#rWgNJa%(+;B_kV^Ip-4mM#?pA!Tx+kRF>%1AqHQG4nSCoL`&&OqGj|
z=duOa-TIk-_B8QKfVR+)lHC<n3I~_}Yk&}86xLnKV9jv7`XPt9`+x(zJIc67S^bz#
z$^IXB`6Gc8MFfs#a)1L8lAEb7rC-C<vq_`h=by9`9sB#qIS1It_{&VYR{42N(@v(2
zTWx7D!@<a>e}>&5KS2C@62O9w%pI=$?0dA$9BZ#r*E~7u`Sz7wwY7D_GDFvLo@P~p
zx4noXKUwsNdLMj^e<Z~MLw<Zqae8;spDECg-dAqHQrd@)1H#CqdyKu`Y4#rPcpEe|
zoATcHwQWRBbXsQW39lWhxt5r~m-C>COGCR=yzFIu@-pJJ0BCogj2lbpuXeJqACJY=
zLxgjW!oVdTk8LBg)%43Eld8+*E)P>o=X0m&;*Bp{jhy&>eoY$72XtCOAXWj+vRn=_
z^ZNQ-0ZRxCoR!hLtOiZi^S<X=vGZOW?&@LG-XSpzP%)r~D{Z#oI8{i$;QzRCeKzel
z!SeoTG@fADKN>an!t`0#(@#dGVRTPkkT>uQlK+ASiOygaOQK5mxSWGCMp52v##g_P
z40x>xXICr710<eOF6~xHl>}J7+4VP9t*;i4m#dCIw)DEP9j^{JD!p=DI&@z5uFqrx
zUP%wqMNPOWl%}yk;NotRlh#!7Z=JWhU*>kh$?2)m{f!N?FvCt|Ci3&TJE%{K16g(P
z^-`5wT!H<4&0$#vrjMFROiP{QSJ>De3F#TQAb>$UofL{O$HG;x`)sG&4Dg`<6JBP-
zpa6l6{CKl*I(N-Y?1XKdhU`PFZW*6s$?u?p73gI9d#>Koz3bXxuT8YK{~pCFvz7+)
zxO$o{$hDjJuY06g)P75Ji6Q?Vl6sQ1hwu)PFVXq60*1_%8?3rA7PUdRoZ0RymHK-I
za+!<@3Lw-yn+Wsc{L?Z_bnnegRRSAk5IAq6l{@g-#^!NOtGUBjju{&BQ<gCb6>0Nt
zkGlaf4JyAp+fwKIoQaq4*-`=KO%r-bd{7>`RQxGfB-uK+2}$X~m)`1=+E6W#|0AE<
zw59fxI`1erIV=}T;-q=AqH3f|KBK7{Sm}x^{a4&8$2(Arq{DpXj!y}XgalRx8ooqr
zQbNRIO-AD6Cl?v6y9!pMer~Gz$V`dK3qU9(0+s*(y0v7RN^>>Qi|{RCF98XGt6>vQ
z<qVhlI6rn(VzPWu27mW6Tlc+U#1$F);VLBM6n(bgp@Q`Uld7zV5=f!R=^_4I8E-RJ
zj`|0p^F@I9pTvWQ*G5{;N!fdl>0fwdsG44#c6sJa#`hH|_$li_TI)VQgEjKmEovDV
zoxF_BW0PFV%e#M7HYA<(L+U$!%DYInU{Fp*cj<0WMYfKS3y$vEBY36KAmW`4o>#2s
zIJWy4`!J1+j>?Uarg&dp&;o0%s6ZPgvC<Mri2ynxEL$up&x;G0B@v8Yw*k~J0^!S5
z1m<F>CE#T1&%3UhDDqSc-&|}BUf54ae-(_>_E#l6dc_Qf$ZO5G#*Bkf(&rz8oNLEt
zmaT3YwJP8jcTw-NUh8MW$qFn^0clKSH)bAPYlZf#E2;iG0ahmO^-AfA@OUf+VTpt#
ze4v?bc2}Cj0sj~aSn;`OrV7^wC3LTVbL!8-=9pBGs2-P8r;gUrCf)S9+Q*tTpJw%(
z&aDh%nfa(gs@T!L((dU^{x_2KzT3FhTSs#S7;U40w>sp6?}EmtrK1E1B5Z>4p3-g}
zo<0Xc5$NDWM+u;F$z<VP?CV6o(H#HghIt|@4COb1T&b`(=x?MwmQ8g0+<rn;LYF@H
z(HOCflp+#%pr}A)o%zF<!gOOEgd8ZP!G<>0OMr|D81~`c#1(%YCjolbK3h=*#;H9L
z!E2@h=$c=mhdXl|(7I*gdcMFD-gL5Pb2$0WCSGIG%c+x~+ZTQc3P{VjCqGt(nAM3|
zgZ8@XG$1(INo8#iX4LZ7c9ZYZSI|Rr(LA5&2PY2W;Y?NG(`jmr;J|Tr+4(@HoZK#U
zjyh@rI;l@er?ZD3YuRq7-iywFgYbL<ixsh|d1T!d#E(t~x!vi2bP!$aR%@r;#dOCT
zvQe27nykWbnG?t6=L!Bep9%;?i-HTf`0`kR6BueCVP|RWS)@1;RN&_D5I=_dpj-yO
z!ZllQM@u2~c=u(?=@8lCv5nLZ$5RL+?0x3;<4%7xf2yd$!^(nBQ9&oiQ<&sq)-cl5
zLiq^C4Rqyt`EivpGWz>C%^S`pQZ@nHpszl~sH|pvw=mKc9D|~>91Pm65Zu718XM?c
z9*D-vc;fYCHY$F;z*UY2=9y%aD&!HN=kdtnzsuS*wQvxhsKcK$cvx<Q+I{=ePLXLO
z_d|4ziY7ACL{+#cB@qT{U$pAn^xPue)E8Ccc!>VD|6lTlajLPs-VGe2Im{4dJ{ZUC
zEE({Ayyy^&cujyHN$6Bv@e&6N0tZPY3<W+j_M3S$$6}b2!|h+o+t6@TgAr^AFA;MX
z*3^_A8K`u6XEKpPQSqi%8asPAmeY;ui;^&c5-~m*IQSech*xZa!gcl=S@Z|jbZiDE
z_MHKGx_V+1ZkX{{zS16Qu*3BpIk=;WlS|MZo!7$_(sOM+#0c4tQgA?Hp1@4~S#j)X
zjTM>!1vxGTMyyt^<t&wzzi-Yyo5$){jwD<NUbB#%En4dl6C0E<C=>uVsNH$w!+L;Z
zq{@ak?lETn`#fw<mBX{isaeeN*S!w~Q0Im|x)luLp#Fkxi?f`{9`lL{`4p1kRae8h
z<Jk7TtF@&d$KywVG-?nreEHktSTp9zAEIKGRg`d1jOgTdFX2&$842DpiiM=pFAPpF
zk+5oM_?K}*;ArToSN_&AuPu`MV7v^fddQNMKng<bFpE^&vyjFhelXjkkJ}*e-<O!K
z!fEys?lHBcc;_5XChyCLN_MC3`NqF|UqKfw$qb7q?c<03I|Wzfn^tpFV2$6OcdjeS
zESf**39tCCwU-1}`3@ab&8Ig#<rfu+s_We(W9>l4aRMi+j_!{GpZ$DV=rGr_yq#Y-
zkk9+fym%pqHs<R#*u7-dAI}JJ57@0~kuYj?QJ?3^9^18>9clab4Dn#{+M38WvN$p9
zKqTAMLuh`%;tv*}s;Oq8mLPX4cNM-UWwPTP&TA6ETj_A|-SR;2`WER!+4MBdM{mfM
zyd>R6tu(psX8LQv$zv>~YW24G*A^_hOpoL9<@|@TBKtOyrtLN5xKi|LT@y9U&C8it
z`X!3uRbHO9ep91=X^uWUf;W}lxAt)*(QQTO)FkaS;o?;ZdcU{jb1PWktdkK0uHy$Y
zTmoHJ04^sPRRbrML?$ytagTMo8b@im>5mtM*;0Ho`C$-&KZ+`-!u>Ro*0}}HlskK?
zcyplzVgd03WcW)%GliTC$U!1P)$13<W@;fFI4uLzQz+m!VmI<R#6I({WNOBDICbct
zYSVEQ2FNHY^dJxS#qUF9pKAXmUhO5Gw~qUP&bUgoj5~B)?k5Ax!Ii16T@2DQ<{F<B
zy@MUU!Qp1_jfu~)M-<&Zae`B6hK}2N1nZsX1ja^er|%~h-#2Crku379Nn~H6I*o;G
z48cfEZ=9hwMmG<FXI+F^IJfudnv}KAqRUAOpfh>|cw7Bsm1IDGo{Z$BO_-7|UR;qm
z^`@aUdiJvxCAv2Iz^YzNWBGM(U?K4gO2c*=QG1@;Y36Qg?DP5;e+FI&b)7ZbU{m0w
z=qqD`faRFU&pHx@x0+{(7TOm@$nvku<b@9Zma=g-Q}UEs;MyEyGGDnTY9sI8WF#(c
zf;FL^i;vgsSH-GX5tT3m?8%X(jM0&wuKA5c>;vGD3K=IbN#NS!v%ePuL8uPZlpuqC
zng_S3-Q(9i`B}62%M&ZBDh2@$2O;(tgK@jl%kQLP2;U@5FIGx_+$~sQ8X+5_0cysu
z>}HW8DvE$Z>)nf4xkk!XC<;^!w)7_oeC7-7@sHxpbnPVT27zkQ$f4E|BVA{8x@21y
zh$SiIis+|{R!6_5h054QYVTdAGC?uR`-(SN<Sxsb0fAz?R;Se}p9_S$(&C?w6fHbW
z`iiOcB6s1<E1#5#%7||K@|SHb^FolD_IkhG_z{V&Nj#6O`1i}Jt$@Ju+c93y9cFkE
zy2*q_LDLcW`kiDS6Jp*6HZ@a0Zf+BmDcSt@d^?tr26j12h_Al|5z<b`GEXe_Ts7KT
zWbNMcQ-0H7YARz8Kbalgn#=6CJLavc%l5U%vfPP6QT^LKH`wc#>DvEoafjn@QQUqf
zd5KgR{pid6WY@2sqwu{hJJVqX?%0-Ss8yl-_;WP(^<~2I`N_eqeTvZvNpHA{7`hm}
zE56#46p%6Ug<$459p>UE9e(R`-|yjAG*%??9lgj}6$uwZ2bOVoUB|OSanIX>@aW<;
z|JSS0H=6_D>1?P}SW$cSA??#|5_;oHJs1-psh%E`GnNps5N7OPYH+s=#@!nP00bMV
z3dMJ>MWn3@eA}xvp%RKz0rc|m0T6`K_%q@Y(ElKctZinf*0vlvHJSx|a$kRZyJ44y
z%F1`HFNpVk0sp-u_O@h~<VoMfsn%~yhLG~N53BxFy6L;zr0pE2P?XYr`;~yDMOVRg
zA1%H(Y(`{R_l^p;c4PRxT$CjyOA)f4qrHCCQ$2?CYG{8eb;!z6FXtj#J$P=n4)uSv
zoG9L|2Q@VqYjsXIR(ewEkI6Lb+Q>>4MBECMD#9^xdVkX1&zXHbAhvRu_p1!z=6gA^
za+j_2K~>Z&5r?@ZKbKFNiy-Dz&o>8Q*Q5Y%WBkBHTs=G03y@?5WZ!K;8SV;XWsc+;
zy_6#_^~w0xx|k&pCL;YOBv2F1Kxh=dAb#uiSriAL7kpM6PvEU>w)aNZk{iDH+k7SR
z5`CPa(ks|WFcaB6K!FyAiN-EBNbqs7)CKXo6%1iHi2C^~{x@vpvDj|}>K`Ytj;^h-
z9bUw!pg5r_KdGt@{_O2cSv@CXTP#I$lV+lqMvoSSj(d1PL#u(1?RD+=08*c;<3%G)
z&3|DvAHHDP^}pxCCk57uW8eK=N62P-@~W}x%ccRIa@Sg;k+-JzwojIf(d;Gob#Qk~
zR79|q>0N8g*e6fRtVPh@c)&g6SvA~dGDvy58GDUd`-u;%sD%~+-6(j`&I@q$%|_au
z1A1hN!1U6}CekK!O?_6l+G#%QqV+|8n(`}|66<PtAJyQaKPS>&MivLg%@$qPI~(lj
zV`QRnRSTc)w$n6O!x!Tq#~o-{jko*b^y>W&*DK5`^+E0AQ0j+2sT~)qG$A4Q(>S5;
z?DvOQY)V1wN%JYqV_wdVyPk6X$&)suZpzW3KnY~0-Hf*IRRjPw^IT)Z)r6$6yp`rK
z;~QUh4R=u0UR+a`fX%9{>r4F__#vKU?#c`KL=2G4ccr)1Mv~N+$O<L(ROozy{HR%)
z?QH9?-dEyhSA3@VB|PUS@+^7Mo4tQ3weyib5j-*ihdLGGPW^vqpwm*3Eb&^el*bOq
zaT;p!nrt>gHa<j^l}dL_zwyE|{nK(c@tfG_(RbLk`7DMM1q}>1T&YP+J668$NkXFN
zJ$;YBH`H52_sD~s5KnaH7jXL!@UJz-iZ7ydVc{JRbFb6)6)6(Hn~#u?0!BKExoUUk
zLHjW)4MqPVzw3GTpJvPm(_{HdD(;v&TE@*$tq5PmFDge`%xomDv>#I(1My#zyo<uq
z!F;1ia;L`7UGTH}z(h5X23zj2nsObsl{jv);h)~X=^6GjP%pPoSqgoF3|J&GJJjj$
z>H1U$i~Q>OY`(?FDv<bW+OrVV!)*8{38qs#2XS|G?6RoX1Pmr_D*Jm}4=tbQdoEwS
zL+KcMim5U|=*e^!)f%x=^A!U(bNXJn$B7b^&+9#m30@mmd#OVZZ?|Acjy_p5eMOG9
z2U}DsF#QFFn@q;W<Adj`2)(%(I-tbEbXki%Wg&@cdrVfXBT%xwmQC-9F+oQO>?3{u
z87k?}_o3dzku*@89mnX>*M~q;C#SmWgg@v_rDr!y$P{q<0lmgY=lQ4Sih)kR^|^b)
z8}Zd8Rg$_86RS(rSegRl=r3rLdcH}7yKUkTH<rKMTJlR$?f>9Xl%oK{n~IS@adNnk
z{JlB+Vjk&FE|^#bXzGMQjo4jX;NG8sajJxX-@w3|m@HTMveM94ztay<{dtOsuimg2
zXzIo|X}nL_)b@L2(4I-8GC~5I`{!*cXqJ&|`?I5!_1v`Mt9DU6GZGg{V9{OfBapXM
z8B&!-LE&s?MaYlcSoP@53!QxQ7E5?UjrUVhIuLqYN$^EKzz4R?o1kAc26|auPalOF
zHf|2zWP4S}rBCr|zrB{9m}1Q87|i^+{1or1?C<@MlV|z#FdMGyS+pgtINyXOC8~w|
zaas>yZss>otBrnkJBLugla+PRSNy@CZ*HR}A<6OSv?Uqg|B?2VQB{4>qv)m^4oEi&
zQX<kF9t4zbkWT6D+<=ErQl+Fpx~01XrMtVkJKxdY|K2y=9rxQCV}Chk?X~yZGuE1G
zW)bQuQg}5ECTd|zM57)p;J55~Uk`dcwIo&v3ReZ@J-jcAAQZiYs=$8trA4W-q^&fM
z#Ix`KCi3h8nY@V}>#R*LnC+8gtpKW0;kkA;yyK?V1A#1ihiSWq-XBeRKN{LPLv)2|
zHAnig3#|tdTZ*i%ZrE@nfzS*d9LT3P0>NkRy#Cm-I5vUq{FE97K6h4+$~nHvfDN68
z7OMEWn|08kZr-6`KIEaF5XEjiDdf+gw;a6jjK7#VFvn+`JAX%VAD4t#;!D^{0FYUb
zyY2#cZ$=wI3e5=p7q7@+jW?_369iClgu7j7JHGZhenKE7M+eUwF2tJRQyKU@A<gHt
zp|iiYBCp#-Y%A_T68{9z)%^yUU;_ba@wd*mpw4Z@OmK;?`x4eBj?MWCx-6fyedlur
ziGFHHcX0QzliWJ`Yg|TA(zT&*b-=jM8jm^3so)381OE+K_8Xn!rFRSz8zLOC4(7}m
zds%SAzdX(+(aUN;B2!a7ZfpM~Vc@&*B|nKo6l}jlYj!c*B##}QtcB#WUX0&&7jiU#
z>a9MCW@GyfZNxUEJIxKegj*WXl}+9`;E#2OUmGjpVVmOkv_E~_tR`F^IH`$xmfbJX
zpIe$fzwg@aAHzr`=ZOf~C)a<cHihvZtcH}p4!csUAy{m%=Hm(Xv{$}PXRqO{4ttO2
z`Mqm{n(E$}pv<bpf2p4?%GbP*2TdFT5(J5V6uy)BN`D`YWO#Z9!uO7;q*K{Ad^Kye
zARjZUGsDtn*bz@f@&b4j?|dANLiW);<f;WC4UQ;VgWvW&c;C*oE--!or~5wziOkQe
zzZ7XOXgf)@Ras<!#UQmdxMSY~@}n+3X-#W!S7Wg=_2xq276scVs%NxDJ#0V0u0)+$
zDin1WivvKIxek9miE_0%n?s#_;6RwWm;u27-lQTBxa5cC30bv|f7ef07~%p|%kxKK
zZ+H4MTbR5@G5Bs;ij?9m`Z4Cb{6bzR$r!UyLk4Ka=ryEWjc0l8D8ST`-5U41FJTn6
zW8`dM<4WJUJQ7&Nx<qGutUSOHh_UD7#lpg0J;`dL{p8_?qQbqq)aT}B2!-MGx?LOK
z<Kp~&V4Eq|2Lb7ck6L{M;mXt)eEc~%owV;p*aMdk^O>2g;T;p)s7{$V5cd`hQZ<$J
z^;zIHoW&>Q7z&2w#O-KHE<m@J#BCESS^y*O8Id?6cYjAUQfuTJT=0rthRxT`$Lf0C
zn?=HtFKYkpq(^@Jy7cATD^B79c?MW!ZJy!u`m-6|GDk(*ouo7yc)_Dq4X%NG0}nnr
zdb-K*xCgUD=~G6KzIODT!$V&{5Ld~}{lvEmc8@gqLhCX`rzD%I%puNe<~aK8Zl~?_
z7NYx`Ge5(TpeF_*so<o@>E7v+c(%v08OF!+ggzFG^xx0<1IFauQu$koeH83LcyYyS
z{d-sRGo<J3tSWfFZC;UD%Su^sx>-EK<u11v*jhx?AQ(c(7CXz4h1Tcprp_%oPRCA4
zI>O*BS+JNe@6~!$e@AVuL{~dicQRkQz$JH%;%Vu(K^}|$Ll87B6&f0IzL8xp#{&|c
zi8a9)amuE*J*Pj(8lA4i?x2zsSW1(=y;fAUqp<A_pydQ)#1w@zn^|EH@lhWAu({xJ
z)4TMi08^T%+3z%jN=yAS9&SB$Z45(Jx=v!K5)cR>xTNUH$;o<yx{h{uW+gK+Q2#q}
z@`Etlp)lP$@ax$Vi-$-<i+YCbw*1V<b@PckZFr~D?ai%F!2K%CdNk^!9u`zCu-b4e
z(4YHjo%k#LJ9sDp699xLZuy+0t$$jCWtL;mzx(??{@s(-%+;&+GPKi3On?6wiCXqh
zM39984gc}=%)sv0@!<tSv@ptxzoRNpX7IDqoV%|I)3?*0=T1q#pGW_F5VJBmU0zY1
z4g7GEpZn%Vw_C231fSA-y?Lofq%R0ce;<|g2(2&aHs-K4wz8U`pB1c*6qi)R4|^YJ
zM_NwuO1Vv!H{c&gpPs^M5#*^9y1l2rBel}Ogqd`d|IYtk7x<Na+v83%717SOi;FeS
z*o9Foz#((VZSAIXq3+D6P5^!kfZzKNf@oNXuPU2w9BwYvntSV1a#TBy3_K+cAu5@r
zE}rN3Hakpng#$&mYpOAuh&}A>fBARb2>UeH&t%vie~UTV$ng0)ESw&P`da{`wH&2j
z_ah3=XGbu?p&2ZTUgAx*n9m00oGN7hfrhliaV1atYKV3X0ZnVD^}2X)VnQ2uHGRl8
z7xNH-Ao3InPkObo5|w?E@xHFu<olnQ4W-UMnK8BRoENj((F65SEMFT$l#GxMpjd|=
zrFR5vE?Hv)*iJ*43s345T<(jd<Xlz9eZ|zl@B;{LE!8zz%`-0Knif_&sp|fwfZlo8
zo1ZTHo?2+?e0~ySyE{`8DnjJGhWFBkG|_C&;GdS_05r0YQjSQeKav?1)qXiW5PH#z
z`U(YbB3xgfl&qV{B3zF=ZC7twVvEwyY#};?GD{-+$F69m6nHh@;8G|ohz{!B6e56s
zDjI5zZIHw_ONzG7CK%Pt<0iF#B|^z(HtRHes`%!9imqj){;t=F^4od&E0$B~)YN0n
zjwDk)H>I?yU0oBy4j&yKX($<4z|}ZI9(eh!LDRU&aa5kg>_vo<*O|T^9sg+MeG_|a
zI$d$z+dK9uiEYatULIdn7F^K2IuXf((l01?XbOrCMwZu%%!>{9`RFeR;or9nLtFwz
zDYr8!`K6U18_8R+xx3so(=fyZWBG=Xh=TSk!Uo$0`jnp-QHYLs{&8$?B&P5Ia(=j5
zSsb1ASzbxAt?@yMgq?P&X8a*Pp7?ng0+oK_O;LEnWn=l~z>Jj8_31txeic~jm$`ef
z?qVOircSAs-9E&$tV>HMAKWcBTguWoqe<3VX|rstKbK!vEXe$YqWC_j&RsP&d8oe}
zC8W#bZXAbw|ACgeDx8I_Nylif(+VG2LAg18IZ-T>p{<|DS6Vaq>LHy~29-|CN1(8y
zZrwrDyuUylM1njR+&~yN*TBc=q_1(i?_>~E)wG7ut$Hq!b1b}={mo8ZG5#g95<uxU
zD1v33=J~<D%36~T&xC21d*_D>CcvPm{zZ<N-+u&`D(>pJf)5FaF60s_shWoKNt+TE
zjTGrAM`U%~hPBAc?=4iV(w`3$Ndi~z6?xsZC)?b;yp*Uk^i5KpfS<K;w`M*qUht2X
zN>zNVx<5DSMo#CDGJX=0HDH@$VrPLa)Sf*WlW!lN@~3Wy^IO$?*u<xcPcw#8?7d=x
zN!AL=!q_p?o21l;{2Y-El6wT5M!?WCV~UG@@F3r>Y)gJ^K!|_=Ic_ywkWg@0d**{_
z^5*cl5w)IXWVPR{Bj}LcENbR$w$2Su=-e!X-58wEtGiIZ3*4cbCC?Hw#30fpD`DE{
zU}nVF>t78n(p!OBg2v(9@ret=-(oQ5xsyc45>dN9w>fw>^Z<X?Jh)_>$tQ9zZY}5u
zIIKp1p|&$)&tf?|nACw*dU&Ox0~R*DM5n_haD1lfmI=g1IBJ0Xpv?C>ry5V02vf<*
zMdQ)p?G7kVifTxmx4_;?{E65qpilC#9o>pT!A1nmX(lk8$k7<6j(L)G^<G5Z?Jm}?
zJ<`(Y^*5SE3$2+wKGBk7EfS~C7Kq&%B;j(_t1y8x`tw=?S*8F7<Q?~}TqGMqN5`a4
zv$jP_VKB0g7}^>n{@!*Uqg0HKw9hbxKtdfwoiHrl3MLe}(rNsX5+5C9(=dkI^WD35
zirvdix16(wJU-hsj<bjv*m69}S{V}Ws|C=XPH1`F-VOHn<fg_bqXB6?`gUi#3FMz9
zABHx=oyU4koL;Gm2ycF5W(g-W5T{;&uc}#3a6!0N7?rM5D1fz;n>AOiE{c!$Lj$R`
z*H>qyG<(gH6!!;t>q$FYy3U)QpWSO)eM|S=l1(#KIjwgEOT{b94>7xpSJ<l^8rsZ+
z5dEo_$zWlVHO;itgJIErz<OisGvCfrg(7#E{i<t-^k?uyNU}6V`#{zX(yWl+PgKPu
z4tSp1T;yEm{_k&#TuStnwg)%^#}k>iY7AXATXx0y*KNxmQt$OX`o?9Gedk#{c{%Uk
zFilb|Heuv^PZDG>QM}!aE_5c8*?eX5w5EhL29n@)I_*lAUZ;CoAuAhyJu+%73LZ99
z>}&NUO*h|nGZ$;`3zvC1FF(j9-S7nckZ1u{VUvSQ4DgwL;Cqek$TSaCRle@_<t)8I
zjff(4_CWzohk|f?33W@^h0`Ok7s=5plN8l<^ZMJkrmb%LE)i`eOnG>-OS+UZ=74|x
zMvA*|Rb%F&St;|}C*~IKEnmOm`(8egd$^VFmkEWi+chls^zhdF$`CIPSemGE0u7|P
zMALewGz3kv>MlOMH}cH;2B%D<5P;Z9)JD5+Nvbz%sr^CFBxGP3gRU&MfMs<)L!zNL
zOlp(9-cTl#|LVMlDPZYh9VAclJ(oRY)z>~(Uj@|ZzGTcJmM-4**o}}nN`1)QI@YcN
zfNp%Pb9Ix0SaZ`NKlk_N2($R$hQC7d_~T_yd&u{L-K_diE!tv0IgE={*S&?Pq`t;8
z{Vk!m^U2ECryva^{_EO8T6qyqU<n<qSlBlHzUp*T5kU(jJq}Wyy=iOPp0-f+hY(tc
z5ZxeD={w}gI?$r7yehPdXNjvJu8ODQ^t!ElxMtBWFAknq051nfY@Gzg!0Q6nI1gMS
zi`(@tG<{rXyx!0uVi2w3PZs(>`^tWi#Gq(?aEiiKQGg*%MazR$P0zR3WVYGk5Nw$6
z9V%uKctq_;n<o6t6Kv7fR@>$|rHbG6^_(d5ePcdJB>t;$e=1v#zRzQ?9nfG(d->>T
zG&Q#3p{~8BTygt?O3Ixev!uS&$Y(prYnp*O7x|DuF+H!sgNtxx5!*2zM&hK3haZ>j
zJrb#Knz-~KIFv7@#q><=3(`$)$>;jKW+Do7hN1^3gdWhD%0#OOP9K76i&a(Y7zLXA
zx|D*GW;=v1787qdKl@pp%}bAiV{4s$BnTNem{XA0(==Fr_Z_6-&R*X%!DvN*(7~x@
zk>`jicDHeGKDaP;fuj0j#&`5$?=;JOi`ap+eT*49Vx=tLX@go&=Y@LL37Zab5}2*0
zsl$`^E5ayj$UsQUSBP%y{#j<hFeNT8!W2DB%gO7YE~w(Nk>d+TTr|$A12wtt?fzn(
z+0NCmu+^-V2xvXgoVwaYRgk?plo7PM*&im$7PlI$#Z>vT{|`K?v)aegGZ+6E^px6b
zt9UIiaDm7B@**?{>euPm?yP84c>jTxB8F!_csSvsmI(u@>p@VTDbl+No)@~#01pmv
zCI?!gor0jVVc|HnDuzI0Iu8Eqme$guz-H;O_3iOTFHrP&tAXYM(@VE1<pgfLzUi-F
z1h#f@pG$D*F)ZKA{QMGpv!0?L;@e(-eP|mSBJx)^NI*1XRc~T3P%mYk;6`Q&f*?w5
z4#;|NTfLbq-rdM0+~<x!OjxPjCj>O<(=}EcGNg<fl{AwE=*Y<>t%hjPJZ5Ne6?B|0
zp0SsLcbNWC-xu^<bIo&6)tHLb7w?xz@rI;?=7;ifn33P<OXlZ&(sOT{XYED6f2P(y
zAcr*)PCt$*DS#wS`s~Xm36<Qcehx8fbfLNI(IWURd7tQPWcu7%hq(C3yh2tSAF3~>
zuk!V+s1&Inn%Dk~#uZZfb<8vGPwmjq23e$e@Uq(@rf$YNvtqd6*S^!S^Pv1<xl4W&
zXYigvO0zl^Ng%)c<N~ww#MkkR4nHAclf+)4`;H|0R0mX4ag9;~F^i5Id79G2hDm`Y
z)!g>F3iHhetCh|c^SGF^l9@VZi|Jq-s$vKJmrVgMP6eiq865n&{tk#xvI{lXm$ZX+
zaNWF8DpvzR_^b<V*iFx<?s4y^`#AahL}HGP-Fliq;#REI;(jB>e9>c9MRHUyNncEm
zki>Tc@~OVsc5%4sXHEf$>bSYX)24xc`ZgD!ucc%-uBJBTfsO(A>#LM=ul^!ATyu5Z
zXvTPA7v_7eUSrxd)c=YFEjN37K^s)Yzl2ICr}mQmaoaX97?nm}a%VLh3#*SVlxJG0
zq=U7Za9+)02TQeZ5c{h*LBDaC=UUtb`7dUVqW_R@5!+IK>-)QSDpINOr3O)?6YB@8
zZbuldf8_vgyv;O)=Xoi65r``Obui86Ub16E-)nWXhhi715b}hI35x#y84Rq=y-rhK
zY#MTJw)+NIVeg+6CXRpQ@}i3NXH{Of05i2>X^Oh~C27IT5>NPAnVDJ3Q6E=>Q()Vp
z%hs6XhbYHY(Ybn?>GWdj2~*7Ba%LbuvzxFBf+_u)DX5*a)`ZH(0A13C{+7GeC3r>(
zD^RH0rGGh>f+aR}|Lgv0aV}`OWV!L~Sy%F*;$UBojjGBI3vF{y`vW@c2!CEsw9#*K
zA=8&geIKVZ%DH=+9nbSGmO0Q`8;MwR8gk_R*d~bHQ&y!LTF-RgEy{B5BgK7%j#7KQ
z6>;e2shPUHG&eKwISy;vEd>$iA36+g-OpZ5{}dDK8)6bG*Bl&T0>3u)Op+|{<ra2G
z5R-^^BTmMLDH_g~F3wz_0PnAEW*$Cr>@LL%iEWldT#~Y=XL8s{y~vO>_SuH-?E47^
zy*AWLoF$@bb2b7iQW8H<McR<39@^)==#|*<L@*(1d=x=y4eCCrciY@tbAPa1Rw+>K
z#}yI+T&%Zw$<(z4K_}h8)KNki{LjB4>*7X*TzkYyrK7T0Oti<Uk?c>O|F2*I9qq7{
z5pMg}PEMD}hL9MDgjx8T7px6*<ooq5zdrY@vugUyWuzPa=%~XBuVO-Q5-OO+4e1?Q
zc0dThLO*C7Bg>5Y7_vAAtJ!>sFseHwl203R^3&bV35;wH-FJB1p)5@?Ca`}>(OrGp
z$lw}-EzG7je2$+p38pL`yKy!);}qC6{`hW3Xqr=eH=mGU?=5fQRx@$^ZWZ;S?BQtd
z>`zrr;Sb?8`0Dhon-ajFqX>fF<=kBl79#8cW&V(-06#R;-DzVm3h_7aDjrhKiXSBE
zBDstN0-{#9MvONM&Fcn}RF7fkbZOMK-`iSl@1y{7lHaz}Oe#L>WMpBBdKyi$ZZLCk
z#>Grc(ITdcdQ$G#<ReK-&khyYVz1dBwWQ>ik}tPB-osmBiTzxqc*0z0x32SK!Q-?)
zUZn0r&W;iKe$?}BlcX~?78aae#?*SsO2b1AU>jUlKf5~{6ctj#VptRMuH?Lbh#&QB
zmW$8HDERr4p$a0!%q^J_uJVoGDLNf8thIO-y;j$&v%Gxg*%wEl-X3v(k(`3+t<onw
z+)0qYw|xR<-KeTKJ~w6z2cFwldsB_5F_uFj%u4D+bHlj@Gj&v7>dQ9(vW_B$(sw{J
zhz~?nU6yvFXT1Mh62;r}P^cSVD6Oc1=@L(oxSgpVMX`LNZL`ok>f1%c$3K4S7J`xS
zQ(Q{pMT0M63gl^&$6tAX7pvZYoDun#Hm@F&`nx~Tvv5YgJ=>g#Ms^tDR)TTk5t5xA
zB{hioUgT8cC6MzRBvqR?n7s!z-}i!2Enel=&n7G+@bZ+JFl!k$Tx<CcN6r-weRh^O
zv0fUSGCE0)#``8YPG6_KSoJgrC@d|F#p+9^eIfdqc6^to{U>Q-FhWg9$A-_sd%Xtz
zn~4H-MFjtKenDU?xZ^cII*}paS1@_&qd_~wCj{{?VKO}HG&eJf>4HH3It!3m35q*w
z)Jpm>Nu`z>M;HCgi(bdu`{B68P1df9)B}!K%P6@;ei@^^cQP1EqenY|wt0&!2p?$C
zJ|6^>SUc1Ls`4?!=E={8h{Fk}KM82h>MkCjFxL9n%gm^jh&#ae1c-9jfqoYRXlu2x
zzRcSg<^m$Dka~QX2Fo1ls%7vvmQ&rEo*1|7?E13zKRrhmLFvY5nN%?&!mT7jxyds<
zR9pFp_flYk<^jqZm{L{j<nG7((YWF~PjXTz(mqq1HaF^5DWcQ+m&Iu=FK}~I&+3cW
z>hCkopS2Sx31ctlK3Ncc^7)VW>({G<0G<Mp1XIu=w{pT)#MqyVAmjP|ZB~9k=rpgK
ze8<7g&L;cL?4_r?a`f^kUB_WaMgc&V&bAfHBD|etwyslsMw09u1QDAmgN<leIh~L&
zbOi6WjpZ{o4qycnA0Yc9Xg1q!>5CZ?hkWpY;EcC@)4=XgV+x6|Bc7{s87XTI5>Z&X
zX+9+A>)GFwl@B=pFZ`J?(Seu9d%-t-1v`m%Bh|l7Tc)a=EmYj7)p1TydJ;C|6@r8k
zbmwdIh6_u7M-{+TL3$*^JJVc?h9L2B+1!k0sGswypQ)9GQ5_|O7xpg~GW9YUjI_IQ
zb}h+_X4I1vNujmlOT(xU3-I%(Q9ch7J`e<P1gH0+sH)?G)i0EwOC#J&@W!{y7~7&W
zF&hi~^2(5?-8bF_9?KMF6ue`6G4Ujrbd@x7!>&y%6~4E>0`~T5<&;gOcZs^!lio0A
z0O{oV0FaH02y6yAzg*Iy(`;-vPzCz(-Mky&WfhXR_+gMCITD=l@$hi135h1b%1`&3
zg;XEaJNiI)4e9tvO+Tk@-qI!k_vX9wzm~!fLB}k9c(XMGC4YN7LV+o&HOgaM2D-K4
zRlPxLp)}F+bsWWkvH8R>f6B|0H#SBU^lYxbo`@{&OpjbP?iAN3=w00Ga>?tt<2&6|
zIdmJ97&`p&#1k1iMV?ItUL`&X%{1E}SqOg-1i=rt(?Nhw|1FV#u|XKZ72r=Ip0?qJ
z;7<-<0j2~{;$FqVe+XX!4S*w{mehZmk|l}+sVo@6c?;$f|6OqZ|6FkU<G=Y?X~~UG
zem|z)rJB1vjq#*?V{>~#_V|VE>Az8I|HmKN=M>(-RvwQfiK!DX7RX!xmF<g)_H#bF
z_rm+@22cvZi@GBNwPA1c0}o18pN>dHgYV}iMVEaq^&a5KVt66WieuIG2~}?UMKq_r
zc)LRxA2SMCjKCPTDoS(9v1%F*@cstrM3oNy!awks)oYOfLl|=|ha@X~j4S@!`^~AJ
zw(UPR_q8~<E=<OTyoNf%bldtsb2s7jZ@U9KwN4&2$>oZCv1pH+wyuj**2HIc>ibPz
zr|p|G_sShwi_YDgk`&L8@q{$aN@wHc7h^-u*HT@0!ECvt^uz$W545KzNhS413w$K|
z2hG<NmqH=d7sBS!JLZRXgS)b;O$(zkGI>2y$fZUuvZr3`Em!rs2lp%YmksPUcc%ll
zyF01Y;Zo*<dM$pInX{g1mX=Y3QJekrHA0%2gfL?cwGim(#pHMjkNf>i^d0OklW_uF
zTvy<^u&S!dWL07>7-r>l|M>u_I+%nbL>^33Vqezoda3gz_}1O$#*JUul@NzCZB3qa
zZpQm)yO-wCwj~6ih#nS$MTZD@>7ABlPqOPDEij+o*2MapAIlmr6ht;2{6GhsH+$SA
z0EZFJ8g_a$vd(>`gbnh#lWei3Ny-FOcd#ho{lbd>^kzGV-(JtzpPZQ(;4Tja=WOYt
z+tJX*T*H>6Dw`=IiTv2qn!LX+4S3Fd5@}u?)l9Yi<2AT9vThI)T@qZNa7^CSz)T&r
zG3+{(Op^|~f<dHQnP8!2O&S`SHQ`u}sq6evgW3%jb#E$f?a}a3lQzzA<&QnmLC)Y%
zGb2TLoC0!+Tj4s3Vb1G!v2d1*%u3$E(uwdmGlj<D2kN-nrTCsJPV_4IY*gsvTdiSr
z2bu&8OrIRsf4C!s*S+v{3tpE0zAV$TV~aYHQFlkHhG2#r=<LuPNMv~gE9^bMRzDP~
zDLbrtR>S7$YyQ;A5rxbCB8%t^c=+f#*nmM7hL`OPwF3Hz@qX<{7u`38EZsc^;u*3;
zydso|I_|kMin8(^Yh~3&Cl}9h<98NJ`G3A5FTBtng)<^K`fzOijjiN;x8CB&=t$~V
zW^aNOWd0j(qe=JIpeh^<-fUzXBb`?=J$k4TOe3h%%o}m=M#SM2?NuTmhM6lHjz8SC
z6>s?&`gQ(bnSo01MK~|F=|@N>l<qYdt0oST20fy^_RQZok=CJ7-YU=?0(_v`Wq;@0
z<+Wgrm+&iBDj=O1(>M|d&YdW<Na=6{j-3En{Cjk<mZ`4`7+39K1;r^A5i?euW4AQ}
z&0YqXVYVVS`BC{`CZl7wN=xGPZZ)tpcu<g!nUN8S)S_eAfFi!jl{)?QJLZ8Fk3s*P
zYpKVi^3*2fXl%@RDqnF~AuBT$+>L0mr_*bB0B~yp1-+ABsD?I)FGOlCs~JisyBetH
zlbnqFjE<e6^8HRyUjI>xC$6!q@$fb2|NX|6q9fj^MMwZ%jWCC->_<eJiliowJ5aEV
zq>3{&JoL&yYS<FSqBg7-I;P$@=CyR4)N*r`O~hEQ;O_KVZn(+og_`Sn+&oW()2MHn
zvW(%*p5b71I?V9Ap52?dJ~#K^9fCS{arPk(D<o7I>JkD^WwxJE`o-kRL{}!j2t|it
zEW;psFId5b_H0W8)zPJ4S2p~8KZP_=D^D|qv5reIXgViqni29EodR4|Kg$AYddw-@
z1_ScJ@aWM3NCig>cWS}GiN>=W(Ms2g@h@+P3(+vq2sh0AayZKm3%|=pdFq8D&tab%
zVYW1E@4M{GnCEtzYMrmAwtdR$z&4#*mbV`t{|0_VlXMRlITZaiK#Jse-KvHI8*=l%
z67rW_c`rMw%FfGdW?A1QN(T!))DDI`eJ*x(%m`Ttug=x);~fBJKDj3)J55NU@!HMm
zC^DTB6mZ87<`h%wCe|6fjo)j+n%L{tu6@}wU(a^i;2=bt^%)b?NV1)uNv3MJT#Z-o
zNC9IkmE>sv(&faamKmkGrc}-<ZS(_zISj<ST)C?JOosdqs>B3y_-wwVEGBP{J;aHE
z2%svptF+`{ZTsiYVb?KDjX(&Z{3IRBpD2vZ`2AD-+Z9+hwe{8J^=1f$<pNre|At$<
z`IXNtcAEX{?-3Q}iJ7YZvGQpX0wCJit~}S*%5hdc9&9zz*KVKf4Gu4+XBTwz^K4Th
zV5s81unpUp^VuV4lFNhVrq2>q(eIU(GU<_l(L)P&8sMy1aE@nzr;?hR;}20^V;fN)
z+{RGBhUNUodGY}ub?YtiCQ`Tc(&t%H7zn1aP1f}}339j9zw*&lKq0vh0WUen&&a`A
zpS>TCUgq*y_hr4BPPelr3h3%e$|Rn5c=1ubXA@$NzD`Dq&Jwe6jntFMZBcsDm*dMd
z1J_mUc_L*dT{?Uzsy8qE*?=CY%bs4+dDhY`d;6lMt#9lXX+*do9~p^q2b;}RE=v!Z
z^2~M_U{IcW!vciv&mJi5U?WV0TW^5{QI5wtFH;g&S#cvoJpR*+yXilA)&L!5lDWBD
z{1DW^MZv;SebKZOC~DA`#8+T^s2?>=iTET4V%%T59%n|>;6|i8@Fga`=4p#g4c=s5
z^0d+RX4>M;@Hxj18QINlN^|%gHF+2lA`IVO|2mgc`KlLuW}QJHF+>M8I{($s9g4v}
zH%nd4<?U+$oy4rQALB`4>{A?McJ3rHqVOHH(6M+x<^eSS5n0iQTfR~u0rN((x0-6B
zx5cSqth#8>-@d@BtDE>k^)b`Gx|p1E8@8#E5P2f@(tyX<%DX?_YR+h5x72B<P_nz}
zeevlUKIR&>J@C<LT=mjU8>1s0F~{ml=ELg3RJn(Cm^9O-D~%+R>Nlat`f6X=20i6&
zg=}X#!Q3+h=x>q`wraFiYPvVS>>umsojWFWmTB0pE4`C8X-?NK`H}ucOWC}`30DRL
z6Rdnz9n~{d;yy808+d@;Z5QQThJC?&`nL!S$PmOhctq7{G@Yyu8QBxT2-2TOfWx3j
zR3EtZrGiM_JJWb`!1T)!p5x&0YTDJ&u(WqwVA~AbFqP_kyPXTS(<SY>b!1yIR4pG(
z-Mlru-cAve_kg!aDLyIt>%5}k0f=$E-y&o%04z2Ab#8ccSr_3tEjDE~2toL7ULZi<
z{>lK?Lmq$dAwN3J&h4)H6;mLGl&IhU+7Sseisz;Y$zc+c8n&!qE;b@Je@3ZTD{W?z
ztqW;a{BoWgtR>^iPu>mNUt+!=KD@g&e5;Iu*C&3H?}+7}e_cTKHe`ts#`#JeEn`pU
zV}*$%T`i73t%{~yt?G%e4zXgP)iG{X!_5|$x<-~GHm{fvSY$dW2S+VDWcKux|H}}z
z`b3D+ydFEqdn$W?%?P`Ab-!(((z5}OlEf>yY0<h<M*iu*dgMx1-T77X=siF76|toW
z9%h#3v5%&UE{>k?QZuW&*0E(=&bfPQAmwqPCT}YSg@RYuZHH%4xC&nE=0<&Q&J+CD
z;RzM%d=KCBcELXkcy{`gOzXwwX-#UXF$1sTv4RWQmnoHJr96Fo*<*j21IaJ&yy5Hd
zh%yrGXyeC(<wq)2y;9<cyG<*97H?J)TSV#&Zr@?drv3zy`k61}L9hCUeFeVlJE&KV
zhvtJbg10-tZ;0%2Dk&uLoSs=fjDVBspA*dV3a_08T+qrD7Esj~jGGF!<xO@nDh3w$
z;gxRIhW`NmQ91f9TR$aoKN8`<2O~__UI{NY4x~8;^wCc~j~^hfIkdN62auF9b_^~f
z9fdFrWa0>-$jfCyVy1?b5?K>4x<4DfsYw>7;S(80X-$6?PqV;gJ`lKW0Jg@)NG5!^
z`GKP@vNBGc2=)9>K3r?&UR>iIQmMCzGtf|ZKeXuTjN**ur)@`G&v-6`bb^7V0Bu!s
zZTXN`cqnqa=N$NQ5=XR!MgqOg#Km%ZZl6`dCyS{EM}s@D4DZO2fng)zn}VR&=;0vC
zpT44D!ffZ9MH&?{=Kx3^0P5zDIa-su^B?|?ZA}@;aCcY{clh4(QgwVjc=pRfy;vF|
z<fqn{(O5qzL#CjOyM_oE4ac)qboDmwQVI1MNkWNAa*p#)#TBLcX`$_t!rnVN@uIcs
zYbV-;6m<R>%BI;{5t<4I=k0k5ZI~xof#h<|pE`0Ch3_g4mqA=`Z)w{Q%A8>Jyh!M`
zBY%CROe(ktk75MSn`(?Fm%zrV3sgz<s24Boo`@3@SLL%7=H>Is#Vc#p4K|)_pj7}i
zNzRu?-&(A%W$pc5u_nwS6xcb*^X-cKdGD>QjkJjfbVk4(CR}CQuE$xoagTOAC{%Vf
z?lU<1F76|;V8QkeIp+XQB4}ssH8Wj$ct(9ePp#c=$Vk5RWa3-jrY4hF-t0>0C@EIT
zNWWT-pAFo6B$y_l({7C)4eCpnp55hmrcAyPyv8<xpJxthd2qIaf>=Wy9xhK^YGzRZ
zA>uIk#}1n34OZ4d|Kmm(11xf4l8cj4jnl%ugZ^p!@&=VkM2HeU0ts3VmFMc?-cd^X
zb0A6uyp;<@efCPuHG2;^IvU7(Rex0|vfQ$8zEXll{!BQ^xovRkNiuJNy8{bd7Kbtp
zF*>UI*f`&r@ZHanO$Gcf^)mb#$VtR^Nq~5g>T|3d@>f287Co9~Nv2ZrW@@P<&3s+(
z>A*D};A(K=gh%0pPi$s^cIL$OUBpLX%`wRXt+EgH$6||9?%B)oWLQhz4&e=_JOc^S
znwLwzc?<75TPDr13DXTwQMgqG+#Mg<XG>D_ENY)l#H3J3&sQtDGlEMB%vqlgP*wFH
zbHNTPPk=f|I-r{vSDu@*F{fO!a5Gas4OXzTQt=eTu=IqJ95mHXwhG9p<5v{bR$UI^
zQkA<%lI`>L7Y4r6>?Vvtv(pQa9nG8FmGq?#jM$yT(}nwXkbd-MsHzfH%DkKQvB)a>
zdzeL9!V|e}XG<{`;kp!`MdH!eG%YPRn6!v-eqHOYqG3iPpu0u(I{U?+!ae6&5bkeQ
zo;73)$xOz6ao!}dU8z7*pDL?+Ecw2xFDy7`U5vM4FYc?)WKXZO*<A!gCG|JzuI5)!
z>j}p3O(<Vdd)c-GZ7y;ok!04vt~#32Ovh1nVE#>8zD(;rX?^ve*JBFu`19J2u4!y7
z>F4R6N`*9B2G<rBA5B&K^5cGAfV8kZBB-#an|NV(?xqh1i;5;kwZ~D`dXkvWfzFTc
zFf_$P@dQp{;6z2Ff-|s08ljVcN;wA+cJ|X`S-@7Y$?fa*pvORLOfE&Ui-QncQj8>5
zXR#PzfT}ugS?$&Fj069KWoIae)Ee{U+4e<GPYWJ1vw&*n^-T+R>195c-pliJd{?rS
zdwGN#9pIR~AdvY{pQ#0d#1bIBM6QJx#ymBC|I2T5?*CmMHlJRikzl_w;}XrUF9XpI
zrJs4B)*#T@v*)vTSzSDMlQF~)*!V8-p<E)Q0}h*54N{DrvGs8L3F8_{H)37XY26zw
zKVyM;%q+Kqi=u<)babYp_{a1INUuu83Rk^pO6F_&%RT9`kv|u#ELkjekTt7$e646c
z;8;QYe6ZlY+4)VsWjC<XMy_B>3ETY(`;RTof-Uw}k`y_Ksj$O0Fi2s?Z|ecf4cESr
zIfVXr{j(Z)V5m%y!~Ki4ltFYe#{3-jEcT|Yr}I?5!Sv6c@rYki-|TQj$;~$&T@x?T
zBq*Wge1C;BO&de>J|pp0q7Yd<BN4p8nvmn+{7+lt#)Yh(^Yu-`73qd1zVzj?nlWE9
zQUuo#0e8yIicK~?(!KbD)3zVGN~B2W0ZWwU)$o=!>amLjl`ej8XOx6qy#mi@(MF_1
z@!L*CGO+OF-uSM1<H={?9XRj46Qcx@kS1<}$fSOS6k69jfnLC)FWhZO2|hU%6cU<^
z$H}9AcRk`c)f`t#9r<M-g+5LFnDzP>$g37^4L{H+%;C2DJ&t&z(~UzzK_E|{R%`e-
zsGnXx%7x;ti-9h*UdlFe11k1Etk}u4cshbqs;({~?w|RuPWimUYPsx`cFoc0Fp|O|
zI8o{uF>=J%#$CMUU5UI~cz9$ov#JlKaUqFTUTuUTZxftki+*kp+eyDBqDmA36lLt*
zTt4rvwY8KR533Nulec~c5VjBd=ipBy^F{O!%>_UdMz{4BxG{BY4~kKMHma&$8Bw6~
z{%=U$wxD&=H&w)RWN53vUZU8@895L2e)1D+4exn7cq$<OG`yyOgC%(}Mvzn&G$Z7s
z!8L4OyUEL;Hlq#8-y&Ffp&opk+-SMZ5nlO=L}@(#{s6|OFfF%%)-{RK)CBSfbzk2P
zyA;mF$s@lW$>3p|PoS&?T?o2)Alk|Dn_WM3?w!XHe1#V(E;lB?8@EFIsKD)oQ6jEw
z>hYA+GAW@NaGC42uw#Gm-evPmS2MMS*OALnTN)lubjNjci9o3Vch=SMAB?$#7=l;o
z(pk;r<|gaZrOUGS3k@-yvmtnCk1G+1Z1xSgoH6dFW=Q(_b@{@N<3SWsU>CG1AErb|
zLiD1+=S>41??Jx2@9DSw4t6R5o36ThteP*Noba-1j`=#+#q>^upCH*8=chkS^(eRG
zmz*K{#>dbB*dUc|Lv7F@4<FYlSC1A;1|bA-&e5>j*uj{CKl!6FW{#y2H%<%(e;fm%
z-Q|o&<!LN?lM4kv1EBhVCNJ<1AV^0D{+CIQkA^p;2xaM)ou9s|uDSaE)wA#oXuGp4
z#vad|v)vM+zZ2h86+oJ*ho?OZH)n2(m41cWI+qkHnEr$(8(E_@VPZ)Oz*CL1BG6h>
zn1+0EQJ`cA)c%Wy9~b+Tl&y`ff22G)iC~0ToDQ6%Xo~QGr=DO0zR><{U|h~n&+$j?
zCIR?5m=B8{Tz%isTKK?*E7p(AEie1Tx+q|Ym)m`bqR9Y_M<bq&k&%5pI|)^@x-$5$
zjVmL3E0z9ax`^>6$i(fTQQdn3SBRO>;g1-xJeFi}$y{WH=DPv5`7qT~7P(7Q&TqO%
zD)(J`6G&Y&W#A9Gm&hc4<5?99DZ-JXv6r+ASOFge^!M}awvXS6G~r12>Q@e2brzN5
z+WY8w=H`6Oh=I6|t<2uptuLebeS37#Py90E9eL68q4>AVFfB5qiXR?&)`8|q0Mtt@
zk1(SnTxfKbt$i7Rxq710asG(ox|zn~#nY{;%XF3ir!Xgiin-JBsU65<<R>-$q`_Iq
z<4d>N;=9iL#nS_wqxbR>mAlK|RGeSZBExn180N(tgf(4p)ve$fd!b@3I(p(<H+~-m
zH19W5fC*4(`EY4{b(5$BMgJKDA@sj$_9p!o(s{;(;SWVO>0S684fajBn|Kzh3+Ihp
zf+OocI8*6iKCxTIK@d>*fbWXR`RrHSbHsEue>VUTP=Qw&$wMkbXqAG7eoJ?aLUefQ
z++a%wYkcVr{*|?_k&GS|?0ybQnTujS@9XNN8e(nm{|#ipS0_0FsEf$TS=!%y`Tu(T
z_l*Dh*#C9H|MBO2>Gk`?ZoVJA`9ar=X^*$tH4)xiLVtJ+>`F@4BOdO>MsC7y<qHXa
zOgJF}>7vF-KZJ5$)R$@A*uJj0p_!KX&;IR8vJOM~?e8p7GIpoa>~s1s4U3Li)zh+T
zsrZinyLRAhPowdAb-@HQ)D;$ubgV1gwshKEDRe)gLFV_7^XC42t*oEJt-8c#5`1Wn
z-%E;@8mbqEGyS~-D}O$oj5M<BJjMMy+K97SpW968z`VO&!uIzwROXP<!JU)G;gq<?
z?qW1@U1(?oEc)J&t?w-I-9G=($VDBq$Kz@FD5lE%BnF)w1C0Mz2Wz|f@RXtE&F6+^
z)0;N~3@<`f&qn&-Wo3EbI&*sCO(kz>P1Z@dBzsX#;_gjEJ_@^=ou&mj%dabH%g48;
zR;9mcBK|`+0z~{F9dz{k;532L78vQ_He5aIeqS)^1h97(<~1UiG@xP%icIC?wYpeh
zpW{>5mrS|JYqaXJ!#uu02tIXt)lxMLVon-7r4$lbQZXukTLNQDZ#AoBPWuF^{k``B
zPOO&B<0kAwtQHIO`3@f^8U~vV;*@_mH>`P4e_2-i%Mn>13|V}9y=C&-^h_T%X`V$W
z@yi)4Q5p1~pCKn^!k;+<w@FaK6lB!N<_*S4C73qS8%3=Y4C=hwYZp8zfX?-s>Xa~j
zdnV!YcAcF|8?S<%MI15&q;Q`fn=jq`7Vq30v712oPLNaR;(mVE3s}@?u=f_;5i4^c
zSKJZ43$Os!Uk;bLUTz<YO8$$O{)+7n_y@LaUb^J2E57aN3(?VRMQ`g<_m(=dOKH?a
z|M?waTvN$ZuyuJOe;%NoR_uaqc9ty`u^H9a@+odo+OyNiYGoRj-4J`M+`-k=NKKsO
z+8PLuy{#v45T6|j5>-u+Mz<8MUc6X62Z)n>L2Id9gcg-c8~t7M17WQv<=1PQylbY{
zJbvR#dx>%_)L$EF{*lWO!#|PFvw$y`jq?sQW<$T^Z68LTR^9E{&!!U%Kx<?qlUEK*
zx9K=TiymGd+iQHiYJb!)wjHIg(@YBF&_i}@g8x@6K{~$id93E-;X-ZW3os$D(UgQx
z#?YeZgWP5ECE(+=*RtKci?F7#wvkxo{679${iHT-H;%o{>#>y&@w$V?5*amg3Qbvm
z$#=F$dtJmhi%5EgWgq-K)?Uv`4oM@56(COaTK<(9t|6kTI+|X1Mlr}XqvdyUG}6Za
z4dv-xFuAyQx=oRH1!oSyzO}vGIQ#q;_)y)1Jk{h`F`w<xiD!PNPUFqV7=KcYJ+M*C
zUHVgtId2}0&n+H2MErjymYeTZ`v`W)P)8^2X=HGsO@G&3tv$$R?^SMvLp8$w;_e*z
z)nj9ut?&xT3~CH8N^Dcl1qT#Ot=V;36K){!L>f3x_%jV2e*kM<f0Y(G(G~!P^tH=P
z#)xvO9|&9b;+pY)ou$T3Y_Ba=4$8OP?)C%|<#?6gL+4WSUgK)yU2FvV8bnOTCt6=v
zrZn2ZDeE3}nb@^Y)69?3J@iiC^d@dnr+O<$UCnvEj6>k?dSD+@J_28E>-)poM9rk<
zXn}9xkhZ)6!RC#*gVgGv?a-M!l4;;&MB6SeSE`SBKMjH|K@ISh=spT=aA1^sE&m&e
zQ)JIpQNc3itCbtR3=JLB=46vw@c*fI=Sf8^XiRuiMdoMH1TmIsltQ4f>y{pMBgSc1
zYunjRTXY&;3tK=qsz~#g!5tsSdoT9*=lsAx?=)8#{B>Ht;YA(yPaJPhcHC$S49ClT
z%l2|a#nrQwNKs4(*EW3@!&aZuF7Z=V_Z#t`>FZ^`<sk!x@3s889g`77FLq~3$W`Vt
z<9GwNzkU1MkgE#CjhU220Ic065=J!-Qu#~V7oO8^-SD!ic^j+-P!*{sn!7b_^2ouE
zWWij4cPSxad)D(h`+8IR@&cGzaKzl87z1A?4y@joNnis3ModFIC<T~IgtTWME8sL>
zB!n2ZPD@^a|4AzyInO~Ec#9~GaA&B=^yT)yrS0+8*;++vxM{UzR6>8oE+)2wEv~=3
zh=0u8VJ8)WIQsC|t-BTw{)>_{95flsk#AsKY%W3<-wW}JdU{FmZ-;pZQwBn(6jV!z
z82~y6@)FD+g82HO+Y68!^?s7I-4saRKnHQ=2VUb=f5QH&DZ%q*N}mFTLWtqY{D@`9
z0D?p0#-qRtJME&U!kG{aV~9w|q2J44WHd@#_&CZEIwEfC@=5~8`o9xOyppl}5qZ&;
z&>eJIyEqguPkrA<-nFiXDL*`cK%o9KK2elqbpQz<5Q#AKzY|&pmk|T8v?75T0UL;t
zU-*}B%4<cZvp3R5-y&WTL&Y6%4;&l{EyY7mANS@xlc~%C*zXoqXQ#avE23dGFOa@~
z3`{V#@92rgM9IUB$==_UrMlAdTG5WFGTVua4qnwhYmVe{D*Z_E%Sd0Ddj&F0K=<?w
zy6kW0h0Dn8wy3qb$l(2t0zt+U-0gFl``eRzMfb$fTtyM}&9Tx{b(T`w1cd0&(9jQ<
z`2Yh^4C^u`LPlq;RcGX%K$Cqgt%Bwtum`I_M&_+Fw2nZ9CDgGmupfB)=FJ;*2+&0S
zYMTX}N&F86N~<GE0|Bb|Rh7R3QA}YvefmcpfA~$@KM>Pt!tVwgWYFy^JEy+Rg@Ogc
zpx<0+ti`f`7yy+)XAXH}>;58527C$)&08UZzD7roR~>Re$&f{tr&zTw3}gbe_)jz=
zSow&#0G9RfyLZcYn8SoFzsSX(K7E>~+?Zp4fRO>nBS0fsf=dYEB2;^J4;kq)nAdqg
zR@al(o`1lOzhOejXcW(4#*qJv5iFogrw0(h)S^cU5eWT&4*>nsr<vcM0L$Zn7~91U
z8Ah3UXDo~Ws`Dd;7&ayt@gIWVYSxG~0#5xAvv@cM!sjP<KZ+<m5;c|;0<{k<<5M9b
zTmS(+zVbTO&F#Au_T=`?0)W+Q+7Lw?gNZq~1#J`I-&^Rn9-lL$Govsx7JFD0U3nMA
z9Pvf?{{4E39OY`I5$u9PUDrye9J=d>jEK6WHx>$*jofG!h0=&W<aeXa()-`{&^+pz
zhb8qU+r!#B#J*uhL-YxXjP<e4`0KD^k`~+lqtM{?{B>24-NP%wc&~Mrm82cQqG(x$
zit7&cMZW5#zeH54dkQ2HY#O+K8m`?E@qcCh0dN_;?$80_W==X5k+u+`%>eK(+*U-0
zN_gq0{-Pbd?WobnLwK~0Zg{3oUg6{8t8=1>KYxg{jw3(E(&$@qQo8=gE*j^zI^5y+
zy^(F=A5s{e;2hrHG{A^_?<C^cBJ)2}j0*8^(;clYHhXHVtHxhEoOIbTdJ9|sV}q~E
zM!)P@9ttW<PR+;Zz;Ev6rgWX{sG0bM=V&cH=fnWm{T~(%=H^Angs-LeY`W8kCF}fM
z0EVa%0u?sc2HTq=GXJA`kzhHhik%K%%+tgZ6ZJ306qpM72a~v8WU_t_Qo(d^_D>4=
zT1|pn$O-H~5;3-j(?ilR0-D=i0NlV3@b>Q%@M(btDsYy2sz2a->i;ds$=SaWVLSB&
zmbwMNo$k_|gszSLwjauAixw70y2NDo_a(;UK+Co!^p7y@sUOe>Z#1oL1dL&eO<}h1
z4h62tT*;<cn8@_Q3GgPCJOn6>)qGdFnC4{5v<;N3`WBZ1Ot1|;Yb<e6$OuXdh?N~~
z(gXX)gav6|m1MjE6j48lQ;KUS1B8f}n9xtl_i9#mRms?YB~I;n8t<qOfhb1B52B`|
zqCQCr$!^4NRq~Ja&!LUEJU!ma?othg3%tb#qrZIrG|^}ZSq?r?{dL5Y(oxk+guAW5
zKTIWlq01w`P?rN8TK<#H9;R@88ZFz~5R5|_B-+1}N8>2hFLEf1^F6y%4aHxKvZwj)
zPMP*E8fDx5ITGTp^LOB_2HPGm?zbKS|C1wAV62H@gc}LUx7;7jNL%2-%)e~^ddloS
zDU7{eQjC6qEzX6&Ku4Gk(}=YO5wQA^xlgwy)3Hha$w?Q=>u1PUMoJh+P=WC(0`w&m
zz5b*2H0r>iVn;EQ{~+TxLweQZkoB4rpZ#vTx&^naC^euJ5#TQUqsc|fy*qUP%9#BJ
z>&<G~u8ne}bMvb^t!KzEBZRU*CGH@wPse)dmTQ&9R|w>xb2w|+p27Y93Koy5!Hon{
zHVIdBzLS-<2Bw>6d_Rrfbu)+A+f?4aglPLeM9Y+!i7!R0@!UM0P3%s@pBk99#PS~$
zu29}zY@tzM9vh!9?oYgw^Gv_HB*Dwm6hd2m8+4Hfu><Q(5hPgQ=thA8I|yUIkh#bE
zDc~z`gRr)E5U^^6II!;2<4D<Q%z*%)UC=-UV}l69pF1NrHQg6vWGI+cyf>TWCHT}?
z+o3IZnAcdSM8bgrG`e{}?%z`YWlghf8KxRllQ2n^!@MH4VbTgxbogTQ;U$_l>H=*v
z<bxf!n*-C_jX&;1RwV{#9{ZoX%^jUOpP+WVIx=d!+1c$TJUuk<z`wnuQESnD<UhF<
zb`sDDf^O8}cKRk=7}D-8{X#;rl6J>znV)v<dwd)$PVu-uO24_`YWVU~&(u~kNIr!Q
zz6Duqpr&y*IyMu3_`sHa(o46A*7{Ashd&2gis|1NuNV{!oA<t;dPIg^eY9>==19zW
zErTIHI;3O}*88#n`~19$@m^@V@rU2l3WAM5g7CqkrC*3bK4BIjwtVXs%;4uk%1^qg
zHV372<P-kA?gIh94JPG#iX%956Fm5HOaLs|(Q?m2dOg+v3i&6|BUqpevwegh2q68*
z;E0M=1|qT7qcD7aFsMsBiSEGy0S8kiv|mrs;GjRpYLDv8Bu(N#X?;siUtjMvHb{Ms
z(wHdPI)pMHxcdU`5XOU|QwqAEgFe@0St{R`yI&aiQInJJbj5U<#L-<`WRK6c%wuea
zNU2Ub{91XQ%vDH?*jimeIAIU&Lcs}Yzdp198)+fyN4V&Q=I{bJD$G^;{Zt+Djlo8S
z=V>Kxq@`y$+6qhU#fu-$OTQ?XXT-E;d_?2mj?p;wILksP7BeY~Xz&h6@?g{Jm~rp_
zwX$)=(K7qJufSfof#OdxQa<6ro<auvF2f;oIJ4n5HGK=tkxxoh1smM<p}gi2=r}6%
z{Hv9tj?0q0()aTzLW?RCez$}$xaQM3hSQfi8W79MF0{OOa~$_^=kgXUx<_az$e)c!
zBXuUUMR$T@=diJ?)Zo5%!*>WascW-MK41~CdiXM-7xH%}av_-cLp?M-{mEv4df;<n
zj?uzh9iz|P-gE_s|LILITF6w%$Bq;|`&&LZm~^r3!M6`&iLF8(#*>eZ&8r!do^S@!
zq`5P=U1WK3!}&L~Ybi^<HF3l24IPl(7{Cy0)Y!j@phxmx2w_J?9dv9b$)GB(b-r)*
zjq_Vs#9!GmjHX52A!q%E-maA_9{;%YAQ5}+Qj&5Ims;4Pz5DX)>>BBH;G!}*ygQ9d
zYV>kbc)R#z*O!bZqJEF!ZXQk+_Ew}pq4}p4a4i5oqV1hEz}|A_bar-Tv{|Az_0xnT
zOKqy!mLfPfSWTE(tYl{Yx<3iQ;}nUPkI#6z+|0rz&wIAz_;?-OL4h``{}#2((?Bc>
zF?AlC4_R>0=Xn!lu)Vr0Mtw3;2;t8b4ZM75*|k@XZnt{;Zx#0e!rwfFhnacZj9u&t
z!IKh{Sc1-XX{61~bFC~a{LS8H*3=j@9kpXkH5>v!>BV8?s6xk_K!w5#ZxXuqGY>p$
z(=li7+jNX{#*}WpwD}0Cd1jsl-te+~Fihf4(arxu+<O2;)pYHmd&oITkPHfvlOR!&
zAc}xQ0m(@~B!i%YJ!BCH3W($&phy%1BoCmVB1w{D5Q#(1app9<-}|5cRGq3@f7QKp
zEz6p5_TIgF^;+wB*6P*WXI7i<MTImv_FW1gNFT9i+p`4dkt@ce?_S|zdVP1`Dn^3?
zN8^b=pc4OO8e(1q896y?za|;vQ{`dyWG;!ZQ$kdx!;rF}oZXayCnxHyK;W(X-V2ow
z)aZ2l=7A057;AE{@^!n#$?8nS+aG9dL$a|~8))EXQjO7T<V4g;o{sJZ3vGpZew<<n
z-#HS#zgP<Y%PP}A^9-_jXyd1J%Xj&JP6e+4ap`+{Xx<e28LfS$t<BsS%JuRY*x*Hy
z>m^m<E8_|~vHSP$N8HGw!qL+h82I8bWa5C5AYZIQ(HWTq&(F7u4gTbAEjaia{*J@-
zqI(kDs<yrSF`HAC<tXHSOTn9PMe_l?&faX&;JcO*lwRn!#iy5mB$zJQ7E@|owgGZB
zn%jQzsj4dK(X}!*%+lSLJ#z7SD*ec4qhck0|DwgUwR^Q@6hcB;vm_75b?>k+etZ8y
z=wmq_&#x!yCC9sI-(+ZF4SMl5q!zl{TMOR6zsHjA6*fdaAt!@@p{VxLK#1&|9Bb)E
z;cc&fm(Sex+32-~lrGaK+uB}&vI`5HT5}%VbFn+{efyfT343BuRU&{7y(eaVqt8G9
z4IP~s_y6P%{6D$)|D9`f4QT~&&a^Aagn<GUAuOjyB|)P+8yB8H&4`UQxyljtbFxjH
z<a<zG__6kI(%1YkpSF1g<40AS@t&DF;mOe^R#VFW;<D4tx#RVp56T?Q$qxS%^!b!F
z>u{j;{#b+t1r&QV;;&D@4owu3BRTnjB_)QPWxNI(0vhP*KOH4!Qvfdk=MtM3kM-jw
zb!si&Hn3zLZ&DZ-9{MxgbV`a4J!7}jNdhUi?~Zu!4GWE;&w~jr{>a{f3+GHkcZ5(W
z@|^fMKEPKRPN`e4Ie(K6Na)*n2$OrUJ*AFG>6~)ql8EL@B3~iOKa|v?El5!$5Gg4P
z2eq2icG}dr>ZUqS%~cQQ(mZE^EO0mK<y;&4=Hz0ZIWpl+U)V$7F+xQ$C+0=y(S3)i
znzv1*)m$n%w{fjTR(<U8P??h!EGzOae0(Rir`Ap)P1*j+#XWOO#hJbUaBm2@=W<YA
z$3u<97&=de&d(R*#_r{$s1XH+MpD2teU_(3Q*IW%k&Pa0vx<SP{WrhA;^a#G1ATh}
zIgt%nd|dV%7#_alCMQUqdQV75=(Ek-oZsJt=Fjvf7_n$yNJXtx$a<Rcvvo9HlKbw^
z^<GM-?80m~TK@6Zk87p=Q-ghzkB8-wvk1SZD)P6R7ve0Vmp9t?Sl?;nV=l446%^}J
zHE~zisrxR}ei8i{7<$8KAcf~48LrA9d(-UrQH6=T|1{O!F6B7vaP2tMrs44rMBh^}
zUvTr*ceDsyoB;Re{rm3kYke*vOCWJUI<DM84{+h24=PrDYP69a^-#0H#)TPqrYFt1
z#lzi@v3wP0rwyM@-%=_80^az0i7Pde>VOxiF0krz6{3Hs_myQ@>u;9tnUdN-f}8no
zPS1e@;oh!x7G!V{pi+{ci-<EILb%V{DV7t&Yj{lpRS|<;Z)p4+RD6H1z}h2ocK5mW
zrV%hIHKVW+LJA;0X-)HOK|#3Fk<8Z~9f;vt!E|~$#b?3ehs+IMeUPqe6u4K6Y7Hl)
zj_c?+Whq79m-AgS+urIFDMPp~fkSdi9iZYSyl+F&z<`!N?%iNNqSEaDGCj>fKtRB=
zb2%m^#<=nU`O(qQP^nq%Rxmke=K)k)NA?ZxmRj>V2UqUWM;(nQ1AfWEE8p$Jzrl9m
z?~97sf^iAyajc-?YErTDDD8u~LRMDA!Ye)cbD3Pn7f0w3ugL>4bYIinQD9ygL4e}2
zj2gky)C6$}88ROn?)0})RN#!le~3ia=_k_~;~F;-$M>Uj_*~EKds<HXrrn$G+=75q
zCBYV^?TSMXtQVy%&&9=md}c5f(cpH+2z-<cxWe<umYjnQ`)O82UDbdX5if}x4EXnU
zJ1AXwGfom|kjqR7f*g7|0zyKDcAJlUPbwxSEg-*eL^+Ab7c%6R6L7EO+El}n?M8=m
z4}#RxRF1GWy$JxltdI9r7tv_A9tKAbks$~DSRY_6%_{<-mRq+)lmX#+c5L@3HUkBM
zj_|S`0u7RS^m`-5rt$H4*G+J5ops%i4u>6o!!f_nl>h}65S&LHKr0@ED-tO2x1@A%
z0g2n<PH&mQ<B*j?w9QlUx=05;=oKQK5h&IB0T@9AydRsLu4b9G97!w=4-Zf={$%Ku
zS_2jEg4^t8TGd@nDt7ki{39L^6n|F<A^3`G6(!uZf_v*HfDQvTg!@%wvjce0{p&C{
zvPg#H&6~3({vzDBu_v9Z(BpF6g5mo0x*BCZv#xXR#Qy|>?Wiv>;Bq8Q7u!-(ojq~s
z{E7LWm#i+Hf9Ip+ICpj6Ek5CWJCDrCkXQLJ9zs_9-(3hvgP%QPgzlt3Kpxz++Z^X6
zGvV{*Fb-G;BjjL!W5<4GG&WFr@WpsU{PTeBk3?sNQ=Z6RGX&|ux7TEi2~<_TK*m4N
zqUs3Rvu;hlAPpu%8vON&RZ}|CE^aLte0{YYdw!$Au=RhlxGkHr_!j(}zR|&B^-oJq
z#Gs{r+BYMxgDz)!oi!j`Dg32@@t+3B$b!$%mJA7B<vt14uK=xrX36d#AK?_dN`HL*
zQ+^}k_CrlIMYJ*A`TLFD5ff<#zknx&wz8+qf(Fj)KU|3ijC9OD<FWJ$1kYj!fE&2e
zn)MXh_y2jht3r4cz)5(bmCv6<Qu^xETcz{+VRwR&w5~a0h8t?hopbR$3v!6hg5>8?
zEZqgwPmT|rBTFlP7fL^pi?b7taw%&%k%!W_Ra8}>>`J2NvrAXldP+VAR4vJ_aYv=f
z(i3SZ=J!6aQan2LU!SbrowK}N<Mg&oh4aj7{fR`8cZxK8mQ4PhUWS$>>kp#}f$?wX
zYt#wr6)JnP{f@*mO|E12j1;lsUTN3njm1?}FIXM%1_NC2mqenWVu(s{sfB9L<HIu&
z`5S6{7QKJ5Um&CdVjS)$ky2>)WjT}M|L70kABF|w=;5M|yo2a|zcZOUdqDpWUS4ds
zqP{RySHD&TS}rf&Soovb%<*H!F#4B#C~r+8eUi=qw84a&n(#o!2v2#Oi}q;4x1`j0
zDr;~u_NZ?3Igv6qInusnIEfnaf9mg1zAZX5;nM@xZ?n5TiC+hf2L_(T{Qp2lp2YI?
zD~2+hcob~1Ve0TM8g70v!MfK@9*5nj)newp1M(}3P_)}BU6HVQVBqzw>b76mPJ_RG
zg$UfUh*b~5L^~r+7?2jPNvNq2EO>en=(W0ibJkUtB01SnPLpkQHIDq&aTzZiBcuJb
zd>HoJD_n2b;L6AcV@ihnT2)+INUbM+qPzK7FSjHgKc=gs6EYU0{zoN7<G%vX%PMuE
zI-`qfmDZ<6cZqc;Z?KOLmOo3xF~+K^DXyRC>sOMXB1CbCo8#xFeNOMhAib9Vz}N?&
zgDS*lZWfBEPwq=#|I3={*Qd@8Ai*F!07ALT#BkOxiB;2gg2u?&?Rn*X0ow*vT&q4>
zj!PgXq)Ug_91gjDC@e9r-}!l!I=Vw(c^5$D)#G5`i&M|+vq0ixA{Tw6*k$>d%4@!>
z=v$x_B)FCIrU=&A?2$V&MEwgVllWFHH}v~qOV1;CiAbG`u3qFky`_4E682?`*!-&Y
zE+e8kHum`xJMgvt0%Y-Y4H;^*;Pq?t>r4-VpZqEP$%yjL#PKCy<W-YsF@Nexo6q{>
z{WH_t@E8En&i@9zs6#mQ{{7w|u+U!a466PEbNp@a4}r3izKC6P5344Ro9yac44!0F
zm0_iu8R_RmJ{^zQdw*lx<hXKghoRE?3kTFK129h-s%#1K63LJfYdam-1Is?FEzV`G
zRBxgHCBDH5|AlV1hK>3uP8m_1&EqdT(*WkKow+qbN1_#+jS-;hZij7NAmR%A!Pm(E
z3*N_TRCyg_3kiDQ{FM+jcz%v(6&wdB@KW$6xF=JtK8~f<{`=Cqw>gDTi1<m2-p?~P
zY_Q2GN;&PtJX8kn#lZ({qd;H+48rCl{Sp@;r%wkR04DmP)Imr=jRzoV5j<{vWofz2
zWwJGV@y&JS)O(m4g3>Ti-UZHh<{B<nkk4OLcF%Abb9e-w?z*{6ex^2$q)Z0NL2mW3
zpWPWMJa~7;YI3>4P{Yu8IZ!?I8rPAE>VoRMWv{72Z33k&k+0|DILLwr<4#L~R}(>#
zD&Sg)&7R$^D#Zo{3V8GXj%;u_T6CLT3=5nF@W1sml?3r`&PW8py}<ncil)Gi*_Z~Q
z<9b-VDSPyw%fQ`YfMyn+W9&)mH+EM{7W`zAmop+R?O@izPi!zOoR8rS0A^wU2^y>r
zB3-V%W6LAK&rEyiTRr>;hX<fO7k}J8kbCwb{~$pzBJbDuQ-Fbh)vc%ik)NY11!9BJ
zHb9VFYO`aNn7C$WK$R7M))_b_r2=o&0ld}eiPN3rNpR8~7d-*pV3Db1i*uRl=|Ckj
z8@6WQn#<2}RbVDlU^oWnjLcw<Ee;;l+ZBvy$mkbZD1(s7Gt4uv6DVt_C>9t2j^^pb
z2kc7xU$qE3k^h0(e@R9G_dkIJz*gPOIA?_ZZC5#CqH{O+<D4aY&-f22m4bzq{~*^}
z8jj=hum(u`ClcV_|3=yT1}Y$Z4bR~gaRB24C_Rfvz#)J?1~6_$WC!JOWqJLF6FY$_
zt-M$1zUSkaUq=DvgZ?r9XNY(P+j9`k`xEw$-k%}i9nccE_Ubp<yYe2aNK<IM^5Niz
zb-*d$0Wv@;<QIU~*E;~4-y$Gi`OPo1yvbDG&du~3aj){6Ob|?m7#7`I4g3>zWgf?`
zz)Xb$*NRx>EK%L{Y{Pf+gJIDg4w4;5L^zr1{iZ0L*hx#;s~F}Q8=%()qZ<qx*g!Gl
z*hxncnKKlf3IXEEEwc*P5&UJQOcd|+4K47vK9TkYCjGu1S$YJu?!~ZXPZGdF)S54B
zpHU2hdFxVgRI$g&4-!Z!hWjJ~WR!~TfpZcN<qzBbVFUbt$tg(2b~H<7Zb)em1uRBg
z$vo)3Y`LvidcSHJYYzzyQvn*z{dp6RLJ#~(LP%Z*&TFn>K!tyuR0sH607#<^@Flsg
zfIHaoc{6PDA3nng*ssAWQ^0l4#>Jfyx%2(sVuGYZ7JPslz^<--n|vhPQOC$%XC@pO
zpfE*@vUfVCa2_S==v6g+Q#tR9ui9U&$DUkHxc$g~cWwdkTM!1of&*o!>9E{Y-1Kw(
zI#;AM>>+Y{VBn*Y;}KtYH|}xY)Rg~zb%_Xe8K564JwP=vh+YxT)i`M8Ye}u<e1Q3|
z^&6frDnZ6ny<a{rHOO<fQ3^ZzyFu8R=A*-f%&|{m9U!30h5FTri|f&oMF=xOx1~1+
zw<#mu$Lhms2GbY$H8w+duvZ8mdD3YN2z)oin$FqPIUD%@=%4o?L|~W=;kWQH$h|?@
z2%U9!sF39N5gU&ChAoWAyd1{^dP+mx7z6fv6k!gdB8Ae)r){8Z0SSl=0ghB;PSUF{
zJB{97o9pA|0*ocsHq=sQcHan6Ak8j({&>9uQlPZLf)hI}BGuEL@!SCfTQ|uVXL<@6
zr^x>JV{bJSVk3avyPGjP$tUAHxwo$Z;5Jxl!fx2QXcU43wDm?UPZ+X*_!)`IqK;0y
zo-!ZZcyTi>$|zB9oiKi0_e$<}D=<lC*Z?1X7s1FOj}c!WRIkrxJsXY`6`q8mZ+B(e
zM0G5gL!B7i^T~o%P|hSx>$B`fm4b2d)LI8uBY>xY>DVx-hz1cNxUTe4()Vd42g;+P
z$Z2V9H3B8Ae(Jag(fY=VlADgAAzz`5i%>IE9;2QGJVKOXfh_LiGfN`G@9I$8j0r#I
zb?eW1D#QGho#`PeQz#D4>d=1rZnbaX(^p1hpl(cZ)`?9=hvJTdFs0&|T>D<UO}tN(
z4dX-J<~NM?Aqv*D&_tw@!Jc}0DI!DtsP~sn^w9iMNA<RqLnw&c3h4ly-=;~1B!vbL
zNF>TiHdON(p;mtg;zH6XX9;?7ja5nihL8kjNWpX^6b8KH`*ECXRG)>E&6nm*%u~G$
z!<YkKZhk?yYf8gIGh{0PvtI#E`+u$B(&B<BdiJm6huO-xn=!mLVYM9()A_c*dW$b7
zyQSw-38cvucovlzGfH@44|l0s-j26fQfZsPUN^&%G|1pO_#^N5C$2~(6P?n>E%b?A
zRbfhEe+1f%+n4dAIK8)^_mo+78p`~{yoPjDFa{Iz8*-;G;^Kb`!Hjr{xJXHxtEW_Y
z-IBpAgIq*`*O2nabnM_JHmkVYw)nV%gN%d3Ezgco>HYMZ3pc1vJU8Y=NvqQ>_Xc}Y
z%wG^qj6Pdk?QU#E3X*nTjX;Uv<-N2fZn?)Q2e!WZ`$SpQo*D|>a5$Rb!r`Fc$h>vg
zre^Xf+61H-jOn9P;XismDjIu9ITNW=E=J5msBlVMAh9PTB(x0t`%*pg^LDo!<&iQK
z-36Rb4w|hv^-IVIOZmOuQzf4lbNBD?krx{D(PUGp98PiAneZocDO5QxbdM#ASYrGQ
z9+0DrT|>xVIb9;bVh;*eSrTXUCtwK?ix9A?BsEBo3?}x2Su2>AmzSB=8}}y#Fgtg#
z-u7BrTC9-nT9>#o(SU^3!_<gaKy1pIF-Kl<va(G+r@O=JsLep!&g=1vK^$d-y%gDR
zo6E{BW!2oMHPilP6=I_MX)8R3S()&(4uioEeRwA$z`GuAIscJP;GP8NddWhhO3oXX
zv5usQQZ%dq=n_eIx}!vDT*vHVdA6GUwTa`OY7FL|2x*HhvX)$|6Lr5A81`m4V`nQb
zOpl~O)QrS!I*O{pRliY0RdtRL3cXKBYC&sz9a-%zJ&u`J584lf_Z;BrU)3&BSv~bh
zy;t6eLd$i+TK&Z?PELm#me^g(ESk6ux4QXMXSn*U=fffr+}k)xv`7>6SZ{8<rNkc#
zE;EMT=*tW(`X!7DqI7t}0)!pj=@n)_)-*V%DlOj=A<HIEx)B(7+F;-Lx>4@st;>0d
zZwdZPr}z7qKTPG(>QDS`w*?^sX{Cor(z4Z*KeM@PX!(RS>OO=T%X!`{9-dO(F^{x2
z5haJ)vH;=WBku5-k&dmY70ye<cx2R_lD1v}c_3gv)8FFzFnw`BJAVd?j4WSi<d2&P
zzYC)}dKPVAVsR^sN=E}<5?P9_t4{RfppS0!+Fc%GZ(OP9Y&!Xya95U&UL(Zaf;3wu
zt*ae@J<3Dcu#xEMNL|VwFdvrGxqgR+1oo4hq4ukq7OFKXeOp~!EyflX+2KKpgKf-f
zL;K54Za7RYTCuZ2rM2@+UYmcuKAfoYIhB?zFXYetvWRehNDz$ILoKc)A$2V$zwqL2
z)$X$}K_#N!)iEvJB&WEzw<vh}vRIUOlDBWJd?*|{V<ft@1WJt@&^5@>yz1c~EE8cJ
z_UgMGko5Hf4muUyehEqQ;m+mUvP2pcqR*wI&DDAk5?%MB+GVM(lr{S6YwTCc6SdBS
zy9y~Pb7c34ZrYh{5FiI`Eky*|MyAs5TRqGEDcRw{Z|!~H*D1S_>~q@Nt7FTPK)vY~
zV0JfA`<+;@CvmIgXRAu+S^atwe4MJvrF)!^b@F#F*)m85zbuaP11H{(kW>YuCsm&M
zgM>P_iTg!+`$i-1x9L$5WW4!S^{(+lFQ0v-j%%N;uCjJ_rve@Q?Qf-6QM)oQzIb%Z
zl@w+G5=_s2@IwTWNDrtg!dl`oP1F$>xkSCXM7@Kq4?yc5O*J((zk}ahv1N>)QhCqu
zh)yVo<ya~_QBPlE=`g^8G_q~p>0JhWrQjW3a|RWnxnTpo{6w&v*7kidPv^`2tuQkq
zCJVLnt=23(-XUroDjgkVOMcG$;yf9yj;B{I4B+rQ8Y|u0_b}T!3=n<p*D!MxudKSJ
zeX124S&Wh!9UCjV0G3FovpxAM!XRvRkPWZN4pKqy-V*5WN5wl?cc<4nK5|qQWD3v8
zI+)e#mmqR{UsR|jPp>Xd-?mrtm`g@ldWq^ANM!L3L&nB!7YL~CT&AhQjGJ-2HzCEz
zwr1R_8nzg#cj_+)^zrezPb{LOqEUF8k9@4UtrQ(`d~~GZHUASXOjCq|BrcFFY48;`
z#OH#fvx<hvlGbYr-^WW7`$GKlYrGfD-q3w`kXt?5_E?ledZo_Qm``#|S-2D(dxeo9
zwlxmryzGY4dw|(*hSvs-EKe6&yt>k)*2}Iv`dw~2_aiAyhnv>pt~zu<CA+Db;@!`b
z(0DpwzqJ~eJhcFB`Q<GkDS`Uv@@QgD){O5;BS>|r8pI+*-|rF?)Dxu?T-<}{1Kv<j
zeh?+Q5w4Px`RLm5y=!UV1x^*eC6V|HCT-QL?h09Pf42`uCnqOW@7%d_`Aw-RA9u*`
zJX|IhtN*ihyMT8?`KSu)n`qJ|YR1`MUy*2_R?=yZx-XRk`&ukUSQ{Ko$F=S&Z}><P
z@#nv|ojzsrB92(a0nb9}#Z9QBtE-FEcPelnXeu>jNLVSl&$nqiLn>fSz;eWE%%x^E
z5^M{rwojN2Hb9*o#+YzQNM7S$(?UI75mPjB_j>EZl**jeJO2AwU?jznR!0I6(h9nq
zyG4o&XW)cck)=+f?zc#8O4ElaafdCASJ-#5o0^(}Gu^pU^zZU<n+;0>1rki_8XBvf
z_%%2<IR5*$G3@|!LE+j#6Hb~SX`3aJQbkTqOYF_J7VPRvDi=I_!>B}sXd|pSSfW%f
zy?hqSpSfg{>gGzKenN0c!3;^@I%2zho4gKx<==tR)FYy9UH-KhbvNKozwd<4FoS-f
zfhd-Pe^2@w^;D;o(Lh+H24DCs=@$`41h8miD$0Y9th2RY#LMGzJ!z2dtJ~vkg&_>z
zNExV;6rkt2*IfRpm04L_FGSZpSLM1s22S+;=sa9nOqFX8$|sR;aEs5dDDfe^%IDZw
z<3a;|SWe!0(-HpxW0H43=&0ftC436iJzk$|#O5bkyufMwIp-C0lGc>Yg_lT`DnZsJ
zrge!u=H@m?^P6;dRPXHX?{B=iR=96z-P|ner`22ncDFn}1SjGSj?;pL?Gh3VUg)6`
zcA(>!eVv(8guOD(07o`QPF{`HWoS87$sE=qU#6}4CfA)up?%{9?r2)t$Ngz#M_MwZ
z2H!2dM)Fr~^j!SWko2g-q=%D@9l4d3Ru>17ZLC_Kcj5z6Yni0S^zQHn!gw{Gk~_?1
zzbhdEgg34zyz`d*`evsk#xt6VYo)GKVHJOs728mXzSvoDG`s2N>*cj=-C42c;{*G!
zS~a$Z^-T30omLf_R6h9Lp@`X3bCddI!52PK>Co)fU!YY6b|MPDOPAPO{5c_jBn_FQ
zC#p%iTP67{?8Z0pQQETF?RQD3gQL$Uj`wdkj)v`vEXs9)Trltpe!n;%2*4vH2fh_i
zeww!0w#Z{n=%Qa>j`n@hKfc{%a2^Ca=Ifodkg>r*Nx#M3oM%p{oEIGEDDY9#Dt{%k
zm<J?WI4+RvO2_s~IS&<kb4SFA6T{)B7$!)frn<Vj?sRV~xvHinQu}CL>cwvphYX+9
z;ikQ+45>-KSqpF`npxIQK5`_W#@?!}IUz}%gJE}{a^n5j{Jr7nN(=VCWx-QXO`?a?
zuf03kh6qk$AH8tP9V?_j-fVGpN8I96tqOmcU0fMN6lQOt4W_zN3!Lc1PVQ*+Z$((!
zwa&Qn(?tCh>U^b9`0#^=(7glZs;Mk%#*(R{p&DW7{c$hn4kkgHkH5#A0f6@RC}K}C
zD6jA6Q1X{6X1`i~vz`Pe(pnI!@(~-=xtkN#mEKkEAVTC2-{R)vkt9;3AHdtvQc|U(
zg49Vv>Pqh@zQHrSUCN9PH!r{LV6wLi4fF=kIfPA#`a|YO{6lt~u<t^HLX_<XpZr-I
zE1;53544)4rUJGrC<CT(S!c-^$jQk&*BiFGDHV2lZzw9^@4<xW%T87-9m>L4kvYy(
zHlEwJ2}?R2R!AaQ@HIjG9CVk8L_>zq<ZBOnts6z9ImFsH6T#dqi#^$9kc+h)iM_h&
zwSgB1Vij*73}Lo7hqSb`{!;YXQ@|6Y;1yeT^j}ktpB)wDQ<khJe3tjhEE*TLv#=*i
zsRc2|?)-4RsM}-%rNZujzMI9<rTm`k)+1bc3Y?etv@v&i-TCl`JzjRrbL8V95X6!>
z^_MxR1chV{fzAj7yHgSAKB=F@y5YLBA_pN1o&|Qr1*(SpAj`Uk*Kw^<47m)R9FV>a
zE+Xvp9<fhu+|P{`zMs;wAUW(a*cYkoMuZ1x!L%B~J{O}@6KADGWMjSLkeA-4=kNaD
zJ{d$gAGtWWxvd|xOEq}}xwx!`P4(23MxJr&!sE4ix1KAChu<gO=V6c?TDWgxU1tON
zxj7*_FO$D6%&7$}J`=ao_mPRh99P6<o|YGzSJmiK8P<)l*WzmgZB}f*Zoj+gsO%gF
zleZQ`t^MtN)!l^Q7HO>A7pa-Td|QXiLdO)#LlN->auRrwa20eP`nj~e?$))i{n1;N
zd^m|pjb(@{4C!>gT#!`nL!BlMt+EF}uECLq;G?6M<C(INisB)_gzMMu*Lgbyh{H;J
z;eZ_<y^IU^TS=*SvQc*>D?qQ+xdIkBX3lG^LgsHBjq&-7seabuO77uwTi^`4_Wf%G
z-J>yr0aY~h%%Edy(dq1cl&bx5G<Gv|&fzC^%s0K7Xl#`c<4h$zPHtzO&38fF^m43k
zlk+ugmnlr?ZkojtHp`PZ!vl7>DID~q|66bG(8L6*R{k&XtRAO?wCu+=2$%{o8&(re
z?%_%J-YRqXi4*hn6a4i-(VIKR^{drm-Hm^q3*3MAhmtS<EMFf>$mTcgw$PQfkDXb(
z{Kr1fte}oE`xVW|Bl?s_6a^PkzL38{CMwCM1sjlryhTQR=x1QVoNQg4$GS}9+8?x7
zaJaD_7mj4$)+L~Zgsrr@xZvVC9XCIl+302z1DgV=CC19F(Bhi2#Ro-sysijqzpjXw
zYL|{MX<1&~LR&dI?S*@Ol1Um&n9(2dl<FHs=@(ZShYppS?7LDW@05ZVN$s`0mdPPs
z{+DzauhP*^PW|>9brg$pK>@Lpw;uX&Ek->mMRO%-*t)wD(Jt!AY{Al889)5`QJQ}w
z`HW)Ukm?xD=#8q<EmpJlge2DFkG`JXtU;boHO#~u>Q)Pumofj&qn{qHO#TUeP1?%e
zZk4;Ll5Ii7VG}zW*1&ydaAP#T?exX-kE|t5)UmUUbjF$Cci5SNbi_%UQZYSO8eF}3
z5{NU0x8h9kEQDOik#OBrP$hX<WO=$=(ca$9m-R!vUjjYu)pL3bjC6riVCJfgUlJLt
zkJ)meod}~Mid1=aldD5h>}p@XTK|_k%Y-mRBD*h5G`fZBN)yc)aQiQ?N?+H_HTvXs
zwP5^3sCqb^g4b6FGoxOW|8xmt$u2?k1oZlRb3Tuly6x29VjP3F+EJYR<(i=_lGJ`(
z6~v0!+|%TrqoDG<MB4j+glI;PW{T);oO}fDm+HS(yTBSvFZ3a$lu5F);=XY6$rd_j
zBa~f&KK;hr;h|iVmE`@d93H%7XXn0N9ZH$+JVq0}y_2Kj4_7A+EQS{qujIa(3btsR
zN?jFlei;sflB)_K^2>zY12r}39COe08ol=r>B{?j(z5K?p60{rI;AJr!smPZB*GR+
ze)s}r;cYln%ZrQ8BHCsgWiw(QRE~trN^6y(hcx(X3!LuL65l;NJ*@(cwgdn~7?p;G
zlWZ*QpoGv-xJZEY_qk+Ch2d%!nShg%-5MWr26)!I?7l`}NZ)iz;&l}wx|o~EfIJwk
zpDwB^9x3H#EYq5k{w_l7WZqy<&Kiu0!|9VmnB$>o?*<52xxojVHw}Uiy&2AOx^9oh
zHXGD^tdyb=zsx~OxBv0e)-;>1#B0|DJ3YN8ir&!VzaQSjzF#ZM<6um@M+M!0{s2-5
z?}sy3_{}^AvemB`DgNX#=FZabZDBj26#W2HLwwdS;R~k(@^zlXV)iW`Fh-CR^ir!h
zrf9Yw{xE9VGEi6VXr9|XWXd<l(ED(c&+r}kY1j4r@&28C7`s2SdD5trc8&G0sQIWU
zCNwm3qONrRO~D9ll<HHEOE?0F2RK4!Uh-48R*oLYEtwR)n{+H4Ejka0KnYjf12T~q
z@wG7_griC}Yz67vcBFN6mwCF*!woY2Nh5?hLM)y2b+K2V)X4?9JaA5n)6s_;u@TJ|
zkinqNz)X;yR^{1SuXH*-ViG7vhv>DvGLiL7u9q4lNJeU?4SJ|>x^&kUo_sv!a_m~S
zRNw{PrXbH$&D`8vsG-n5_M>e_Ecw)7w{P_UEEoJXL0PV@lr-O<%@2D|f=SC>JZ0j$
zT?Mnnjhi$|o;{h@`CedcOAf9ac)UeknN%0{yK7frB3&ADOFATAlFiqv2(n^g5^O^$
zi4*f`e(srcS5*40i&C9~8K4PmyI)=}W8&PbO=*>c$#2y}17|64f`6wxAKF1kZ~ciD
zX|gtXEs#$p6RV%-WF?{HMc(!;vTa5aWNJQuiZmkB>(k?X-+NXN*(jbQG><|l9e8CO
zn>hfM#|&>v!Cpt+r+wYs-C&dA;wRq}Gi77<WOX4Gm1my|V5iy4Dru&e`P{z691y>-
z`Axj3#LyQfT(>O<CJwnLoE+-1&^OAWCYu)O66f~abE20jCX71TcyV<#V@HES&y$HU
zck2Xt)noI1`%*arPKt*C=NAMS3nFnG%-QtQ8H9{BUq%W;qc<q8Ck8I&L<YH;+%qP!
zzOdx;S5oT^jINt>OMQ^+l$xRPtXq{!Y&z1wkaLcYB*dru8ZN{*Yzd#PJ=vc3F$3hl
zNB=Yuq{iaL1NSGe^+iQR!<0yz$&Q$iVTO<NO85Fdc^F*{Z<`5_XIn?~t||h=#n`np
zB`=U4@M@tFm@nsm`TdtY_PR#2YL-|ImX3=?8?d-H>!u@PUwQDQ>(@K*2R8}LWXvkR
zL$?g>u`4NlMU}=WSuO@X&0L{3L!sppM@TRGV~}nEe<TT%QcF>PT8p|a?!?v5Mt}X4
zqr>Z(`rsQgwft$>jeZIB{!b0|CVc%8gv)4jWTM`o4)5QFtsep(T7O6^8l`mfd6+-u
zN$`M&O3mvRK6bE0cV#KUKMEW^y2xQGvrbnOn|4dwR?lj~x7Rt%v2XJT)SXw_&0oK^
zmjTgqD1J}L&9E_&B1B@_m?{y%PTXW=ypfP}zDxZw%T3vYP&s*}zjn<c*-K1`o}2A^
zHSyZ-5SpGsR@!)42ANHpQP?l!`z|*F(Xi+AqxBCQQ#>aZAsZ6Lr}*(}$r^{hE<z5d
z)7#3%w{d%c!0lx-*nas;klc*Zz5-K)3WR+_*JX;4*}g9;bNeRIr74@yowJpS%xA9-
zDcDtpaG{4&ezP$cQ`g%3?G{4zbXJn^g1kpkZj&ct&Si~zCRjK7lX&`{%8Z&a@G=zN
zf_&)_NW>Uns;{4rruj@T8G2UuhDYs5XHDbLC>lv)yjdEZeX&llv6->$aILXGs>ZFu
zE$azEwaeWPN^uzk1nHRY_bUove=Xncrz}ucGG%8x{=`$hQNpCT;Kqk~Lckb+9y{10
zj}wD_eagzjx3m{d_G+6c_ckB)fX!=+FUgxL;?=1T`8qm&12tJKrmBWkCbB_RBs?P&
z^LQ`hx4vDPfloT%7lAXRmX5ujz8jXW{r)&R2)NWG#VQv$8LsR?r^)8$WJp&XTxn2Z
z+mPn%Hu@T4M^pc}IlQt*mh?4Ucm}(vqLO((C~TcL-ut8DaOEUeJAo7l^BWU~X#rlf
zFebHv+MV*FB!IU?TTi`$w}aC?B=87kL_RUci{RqcH<M3S<_C>{QYn%5-q%i$uRfzo
z>xC5-(!DTWJj~lZu7*Tvv6~N@gA_xj_$tV!mXwrq5pzCn!W^OF0;h4=f9nSa-#@e#
z41JrR5;-IJJ)-Hb%MFg`Q8-@NFf=l!%UEQ;$jG>OI4{+FI2(Ap=hIen%Dme2%2x`%
z$mdoe^0pSPm$$a2c|S*fwD(gY*43DA4?NxP((s2<m6PGl#0LXn+F4OB?aqfa#Fq?~
zp9h_i%Nlu6WeF3Cr>#TRETcC<hzthm<%t;F_i<|f(nDx>80)|;5SeWD3R;wsdx&q!
zhX<Qp2%s~3tO0tC=k_E1CM4vL`DA_>B*L-3%oMKVp`TI;{K_Qd%ywqtdP!t9960yw
z<)t#5-;oKv8A4LZG(@RGgeO#t0Ho1q(!ixVme13DhD=E51&u}5_EQpn1s=>q!bhua
z@NrDY#sZwZ^-wd~ox`q$ScF5YmI>85odlc&6O)QO{Y|&#$G<>rFQQXC8?7Xpv2|nY
zuZ6lO^{2$iOn&#9j=2@ySO<T^IPz}5uGhD9WAf~-X5qhx6N0J6r4rAlwf$^RsKNsc
zz8SY~cH%q@qr4`qq|F3w#AWX-y=)Pp&n0+s-@pi+j=o?VAxL|q(ckxAr~j_e$Rq7r
z+@~u>c~78lq<u=S1bOW2Wsok@ctR_>)X&_}{n3#CtX)4yGP3x123(7wlnT-U^wBXz
z$gHQ!g_f2ei*mOOZE5_XVCuPKQa|bi$a;Qs!v+c7_a1%o?v7_(G;nr{%WDxj36`+!
z!fyrSE3iiH$Aquj56JJ+xa9+orY3F8($Sa!lI8TP(w(6pM2R*;d57+r-Y7KCXqZ3|
znGXxB_DeZtzQBD?*efd`VSug^W*Jug=nP3}g|0o+(P;57zoFsu$C3OIcQ+vs%PQrY
zohkh`Ww41HdsWjBIBaOR#B^A62!=iaRWnjJnW0p~DZ3}uw&D9KRHqlO`0q#by!PJO
z_iC30P}l!w^QoZOCvVLws#p|s&2939ohKEDmXCaR=cKUoc*<P4o+QX{RyTv0ufjyI
zp2mzc1sMM1@qq0v0f6gf{Sx+KH*?vxTh>ZSK7aypFGok-YtqujX|N_wT3vm8TDSc6
zPXeue)tSg*Diyx`Fsj^N4?jd)5oqsAy0mOQ9CIrl&p`BJ2F`OIB7=<zXi1~XgM~b4
zV#ne)yC_kxvc5Z`(qgyV`lr`Iru0Em$CJLlFv!NnM)kF(<27vm;2@pm50;%{+xn?7
zygb`hy%qz}gur87Zm_utg;fux@r~Dy!d{707u+}A<~w^J**|O%ZoR0#!Q`&lHDxgP
zh=yA0Y{Djp23eHonV+aZL>;Dhix1?vz4`L}yJZ%N6+l#fk1)DBd83sxFY$hPZD~<`
zX^~v)C6*4|@T$Pn0^$yjtrX3IUj;(MDpuv*CIdbb@xuvbFhb+76Gi8o9DC1>k6Von
zPigu9gFMCO6tx?Bycogk`n%HZ`zy6*1`&lB|85VK1>nyE4uT2Uek00m%S4hGN4;gi
z<=|mW#7p!Bryi91&FKBi@Lm30U`377=g9I-<T|a~<44;(h4cwiirjRdlrhO3B0JiW
zfwpSRg#D*sRB#Td@aJrq&wjW0syMt4Td4BM;7d2GL`Bv7pfY-WM0{Q8jbWe0nwtG8
zR=LMy86X1qLkS<;;KoO_YKbf+o9sm2rnCG)a*SIrBUCTNf&(UyoCD{tW<{O;y`q?s
zaqIFY-5+WSr#t;<#qE@yM`1?MZ}15NUkC*<3{()qbAzKTZX}tS1t7`pQ{^MQ{nM9&
zK91d7>iBZ*N9k_aW3#`W7aM9%$>Gc8ZwCBtK9%Z=2PL1X_B2pvbOLD^vEVzW`!|Po
z2ijwpDJ>q4*sn&ZwrafV7k^KlsQ0kig?(7l>;v#KhC#f<sc%8rSdS=2v)^FG{rB?v
z`qUx(%YxU+;oo9{J0jNs)9df+3nl^TTvbVfycFhcK75_2U8jNnGc}?-HC2-I825pW
z=&A!14t$EXOv9e^U|BG~lA8v^J%dm{LXS>Y92AeYLpC~sz~b(Q9YG?Yg=Pa`J$HwF
zs3;=EoQKQ?1_oQY7dlQ@QVVk6f&zMn%v!P=g`6x30lnB-g%+P0(ml1U7aX};L`YsD
zB&b4f6MgmCo*U$mx^NYbM|zeg_nY>G-WL{%g<45g43+(^LI#oNF_lbN&-6%Wg<5XE
z+uhk&37ShX!ff~E+&F&Q_rB42SomE?tcQC*NH9sEpZr=xoAr#ewr(42sZ-kWz~mm7
z0dO+(zD*kPSX6OZNtuWYSF{PUTQ(a)Dl9sAJh^`juNhRq4+nOz`kpv~lxk#45KQ|G
zeyfRlwOawH@x+;gl+%ilfa@ji{7)JD?FEsL9k<u*%v`2p4`v&-g}>Ypak+W7hx+$p
zwo<eTkyt4Q;|?NG<LNQnjt9o_0u)+M#yRYB>{UB%J?!J031gmIP0{3G5V07)5dHP1
zn8l)+HDj8lkTsR?p!AsL$?fP>cj<H=mW2(>>9J*ni+_Eh=SE4*B-7K~K_h{sRzcF%
zDGuZ$xaKiSM}(fr?WMTRHyB1ni9%A&%MFIgD>}ReF0{;X^e~PPOba5T!@KZN{|!(h
z-M*!-EtB8vk$!>;=4qzE%-`FLpaa|H=FO=AR)(hb(Jl_Z7X?nDTC_9ncrh_ui;Hh!
z@JZ?4f^pp2uv?l9n7z$V`JhW#kiN~i?36l^lKl%xNzrVW)m59Vb75@L8L>S8hL#xV
zstm2%eh2s8baN{M#DDGa<HrScb#;5hoZe!8`i0-q?GQe9)YCBMvxj=cQ(pYA6Q@1O
z+s2KcQTbd~3Z^_&Rp06&l#be-42})x)Yg@b0RjvHyH{YIjpOAlZx9#XkbAr$eF7lO
zL05)ctb>IaYJ_ai!)35Fh?ms!60P~{#bACY2~6ZTrH%kueJCkeU0+;W?Dsj1DKV{S
z3STZ-Vv<p`DyNCYi5~&S-|Z`&_A8Q4di7j4as?+vHM=$)&M$a)H#KkW9m^F&!MT#l
z3FZ~0D>&1P$6&$X3D219&y+xt(NTw-k`mmPx5)H<5Jxt@<<!Y7D4<|4b0@BY>tn6f
zC(Wh37a>_WN|yc6scTT3zEmSQb)Nwt$_mfUQaJerSmtGGa*syI%huLbi}!+T!Ie*n
z8!BGrM#*|iv9oVV(W$j&-HR(L-k|^Q-@d)HM)*Yx{&RRKI={fFw7?1UZVwdrANfCh
zDh@~)2(85zr+jlqnK{EsVD!_QL@zzfYka4g0{wm0#%r;Ferdr*M#<*NRae86?I092
z<av6u8ww;BN6OjSGM(;3zjIxal#?Kg>iUfPXMyBSAE|5CC~}XUUW=)=D4%b>s|OVy
zuQy{$zD6^wp8`Hti%*-i?)KU83S>(3k~mytb}cg-T?euiU*Xr-&2317ckYj>SDnCI
z$p$q=q^SQM-<#|HY@?&HI#a!WOAM~!d+o>2moulO>Y5tG9Rh8u+=eJtreY@QeOs$t
z7$ZDdN0qvPQ=DUhLP>Rd|KdZg;we8Lja8SFm6feqIXgQ8`@V>upzN&ogX18awId3s
z$1Pvqnk0a~U6Rg2KTi)j6oZalao-uuOY}@<_xpiGC8ZYJ?yM*WlQ$Wb*rQ=~EO0wD
z{+N?P$A=GTQVVLOWq<if%O6Q1wRtc6_&U4!DbaHp5Ek6#<B4^GlX%nHRffval=JU!
zk(z;lfxjfW-di&!FlS1~g1wpns4QspYeu%gGhn^o-IM|+=7<><dB1X|<GMoKNd}6B
zRAXFZ!)814)RtRnh%)=^(*8S=R!jHoByW~08C?(ZXQkbIL-S6&%r8bD`0O?K3_ogZ
zg6&ryvk=DGUV8cd>nm;ttD$23-rnC~stp7M_R7QLxA@-KSCQvm@HUUMW+Vz%xpkRl
z5eDY_WSe28H|O+stt~SFVS*?bZe7rd74<(;<)~ICD^L6??Tcg834|0ZqLeJsR0Bvz
zeIbvu#We5|!cCIGWAiIRO(4j$%dNk<BW&{P_wP3w6;lU_D<L{p!gT6Ni{`<yJD?8D
zr)}(*4coK%fTJmp&AI(zvabntw|s;ZdjdCyka}~+{1hzCAP;%k?laK>>QoL-#iQxY
z%+nPJIISQ>>oSduR{t+tTwLY%rR_!ct%=Ac8Jw`!sZQjid)mj=*FQH!XcU5Fm}7g_
z0o;!E_VzkDn+li@=i8ec0`msb!%GDPJpPW3i%G%3!9P}g-^aqIP43=u(C1iOKJ$UW
zLEG+e{5O)$!uL((bQ0c&KUhR6etnMCUjJP>?L*8-MWO}{_0}~SMpo~c0LK@4BeLOs
zOH-4@Ek0|;n=R`zzb_g^J>$8pIkQdHb9KRuAog0I(<MyvTx9c8sH@VUC-Znt1U|f;
z3}zZ+c6WCHCxYWU=YYnIhZ=x+OdV3k)PhffoxMI2t7x?UOo~J1VN0aq$xIC9t3De{
ze32r!WpRXq_nwUo@ef65p70K}3t+P!yxvw%AO6o~9mkWr@)XJ`_4xMUlXvRxxzifr
zx;cG)3RP_kjj)wGHlo98SN023@t>AdCZxSvpL7q!4r9j|uym*nNJ+|jWu%swaDO$@
z`i*;jG)NrDcrDB(K6z)ex1z6OGz=MOe2z8W8kOLTa9~yvABn>~-k<Kx!TnwD%Rq2+
z%n^pfp}PCUWBHYusMb}#E)iVgZ4vB_;@-CSO;uVkLoL)Y9>Y^HE;}N>ej7+>0ILwR
zH{#F(`|sCJ1p>5)CZnLJ)6+nqkEL=jPRg`Ky?@Cdy&q=07xY|QT#`#oDhuWTm-U}L
zE0qvd411v$C(43H+I-LEmM*?>8y``S{u5l$%wf;mlKXT`S3+z#Za$gP%p)TqJV0R;
zjKjZ3D?{F-D%0`JhCAP8UuvOrXmm(Qo#9I?u~tjJu6nFJVaP3QqOLU~s5Ps8VNoA8
zdrLYt#!(`ozsEQN|DCWhI?cszE{UOU(1-DZRkyYgAJLhGT*ODcWT=}iV$A2cZ0xIf
zmF&{r6U)6dIi=Y8CM<UQs?YJ-uH3{@p8on8>!We<FOMH-9)`!qpXjw9XxtsIfsG^I
zu;B!6XsNU&Gtt^=Ui~WFdTnhw*FtDX``2#$YQ4VVl;VT3_ag*$Caqb7Wd6RU4;&oc
z1TLNO%^rUjCDY%1YK~(~g=aH_*VSyO<g}BOlDbZr%X6!1TYh-E;W-u8<gZ^g;{EXQ
zNNcgYrjk50E>UG`v2^TY&z+VQ#JVGF=D+UVb?ie?yv4>R!8ZPNCd@TL(Tp7>N=8LA
zzb`cX>1sDm$`75A*Kz38X9bakoMBdT%l*$fT!N1J*>&6u_~W{{*Dk2(#s)$1dPrGm
zJng_fO>@Gb_rqu=4!y!e-I9B8?ISMy2o27#UJ0$mI$^T5Uh=kEva$LXnVE}Vas7)4
zJ=6w4mMYJrW2;y5PlR~l{-6&kUC}I~bAQ~GCH|tG|0TZ8FgpV_o5A~Zt*YE_Q@mp2
z!NaOi;;QSh`nD}0Uma5)FG5sw5S^NgHtw`n;0Wsmw_WN3X>oDApq)N-!fxr=7q!Y%
zj{3tSm<)ZZw|vIKK2xG(ifnQIa4DLCf}DJ!-hY2>`Q&i>>)J%UrN+dEL8*@QsiwqA
zob2htU9|k?rPHudPj+F5Kv{|F<>iEK)w!Ye>1bM~h4$G^-0Iu-N@}{=pCG@_USr;h
zm(7Ro0RIkySpoT4m$7Q=vFcg%k5M<6B4$ip8{WN4GgnYh5MpnFo3FP7e}Da&-kLE&
zHi5rcgmWYRnDgf{zc}lwRw^w=qMVHELVB_rZeMm%3Z_gDI`7*obrWgDpd*Qb(v3h^
zf+)n;c5Cq!fcHMxTFLp$ZJ|!jKbwBF_e<shkreH-8#ElNHiQfkX%!*uo+&OW4ka$?
zRHbK&4_R{XJaE)n7RBNA(H$R91QhZ>7W&|ooXdN~3`$R}FV>duD7hvf@%LT-(yPRZ
z?_d*1mi+3}b_vm7dlP`I#bEdZlRItaJfDCvK{h_O@z0z4tFoV-Z|Qw%-i*_@p&?36
zt2Nw*XIv2M#AsaLp_26TatsMapJceu*u(Ve?>gL9=X(*4p2NAk9WGFM;4Tg!*yCC=
zHZE?MDcLOA<h9S|C4nIHZdYBk+w}}>Bi4?>*PU})LnWrHbeIcsU#{ejt4L&7t5Xqt
zNw{sZ$*7_to046{r`08P_cQdS^RluAUVPVsw=xKa=WrZN*Tj3?=bkEfsKUzOfgQRE
zi?U-S$*dmc!vNT#XU_9!W6;3-(kqo`Iz-ftsq+h-GE>{~4t{<I?zBn*&pmAjP^&0~
z>`Oa=G=-N(3V2pPW}`sDoK=RULuRI0AW1V9%~YrvG2jg)N_3mw74wQxRs-Y21!;$)
z3X7C9yS~0daAoyGGgz5(Qh{EK813jFbaaChai$-@xjcRP+<o%dE*Tj=mliLxRYr~Q
zq)KmM%3M=ryGlyF{3={pvSI?P_*%fKR~FIWq|t>rRT3oOT}!d!4`A;S^_s?kQu!QS
z5lP8uXVgWM86WpY;}<HmUwqdvy53q7wC>9nIPsPWSXAWxhTNJ;(3>B0HA<ZQ8M%I+
z+zi(Y*6_aFoxr@WX}GeEXzC=yx}SP@#LC1DVO5%wlmF21UYO&aiNmf%<RxxRptSU7
zoF1w;UX0+-Mw#g6eW@sJkL!O|Y)Q;HN%jbHw4hkXk9_Vaf6!|_4AuC2vU@GOj<&J(
zWiBY~A4$iza?C|C;H`{H{g^ioC5vOI!I9d6a}*n9^I3rD>c-w9S|M)Ra0{+M6i&5i
znF)j)EJ|VK^c9W#O?6`<r}rl;rkj&R7G)QH+6U&{A006Z$uQi&VSMO)eeF}rfVDNw
z>vuWgGCyWbAAj`dz(fX1ZR9u~0rkJ2cF20tXF8RFGl?)G_(?dQIh`g!Oa@UREKlKi
z28Gk|(az_dEC<sW43MwI)1e>pLrvV{S8;45GwTC&m7K|h*N{=>W1koLVrWrS0SBYU
z2Imi*2%RoOrNqpsk_Y4GHr==zxJ{ac$r&wr?wNjo@)d@H_6Qj=ovyp=i0W`Lb#0{e
zTDdZ5Z|!fjRmIh!?8i@1ZJBW3^Y_!ep!P(;weBsY-%jgx&qMz(wue3MmiGmT1=%7i
zM><E3*;(<s|GY*&W-Zd{8<+$=I=`c}EYsuYL-p|~+e7=@sFjc@&&`~B5#VdLbf6(~
znC11?rnyBKg}l#md7p2wxHg>DeI<Q5xvSa9Cp~xb87aK4b_DC(suH&p+0ia;3b?dC
z^>NAgQS1kZ|Ll%jc?Lc=p=#kgy~}k0;cy~71HT$?wJ;u^+x2^CVC%25OL%`&KADmd
zaYR2dmlc%D?sl76@z2YrXsZaV?jFi-SWjbk4*}CVYu_ee>-ob1(htavz9Nj45Svao
z_?8DZ{4sv?DrfJ*f1ZYq+DLysLSu++U~rYBtH-zVizPvxzYVWQwN9y0XGoiy!ot+H
z1tC?>O|%{`qcd5|sqwT4=Fk~p|B`;9K!n}<Bzy)2XFpl2K)en|=*D<NuUqk*GdB(X
zGm$|Kiog%3Ay=e_V@3lx7m@4#?O9(bke;-z7@XE_23M+Q(0IUqd)f|kAUZfh8lTa3
zxmN^__C19<T9#ly{y%Tn!vwWu>8!-1I^pK>PxqOH+~g9VK$5NN{`;C=_ePqV;=Z4n
z67Q)sv#&x#RPb8p_dwIb6-#W{zy0jMy*PQx$9BMgneFQa1C7tOqDL==JYEo0ssGcZ
z%*f{BR@}ec{uc)ma*IMvN)uF^mB?<%lOGbY&u_b3-#2!7{$E4Lu7|mp(9H66oQ?ba
zRKDW0L9?QloF>Ne0w4CTvFq~>@V{ei>2^AfkLr15X{~F)5<`N~S|Aueklu2M9KCBc
zE#9<I{g2WE@yS>;&Si-}YhM&<QjV5%W)ID|RjGFOqj5i425<M`xeHka90zthr9C$i
zaQ$J-jcEt}U~IcZ07c8g_dPKmf)#Y9lw<^)oMNV72gFB2?{H}4sr58@z$WXdNc))4
zzv8Odt-*S;x-;KA<^nTzA_oL`E`6s*yo?Htrzq_W^~ccqoFx_$%dqWI^skoHAEouA
z6PV$fX$*Yx_nggq_lzkDIJTZ-%*^m|o8GzMoT<RSf8qc7^#9KX_}>@#e`<a%jLRZ>
zcn|?ff7TWB`z7Ai)c9IZ;iXlKtoVT{p=#Q>w#}hN3taJI!tGUNDe@)_sZY@~VqVHz
z)>R{7SDjPpN}NJO6Y+w78ac<#KACat*sT6KI|TdQm2p}tLvrbe50A5DIudsLN&CfT
zwPd|^zxnj_EB{>f6StvN3*u-dQce!${cs(E>WGbj8r&;7??}$1h>yZe0eR+H%D}}N
zMti%v=95E1kM)F;O+TPzBdoL0vMQ=YeG=r*)IKSQ<F@73**L${EOcia?|9IktVFWG
zBO?pa7*Mm7FkD?#z))SCC(-#U3+wEMu${G+$|_SZDV3g*pZ#=biTiLqbqw8sZgJmZ
zEvrLaWIqxpOII8&GnB=B$0Ya5R#M>JfTn-)gZoon+i$Ver>}oC&7N9e1t!+;N-N1u
z?~4%iY~^c;3LJD%1kY$vU3O){Ehs&Oy>r)sj$=`^>KWI-P$VWlgd~Dj7@9W1hehsx
zTJ)Kim~gn9@ZFE=B}$@eX<DjE6JHVH<5s4ce!`ZyK#hk0rDkOY{8RXtv+DG_4bNKc
zVzcDnKx<Ry<=JTZ>a5ZJ3GV?5|0zs^)HMr?D-UaZj$05q$g67=v*`|{!$(;T7TO$B
zbDA&G(XX%2RIXQ&rR_bE<LIR#%E`&;Q~VgoA-}PT-W*WKahlo__$uPsod0RoPxf2c
z@T#+>Ib6j2zi9f(zpA?DZA!WkIW!1@bc3{nNF&|djdX92Zjo+~?(S5&ySw862c+{n
z=l*`4-#@Tl?6qcQ&CC@@M5EfqN)*)h<P4~x0rp2<R2RGAJvwkUh(G0@y!|h)cDzN%
zh3EcnC+gS&6A9Ynv4nxEBP4&Aaq<J?&)f>Ib#XB6Y_sa98eAf$jTJ^O?&jTh{S?{4
zAK*6F_|Y+Obf0t*hN@T}{1<e;XV`dKsXhN9%9QMpwXl&aHXG{z_H0;Z=g>w&2}3v3
z@2q>WhaHt1+d{19i|rw_mXG7#^vP0Jt12Kzr^?O8H#@(qNS8(DpdJ3r2tXy*UFy4`
zWuTFmu=(;RkpIB3a3eatkQWoJIbad?CkLtVpJ4N*%F49~#Twwaq<P$S%OHwMq{MS3
z`<Y8#hltH&gSdFsV}iedO<TUGK0%T-Eb*64?NHxFC#L<XBJ}abt_zxSy4gj(c~umY
zTNFWMs_PNGklDOO_=(^|4fg(w{QWF~{F!{{6$b3@hv8%V9~4GmD7$QVIvHC0r6#}6
zM;T?0Xw)E5QW{JN*+P66AczX}=;S0F8!!gFFU)*x)hJhHem8u0brTU00aP!7DO+HR
z_A9pQFsH$<$*)&sN$ZYh=M%?G=JH|lL_ZSoCozaA7~YNUKju^eUh6NL{6&8tq(saZ
z=nsOUL6giV;q>@s0(E_YJE_(&QyyqRaIkLR2L(De13O2!H7`dzmF>Zhmcm{Iud_Ro
z{Utx9LiE4BszI-#G?bE0A8^HOie4!5bfIBq&50v}&ZLg)ry}~ZU2lW8&BxIFODC}3
z>AT|DzFye0EmY6}>l?92^6xFwONuEeL+`7ibSpV)9VvbI986~Y?ymOY&MkbQTdufs
zJmU)515e$041Tg%ivLB*W-%N{u6WiD;x*|b;=JK?_+o5pTMnCzy^oisD$K<8Ns<kT
zA?4#_XYa`t_PG#>(<(xnZ8}cl%c<QKlP%<&k5J}T$OoF6Q(9dP>&%AnS5{U~f51`q
zxf-o?1EK^31T_234<~#b+gNcOxTMg2k1=b*wt}mTgvIL$*+P@AoiM@azu#0o&g~6Z
zU5=JlwL{qA`UNKM2SO-Wh3hY00(D_*nBr1Fx!-Jx3gycEV#p$A7ASs~{mcs0Mqduz
z9`yOhkN^zadD|!y=G8qLGm7p+P3#8be{L9;bTVW6^bQIhYs`M-R6y}O9Pb@m1Bee&
zuRF_|HdVauwd{7EFrNgd`!ov^FH5_ZTgjNJV7O63Zw7^{L({@vsh6KDgaVV~jh1-R
ztrb!JOx<0Qqcm#_ma3H`MYhb7I8+W?Ojs_tZUQeAhV97_fAWs0mfqI;3u}0=J!O|6
z|Mvi+_k?@<+56$&{-FVkkZlMPBr!Mi@ezcf@wJje67dygk06l4yf6wAC)dn_hbWmQ
zw|E<fIF~#erUDH)S4k_pn<$AqLt%kXN6yTVKi!kZuc@ty`Uw-*7w@~`imW}e2e}Xd
zL`=xKE?bf;@R9;Nq!<dPlfH^lYJ2P4Wv+EHB~K315iCSCAu_6`_&w268q}5S62fBJ
zuqM8-_;r;SCk44F6YHmg%+E~A?EyWq?b)o%$uH!Z&Qi0jV@k~LZF!BY=){f)MgnT4
z2^4elsHeWDeQ<jwA-KVFC*-a7d$tDXZ1Y|Fe2&JM^9-&YZg&k2r`NlYsA(^7RvlUW
zZ$qA$9XU^x;P~Xp=QJ3<Y%;Otg6CAN(l^7>!cB{3`_i44j=3$~M<mIbEb)5Nz{xVe
zqNUqluyX!;xw=h1LZeB9P2T4ZhCQVk!#FtgXVZgA&s!36OoRwj4o6><My`OavjyG~
z)hJjRaE6gMv8)6h_7bY^GrAu#CRy}aYFhKlqiz=#j>X7fv-b-9_T=fZucLnn&Dstr
zZ$n@|nv}1!4W0*bu}i^dDuL;!AErTa_<S{4+}<vD!bOkd6B-Iystqy`ftEIRznt-r
z#l&=h37A+<PR3r1_W$vt0js>(i!OSLroO*Fx2hDXl;X+C6sjOnrA6nXiE$FsC&^FE
zWcJsM9lrSM@fkt7B3LjUS0>mO*ZkEo<R%{{%2m%Vx^DLWWL?2KyX>Zt<15`??`t@n
zb%^eEG|3Htw1tkhLs+|_e^3q$03S?FzQyB{bX$w}_Vn=XNHY+Z0oV2Zd&Z%Wh+{H$
z9HRBnjv~+M{w=SuM@F;PllD(euV-JMs9t{>>$c%S847)O=itdl_qDD^n5=Ya;AkvN
z51sq!v@7I8wNwe*1wzu~O+NfOYH~}3JKCBrW(@dn(*J(mB>rC?ZIW-cPOE&So`o+&
zgje*QiXcb=DWK5S0a)X%y04bCt`z9}uT7v=f!+C0nEa8US1%TyZ(egV-}?Nzg037!
zvN>$>bhgr1vDp<>^oD6@Lewe!)A-cXwH0hxr;tC)Tk=RvIEk`+1SOLG8-!r&Z$zK3
zn^UyB(6aYSZpw|k)Ee{P>U5(a;_u$x;^tNMUB|J<@|GYV+VmV<HF4@kUwIypaZs-W
z#z&$K>NSmyQBYx4_s_pEn~~Ac%{V%-`m)$~=<5rTy}gdB24`$~Z%m^HvOzcb21he;
zJd1=H%2oN06#U-NikrAcF0wu{RULV;pwWC0E>Xrgq554@%!3{E`LP}wJund;K4w*l
zHc=V(Eh>zQN>@Y=s=~h5+d`x=R(9YKMDh4Ox(>-k4}{j9^*-dU?D=I7KfP1wGCna<
zbZg)`tf-f6Xf~z8*IH(-Eh5w4jmlDlor2c!TZ{LBY4X2ydDD%@xZ(L21G2f);hB}$
zl1d1p66vqhFy53E;ul7sW!fa!l#VTYr8IZ;48{f6-Nq-i4nm*?tgk9rCjTXN0%|z)
z+|u^;r<wmiN6#vThK5xh)9-b-h+XvuuY}G!t`tW!V%O@pj24X0XpD{f#y)O6zz5@_
z9igW0zB6CUKS8llbwSWU7XQ2z(o(nr?`UGRE-{DF<kU~7`E%H;rw&xLxcoRo^Ol}Y
z1aP|==Ywh_^#EO6`Db$p-p!fL&W>00>aPWfr<7#olRdaylp$2J6Ei}0``qLFL29F%
z!BaAgtcbZnO>Y<wVcmY}8uSwZBF+|n$dL;N=E3-xnWE<E6^UM*-{8<B5t~i-ik^$l
zjmLUx@ynC8Zq!Rg@=;N4=_C>iP3=w%0QDy?%oA0=_Xwwh0|^#>N*AOO7YaA#AP~z_
z(yHb+f1$yR93W$Co5E9}Lc>Gd@y1teUSj|EF@OJs*+C$}rhgma0G%CBF6soH#zW#L
zVi4~MLj5uV?ofaCa;&b(&CYz#ilDV%j7S?cDx6im&$y{ilQpK@NsT~iBY*Q52u9{+
z45*6IEZ<%@nUjlw(_&N|KP*j_Rg3z<7=kcw65-t_3kw^oI|nJ0TYRac&tC~vWHwzH
zb?2?6VDE4K4MZc7PftY|4v%-R#jUx4oF>s#d%FxBesoOCWfsI2rQ1s+;-TD<(Vqj6
zi6HFr&Z3^UDDAZbYQDc|Xwfu~-o&sdJQ52S6;4e}@6d%>Z!PMr&5V%^CkQTbG@bji
zc0N15W7QV#cU$KFBn>4{`c^)_;R$1X`Caj?FXi~27q}f}HX6CT_umr%{PKAe{|`$L
zyIc1ic2i;w)|<NIjtnlL(`&7mvT?g}x5~qiLLIW=^i3rY60kJ<4nIu;zt!Pa+JjZA
zOB!h9Z<oTRiR<EIewiBQ#K=BI?U^OS@yH9_=W)<cyP@VKzk9S`+R}e_hf>MG>l8g8
zIRsfpekMVG?1p|_o^?TXnT;A=wZ0@oz2K)jw3x$kMC}86qOsb8EjOBy`YTdyz9||h
zRv_sd=^dK<I6!O4Q|sbP6I3Y7Y%h@Z=MrxN+S#no*<TKObUwa9oG<(b8VuRCx*G=q
z?aVnFm<>bm;!OK?wT|WABFtJ>$Rjf){E;rM<+P5L#HWex2_Kwh=0XohM|P%zdyI|J
zEr$i5(+J_o{y*27Y7N$}@HJ{h29+w+YEEP+@qzyTfP7PFD$|U70=MeJr@Y-V)tLV(
zQ3vv8QmvOFzRu$WO+&vMrn<_?vEx%(;wb9iEwC+R4^7aJJKs!T=zON+ERsX1;?ezV
zo+EGXl$Fxp#|5DgH^`JnZlDDSBttsR>qO5O?C|z2Q+|8eT4Owufjf!z>cBL&drWi<
z<k$`PFj$)NFKyD-;_zyHsv0ob9%S|Juk&bbDvG^N6|WsTsBCxAkCT5Qd6)BKP<IP*
zaHE$Hq%`-u!$vplMS6`tbc!wJYH+`sX*`loZ=3kN)lm16xB4-*qPI>yneB`wLq-_v
zLr%)}B!+9S?lK$)d9`;xY29o;a2(9mdinwoBb&9momNQ6)g^Qb9|v*wuat%oiqi&S
z)^caqXz{bdy~nHLu%w770~zlMSUVRzhV=~4S#l%(^cX-ZTm&&9gt8B>jGv}1eJ;(m
z{4#nh)Nq#Kd;B^{#a+qV>$HEXEBn$t&ih(#eRnKgL8L<W#z^a3T9-(L8oICrEQ<o5
z;kU5hjF&aG;7lD(%ZZUB6Q=kY*FVjI;VOIrTb3Z?20=c}$(m={yoIyv|M)yVYR;%C
zx@e;|O1S1tzUT(pn2p>06#Q9<@il*v=pT@)$OEfmBbR-t5yq~t9iRTyiDvhsuV7k1
zY2h2W#fW~B|9F#mYh7<mUrnAPfD*RM`OI7$Hz#@~t`xaXn4?oAy2v+eN{t8PrRQ%#
zNOb=GwUON+vb`rH@|i}TDeA|8v;>t`wV^Y;%jZeSUlL?HJ72oZ>3K70Nz?tW>j7i2
z;@rzpRdpvkj+i{dY_w@TU|`2(b9Ajsy`?{F`SRWm({4FHH;(Z~sCB$81bCk|Zro2`
zl^zOdn;ZEs^6<T^9|2L9m%YXuk!Agk9k_Xu>3`f#ywn&-jsyH~BW<d;8}?n%iStd0
zUr0`@y-J%_@&Ow_!&?t-H?4HyHP4?t9U%IKuk^&oef1<7j4Pcfw+3N_gTz%>QhqPo
zQ&aiY9zWizB+ORh@uoXl0(UnFG39#`4#;#!C>Sj4;l~`Z2JyITZ8qW22RIep9|V56
z5VPW3$oq2<v2;hD(df2#jIJ}}9Yf*uZdb`#nu`1)*yU{kiogXcE9`%9x7&`|LY>Hh
zt>4=USdq-I4=sX)8m(yxsrsUqQD?=uu!1Rsk*O_il(A5Kb8<O80P<UH*SyVBN%A|I
zjGpr(Vx5XdZNXJh*M5I{z9PfJ=H{<MA2~6XHA}l6$(M^X{hHXlng!PXd#eoUzG27E
zd;X6&DhE?juo`V@p3Rh<o>?2y_gL@0{Smv`#*A*2#UBjkSP^VkB7BH0FOi?muaKvc
zujYTA%s$S^-c|>II50du#u=6<g8>p3Gn#7H?LZ4Q;zm6(Y!3X_x0K_5Tc6{%aBSS+
zR?XK9%`XNnM@BWWd<w)U`&B}U7ab+|R4Y2}6B-HzLF-p=8I-SY8l7EhW0Uz^j<wr<
z*~wuv&agXFN>;wre-XD5h>$0Be;;LG0rIsFd}?wWs06;O-+L!l7#;IF=6-`1_fA3s
zr>bi$=65VBkrv3~rl)66h&oQPGk^qg?+J3v7pv3b#%fNJA8SHb3`R0n!yWF&hTB5|
ztRf;Jx!(=0zPNs9yDXdxGVM0%S#?`ljDAG233jGCR=R-_<bA%w`sE#2khZt4pJId>
zw0$B%K@7AJ$w=!dsoXKaLby++(sDM#;O}bJjYVkW({{5J`m1Qsiw%~42_LpmJ4c%)
z7iP2;=6ch#DX$b~1k7(~a2JzQfD+b0<=MQkP|y>ZjZ<gmn$lK$2}tCoW5SsV9M!1W
z`TKBHstKN*@Aj@#?9}LWBPUzzzY;1d<V;eD0C0!;D<Y=TS6_ps(B>Gv{#Q~dj$+J*
zTMx6JlKHwWV=O_npjNwNHKB>e8?cwzA#MLDzL02N$}jee9t;Va{10pCVTWO1%z@Up
zboM`5BBC?;5_r`W@{2GKMtc(Qn@=ciTOFv-2zUeYl-U-XWZk5jl*<ztuta)0T3t8*
z%%C=V)tuB%XTLGno}XXtHre7D0?Q9PiE<j+4*e7qhI_I9!fFL9@Mx}Si}fEI&2}ei
zeAd_PJhu+-tK^Crv*y{lgKsw!r96cHRu!L{n{3iaA>VTH3n@0T4;^*M{F4w&U22Z4
zeZ?|MpJf(&QVDiY0g)Dc;{AKy6>|-+rb{fAHFGrV(!(AMGaD<x#$+OiB%u?1p630Q
z8y*MH&V55Zk!pDA6rqRg`TV%o)7d;jqDwj~8aio^_C%TsS`l9H(SGS0p3I)@=LNa6
z9D`t1SNU-yL-u3&tsNC?*-v>vq-`yEQLy*8p?8b(fk*XsK)8YcNo16>{1}j#lvu>9
zbLWx~9&Z}PnhRnqvf$7<AH*U{H?=RQr1M{gvWw47+K6mE|LuFJ^6f%7b1S-$&>wjh
zQxaF2CHosAkQ%A2=u1>;+nZAmC3JrGlx5F)!c4k<mv;9%eyx^iL_+wW#R~<E!)l*>
zMld;zgKi%Q%@*ZmZ5Eei^&jA4(#6S5iNKN9eRdS&N%^W4Mm-E?B_|4<d#398&7l5Z
zUU{1<u>Ze+mxHrIVD*HdYws2oZf~`Imqw)Gf<phm_(_PNznH!wUP$0(Y1;(7$&5hf
z{%|?MYOvmWC*dnf8=W?EKx@3#hav7eIOyT)O8qg3oY5@@4%Ji{_<W7)S@?K;<@edu
ztVBtp1d<`iTYPasVKD!ts67?5B;~^^HN(wOPh6Iyv%rwzE_%Neq(q+gNZ({f`Z~gI
z$#NvDcb}kA=dg=SHfVYCfs%%FQwkc|Xy<he4|h;4lC*D`)%#j$yL>Yj6dl(xojLGc
zp|Q+#8BIs9EtRYq*!H4JhAmg0qHz>Cr=d(b?Sk4){~n^xz{M)5X1<Vj-b6g{Sw7@J
ztAK2m*6;fK{qX!CED5=om?YU8-@9X+wSU#5IWCsGonu|~ydCw6(HJ}S2>Pi@-oHMu
z&{Mz3wLbd06}|Sr?3hhFL=Z}?i_ABZqAi`VE;G+&YW*%5sF~vUET#Gvc0ULfF2$=k
zEOW!+!q|l6t(938wHDg&6(na%_e@xj{D-(g6p)bAIyrlj{Agpi4{!AQZnrBj-yx?5
z+z{NgPlDV27;>DIb2C&gMm(}D)q+B;jo@G-0h^c{9_lHiXp0%&{o1d`*0%H%ad=Vv
zHS!p%bu~r6yV*<wn1C)P3v>BpyRi|kLoa*5i2ySvONS2O<o8QGlub7@AvPOcY=j?F
znb?8Kfy$Y$!C+s#Ea(4vrQJZ}>k5O;$2u52fX%Ys1Y|7Dn6v|<)0hsO7Vdl*kN3Cz
zbs`yZA{}_574ff2X6*o}3U~Tt9PL@}$B9{pEEGW6*UwM9Q~XBCdI8N5Nx?B_if+!F
zmh+kf6$<aFg+{d$#cn3$vwm=6>v0_YM$Dj0KBmgD@bNBg*K%hrD4=b3n}=m*m_CR0
zT~s`_gpT)t(dw;WY{Pe3$f~yuWbNQ8))o5tM|otQF>0bUFnR40!4q%oey!C>QwV*I
zm?mI|1BSeCKDnP4tH}J6raMaO{w2$AgWh-wTGo5I1}Dk=dLy@Bl+F>^4_eK+=Xv7W
z>}4P_6cftI%gizA_4AniMQS?D&-aa0b6ND0cVAY5;-HfrR4Jh9u<EtbL(yw7)CI0W
zp4&jeXvVBLfqV8oPidKjAVFrKAzMIrJqn<__XST^UyTaiUG;74+EJ{3KKd(d9z1>W
zk*7Hn)lEewStCD)wLa`!epYa@6qQq<oUp4jh~YN*>EWQd>j$OhY&D>>=+&^|@{!+*
z_E+AB0kZ5QyWa9BKgL8{U3^jZ-2+8Ua?wi=d};s#Qc<31Fts<x2noLJFwch~9Sr>D
z$DSicn5DJQ?la-#SRLSHF>!wjXFvLvSHaHZ#4;+?+C-Nw*;uk$clydCSwSGJV5i0E
z^Hz)W;umj<dl4it(+C(-UtCgQyhm%?x~;ZxpXVeoAC@l2*x;Rp!3KA2Fm72Wd0ak5
z;Gvh@N<)P4awz!mJ~<F9SLQ?S1n5&P-jpgOmO>_Xn~P8no3>=dybe)s@(^xJ2p4aT
z#|Bzl6>y5GF5}y?EfigTq_BW<#}`WDl1k1=@<g<$PaQ(NSmp+0=f0w&RONr`RqFq)
zPf5SgA5LoO>6w~ZG(A5prmDM|{vTJU9H;qvzG<PTK702~&3+>l>M|EQAX#<AeQ;ag
z#N?v|?U{@>mWD(oSRLC~^sYE6S3jg`AW$P+y<;tarUlaYr>e-_o|5D`4!_5gppTd5
zY63)8DPOSZ4L$jb$W05N#O|Uus<4j@xn&Pz2U7po8p^j~9z7}-+~}Wdq`_ESTnBlp
zkB0}wBL#|0*wJAcwQvGM8~-SzMkO*g-L_JrAR;%SLdu?r)P9s1=-{-Jligocn*aVC
zL=7#{FRO11H|<#P%8QJ*UD7Y7Z;pNQ`q_ik^6`#wW92EXqw8uMHrV|w$d?imQv8rZ
z-{saLFahx*BrKNduVz=KG&MBGd189e>)1i}PCuaT-J0v?D<lGh7kT}A8`>M$eOu8$
z2=WqxNYU(ls2{vRxhU{$5G53`b+_psxT|&SZse-7?A&<j7$M=0pSc-BNOI9|W1f({
zRcSa05!o}^oggP$Q~jvHdtLkZ%!81NiD0&rip+q?K?45`?uN=Y?*G>iL_{sOv&KdD
z<2LLrrL`ttxx<SK(HXmn=ti3_UBy%4L85Byk0e?-Ps~uCQ#J+M;(kGwh7K3U<JVE&
zYo&<+PFK2e*5VtUgb3Y^{iO2LkMj>xe3Yg#O0j_vB$IG~rMrq6+qrI@FZrOT!!5a<
zJG^5N_tT|6Ki*(Sukbc{U4d2_!IOdAqMo}ZO<w8%E0O4FC=OQK_LB&Ph9UMgoM4V`
zw0EmyRcC@1Q*!P3p<$t(Vy?A-pPaXh<%}AWx}Jvxl^iHk+RMn(<pkS(%w+tyoOnZ2
z+<zv|0O!aMN}$ns`aZkk&cR*i0d#gnRA+RvFZ6w~nwW$l-$(Juc+--XU@@xyF(a^A
zcr_NNINfx^3ZNjG?m^6tfJJ?{%*09O&*>9T@!o{FVwvS5fA`822nQ3&rcoY9bJ9@+
zVbh*<Mu)S%bZ<InuKDBj%j9Q{cATMD%kCJ@<EP3SW;kbeu7r8CksD6(@iQTjXWXbe
z=KTgQON6PUbK~z8Jhpd0T%D##18<*^R{*dvhFX4*`FCSjIKUIp3G6~vp?Qp8U$$G8
z2R<?e@jURp@(?J9(U3ryaPuUQM09AThS@V2;}mh=;_K75%xQ)+ZFpYK%gU#bo==a9
zmls3>ioS>`OQV9_#0SM5MK~|eUaY85@nSCMd!5=4J_h&^9`3CQtc=}Z$9bR3<pZ#8
zf2aLnVHN3OVL)@L+kb1|&U^C8tNM)wBJ?_tbW`x*w;Egui>~_#>;&cWtZ|W+n#N%)
zAJFZrXSNb<^CcszV&0F#2NY&87n0&{#gB6oX1d5qi=KD3iu?AO*^;^g12&jWR<c^p
z(_T^1+*Mu1M<kv03{}7l$;MSWpjvuHQrP52>m5TSWF|b}1fM3i<0V2^p9G`y=7R;$
zdUNwTv*ZQ*rvH%M=J6E?W~Ad^#m;p*IC)0H<~l<>Vue2~Ax$x;3Z@UshxKRMf*%PL
z3f>}#4aJTNUg{AQm_3{nGHVItRGnj|>pCwrebN2OBz)DT-QkNTm(2DX(5X@xNm*L#
z?#6q|6N*CjeZ=P|wL84$Zt3Q_dYI=6fdUS89Qk*YLKWWHRIicxv%XQ@%@r`AlptI~
z0WB)6KWHnMbw79L{4e&-`(gepB6+^?g-(IZrE9~v1VZ+$kqKMvb>Dy2FJhpY?`GuV
z-b@@UiZP5l%7s<xr7EVs0bVg&<k`5%{)}(}OAm7*i<PZG-R`*E`C^D@Js5$G$qQ3B
zl;}Qs0fo36+hyXf6&+>X@uJY;9~;s~9;sbJmQdVjdyq*ezWxsi+3TLKcYfTHQSTPN
z+>5zl?NXte8{=Xvpppjh7KjpTiEj>i2%|~}jF_jppYAF6VR(W+04ZB@V5Asy!=tt>
zpDmwRg`W4Q)Tp?|;XgTbj0AiI#Ei7kJ(C2?VGE&WgWzt9EuWslKtPcezdZZ!3Ujnh
z1ZS<ldgX<0(|fgyX!phTzx5@0Z}^WiR-{6eh!?MvNT%OEQ^I$n3G*k;>w9yoaY1yA
zfz+Ae#FkD7%fCzkn~#>dtixaZYXSi;BYH!B=Kwa5j;P7?_86F|B(lg&mLW$s7iowX
zR_3%!W;|L)q})$g3KF=lbeEX*c-V-H?nJ%4y?wjiS5z2Q1O+wM{h!WSgPP8MH!WOm
zmz&R%%-dvbgxFG%S#CDP1dDz4fgsrQcfK7c58fWT@nKm7-d`X#Ijl|Gjti!NGLVpJ
zQ)7&e`gVA$b~#%-!dXb0YVBv;nO7xeEev|^upaqD#5PY7aK+hMY)KW(17Ke+(EzKJ
zh2^MxMGdqkUbb9~2+0Ch_f^AO#f&Ajiw_pVGh~A4mN;9pX|*4nxhgBVeGf#C|LVWJ
zc`tk*#Cit!-^kC;dpwLG<`~(2=TeG+rt@|NwaBa7l&b|Xy4jpoo$hhr_>wJp6y<oh
zLq><RSx%kZYpSl1aL!wR$FA1ahXON#ew#oO;kd(x=*6#Tn{Di69U*_xVbx`KvMH+#
zbCM%%9;)<%S}dh*8k0<l@J~-%vJ~puE+tSf(kzhF_VM}6>zE#}U7@?^Hr!`|^mMCy
zMrrgsTzr4iWIsm^TWM_4zm!07u7yw$xEb<a0hPZMaMHVV-l|Yc2G3X0IcrrI0xB2>
zNH+#S-{@I`kS(*kkb#R6%_5S!53v_yPY1e=vku-+pO({^C>c6}VB?k%_GrkuFWCMJ
z7!-p04_p1F2Lpjy!4xJu743ET(H9M?_<T39JS>=#Exw01y|4VspQ$wFol{DBJKy=v
zOF}t*KVv2re7Y=-gzVtqwIU?_tZ_Zh0r4t+A9&oG{tWN&l^)zcb4r~zu6miiAw3Nj
zLOFHGrdC$ro<fSM0t#}r<rbiUV-$N}b@*%gJ%0`xo}62}eN(*g&{2;AReH4}r0B_M
z9g%G@S(g6$i6YI=!yY{b<~gYebVF>UkQ1@}j)Rk1wpA@VTVmqQ7k?P>O1{&9v-Xam
z&OQq%d$8{nzHXeiR*fj(VFu6Rm!u7)x9MYe0`kHDG8+=^yI|>ppK8yX_z~8?3Z^>B
zakQIK+{Byv;d9EJKAXhn_e4#UOKcbQIKGiSgZ|MOCCZ6j=r;(O&0Wdmx(1VawjzzW
zKTPLaJx=L;Z(o(jFV>h2J3|H3Pa@DgAgO5^N>rcPci(rgo6V$|IeG<@>E=;rXfL~Q
zQekcF(b(_av9#-AnA@~H5Cv`ksJ`By-zf0!QKw$uXizzPDTOcc(T#AadP@L<Pqq>1
z4mi)cAf&kyo`Zr}&t94#n<Ry{fo4i?T)A1a-V%h5oh6$&*NDNCoxH~3R%`g7)3r`L
zHwk|*_88qxU^qekS~TjaOFt;1{$lI(PE<z}YsZ$$gRlP<>`pwf8Lb23%^U9iG}jRW
z_9z#q7xlU#|7stKGks?S4WTPwI+aq|E(lwAzX|211DOBFOyMOv=A|DcHBx?l{#!D{
z%`3FR9yW~&TQ}dy9BppIO^olONr<oK2N<)4o=th*A0id2gey}t*&usm3EnLSa})+H
z|HxSN76Pjj#@j~6Y(D|44z=PSC5jf2$-$hDTebpShpK41@`{Qufy{`(-3GJzK9gD=
z6#LZ~wHc99DIz&S9dE@jrysJ^O8laMgi5)j6!UdoK@>}Nneqdr8rWHpO0#YaG~67E
zHa8Loxe(jv(+x>WL$wIf)kU0bBo^UfRYvt#GPwM>>+m4jXIa2YTTRjaZ7v)`?hzq;
z%v9LM+>hgfrRjgDPnqy~<ArIw$voAWU66QvoPYV-?HA72DmbnFf3SS7_kf)l{^}j9
zPRAVrCTK|Wm>+%M!L~WMKligR#m3Fn^_6CGmVCmp)OuNc=|66o{_W$ZgZ+2$R9NEq
zdwUFRUm_=Hvz7sV)ePr8`#Iwqwfk8-<!(`i=|V{i32p|C_#;k9jG!Y&v9}0caB-21
z^OyO;(*sD=#TMOCnct;-eETs`R{kA2CMFISeS9A&W%19^%aE^>)TBz1lNb_z+2JM;
zMbWeBI36{JE&@(+c-;h<;F5)aDgifGEy-L`DV;-s*Qf;a@L*Oa&-w`o52WWWn})vF
zo?JCf%XNiB8?f|{f{629mRQX39vOydr&PnUF1Wo|Hv8_G+P1eJ>bbv;8ft`h9qwm1
zcHK0YKE4>i4AD}JLHPF~$;Ryb{4&$iq=C3j`g>xFbwn~jH9NQzWRaMN52W31B1C<*
zzWU>{0ISYN0SVsZEXnV$eHlTCvL8%pLFq;DGIX`f<&Z5nP*mDiOv|&@67@!IyqoUP
zrY2R;N-Tu(k!-Z-BO%jQ&$}=pEM$J}fCbxMT0$qJ+GKG>0mJ)sr^F?qiztn6Kb`u9
z1*#s0ivYyxaHJpTWw@;nCv&;@$?KLl+G2d!0kL-BFrHdf4sO%OE=R`~$Bqg)*wpd&
zQ>EU5n^j7qoS<QU0oO3mqi9SD*8Rl6D!<Qb>$EN|vfK`n*T8x#x9urtRnfK#E1=2_
z=Rqg1A&ttMFTPson`>l4p<t0g8$=ty=+1RNt`wd!<_{$TH|=kZn@Fny3wUXT_kWFw
z0O!S)wG5<xN%&a`3eVdN#dRH(F~L>4Lq8P=2(Cl$r|0?xbG(13y$@ViTCU@0kwC&f
ze&Pyb%R~dX5g>CusrvBDPhxsm0x)c-qFwARGm-ezs^Hy*r_ifo&TH|c{`<m?8Foz8
z)+6zQyKyiC0)e_V>gZa72GY$qy{2=3j^nrv$l8N&yB7292mA;R4C)Pok8d|J#x1(F
zKEC~>ub-8I2>m|B7yuJ{F|o-FPW<KEDnFm3y!jC=?@;M3A>F`C`dc;mKM&$4rIhk)
zkLLukdx5Gbh#*qTH-Re;98p&^U&=+CQZHo}JLY#8I@k`Pj<arOHQ)+CieWosAV8Lb
z#5cjlCXc%-g<Xgn&PF`nzyll0Kuj7$;qL?HLD8SZApn_r-XNq`?W&C`hj3)%oeLfI
z<Q>rXhXzvSE8k%3R}|vukWCgcYzXN`tZJ@|)`$)*T(Vs2TooA>pQtVCYy_Lm$-E)1
zI`29UcRV;b2TO-&3-ubic+r>x#X^3DO1>04%~I-fOG%p|_3#lE9qd%7AJBw*wd@ni
z4FB+&s^Scb$ic}U*Z<8CQHPgQynEp)Dhm_~m~NSWvHFIr!iyY$bl)}Unb!kW6wFe}
zcH`AdWO5bhjP2Wvi+`A}=Jzm597|@IQ<Y&9n?g-PVCa>Ci++5H7zp?Y1odvJ-8j1A
zW{OxN&3r3X{BHrTi;E=1nDm!>yc&c0#J;i;z^F01{B1Ozt`6kL6hmYSRXUaJ$HL=c
z;w*jI+SxvV$7bo_<!3w2VM#s8k~6Kkv8ibe4*&ArYp?+!Rk1ka(5s#g9fzC&NgS1S
z8-CUd4pslF_c=9?@)c;QShj<{<`<`~CLcs{5h<ofVS8q=r&~zqAdg{xQH6ZvqrT=a
z`Tmz(a?#Chm5w5gQcrtWWHh!nHskZ>O10=R-`Y=wdGFKgLbaZIE@?~cB4a0bEdWKh
zOHY_*;Xr2ggv0{O%Szf@C2Z~R)0;JKyxF?%;OQP5K?i)KNiQI6i3SHLJ`c~l^P|&{
z_Ph+kZzD=BOOb3eOERUq?|#jA#Ux3}&EjL>+cGH{0^!89G*vUab}N6eANN^pypw$G
ze<hN;smj|hFghfqYkq+2SqjsKGVELzJT7sxCOx!@oQRRD=3uXv(x80C6QzB&Mo<{B
zn&^_c&v+b+M(qXCcIgs>jiqssj_?OYKWyAaYC0(w%HHIKIWZDGv%}_(0ewUWltXjm
zulp;D7q2<5NTL@U;Z;cQd#xHE@OjmEoW*5vs-m{j)WZ7k*XAXqs>QJNUxWf`U=`TE
zRc!+a7p563x%qOb&}0u>c0B>dN&qFA7;DBjI<^1pJy7lclG7s?f;%4dj@1fJ{Pg9K
z59&j9RBQi~ijBkp$E}djwO~z`AU0Z%&sKf#>5~A8Ys4&fgC1F#Kprm`Tj8s%V!)?=
zBj@^}Jt>gQftzXp>jQ~7?&#ABh+psL(dA&BcV#z-&}<ppHiip79bF0eS=dQ3kBTq4
zd09;#0Yk1V=q|=Io@fd*7bkr?_FM|hF(WZm)-lSRC=Qv{Y14km{eSe~70NF+?3f;<
ziztoo?y<$KW)Y=|Hbx!&s7`d=-WI7C=0A9N$KwWb!K<Qw4EZ8&y!$wD{q*y*ik!2-
zt+-kIaW`ee@$#G>4$KX}&Gzw9y;*#k<vm<)Do|Py%2^<|JbJ#vWhIV_esPJq=MuVk
z9HpUj<)E1Te_#TX&wpI+XA30d*C)_*xzl~W<U5BY?lGCOYBxp8UA-yOZK4tueH=nU
z5z>^75akcNJTiTLVPf4opoFFtxuO%x7DSi%!*=8vTY@c<IiHS%LsYUp!BVC_pi~x+
zIATuJQ^!JX<m>yJF4zh9zKK}>TFX{w=PP#ZYoRF;$=wE1n~H(I&t@almKRNiY^I*b
z9X^V5fnh-B%P3?AswwV-sq)^_SI6{FI(hMCgnq;)SRxb6Z7o0XT=QHMaPZuhEsLFe
zf<j(0=NBg^4QpIAE*T4WwS@roBUoX~4128T3QLZl!~A>sK3F8_;5|&dHkc~9Oc=#u
zrrgT_mv3A`R7rnP>@lE6krw_!pGbj^n6!MWHAI4<yBUB|kN1?S;oJN3wdWj*nvtj3
zr5_xSwR@0z?*CL<p_^U{hWH%C9DDrqzs}CqKa=*bYC8^_LZ#<2W(6L7sS|&xbV|zA
z5eCGXp#(y9ZAE<0eTod}Q>;uJ&DjuNd{V)ayJ@xL%vQqBEzvB!84UC2u6?W4GrCra
zV-4T#h@SHA@Wg$b+W<<!;=fhHS>X*zD~bftl%m(AEwk-aPJQ;lf8qUJNw$@8c*Y}n
z%TGcRsU+XRS*pVYQ2|>@hhu-VpQ5zY1p<+7QQ%?skoEVWTn{-#k?kGD!u4&P8&u@)
zHwvdhoN3QBwTq}SU>Z{Y+AXR|ywLdb^Z!m!(JZ}4xm4|XdU{&XNMFh0ZUd%6!MY~;
zspS!t5e30Nt_*LN7VK9o-bb6a!dhkBr;Sb@C}wUaEVb6zE&qCkJ%TOXqK7bl=1gOz
zn6(FylP66N4gA!p423*>W7$<NyN7Lt=ljdmER$7;yEUjw9#CF8Rr;&du#XTxvL&&H
z5BW+jKf%z+NoyO&g9Xv<tpGkM39l{ioE}1Ttma3`>qj1h;#f__9rdzcha^v-*u**x
zPOdS^2EhK!;3ZD`G{-9KMgB$lkmPvhyb64;B5oY{$`?7=8vCajF%`1BDNw!rkBcd}
z4w!pz8(yym`Iy!mGwHp$Nz;SgQ<?7`daiPuh#bc()R8ftdnGU|Drh#&aIGPcJ@_+*
zm(8hWec5k;MP`4N53+V8m51b;P{FeEy!@PU2O!A<dYUC<;F-B!JFho=bApKctAZ53
z?`@b0>Hl@GKMQOcE`>#fSsY0t1!BgleDk4z|JGAt6)gIa8<|VDKSn54L}%o1-J9{K
zFDp}dUQ?GJwAOTnDoR4m{P$-MHw@F$*FN%PLw)SZ45WDXfflpGZhhp9i_b?5+i6i=
zS^$+;@$M=^_+ocUj1t8jkwf2QzVyF-wr^o(jV##sBYMbABV4&=<-L@qC4CimfJdSI
zFgecm)VKE@IPLW6Ak%~)kA;hqH(+AwwkhVrzdk^oeuKu+f7bL<2NTmt{4x&sxtC@3
zs{@V34rCPi{U8e$AC(#{qL-687}rS)$Xqh&*j7)j+?Q?BIq$kT>$DX-e92E)ZFZ}!
z5#wB%gZNJrKf0@Hx@l%rU7c;ZWV^`E8-)y)mO3!(H;?X*99VI~wBd<_X4dDE8kxcS
z58~A15t2v8$NmRz-t?#zD_U3bG})_GYQVtcv}d{eAxYd=1&K_NQ&cQh(T8q8tE??E
zH*w>AJ@lE=|Ml@~Y?Ar%t7B`rn%zFgN4&;av?%ar-2z<oQg_5p1cnc2qyk*l^0Ru`
z%fEH9?4In3BMaxbY)xxFD%Qq7E4x(vyQ=S-^^-KUbf0!6&ynVC<4v!4FNoi-|Dl$~
zL?YLgJ#EMpW(x}Is%-C?%PEZk69rPf<jhjih!UOZ@%`UCIyTu^!c%Mha(8d+qV18<
zHg&y&Bi1}!)^*)GVzQ+ve@k5aywmqTU^5uk%y~rb`lqaOIdmE3c}TP&_GhfF(T7R1
zuzKH;&C~SiMzvL@XmnODbETIJt23)|orrspJd+>p-93_39^P+_FpGb)K#W3cc0at(
z%FwetPW8w;Tss8gQFdmm&rE{q?(S}X`XpVBK&5Y$?(V)<ADX1m@o!z}(3sSw_ZGkP
zqzDSsIfpJ{`&Jrn3|x{dR<cBAH${tkf-wmh)k=t(VPkI*?4SBNj~>mymV~C8tE=z1
zo9NYwWoRfeyvi!;l6ScZFg|f4fEQQYZ0}<W+uRX0cU8DvR%JnVV{!aHu@pWNRPto-
z*<Xi-g`Rtf!8^IS&S}cRwD)0fb}Me#8FZWTWEId%54*;@?I+OmCn?%G=d8o3NC}AV
zK5LirQ^s<a!;R#^f}hqfNadI-)>@Lepv-=iI0z<qvXW?iQ?mj5{rh*jX+73FMI$b~
zNCizcs&UG$tsI33zp$Y}np-#;*PMhapPRheIn7h3tBkAV9o&Ekhpc_?ULV1CU&n|Y
zmGLn!2?#m2!6{OWvG(9g8BO0d51R?M7u@Ij(es=t!N9hSKWBeb@7Q`vjjvArEanB)
zDepMu+{?rCLn@+xIKx|po%l}!xm(sxX#UVY&`5JF(9G7KW0ZTHbEZsg#T}GL@S`IY
zp?>!Feek4zOtXU@spC<543j{WwZg?#-X%(n9jUHljX7p;&o4X+XN4wV-{dxLwS}kS
zVcsL#9!*4Sb2*@6putYZwu6ew9`vn}_vr$yaOexo(&s*)PI?8;Lheg+Y%Iype5G2x
zPNg|qbATa}p1AFj$38oIB@eCj$n16{ms-iUJcG5BdY?r~n7HZAlm8fdboIvNADqpV
z#l@$`=C#{{!Od5Q|8VzZD41UTo7^J?f?+f!4%_R$RjB@JQx33u+TZTpb@kuL(ie6N
ze$O1Q)dHgR1=-rVySpI~L~r3Jf#*w3n9`aQ!xw=pI#UgHc|-}OXh|}fcjYgeALniC
z)9idiNVKm$BW6YLyi^{5?J;PQ#1dth?rcf4hCha4v&#o<v`oUJm~3OC7w)^N&tbME
zVXN-Xd(Y1&7IKzfBMTow(tRwx9+8k$wT7FAfPuZ^Gl+hzU+p)TLj!d%Rgx?RH}_b`
zsz;4E_>HTpYpu&-zuiVh2+ZO4)VpMfn?`M=$b*#ZbWrhzQ&iby&0ESwqK28p;`mg{
zZ$+Szr|@@vfU2!PK*YooTrj;&T2D;3H^6O;PLcVH9aY$WVC!$ax*AdXv5zN5;JP@P
z1&HQZTxWMB0Q`<EBUZmh!^2$Wz0_USNm;!J25Ka~@<7^8-C0SrvX@MR1Sgu~HV5^*
zvVEi=+mZ3*8Q|m*ZHg=})ZVwAD}!iy^2R1cPR`q(sMhM?x7-{Wtx^XVrVrYA103I6
zH?{_S1JhB3Y`MCZ5;xhyZDFNhn-uk%0Hu;mI@?559q6qM4JL}4kqe$;<8MNehRG{0
zignk!)qQsqXFaJp+(OX_8Rw#OVZJ7+)qXeSw|BSKxJY6+7k3`M7rhoj6u`s9#S~U&
zr?6qgq&8g7^WVRc9v+M8L5PUW8!v2|_nFq|hHA3<Br#I0`^65dRfgTK*wm88K*%%Z
ze}aSKZz|nT0*GUNDHb1_;mv}?d??=A(3s$TWAdqzD~=p<&1Jgjg8|4I0%u)*<)*<=
za}jgj95<}|dM`;Al%3wsj_I9G0aM7KM@2|fkslkAU-LT5nzi@wcd~GIgOl$wO)S?&
zWi;voZL|fY5e%jZ_$S6!`g|({@SDj0xY_2w^cwIZxK};&qQL@*k#CCV=p&>|F)^{Z
zc-=FtXr<n#6|}c^zr$X%>7QaPRU_%GFak;3pL3acqe#2meEycFb}Q4TNlDqF<*GH5
zOn0}guEpinBagFTPbb)5sE6-~V9pvw9`f^Jp4Lp1@69pWRg>*2A{>|#06#Qhbx&l`
zi;A;m@2*3iZGA6^pb=Jn@?E6J4i=hw_!RCGTl+Mla4jOWf#jWnGU~Hy+#Ssi9lL_h
z+oCTNhG|b<qdx>~u3fESnulh9yZ>FMq}|fhCVsXFG+&h*|HKt_(-kq}X?OjyJhBXq
zyblfVsF<HroU0G)myK!yTBFnGa1`V(&d(iEbE+XKKgr1VuN-}8Hnm4Me@fT5aL83@
z*>!2ap+tVcWXQnImEt4#qQheRXC>l7yl0@~a`|F`7?$n7u{oeo%j$qv9oo+npw~T!
zIQlS#o}XW*gm`#RPcH!NXCt;>m80%c4j`acOplNh;t=GUEc5}~Q>3J%{9*Ei8&Gio
z+3WfKGA)5#>3uL&g6y^z1&sdZszr!7+vlWTVODh8QW)+`JR56#dt)S-uO-n7ij^4i
z_SYVp4p(;}R{dUaE@H+C4Ae%;lc?%~bP}R_1~xuQNJt>vi22c5SWqCZ2(Ag&HK@72
zt1m}%vm7xx-U2qcvs&bpMCVoT7G-`;W?8J>k~bQE=OnjV_2;Mpt1`ahcfV$zolV%g
z;xC(L46Oc`BFoG=;qo|#hD|9Dpz%YR`%lsM>Q5Du^mnW7dXhY-sh_+t1IF9gzM}q_
z`O}@p)OpK4y3aH=PT1ww<Z?eX`Z|eLUJs!6lt?Eo+`t26wh`}SKi2T%JZ}twO`-GG
z+3VfI*?omWNJ4sEKRtZ6&l0m%9@2-ETzqdoDdX)9RAp$8L5iRJ->J`xy|sWVX(4>w
zwcMC6-TzvHg2}q<iPrsn+>xi*!!Jci<o0{Gbz&Z#iU~2V3{(I1rT3;J;q&fYIn&5h
z_Y%6l31Juz(-fEjMmEAq3^8JE?hAZ<CB!Zl<@>sm7v?#?Ce)5ip7(Fg|Ki0w7Yws5
z!y%_7j^Ng}T#36QL;g$|{w0!VU@Yvft|hECh<DObU3|0rIyh?Zl&<;mpwxXkpR?Y0
z^_w8ZO;}ji7CW-pxcAWrGS0XDFt7+cO@ZmbUS9#VTGw3SsE`nUC>{GNOd|WwOU&jy
zmQPK04orU;=6$EMcuH$tjv=c)cC&szkKbaC7QM_rb^|tQ!Qp8PU`)DCfyC5Su{8=w
zgyMqmF!tvU<?RcV7(Q|8_iWT)TN9T=Xv@QEF+FXiA->$#UrCRe`7sZ|L`Fy@y0<=I
z;{Za}7nW8TN%ouiAtRKXT<&+%ruCv8^MsZY?7W|*MyE~XT#?L!@hn%>7q2?2Ul5CN
zM0*d`Q<R6ucmI_;{MKW1cD*JRS~NbKU}BF}MGD+>U0ewxjg~Y)wXT5<e?0<InhZ{i
z!jcIyvyejG+kTg_>sY%2$6gCmMtSDGWuVR6{?OH-YiLI0L8%K8B7XzmVRsKYy@^>f
zWuTRP)A*f?=Erou#B={k&R&+!rhbqk*FcW`OG?M<>muj0TYCE;G))uQ&(!i8BAcAa
z+*vD9b=(<RQah9Nd>puV=@IwJ;`lf=`F*_yONjkaKO60KmTzXXpFHJXM7gNK9H8ev
zZYXpw6WfAPEARpR=im1ZbTT@`=lnP3ClbKs4cQ48W=Zs=QtjW9Lo4!6^Y?fg9$VJ0
zWz{)Hr*`(Lg%?Fdm&KOfbO^pts%5ND?He}Q*UdAMU*7+##(a53xn9MsKVSdusS?sW
z4!a^D-ou}_thY297c>O29C$Hd^+y@Wp9<br6jzolu7o*wswb>*fi5=~SM-<rA0%x5
zbC;a<*G`BZq{e=g79XucKJ?EJ9=gES;UlSJ*(KrilGavU=r@xAOf#V$-9~xL34-0%
zOCt)*33H!APgLF%e>3Puh{j*%MF{Q7`ZmOSpHTWXmmM*#q;h#$c{`G+$_fb8R8o+a
z_q~StKDU?qwUq7polI?~<+MM~U^OUVSb}~@{tha9q0HZ%+03&wN>ylQv$TVnW(v4Q
z=P7i)y`q<~Y{HNF;FQJa;xcQu){<p9h~03n$OP}STXZI`kX?4CfO&L6VdQQhN+_z}
z{z&W2JP`}NMX0&Hrc995>jQLD7xppKi;7(a4WR8P-HzQHY1((xO!E({=-Srmv<?lt
z3R!RIWPKXH`G{Y1Q{1z&ZC=W<9#xwkI*i%vK&oE4J01daOq)DH5g%SMQ;Bzpnz}*^
zTP}!X=w~g-z(3|f_Rh!@+eQv8&VPg0jNGN8!-pviFD>ol*%0rhmjPvw$BVF^<c*lv
zd2jHzWJk`8OzJiu--b}691YX&{c|qSi%Epiq<xY50SEG<w*Eaqn&&bw`=Sx=D*KQ|
z`Ewo^CR{}9U^X_#XSH5UkF=@XoehA5#lQLuWlN#9T(*px>0M^)n9B_R{BRr6Jo>*|
zAoF7j9R<=@?Ue*Po~%PvBI$P`w7AOzIMe<yR$l^%kYyxnGJfa1dl>1N%XK$~FA|HC
zmt9c!Kj1~Gh!c8qJ*DiIu^5Sud?7Zpys7vuB{+?#Ulr8CF>l1aA^;Y7??h|^BJA-w
z6cX)ob+#2{&Ay^9CrQOjO5ozIvImIrcb{_0M({6%hyom8#%UE?7Ojsb<+b*tn|I2x
zm-hrpFXrYab7i}O{IO8BD~$fq{J}%yX8SW+MS_K?i*J<qgORR@15~vU7_8mN&wt4<
z2#QmMI0mN%MCNv=VU`5%=;-5Io|oWfj#(ccrBbuVtH%*n>$>B&Sw1D9$Eq6NWrL57
ziA{WWjDcj?^yS&czPKpIwj?diH-#K@SKt;S@CsLV<|mHHd&ygZ$$fE=$8^z*w$tic
zkv&3+_K7kQwS1UvYwAp2vU1`SlJXaRjlFfld!DZAazkp0(hmoxM=Qhayj>~XY0q+;
z>*TH_tdBE@*HTX!J$eM$A%8}ByMMe~DRCrZN&ukT4;_AcDa#A3LPH+QESD3&J>kDg
zAq&aeDG;b{?9+O!fns(Uj#oj@o#-NZ`O6kIOCK<!GwObXUy<ovS*ytNP<2aXz6z`7
zz16nkr1A+FAqDLspa$fTo&?4%CLIm|@8AaeW>6GK;XLt{SJNOIk%dXVs3-?i%QFKL
z_^(w=Np^ttgxTd*Zy>=t4WfvSRll47&nVm}C}K6&WA!Le|Mia&_G}6WthjLBZFXOH
z2ZGBN7B%4y{eTOf*+WFQuYrgjFbZ^4r_UWs$I|tubm4_xjzRkmu>3a}htI6c#`Z_O
zqRQYqb8Pp#f98^{Dpx&42l4B~6+orLH+SU_&XGF~g$P0zYdPTa;=m;ho<xz!mgl{y
z3&;TrWX@|SII#ErUgSWUtxWBU)t42<dLHF%m~(aConJws{KUk;>y`&_NN|(j5qi6>
zjw*5i5qv%Djf-Ay^)E<RA~wZE=dI8k+)KzYKRUUi8hhLB=>JB^7hKLf4k&Vb_YHl$
zksuSiRgem;&g+Ko>?OYg9c@bY#qPEcVp_+C7ZZb)dZwl<(EC5|IxffT?tS8XbWGIC
zICW*2Ha@%&{W5vseSsk_@}Rv?-Tr|2QNJmUJT@oQFg=UO_q5eOK8egbg^<!O)7fCj
zJjjN*2g|pEs)yS~bvDg93YZR|S$i$K`#zW<5^TOOA;WKIVQd|5?Si~{$uHuPY0}u!
zl>yPZ(W)kYCZ@;+P|e>M{V1~<VNtzn?HUync^VZu7mA!_m`0GKs)<HTljg%vO^|2J
zMldEL>GV6!n7rXKI8iIUqff}0&4xy`?XNBbh_*&zSVm}sRUP~*1eh^28D3=>x`It`
zrD;lX)8G$IZfMN4$88JLDjf?yd>HYVgzGxsxE?vgWLUC_g5qz`Nra#io_s(75XHkM
z5s4ZRsCww3&$BVNra=pj7-wgl#vm6RaDmDQw*nXV$-g?069u(UZH0Thl?qj$abe($
z@_uR)uKWMd^p;_5v|ZOQ4#gVWi@O(!TX8F1oCYoKt^>uPKyioSPzdgB#ob+tyE}Zj
z?&tmf<j9dfGnv`v*0tBVYZtw5a|U>l6F#$gQt^w3v>#LtvyrT|TE=r2b1G%?eWr?q
zHr7;K_UM9YIfFXa79wX8C2>o`e298})lnf<A5uBd{***0We!f10}b}d-q27I2T0=9
zPzQvIjkC^vdq3(cTfo7+Ky4uDr8XeeWgHN8O{5XudQb#b($dm$e(qogPJkoe`91jl
zS!)hX%s<^t2l?`0sKUjq7w5(IfXjcF8^g!M|8T)P9K#^SNQ!WwHqoj|%+D{Wdkb5>
zmr;Yxk+~*c-M7~`)5ZP$<a$e%hfvSJ0FQvc6DN8)1;a;?3xs&*_z@*mHAdXZJWjVW
zU)n%DHiVt3`+XUXW;>eHFaY9d^a0qy?T;RZ?mj%sbUS|_bb3TnR<7_~o}F)63};n)
z_Xn$k2o6KTzd}fVXNw^eo*wi3zKec=zct<)(=Sr+!%}}-W)GLpuU|LS`n*2yycnyk
zhgC?qfzOlsGLDW`*E>A{I8Q{zgz$mxFY9l;4N2|MleD1kQ9+969|29|qg?6?zE|{s
zOW2pkzxFLfS;_@3Un$QL)!GRlqj(ZkWn0~r6tm0ydxb?R@<wwt!=EUEJK=;7oICkA
zLOVZ$VzFyD&-rutJ3YHxJ-4$I!ZP^+Dn9wWkgPL&UVcMuET+D=t{7!`mG&t8Ut=mc
zY3+G;c?~){ST}G7&aqFVtTQKc={5E4c6r-H2oOG3s4+P&r?1!ELtPKAzWd4SE0p%E
zEWSwTed`T@y`HxI0Op=k6XtL=TMRUTd5Wr7Z*yTI>l8YtIp05fdp)y%gi1zD&aW>H
zPCVX_3i_l#)d-#Wyb(S*VepB>Dx$M?W{*M859+N-G?)Q3Dr0=j-d+X`tVpSIYk!+A
zqQMU^d~9wb;<t2;*&<OKG%sri742@wdi6G4ch*<CANZVHE*sWvvR~a-MGVxRPML7;
z+CJSNulw#V&_8;qqrZ30s`^5gX}H!BJr#dOU-i^stjqY{t6!Bk;(MLR!>x|Qt^TDz
zqr)N`NC{+7Sp7|N?vU^4y)nq3=qzEnL_-_(eQ&qchnNgjU`a&k5VL%falql7jQ{4n
zv3HP4iu_(VGYib%_wV7G3Onb0lE-}W;N{kVY_&zaLesFzjCNn=fzy3*aE0R?Ie>=^
zw}{-0k0Rkud10CuF!niXNF>}$8$kf(voooXdJ2Hv7dnu5HJYX&pYTxU4It_y63W2}
z!`aR<%FZMCo<`hOb8rT1fBj4d{?DIy7PW&9H3+ihX<k8p-|{i;m$-sH8Ag%q#e91q
zUV9k_=Nvzc2Bc~pi54GqgbBHR?+`&;ao7w#zVt1ebt2TRvzh)Tkmpu8xP`H4`w?2U
z0y*Ejh>3{S_}8a)^^&AM#!|GnxGBY}edH3nlaVh06NuYnq-DLjPII^GFyMBOgiG!g
zBy<P}f4cG(59@%*O)^^)bklFdBos`B*`Ig!I9pg)KqP+{khyJ#X00_1cFTP$Bj~!;
zA(2I?S)QavA@jcrlQ_@=+M197o|qvmVB8M|Qq>AGthJ!_gLS;Rs+aWOhgeSZD2Qx7
zKkphL*<RieDvAg#g+q)gQ-&Y1AA9Nja8dv^awllTqI~MjZ14TADxUW^N@o99$XPQc
z>s0BoDZATu3z+nr><I0p3u!Qrd@F<~k_nF7$C?k0kE^lbb-c;dQD56Hj64ElEpm4=
zPxpy^10qlJ`!mXu@p2UpOHO}xme+~QoS5#$eBJS&%lcKy9S`>S?!e=md-~r8(HH?d
z{psJNwg=|A<9b+(99zHPVcjrLV~Oz)w7Zc?9@v%J2p~Drho;_M$dRv9>Zdf~C>fmv
z@@D+IOx7Kiy(qHEfs7#Wydx<8W|UOlq1cF4ia`pD(MVpP`}1!+cjc1n$(O-ib_Vvw
z)|)&C4`%idLF2!B$9A7(+m-CmY7JLVF5-*}^S?TpA7PIxL;k;hj2f(><Dn`FU$!kN
zGPC-<S%IKZt?on3+h5cpWqOuP|5u`3(-hc<M}dB{@viTGYqj2+0UAyp8Ze%+MI7el
zp`65>cfRBkHO|g>lnBw=4C7b&lnB#YT%Uhi5mktb_12F%Kdg~JaXc}w>7vlB0gV5M
zK?I?E^UUnc&_+$$n_q~u^u*V}tygF<#Y1t7fE|YEn%gY&T(Yu+%t7n8OcjQ}Fs}PV
z<JQO75?Abl2;=|=@{_Tmol*ohmrJD;eOE$3(5_mixyaLlvhS_E=+)@i-fP_f+4zSH
zAMW^Y+KP_vXt4vSdz_ha+miNXy9eXb^93M1KeXwHYP+YuWzeR@!-Ecf5&Z!B2-N4F
z8z4hIO>u<v;?M{-@9&f3*8m_v&CrqG5h8B%HIZ@uIsu3z)$P)0Cc$}UU_W8@fS(uC
ztSVlA6S%&y16S(FuMcb4Y*}8%=F_w!;}d+El^>;<ikqBciCZoGVQMEBO48wFtzo4q
zdQBZsY3}{}vC|^{)Y6O1Tg4;bO@@h0hQ$yQ_Cjcgc*mZP`6##rJYM$6g8z~iUOs+1
zN1gs<0x+o@)WH7Mj2K!VED;ZwzrFrV?S`>-?KHrnU2yMTaimbdpsdKrD;TNHlnLu|
z5}k{5>(WQ=^K`xS)T8(RUMg)+=iN((JPr0+MZ)C=!#mw&rUH-Kjhr_m7v_R88@B^4
zU29IS>jh>QD6ixN)T_TC?Az6w5&J5w1NOt)vM;0Utnq`buV_%ss-AQnTWpi*X(4Z~
zjG=D0X&Fo|gSv3YdekC6Tw%Z>QNOIzJJeaa#yWUIK<kJ8WRAAm@+47eEoV#o2IBpd
zl*X*YqZ!qriGDNNAT#(u9;#6it)8B^tpF9<dh_<%(OQ#-49{H=3!1O%sW-p^*~{M3
z!TQd#g`Yyfle%1@&IytZzckM1dI$76!-S#GUyX_F>;ev6X*s(h^Nk;$a7188`}YQ4
zikj}0WwI_`HvW+JzF5x&16SX%*t7ha`5s1;{DTuD>R<y{YxDK!=ON}-OCeElsLGEN
z)`KJ=A35>^s&U)VRm3TS#3FZqpU63g2%oGKk>F0O^W$hFGd?#&4w?2;CY}+tQQr~l
z<-&=6h&tgxh(RrYe1fg~o1-rNJKv@o3=iW=@q4alyj1jTc5@sN4&s>jCph%zXl2g!
z=*gmW_eb>oU~<7I+U?I#&rMs?HbJ-lA4|abzez&c<6gzu3jjcqkHI_cSLpm_#dXyi
zy~jfVgmBv=phShG<?VLn_b?2;Rey66fdNq<>Z3hRZES3mzMh`Fmb<TpVEj~4s(x!(
zhc1&cC89!^?h8%!z8N3g%`hq(-{t?pLi>7iK8(p%SD9xf`^d%VWELtuThS9D*=IA7
zABD>OYW(hNC?Jta(ogvIfp^sfM@!#Ps%AXfOlQS+-B;$V$F`v@Ybm2jRHdi+3{vub
zvHqfE9^8_6RKDos7J`P`)D+lz^A0<f>3Z#l>`9QU`^n7U<4XTf$!2hkKbsJ|^PBu&
zxEemm;Pt6C4)^lrSr#D3om1ET-w6wMc64m;-Tg8Nc)a%JOpR<}!2AtU<~b;9eZ&AI
z3{x-!byg}0sVbm+p5fA?mCf5l=gA@vXDQlXnvkF0V4oNe!={#AH%3n^#URfQzG%;D
zU|)4)>+p}E-Qp#YUk{w>`$K7{dAnW8b%=U5F2mm9XUj3qU^jd<+7DTtC+oR6SXfDv
z^W0PhGQW+4H1z*hl|K%`c3u?_z`-C+yjwwOH8VB+m!#}>8Q(_2WB=XQE}B|d^h=Yr
zBuW=l84X1(FrVkN?~t^NM9{D=Zy;<^@w^i8nx2Y<Uj(rttL%t5VJ}afZKy(2YZPbX
zLjl)-(-EWr%0(pxLa=~Tu|#&fTxw;#b^^f5379oeURjNVU=Mk&y`fO#LzMPe>%TbH
z6{o9UbJtzs%Rl@~58GiBp;EAv+>WKUJVW1bA&4IsYhx*s)_&rR3KiX{LA-?S&mBK_
zUQ5p11*Sv0?;el(nrXJcOP_YF!(-RbagMOX7sjocUwmlLt?JK=v`fXofqGpk!%Kiq
zi~Qlv{7~~#kr)E^CVRQ@^_a{AB61Kq_oc9m{rKy_!@ZMGlKd%_{CdR;#iECvIgR5!
z7nh6PradBzm1c7QYvtbI*UpM>_3kv%70QFmZZV^KJ$fep3pcelJHX>!jBwrCfqUlJ
zcCRs~>tNPu!`kDe-s_DItRdMpu#Z%ZytXnqS#@VZ{<N^Mqh&zrRDfO7*QcG5+Es6R
z`5;8EoYfnXFNbMI_py?QNGEmGYKad1fI-15#&}i-t9CXku!AqUgF|U%*cmFhQ4Lkv
zsGal3f~w2&wO2rK8c+Y)$lvzg?u9pqe!H-V+(V!7Yl9il*=luDvYs8V)^24y@G#dc
z9{bep9AskR9A8e-dZ^z6hHAiHVsw{{_^f4n-j3=%Xh8hMdy8zI%*70uQBWngVc+M?
ziK;YoQm~d&<|6qa7%~Kw>;IgI3orMgfK<;N?#S4Kz0Q5I#$|G=>@10u8Ro(Bk3OYO
z^B%1$^U4*gXZCmlSGvH)xNU$${zk-U@9J{imaBK)?#p>S;r}KIzN_Br?jqMGXDe?l
zdry1^E&@;hy)b*rK_AJfU^dJG6pOQAwc#3KbnH9dvR1bP?GsiIS$t_y+q~arh~5Up
z^p|Lsvaqr`9?mfOa7mY0!*ERoaG)Q%(EFxx2g@fGJP=I)#1)nP;2{$YXQ*016f{w<
zG3r6`S?|Al(M6f!NYU3vzg>OpQU+cWfVcim)!$BR%KOkKxModw3Ann`{v2js?JP(x
z^H#FkXqt#u&fLAASLWme`wZO$&Y!fDIvo0tJ1>)iuk7kPo|QJWSo|Y);v+rl+5<}c
z4ZSTqZUCwY=}}r-`Cq!#gQm7+#;ZX5EyIxS!#>&G+ZC*kp$rC>mG5MQm*_I4|4aY`
z*8h;@oFD@cX4#;l*cM4p?G|XUrF-f+cl+NX6Xka@xWkJPxxJt7r>C>_Eg0jJuz+yp
zn+_+9I<Kx8@RoxcPR}2ZI{TWrD{(v!9fkoYH=Ntc>C@W0<5k@}DkZ{V0WEa+b>W-c
zC)7P_m1x7GAOeo`-*Ms>5ENv@kEDs0OHhN#UdIob5|WbkUbWKQGg25Yd&nQK`(EkA
zXFu-0Jx_$=(4Q72oo{BvL^eP@Cy9ScT=>A_W)7y?3Gw%*`hY7<o#+qgW^V!Slz<p^
zH5LH?^;r~J$Y^{k9%??>Za_yaC>am$zQz!r|M@5GM7`RVNwbo4$@Uqla(q>e8i*u|
zP!cEg(H?7X9&EE91=)FuX$Ma8L?hUDsL2jU;0oU6D!fRR$U0%#s1Q~VI`QxI@L=>-
zMBi5`4(_@f=eY9NH+lM8NO~~;U;ina#S((C!Rx!;@y&WwguJWi7i^>25Ws=Htsoxe
z+=n)f_%*K+X+wU4ZsStV-gmbCuI;UZmaW|)l;cah4bSk(3TdJ|BBj-In@&=&Wtw)9
z6brufj}H?W{k$m9wdKxQ+kCT}gsrU558ocIvwgP|kjbCc_DV2RgvSA$?~i;kpcGg?
zl6%P5n1_u=ar_sO=Ed5oPz|O>i8ImU3Wv*oa3=HwDQRO>l`1|6_nFX){Paon>k@>#
z<$+E$?U}G((ZFK14B2eB$QYTgP+TF(`cI-Sd|l@hTmZ!uac?P7mD8{X$JBYk&zF+x
z$PPiTel+BI>w}!rXfWVN`quGOzMgluF;5Jq$$CC7f<6*~zK*~5p7FX_<9ad5ahvxx
z>)XAi2ipIt=WGv9Z8o*~3q?jDtTIZ@*iCdcbHI21(N4Th*UrBk=aC(a4_`#zt_HPM
zoFWxzu>UzV=`!LLYnCEpL5U%u$g6EWJ|)`~p?t}d?+`*Hpk}dPqvg)ed~?nIdAKb`
z<hpYm{;8zNZ|6#E+8n+Mb_2e1S$(j0ay>h@f%gkwA5mV8aNzP&^7+Z!Rf~yDp$QcY
zP3rp|>d44$YC5|bgGLM-P<d9~y$9$soy^62b1IlQB_|wenq(h!<)N>(jW=f~GmNtN
zZp2WwfQ45KbR>L!z{zvRbrQ7$kJ-By`XMo{>$wJ6ll4bdIKbQxo50lL2IX_vnN8PU
zL?sN$eB)2`rE1-QwxFOsil8)$9ilt)h-3$Q3qt^}M^$y-tkrgE{s?{x;mv1XZJO5S
z<)(phR{nJ&8o!&=Rd+RDnq`7j!GQBMw$c@TI5z>BWIo)V=9u4!UQ}u^iHNffZqumz
z^NhZ5kN$j4wb2j^s!*n*N`;=CkWhjBlP{BtMD!mTs#tLtla;g8i07|LG=!X*P`S7~
zm7>@`^4CdL?F%9KVBeRLyZLlnm5jQ7a}LJCU8hTQu9<lCqLiFrHqX<2FiyQG6VtBB
zof80x>iBYN?_~~lL|(QxZiTgci#kl~|Eiy%)GqAYTLo6Qmi_aHMFLqdy3X*FPJs{+
zwmH?;1hIKVoo5Fhin{fr{|j`%k8%i|ZlGgCq!Ru>J^vdq0uV1cbv2aJ|ECe56I51_
zl!SyiLB8PdV!MCOpWkYFoD2fLj$5Z<55!)Pp894{5W;^$TR~lcv+<2)hrryy-ob;H
z+_g3r3B0A6Hr}hJOP?|P3<jtEcP(i1kDdT#*@(jcxq};2k&OE*pXYOmgl%(^F<G>H
zCw8SaK-x;Eq)CRtp1bSAW85|PxR;ArX99IFLCzij;TZmxfKI_Qri}=oQ!LInNs;sv
zHa(+AB*O~9@d29Q1U>0K`x7&1XIE(_fdZ{Rp|j0OFCk*Q@e4nvzPqbxt545k|HDHl
ze}t(I$b<=+8(lO%8b7FiTPDGuOgXI6IdtaaeFfw`=el!y_3`U%bDCTJ)Jr}YH?qYb
z*;g_5&jK+YX&os}=0aZU=9_Bp4Jy1Tq1w7oh=l?`2y-++U%dLD_dRtMnr7W*%oswY
zuNo#VM?$15#NGwKC0LA{(h|o=nH*}-_D15M==m$xerknQ6;sW2kPz)U7CnWd=G_O>
zfOC56N8(QUrNh+8YHrOEZwN)PR*5-8oddaawhe^xe|=Oqe^#Yz?T}`=^HkRbuFvT}
z^DW?8^2O>1-Is2LK^4A5Obn)*01oWWj^H=^20Of5OaPBw{~5gP+`!wqORQj$*w@%b
zX_tLl?@CnrX$+!rpBvJ(Fk-z#HZ{9adbVd;*K>`ETsQSrN3io?$>+N@LXHQyfvA?%
z7c3$LLiWm3_jHRiZx0K6hjuh6G+Y7D3?<6{p-s@CPP?7%-m>;H#y$&#vu>^)NzdAr
z`3ud&lBWD}K(}UHe<6~(r7d@NkE_4BT9_D$4`YzI>?V<TquQ1%r9PuWFen<-2)9|+
zWi$cz<FFqQ;b@~FZQHn(yD`cbKDPc1vIET!VQc1WC-&-a8zA?r7}tQ6Qj{O3zahyv
zWcPQyp!SIpzPV$yhG1nGQi$lO*aDp2i6}R*p?Sk>!|jyj8OM^JOYJ;wQ9+|^Oxvf!
z%(?$}^D&|@Je?JoHW&@#k|s=11(Wr2k_mIF1>r~m(Vp^ue~9(BiuL;x82kOsYoCi1
zv(#g>Eg@#%S+4*<;&K7@&_AKZSBM*JIq-*3>MytC--K#oqFkufO6-q6pzc^W8I(=b
zbBo5nFliJW_(vJoAFR<}YigTXSTI6ZeS$V5Y;JFvWLuNB5S9fpp#{M^QAy9OsD54{
z!f>|ED}%k+Mh$R1w?-B*!Q&ma5ClW^zSL$4&LT~eHUV0GB!oOh=lxg+<T290+V6TG
zqTI(x0$LT;y?RL(Nv^SvM{{v@CCX7=nsz!#%ZJ~N-p3Yl5eoeH?`+<fp!>6))5GSS
z-s{MlSl2?hRSR5%R0MVr1r89IHXoUG9+?ghm<}GG-%)ud?&UX;)5H#zR>AD+cLgBX
zcOkeyikdMo-14u5!kK!;NGx@HRta1i34B)dBt?k?MaCiVnE=qHd_ZU?&L<fT3;zwY
zcLA*B+4_GytMrH$`F_E~ma)psCWm|Vyuf!LT3vA_`%~>d#;K9u3b39xc4Iv|!gk@G
zTfa9-EA4dIeqQn_h_|Y5)Xx3;fTjzxgg5*P*s7cozFF#|wOH(rK}4y)xv)m;m=hoX
zmpjuOLG5<yOW9M`nE-6vLl;TGg4!9e*upD(J{GYiCBpx#Hs&4FCuG~ecgT`GWBdKa
zvHPu7UNIG2@ez-GfG<m4qZOuKov*$70$v|HPj0PWpo;oKdd*(=o0)uot-mcQ6;RmA
zLxZJ`T}7ihOrfi{n^!m@#gba{MW+%&hXX@3PCTLDx0*Y`s&vO^-A5GY3c8K+i)s2c
zfzCVMe6joh#kTx0w|BztNeSS92mYQQ5A=Nf;op`_4f-y5j&?A{%qZnB8RWDG<#2v|
zOcbjwHP_X7vka<95@{GH39K*+#6X`7pUy14Sb3P4iXAdR%-8OHQ6`Z7-y5#wF=d5J
zY7Cbd1*=aRXooYJkej;B3Uk9juOb6=>s$-t=Fd^3YXLqKXe_V~UY5aKb5}$vEqFn8
zhX2KgmtxpTOrRPGSSqG>(r*5+^;MVtS&W_xTtKGms?qj4?-+5_jF*EMuoGLvC~kyB
zlu>oSOBCC%2&YH)G5Vb!kc8B&T}VL2kbfD=)TsfB538CJo}T6+8CQv6T>p6_iN+>A
z#a3gxJ~m3%X_CimjK^#(A(tVTL5|YuL<`bk2oE=&PSO~1G*7&1+sI}KBKlqWjp`)X
z)(vxam$C)n;YY6{LNqlBkRZl9p-T}YEnBG=WoBv2DMbf4IQC!ruz#wHhs4}z4B6LL
z$kVrj@1k32od7k;7dLFK)k%Q$*;@(*>y6()_Fa~a<)~tEEZKQ;S2G`^?L$JrvY@ga
zuy>}l>+_*&v~=bXk}+h10Om^k7Z(lfa9`Adg&^D{N_TCT&fFyc#p8K=SaQXR4%C5Q
zy9%qdD>taoXmyaV&K#|(y@bkcBg-;tSD>JUg8r{e;()2Yxv|E$leRi9+HRj>oS(Ps
ze=opnH}TaeaLss@S6)eM@P<(X9-lcvoT3B;Z9KxbH;)jD#4;6Sk#I(N{)*6I$^S?5
zR|1CGJsb@(K%*eyM6kD3rf<rn4?PYm(6pC^h%-!P#HyQT*QCA*#A!CiWA;s6l^X#{
z39If5AKdSW`mUiXyKCrGGfJ8dJ~wX-=5B^$e|LvC+aIUM&~ELw3dgxm{F+_-+J|_T
zAqxC>?ZQqDG5G+sGzysh*@WQ;A4)^JE_0(vYGdSlKushNKH>|>?}|Hg5DV;8U5E~Q
zoxfqvg_Z3ua3w-4&-}PW;C@J8+QhKRG)y|?*cA9nl7Zx`41(+MBFI7_H;<0VPgB!H
zZ)IBO7Xh=x!I;&=v-oF2wCB1OKh7kH)=by)Bg8n!MgxW695-X{cCki8d9+f<M<Orm
zci8n&fGwdcB`Ejy6P~f>uMROrrYxCqU9)=a4Hurs>|rd%q<tq+q(oi0&AN&ko3=GG
zJ+Vr>KO{!CAh`d<(_n<ouj1`Vb6@7!@fk9&;S$}1W_8>Gv*Jju@ySGWi|=v&h(wxY
zm%)3okP1d8Dj7=Jf`02K|5oc`$GaHD`(XtncDhdZsd!JTQK7?A8=FX)q=f%RW{nj|
z`2~&4;yFS>g#r79$uwWtU2%$tS5C^BmgrM5c0K1j%xCq8A7%VMzQRU>JSfH(5$Zd^
z)^ReWM_TWj!n3@nGc4N_$4P^#;^Tr5<6Q)XlA^F4y}oR5hEJtgeN|^cgrefDzHS3v
z!}g2y2;q%1`0+GbaTb#PpagkX^=T24BGMtV(5w&HX!Q(i3r<KVY%|1Ws}AOurQ8Ew
ziutoa+Myk{BJr{KVM_bN6Q+kM(@j2XdWIDnhGY1g$$wHjkq;1Ll_?XYXJk@mZgK_^
zaT%5=!iet=P(GWZcd%FC<9^pOV5tI*vFk%a(~UN--UZm6&!0XP9IC9qbhK-pr(^#(
zut>0y3F&(EtG~XUNS8H4ky~`tW=PawNz`UaW^BTYKFh0>Mh#%Z$W4+GATAJ${mmRp
zK^AFDj3m{+GozL?xv2Bw!BZeoO8VK5Us1pGat9xzZ}W6f1y?A6^1u3q0KkMXQ^*a~
z89$6-kfNGs#yUJ<6Yv999lGz7iabP&iw~NVqk3X}rd3ZVLFfh{?0g*Cf*b1=QgRFb
zt^1iDQy1FiZRSA#X@NkEPd&9LRoj5vl7~i({hz{2xop1vZwW7S8Vmtrx`Pxcf$v@=
zVf<t<gwCqd+Lem2yg>{z0FD$XrNcNL)I$RhOhqzHNrDMv^qKk+gDeS|jR~y5Zt<YV
z`u>G#PH}D~9sNsw&!wH~#$oZfA{C8<p~JGh5e_Sg6nWxnmvkF_`x?6ix=bF1WW3NA
zO@1EDoQnCKTr|9NUI<JV69;1RB*oqmDchNkgrUvuCx}kl$;&(tCni7dUs!XR<yI@`
za~sYwr%xn!X52(Pnf@by+tm11n7^4nrJffIlY<Wff2Bsqfe@2kcckn}Z4~dXUW4_3
z=nNwkwwd8vKCX<#v;(g-3J1J<>$k2+m=0KqN&gOh*zHL|C3gaX=%1B!Maf~799j$?
zc|^w#j;R)%g5$OUp}jj};y6VXY5R|V=hnW>xw>Iju@pukW~HW4@$yS)iHz@3XpdR_
z@kJ~QNPTRwafR2D=+43UpEKMefgu;*o=w}a{uJt>DsaG<2|a#a-2&IdXURvjTD8l!
z;#s{F3E=VTzWf?8EQlBLuc;LC^olrKA@!>Y!<-@Np9Y4K1-*7qhIo+$sSKt)fp+YH
z%Z1!59JMURp5&zPR7EUuQW_o(|HQH1@KH6ts5f!<>!3?J_+%Hlax$ZflD#R>i+!!O
zL$r*NIaxGLN)!$l_twsalFDsZr<VF@C6*q>9i~=GyKx3`^)}TPKBJp?n98DhMs8zy
zYO10xw16xf#-sO_+vA8DGj#;W=0q%$OiZ#i@0Qcwf;7eN!6bY-*1ue>16L01G6_)r
z3oC>*o*!<U*6Tj}?x^!icb1~+uaVqkUJwbhec@Qq2^8^<h-A~q*`E;`N3+^6A0P%5
z=7yOf#Hohq)-CL+5h=0d#*A)CA}RrJ=GFwC0h8=c53U5(m;(`sd!@obeoB<*Ea&qM
zGA&1<d?AyccAWxDlH|%;(jiB@l_tN*b2jgvg^=m!Q^xi#4wZZ)@I(hRe*9j3r!h~o
zE=9RgOu08*|H&Y`q^M*}G9$`h^_Y}6mp9S$kIKfRdJzg8JrP?Xk&VkkvBBTJ0w`mU
zEkLXVI`(m83+nu@*b{gUvk-Sai3u<&A1MCCXdYIY$gX(oQ7}_xOB60d`@j{QPbi0V
za4IJI#nmr*szhC5@B6zy!)!lPvOE_l2<%RI8s59~hIk2Jw-s6%6Cy!r%#SR~bghFx
z8V2J!OahTbyAdYJ8RbIG4s+R{DH|Sc;QPnVJ`Q2Mk2ebk=zf2tpxAyjyb$%c(;zAH
z6)LiZ>Vsl_qMDygVYD@BVLoJVr4V1Zibaw8*055@I9RZDMj|1XfUvB^A4cdAfmFa|
zay@xtYSpoJPRR9l_p7<p1~NqfDAklZPEitjFsu&3MYfzFCoP~}VnOwxff{QW;3n~f
zG2ksu8j1%0@lbdWH#4FHd-8zY=+S8V8F5Ra)#~Ql96Gly6|j$6IphoecwC2n{8}_}
zY9O-Q0P*i^(hV#l!EmxBhZN#i*h2m|tE%dCw?in`LynT?hNHovtU6PD#;N<8p2jt1
zWm)LQg#KAHd?H>>@03`6n_v9`D#ZW3h^*toI+A?klmw&l+)^NY{3Mpa+8OX}#W;0H
z?8o8lHw~t#$3q)3ggvPf#~utJ>L5Qhib~q$2E13@mEFQ4-kHP4OhuY7h+h9J2~S*v
zBw=Re&fs)W>d;QwQ#le-s_ROo*?LDO+KiXMSzhzpHRGr?<zK}a4r!buz_U!ynA}>3
zyup^|=GtMW55v^hF?wXwabrPMV3%Ow^a<kr2aZEkG$yJ&00JVkKoN)epXa`U_lKUe
zAYT*L`=jE<&&q@Ekeu=C8T2l-S(<+C`R-~Utj<OyhHdRu<0}7D%}S#x)__%Mx7Kgy
zTBvj8s5j4NZxhK>Tmb$j%p%8>NJSil9WGhPg4V+^p_`Y`?P{PuU!c#X&Vuhq8d@M;
z;$bS}{jV#piT+kupooOSqClO7*M_FbPIxL}gM}sb&p*NlOQb2D%y;S0jfn~}qv4IV
zBhoBQ7AUdFY6;f9aKX!P0pm>pCGdtVSM%6@I4_+JC;Xoa0Mt8C3O-MPp)d0Vg!?so
z+`2nmXLzY;<pE$C<Fo^hd=mrk<5bj9GaE6{;ql>t66&(wX%DQ|x6WgquI!AVFVRu#
z9|+S&M7}~Ezx}=N@xP(w;RR<Kzl4oeafZ@ovsJoA_F&AHTPzV++x^Ze<sHD#Ds(MQ
zAr}yAM0{N`0_fhEURTF|lBDjEur^j!!XjrkbT2R(N6F9IPZbgp4#?8}q3>D89>l65
zd@|1bPmydw^AB@?_ImIFKl-YiHcK~7QHds#2G956Z!_!7u63tbW8u1dHIqdr84?@Y
zlf`8%z{y@|4JHuSX&5-smv35F8jsdsXSUZ#;T#ON4hXv?#G^%y`i^O3k|EBwth}44
zpG)s|ZVKP8FTkZD=Zz|QG@eAZkw}7>s$xhk*Xuvs#EK{%c8?~P$PgH<x2mhNH+)A}
z!9Ou-hjIcUjQ)R-0UPEh2b?EjUID3%MvllY(vbO!;iaI&QLAwqg0H}aMw_h8|F<=^
z6F5CW!Y!CCV)#kcKfGfd^?75EIrMLIGI-_fG9XLQohdQ5q9R6-PJ#xzi~CD{0tzKa
zyv$?80hR>uw_1q`lo}*GJx{IVd}hBlhh603%cwg4Zg7GwVVs3Mc`6z^&D3mQI<xT}
zK2Zb$y17j=Hh$(i!Q}ANZO7%5x>0<TG63Vl$vf3yH(xerLM1wwYP9Zk|K%E<x^54l
z#`(On2OAQ<;_wA-e0t?>l?oYC69q2HNOmzZ!mimuVV&9Sgpin&=v2rY&&Y?0<Y)9K
zxzE<bzj*@ZogZh+c#(2!%Vc}arSZ_5+x}TE>xLTdcCEN1>NbaDYz|?6@e{>)C_qfL
z%W|Ilrw6P&J!sX~K8=Wt{5|~Zr>(=$iEQZ@_FQtocQ^_Y*xk7MO7L|GzZ+0oz+`cA
zYD(1KKW)kS3l(EM?4}hX9yR~cvhiQzRy3V_PntJ_ljAceX05IL2}XJ*j>L(Do~M>B
z^tp4fi!}#agYhb$E7o-IOvZ_U{|G!aopzs~7pfnVXKzf#(=%#Vi%#JG8M`gpZf8+x
z?r@D3>ZvAdHe}YTX#HV3|801q9&MkLkYaK&U@lEwWW4*HFJ4BP|K@sH=;`Dsm6VM3
zyj7F%+BoUqUQFn*A}ImSKT3G@c(p#tlx7H?zHi`z=osSPDJT4x-zXX1;Nbw_?)+c>
z3q9`8&~sxww|5f72#If>%EaT{XViSjDTrvW%h~@3b|D&Otd2#WY*+drpZdISB)`4Q
zFkgCeaAfqN44!+7V5Rn@CNnU&c5}yx>5o+_XMpaM7ns`FVHV&9iwC#}d;uXqHFxK9
zH40SZKV^O{z=e)m9v(aa{F=p$DhZsYGcSijJ<oX-s-XIhmLHedXhej5fZaF=b_uI}
zr3Gx7<DssFIXyhBXuF=@B%R7yHrAddL?y8Ej0Dy0=+3;Z3rr9OYiQ8(K$7i`OwPGK
zkl%QCiLi~sw%*LX?($+I;r6Y@d(}4iM2B}~K3#gqSuk7yBi{(%)KhzUuOxD_p<dLk
z$uQ@2Z@&cEoNXu!m!f@pJb??BOl{+3iVMe6+VCKQBhXotTi*^vL7abjA!6m2KIYX4
z?Z^>;nOm8ZaHf$VsG7g)KE-0tRDDk#n&<rGJiZt<e2r06(DJsajM0vMVFLF1EBXJA
z45-`rdB+I|c!R*6w&h7FGhq^_O<+oV5(<X;_Y~y|D21>wS@~(Bs!NlREsltlG4SfH
zDEhjHa9<1FtjC`+>Vo`8dbVo2p;CH25c`RF%4t(ek1)OZGYTV}6<&cMuK4&mat*%;
ze)aO!IcvvfgbDtM@p3)8&7t`>7817h6h(kMRuX`#8e-ViW%QZ<%b2W_kz)9qYVLX4
zZhy6))zP>0Ps2K_F)e&yeLqr$9C2TXuF>)c(Psa2*SkoWi_<Fz@&K1P><-aKLtv|Y
zIX~}Farm$Iktqn1pvxQT9nMq$H6*gH$~Ot50E6Bw4;!ulzm^MMd%kvrE9m5;chqbU
z5OMZD9I-j^_nUn!u=ciVGrH?5{diEjUmghVS>!?wG_D$es>$>DK63vz8NL$AJy0r>
z4T{AeNzG2pRbfyY9HS00gbK!&=`}<{)o&-EA{ggyHFs;1ar$?@dwXm0nJwT90=l+A
zu1>>Wus<Xz-ucr|{K_?~Fx5#iv#tYLWJ+f*tZ0Wtl1^?mAIsX3d~GUtJy;>OWI9uE
zTROVT;hz;Lu);FvjNs^6J^9`Klsg=)z2yDze*6L_>pA{94gNiLee~b2nyY6ouWE4=
zL7jvWAcQgqq^i1p@_`pD_!?@@x_>3Uw8ZwW<XBY9@(x`NWCAJYIAL^yZlp*nu=Pl}
zH)S+b{4=l~toj#1E2&V}1XuHivVjNjF4gZTT%kbuVfpj!mAe_{H=o7t%O0sMXABO{
z8lh)C9ddc8*h$na($G=li}z`ER=M1Goi{2}mWHDb)SvbcJi1Z9%kH~#a)+-3XG7wC
ze@)M<_*2m5E*L*)b_*xQ4xkJePQ`BQ{Yu_oXE+dJiaIva@#-IAm(@$@oH(L*TMsyA
zUH(Oy^W~~^CUo|~y1ER`D$&Yy*WT|(_zv9hPS<6waQeQ7vM(^+{v`VySCRYW2anvL
zc|<2Rep0QDHRNKg+Yvgh)N6I!`Kqa_@M3zNiEzXpr44IX_S3`RJz)GDeT)SwJEfow
z*w>9ew~>a^vJ->D6aB%+NA3R-A8joC+HC6S&bzVw)3!=Pcyv27W<$1%S1EIA>rnU4
zqigpv&yVvf|7BXgzq(Q0qE99(7yod6o~(T-*XSMHaYRFGHHPiKsw6FvL8w#fHIiL<
zhq7$@{5^2s4CE@nk_iCW@#DTR+v^XQ>1dH{x}N2<<BEx>V7L5ZT;Uj*+q1omUY@l^
zr{LitW#`64dD^9GEbYOiN?>d9#2H@w90nepqcb}h<`&U!p^uRL(@UCF@wJ7ZA|0>b
z#p&$#1h8d@{(_>mW9h#J44m?c>Wfpspd%8)pT+z}H_4(kXFw6=n4<Em)hFoKtlsu+
zV7)*g*<&-9KwICy++toN!X!SSk3QB-*Pt^g&S|U=hZZ3<&E#iJ9k;TxSyt5W9;2+s
zMgTIO&pn4cV}1gmi3K+?3u^@p*z@(8x83c}RfJ1x@1+nEGN#H}4Z&=<<6P2WqH;>P
z=g&mp5Y#anM&RmQZT>=SzQw!GMb@b8si+=N2Mz0{{43_SWJhVf+1_i$K4smj?zkQ&
zqde=rIZ}jH`U?2u?cR4_?~S$9?E<w^(WXOpW((WmdBNS)=_~u^gS)k-7#N99>ElAG
zMtilx?pgMme5@ija;x^3S;)@8rAm(m;yCb!p{lSIoWM)7ue_${!}6N?>9;oV9VfJl
zK?#*1qi=kn{36JG6dbha|J31}(GCC92Zr7X^+`O5j=h%j-2Vx$&~?#B=Qse-Q|dBv
zATiS5^JJZ$mkD{c$gVM}*A8c-c!%0|+<nRte8SK*;<DxG9e#J)fG+95vsIp1LfoiA
z|Ip=0`~+AdG$`xuL^&J~V=tWAbNQjDpMNR@CzrMtQWL4J1<O55BQok_WNgGYkpHcr
z0Si0+SiHf2+0}cE&(!uUQ+U2Cz?S*ood7+O#y;PXDt^&xv8j{(iDgc_h>&tBpmLLj
zX&KK@!rr2wI7E<aS1wX5nzq=QKe|tM6<;@ZwgkeR**m%q2)@x+G;sQZa@!#(Z<)C!
z75_*>W$w=Q&i~PfHu{7oP8T(;p5=$<Nh!;<)sG{JajU>06B_!%zT$v7Yg^MD71RDT
zk<xqhzK;(dRcf_{;6;^jQ?uDgvV>8c_VPJ8$KN!p(de&tTCmbxZ7u+J4|$?B-cP0w
zT>zrSkZ-qYaCO?ye#5HyoD%CRQ>=K>zUjH3rZy^QdC;i6>X3eWNTqPr7HCs`F+d%|
zAuOEvI#+M`Br?p*+<HFu!0WfS6D3-|@}pWP<}gPh;rlI!R}hy+Ye5f7QA0?2xSW`Y
zk3c?4_>AA_Z(Oe3yGeXY)AKK1J4J3Pj)1#)*LHH`Dq&hS%g+A!4n{_NCLss=*!gvv
ztIWN0$ylTOxNNU~YtS9Fm-++!s*TsTxz9^}z21BH?7)s*(W@<PNxp8K$KxQAV4;5d
zMJ7@nwXMiQ$^o_*ygm%qxaQZ=z4!M<(2Gr<;nSAJJfEE2u6G|fYq0TPWjB%K17g57
zjlNPM3!3i$)q~J4_C_fY?_+w;+t&_71~{G>0g_3kDon?GiCH3JD&Emwf<Mf6Kq%Om
z6RND5FNm7Yp3lXIODdHLGfpNNE0h981LW<m<o9{*?F+&$&E1c=(qnL8)aqd}@4LOy
z|2=Tc$8{FRAh?Zoy}a6xFX65f0k1bWyI5*C517?7<IHelF+a~^1*1828P1F7qn#aH
zF>HU<O<V#(8iQ4SvuEYwK4}+i-VVYs#t`WoO<Hh?3Mny_7TYFXMB`to=)GIqPBvJL
z&$6WXsD?$0`O_8?mfRK<_8azgQ<ilox~y~MBaV;31Pl7wlJMdaM6CY+py61c2627|
z2l;)qxzEqD4B<!t@95>c;wR{+G24Xg$a!@o!9e|743QLSZb*%=A{q<(z^g(>+8<P%
zjZmIK?7r`fWF_I!GGEFYOz?@ZoQHbWctWD#c%nNLDyvcZ!m#?uAEL6G@AkgCDQSg<
zgbeIm3E!NiuRqfPw@?+pO8UExZr8BK#)*<7*tQ&M{<K*2i1op>te53cL#X4_w7U8A
zAMogDmMEO1n5MmDGf3?_UWp0DGroIy5f|Vl*>3M#{lw24ED`6vSb7+pMp5V=MS@Bn
z`Prb0hUBkO+6S7*S?W!>u@LDdh2?`{Wu4*ZC~86b>yKJ**WV9;>{VXST`3?qb@SuQ
zPkG`X!Q)@fM|x%V`(0<ohjdcb6VHF`!obbK$#R>|+Jg%3#|YyjEgo%sU9;OEs;kJ-
z3~wN5xF)g;GOwfiEpPEMJeP3%OJ0d6x_-a0X|YBoDdXDhYhqMG+9+Qt_-AUG3!f9m
z_;3ZYalwKJZ8HvlO3+(3%ho&?JxcIe@YvaPPj?9BSGbw7l|ZI=yM;?c!}wQZ2TwTx
z7KGJOa~C4Hu|#{p-4Jrykn_7KdCO`OymRK{8#m@t9xScwa7qyjIo+&Z5<X@nHyt3M
zHYae%52Q8_VwM?%aOx}#t}UG$6A5&CSPIH^#Q~{JyPm*Lm6e7kYN7f!b(`Ax)aBNU
z_>>leAY#wpM7qMY&!nm1(Mb+#sq|G8M2r*eQLziU?DtldZQ$jY$I%*ckBV33<@Wk@
zR~+G@KQ(gpL#b-9FQJ%K=B7bst?nT;sos4)!vK%kV3l3<-%Z<X(#L&?gwW7VLYw|B
zM+4|bHE^PFQo|C2D;ry2K1G~KW0Cl)m(vlHuRsWT5^*e&IDV2mxptm806~Y)+=-K%
z0_o{NCp>VZqM8l-NkZ(un-*+1zCxS~eMsn^c^qp7RfwNyv9$H0;M$@4RvnsF=THhU
zsNLQhy))#!oHr!39k7&8r7fHbkH3)qU2lI6#MaD3H_rU<@IXJ%of*$4^!3F5iA6j4
z=QS|9>22@!IHNo|I(mywiI{TX;2aq^M`j7a&vW-BEfxByMqI$%$n){cI6qh(UEb2T
zK((q5KTZ?0EfYZ_7fux&<zS0VlS7`9(8o4cd@MAuw8UiJeojV5NB2v7qnRz(D)Gk*
zkcYSUr(JNKKN4TS?vvvmyw+GFT?mL7b5IbjKaRgYZm3?;PytI$js{B}B^D*%0Rr48
zH-OSQ?uOlxTV1F%xyV^KrPEFeV1DqfhfJGa3O!t)4l{FtpWFi7^td#c6@lZ^Rp4eU
zPmpxJ&fe2LPLivmvHOXj+~KtwZ;lr@tko4U!o`ugz;_~)=7c1TKT2mZUk%&X@Ti0r
zY7YRvEf=e4@~8{8WNCqo7iJRsc@oF!)<1lW?EPb8AMD%7)Y)j!G2VT=gw=`{ztd{r
z0M3$auYv*3BiO}<x))xJH`&>agP$tfS>U|OHG#Q)OtCI0U>iYy5vG!K1`H&mc*DFt
z_WOmKp8`q2_t>Qu*e%0P9uCKxw@H|4wel8u7x6r{v-$D0C~=qpr=UZBF?SRV5^&u+
zjdbn)#wjyBM?tPS33P(`s;SgH@fX~zqs#l8qIbE!YKDt~JC6wnm8r+8)|BKn$OL~$
zz4tT@XgthO_@E;Si^7HNVF0vkyr=T_J<Rs);o&;q9OL7;9YKG8nzfn9?A+>fK?S40
z`WCK2d*@E#=QFS5M#>-ecq12Z!ncql#Y<mQOH-})#=BFJBAJ&+6>bv8A?Z2@?x(*M
zlss{(zn6sIt4bqnD}@%H<aPfNZ~Dn8KpSl6uHm#$15wvK8q;kV?E-AKe<m?!tgYm)
z9Jt_scB^^N9v}7LXsBrY;Sn96mP@!nyg+W8o-mP5XE;x&9)@l3&RBQ_QzK_mm4zE8
z%`VZ0QQ7*I>SR#|Mx$u+wL#SLsm9ygw&E)jUdD{h&%{K$_WQr=xgqZA3%&_TDN^RU
zHY@U3e4H*kf))jn@<5;xt6_bD2U8ANZ*6xejrbC_rQSempaJ7=0W4LnFGi}u4x&p#
z7X|FT;r-b@ae<+jIdz3XJbf>rd4hX$O6+YM1TPeJ-0_dzMMP~+-;O7-l9H*IPEs<c
z2l<^wYRr0Kt62;7QNr>$IHhSs`PwMTIpM*jF!+xNDZ2A#XTU#i%=f}7(j@o0?&&i}
z@1kiV->+3&nV&WKwrun9?(Oyw?h<G=a<_yH&0zGGer(+~3Mo9z<90%!WRcGcg|UES
z^`!*OEm`vHg3WwypSaUpiAQ;o%?TFkOn#IMR_P%n%Q7~;oX<#tiaV}n&pPhB(IQo!
zqwIO_pSeEWo&l^Ew-*9}_4ItvFe7|nbSe1rdx*#Q+AWEX^XnlWEN$1BEGc?8{J);5
z2-Sr6K4B8F7W}h!BNG!S&c;oVNYqd4xG@2DvM!OX`y?97!V3xch-M}BXo;j>2+%z#
ze_sQItNQY)nFdf?!-*sKV`+<1ff_ZVkqfg8n}qw1(13NbzuDU*E!n&E2ZHzX;5TI1
z5ec3l%>`g&kyde1O2`Rh-&5q_liFv2WuhQET~mwU(mUJg@0g99;#0hL9WvxBpQ42@
zBO~qMGjFGv_T^iP%RB#3B@b_U&G&kXN)d^uJvcZie0@QbeOD7kvRloT26pqbj-(0O
zAhcLbDPS_BH|ke?CQ^VY-3CpBicvybn;XfFyGmwldjlq%B5r{KsRU`D8hTVzJOb=Z
z;@4Wvzq4+8MTN`-K$}VhJ$u`mNH(8G*uiQ`<9-7_evsu6igaU|TK}2W@AZM5-cEF(
zPH2sEE`i<Y^2{~mZ;PHKuSluZyo5O`%cWs+4@BJbc9B$I^B!@JXG(-(31A*)KkU!s
z-H{8{mg+*b_%P)ebs_j*pG~u^gS@aqZa+|9LSv6qKJGm;t4pz0zWwmvQXEC~xkTdY
zsV=wJ5|7)Y#2l*Rk*!PqdEt9?=PRG>S@&2SBd-SSd;yWMqB9IpN4tZ6$JHNFF_MzM
z07p|&OvvxCaG6-@<{9^J5$D~mls+CWRU7H$(z5#etmJy5UZv%p&-XiE;zR`DL3`1y
zFXe`&#hup)J@f54=5~}f=3e^?W7#c7V`QG=Ef2Qudctsu#-^>@VF=SbGY+VM@Xc_E
z37^DDE*b9|=KH8m_}{W+=-+*F3=%g>0Gw>o!cAhR$X}Mr*t5Q${yVF2+Dy;ra0o8g
z`D7>9N-*A1*Rff(Ty$s0Bly1KyszLalb^hJe*LoP?39XtO{(?wdt}VY`mzh5B$*-r
z*|78WO_7rUW)ohy=@?ao+7-*SgW#7rDq7#0Cs$)avanMm@(LWGxkE=J`w>emFz?}T
z8Lx=vt`@_KRYfrYixh>WbtNZ1NgE(H&R?HyqGlSTVtN{#R0)!Xag}5kSeE**_F&T5
zbT4FI(K?`b0s`M(tp7WMuKL8LJlV!UbKZ7Ob4+RZFq7p$z%~B<1o7FsuqF9Z-_6Yr
zykGy4v#=Xbk+A0DcS~_%j<uYDZ_&Pj?y46;uiM^5mPoKU@*%{Z?-%U~o%&sgveFdQ
zcY8Vcl%%If6$x{DK(iO&tl?&QC?*_oaPme?cHgnba{av#I3$B99hYTXed40Cu{&)5
zx@P&;Fg&^lhW8j)+-Z`Q!sp?MZhM2a1>IW8Y%G=DrU`;Yg%8^WwD`LKK{M?(YCap>
zizgnW?927WSJD5oS5W83b9$P;`df#7Mv5BfNS9u|Rr6Qn(xl{H;&N6?gJ#KEoqlLJ
zB?Me9_GdrKHtF}ds;kA)yn}j}4jJoXnA_8r;u{{AQwP}f_u)KC4L)C6>S-Koe~4|m
zZ>8JdNwfvBG&V{AQW|-IRx%z>(JGGmum6U@yQ$_`ISDlXnDMN(O~z{Ol!dQE0q=u`
z%qfS7W|#1l1;Wz_j`U3Yqmz`}QU<R%*>5@|S*#>#5%stTaMV#vN<1xN?yMv!s1$tO
zAIe9XgkDSot_Z}}_+zn~gyZYzPg|_#>&0Jp5z5vq91q(7G)YxOvuDg((d&j1uTsg^
z7Ja{i2JL2#=*L6sK~|rv%N^9bX~EPLcTt(MH_{su(eXusHyPsLv-4fSGspW4^x2_N
zXG+27zg5)J@9nt*nJdUUoOWk<myZ`uE;f9nzIlBzJyRUHPk|W$Y2irR74c$SG-WhO
zaSXVYfJeRph@X&44jL*~0*X#$afCWPrMvF_gAH#Y-yq1o$J3l)NgqVYUU}HY&A`@r
zj<hhTEKrbnA~f<sHEcMx(Rw!{ZLU@T8!wffayqEf*eyX776$`cn~N0f!uQebJ<@24
z0y~$w@W{Hymi@)}+c7!iq_TEcqNMXus}~lhs+5llK>pW0n<mQwq^va%c3K&bv_Onf
zZI<iEx;C)Nv1gjhO#p)*L_tWldEU!2#=?F#)mHYDSw#DfW<wjl?t(La4kSgWP>3+<
zIuRg6MLSe~5$LZ@uRI~gZ8z5Aq@QnF#MJtW0x`u85R=NqWkQ$B4KwJWwqeItJ>iin
z3dB?gXn!%l6@bFU>E0#g5T_4YzK%0!zOT)@_n3734sLM?&nEn^HBfGlvA$q9b>{N5
zlX5D<|EBD0L5xL2%=N>6xh)~6lSBfpp0jT<#3y54jb6#>gdqou;c%&|Bq^MS_q+z7
z`j7hEYv1_l+x5VCW#aITSK(iF;9;1BOVJdNj#a=|2`3g8GbsrF<1TV8X{@)k=M238
zd;|^&dTAbs<3XldmGHSOI{EoZx0TWPj#t+#zemfTAdj7oTrEZQzBYSP@a(L?<E1=u
zM^m&RF&J3MOl5U*gwePs6ZMgHYB!`!c6wCiKOHcF#D71IbZ!yfFul)JfPwWmD>DV&
z)~J$LJvMjn<%uHr&F@X_&R+H>R5lBfYpR>O4!8(l2VX;9c?7@P(Ob3lHfd#>++I88
zQrL<vJC;N#tCh_;Tv;01;z_yae$h?0zK;^9DT?9pe&nN`2Kr9(Vw}!!I>wHJw==vC
zfUV4JbAA^?UXwiDijN<8bgMDPfBFK4-HA7gH(xrgwuV_no;0GIIL8mTA}*@dwDqV*
z$LBVzOn1N7uV9RH7=Y`ols|t8>2AU(%M<L3OCf;rtC$aF-W0+5y-tEnr&+4^!JFZ$
z<Hj5;$Y?Yc*m;fxp%u$|?<kOBorGzyIV@b*8=Hz=DbLRb77yAkzarZjn@R&@>8gR5
zv+!le%%ou7;6MrYOM<f(%l7M~Gox6aZ`7|^)B7_wSLXj8O>f;7<@bFL58aJ0gyaB{
z(%s!40@4kFbT=1Bw{%IjbazR2Nja3#UD9>W=l#8Z4`9yxajn-r`>egz+6lQ`1in_^
zpE4HM;6k{+wDdH)q&E$t$Q)x-$AhZfZKf0VoShy$Am`e<1+$n12!gXH?VP&#nm-fp
z^9h&H@rG^4!l{SqXEf@;!%vPI&)5|KWC?V(r9h3Knp*TRQs`%<AJj^}a!e3%+fO`1
z+k8FS&)7q}DoDV^wZ%m`EPwg3K=rd|IgG7SucAF|<!bNQTujWqe(djOaoc^=>SbEm
z%O?!}^!y(miX#W=*fmxPuE5X6Nnu0zpmAOpavev1&a`b8DaIH6rG-Op)Yp?A<y6Q6
z@M6lHHiz;KfpdIM1yrl(xosaC;GlVp$mS85aDuHI@4tBy>pJz}TkGTR*wZA?CgNl6
zQ^|gQ30RV_Srs>h5+x|AOJG7B3Qt<RE(VFc@BV}*R4dhKZ`E~p0^9du!uP3__BEcV
zL}+}A&bGANdRT{VW$4moBHgR<+!*Ts%PIUJ3Dm5L0KKIjpPsE+X;9aDK+Me8IO|zk
zzcK=uUGd_~b;CX4o(5jJ%;)O2vECQX+POZ!RH~%|_PI|CG0C5F1#X4D`y6z*=}ji{
zD4&=-_Cd?yVrFdE@Z2-qGAj;Lrt~o#vj&*SB?aFQt&5GXu6(SVoUG@)?XVLA&XG~X
zE<X~AKKD31Wx<$0E@EfHy;Q}`?k;olTl;3pyNBCpzuV(SYS$~gVTb9fr}4Lk*XduH
zD&V6y)BR+XD@8fY9XS5%7te6$F2p++PiE`U6I(Bf#d&Yxvn;~Z&g3Fh#-9SoeuKOJ
z9`sj5?%yHn{M*y`Sc4duqMfV&klIX7<<0tw0)Kxz3~O_-lS&#`m?bs1aBm@Jf+NM#
zlOYezNg2OQr>ZFT27XtN=d_1Eeir@7Ol&j;g-j1D_ly_wO!!7eKubnmXF2=sc?!B{
zEw-zyOg<XW1rg;rm?C#)yc(03sEB_q8|t3rn5wC)S672pz711zbBv$^=&H?WlO+`s
z62-?Q2Z*Hc^b|*S?y^4_SuHqnX_lK<?ix``E5dhd*HCu3#0Jhn6eI~{{4P?`1lm92
zEKtcW482o~&n^cvY(q3!<D~4Md4!R?1hD?MHSt#Ud%E%F%m5;662?+p&FQ^B%<j8B
zVtHZ;XSRvL|9{s!fG?gzALtRoVf6jsHASdyC?20Qa^Njv{%?ChrRZ|SrS*R=mukR2
z^LsyvC3lV?^_nGb7|e7lMCIqM@3SiB+G^4D%;S^Q17ffXDp>N8A1=_8%>E(@qT67)
zBdUlMyk(FdmfU_jA_O@>?OHtS;EZgjl5Cv|jHbT1F-;}_iY%Nj9oEI3c|4}4>ir)*
zm<R}zmF<{?+t2=XO}`J>K*E0=V_82(HLV_zt?iRf#vM=)RXlbnP?6AY#b*gpkn1@;
zcjbX^tuVSS%Dy5-?C>C}g>>F~=w+L=CPV$t3_Cp5W1igoUto9@nSP=qJV`R}dpzpA
z9lHW)$_@hpPSbKu!u?MN#9psWO7i8AG-;58RtIHVuU3bctpU^nj_yZPoR{UjHophL
zG}X?*6fOpv%2(!7pTD2mZe3sFmR|Sw1iT;oPencUOGJYNrcJ+8x@;^vT`Z(rdpusZ
z_=(<XVg(H!G;rXoLTTw!Vo-f`fh5X2Gea_QS1kZmQCIB<oR?Is!_&8}NbZ#!h|^Cx
zWN)1|5_|=^Ur6IlI6kaS>9tBq$4J5@#$y9tM}KmUy))8zW^1?zCCiBzO%%5+Y!Su;
z<Lb?*t3+u>7JS_PGdf%sI+-Xoj6>8DN=+><cuXcbw)EZ)?VGUMHuY4^cgw0KpI%8y
z#cx3AB(x!-Yip!GX`8Le1C46s+UWDxHhmBk-^DAlC*w`MJ(nnN*k^t6++2jbHzDC6
zyilK&F%cXaObB{DqK2M`*=Nq&?smfOZJgs%qm1O!gUxohG_f=r1@I1k0E<iG8s$P4
z!-98z^@lfhhQnpqv$1Jns4%JH@R(F1^JW40staM9>^2_64^K{XXW2SsOKqLqeJ`^d
zY{}z|Uu*RT+J3{TX;NGe{C|jbLTK74k^g)mA6(bir_{(8qL>!UpTDlKFHd~X7E-}n
zrj1e9w9IGWu?{TR6Xfh&f4LXEU3Fy<6tWq{4dM9G7}2vnWL&*f!)r5XkBdbNM1;sM
z;Sj4g!N166-R!vQ5o=o;>XtTW?(Lne^=$x`xIJDQs(NYKHb#1dUB9SYSbkZ=_JY6i
zOT=nfzvsIk=Di?$tCzN<o+2!f2>XN4bGUWCE0qvj82J(Ek`Yg_=KlGY9xDiunYqjZ
zqg10HLFev+B(5z@@wl_u<q#NnuM(Ht{3q7-HEP0-QAa<#*fQ(cSD0-|c7jzJm3m-X
z{=P0_t&mT7&@AT9z`^Z@F(>G7kNB)l@c7w_E{x6>_2KgbE<aWp`6PIDU!zRq=u^kp
zYibnEkD9Jnh7I55CC8ra&6daxhhLq2|5H`-$~$N_fuJS^3;HamYo7p)jGx7vx6Yhl
zrv_>q)O8###j^8!VBK(q{_~eab#~@8E3Af5w!=?9Q&D&EBc6B=)%`$lZlGxcE%kW=
z#=XUnCQZHFlWo72fh@~>N)&!}|3EIXv-;hd+KSHjSd-W$lZ;8HY^&wXpx^z+ER&n^
zX`Nao@t%QEB$8kSC7{Xrhn1rZ!@)+tTuFALH3O?&7m#Ilh{apLQ{p1TxJ+ljJREmv
zbV}wM<FVgBQn{t;9p#ZR9(!eA=WnL(^8dsHIlHGBz764Q-tga8c-TJ^nZEM6T!TM*
zG(fRs<~qYeaaJ4*3WYu2h~wv_OuL%+eQ(mv8szRm2TTdYX0V=WLwlQ8ix$ftQXzSN
ze<6|=4@@9Z4|$v$q<!B@@a#Hnh~Be`-r5vcn_k(d4z`7Q#VJi)kN8puEEO8C%wf~A
z^oC@>gNHx8>4iwpliF}M<1TBI2vjuY97<nc2hK-hXu42@{=rMFR?V~cy*Fa{Jo1ot
zy9#R-0QTNM(7J^<FS4BN)==b>oZ_BjvCUxEz&Jvti6v4Ymcoo%?#sxFkZYSk&47NF
z(cVBL0ZRr)fqcF}mORN5^O1A{O%!3DPqaw@0gs;K8JL>$>*BrT*FiyveugMQf(3H5
z)w;LCiBJ7Cos++uf?!GaL+PLKDtRy7vk=%d0<-h|wYDK9O$xOJ8$K~UC|Y9#GEwYe
zqhG#%4hWz~F8DUx;COa=xSqLg*_h~DA=BC%_KzI?U<MWcD?hbnd$RS%8RTgbyE#yX
zC`#E;!6(*0Zq@>&rZ3KaH4kAq->v*@!1VG|7SGGmPjnc&+8zHyO54P<xToqONDKI$
z0iE%q87G~ORU1~PPr@f2L6UX7H)}1k4#huGj&{lxhkPGxd9Zx3SA({;t+`#k`)|4L
zsy&l<`d`j(kH68&IwA*7nPYxwuiPdW7cN|880)mz?7d5KjloHaQ;ADas?z>>e=Ai|
zN`B~`#q7GaoA;ej!(k)vNdmEU<F#hh5I8Wjp^8)fI+xD1R<^NCVd6F2?5`<@KGDQB
z8>b&A!{uOtyUZ`F?i(YLg3yIvQ>AN=yJvmDcFHC)lHL?cZJQodsevnFw`I}@+ePuj
zf@7kH481E+3Fobg6zK9xls0~|>#>CG<aP(A_aQ0u3x{61nTWxT%NDu$7SB!086el2
zF5?33{jLYnH&em>V`THMWiU4RqjU6LtJtjtwZ6`quSFWBl{(u`W9W5?5lKa6_#*R`
zF>&^$aH)$rzp0WCnH4m6*ssP3J|zEeu8ua>UrrrJgjYf>!aYDk4Vw5etB~+wZ~4Py
z+>u}qPXm=4`m@f?V0cK8n==YG0}bHkL12iOz+`C};v|(D%Msy2E$jdhkzqZ(Gn?Lj
zhsCE<Z0&<6xKWxD0Hz#+J+@#kF1TaLZ&*6W$I@hKbo7)=Dq!0uX_GgX5D9TjwUp?x
zrcB^C$lTXpNhN7ean!b^Yp61VCW_#%P6B2MDluQAd6OmDQkKp2jZ56rF(BwHv^jD^
z8c&{Ka;p;w{A<9u<cdEn-CtSd;!>tNyNu3l%kFtiy5-awzgo_>pWshKjCdRE)ZcRo
z&K_rmAjL0#qiCoPcio#Zh4O0HhJ}TB{ac<gSD0~OFGr7<g&5^%+o7h=YX}lE2-Y+?
z$F6X;{`*w3&j*K4TMNlp0d{5&taphtfZ_VR)wa*K`&cL?kXeIF!y;a19HHj4h~H^m
zw~reG){|4T!{7|^-8;{K+`K}kRd`8MkCV0Wo!ifj`TL}7hUu2Oy`px|0(F)KK^RAn
z)-#b!`AQg<W`2M9XyA8rbi8a-06Q|xidZ2rE8HqgsVyIht$GZ=@w<vb_7pC?!v}X*
zv;3(N4lqD<)zq9?AltQJd+AzVLRaTEbEqziv+<zg%;nLYUGKv`^mL`Nvy6p}1#g;0
zGH5(w*4LD73-AZedY(Fjfdk*px^t#d?YKf(9f$V~e`{tU1ySukBx=c?*eeS{N$Q3f
zM>ydnENI~0YSaQs1~!Jfw?>biWsuX8*PPLK&O?>is7x3~ONFL`k=pi)e|URe`erjD
zTwWK`styii=wcCJVBslsr`w~0(Yc!*zI6i;Q+zEEb1AGg#KMEN>KlI81vN$yk`7Jm
z%Sj?@1_U*QD*2}ddbyc2SQ3{C-+e($!&bR~L&0TUh8d74T-he30KOXE!xk1b`U`yk
zn>Na#enUouN0qW5FCB*cj!?UxuE7;wuQY_KLp}-8lEM8hB-AH3(j|jEw{)7|PLH6L
zytd~*Y*I?V4S*RqhGOxv;|WxfttDAlrX}v}6RBX6e-9ieL5HWqH1tMm=_f3oCyh=^
zbrdjOr*)7ExxR7VW+7oCSVVYgVKW_K8c5w<%I(TB4%h{ozrk5jos5z~O3QuO7e&{t
z7KSDslQUl^scrOa_}n-M5^L{&H&ne%*guNg)p+}n8Gjgk<E^==DYbcfm`mMALU2cE
z!J-}o)epx+L^y5H@LbfN{9PU?>3#*Vw!JX@9hyq+YvzbM%3oE`b-TrIWB-%c#E_NX
z2#(fe_?M<9EV2M+n>WRTzHtHQ|5)}m{6g~<ig-o)s%gW$&Wgnf7MO4m=}J6Kx2GQC
z^EH(TW%M=K%$pNi*ikQB*gRK#lg+#lH{REFCpz7))i^&6i^BD`@fr8kP=21CRm%sG
z&75tnOWqb~PmZ5Je|W-GIx;=QS^3Oay4#O`%X*}unP1vqne#Zow}#uC;Hxzxjxthv
zZkXW`x7^!z_?~FOszb{V1sSXTWwfbygwI?hLy_U<GA{9Q*3vydcAci%xXZ5#q!|{I
zP~<*g;@|*ZCryGes;<7<eE)kl1nmSGZs^bKbIj_R#PR9;3T_BrucvxO)l{FzQN~-i
z4559I4^Y2@*o_UB7`bM#P)ZL}_hkGJ3s!9+YVQ2gPBw@^E7TnQ)>wO~CPg7+*58@0
zb2hzc;nVSUvYN>Z37o9j9EI3EE-(cU*8eFTb1nGQ&34})qbH~GC7UU5s7M-MrwuAl
zn)u5tqtx<OuD#4CGi|-cKRU`RWYNyH2`u87)5F^kZXEFB{FO?a0Sz1*LtCU6Prb!Y
zmmPV^7}(5l0Kd#B^2u~$xQ-Md-O#x7`&FK%#num;f~6$~j}1io{}EIsftY+)@CvS=
z%t}mhkAm2&^1!<U`c#T$%X~nO)s3)_b|YYWUF1=CTFL_ZPjqzjgrjUDE!?|f$sDhy
zAnd{_md0=W%h-R8Y2IZ&yu{pa>ac4wU*f#xZfV+jU(%(qtG^SI9l{%D#yVZ@VC@2<
z{TY*eSZSUurtz^iKMG}aG&#$Wq_YXd6XP44o5MFZH`hrW%nrXvW4Zx8*^Z_A;D^cH
z+pmt{QWJehOevZlQi^fr7(zB(lZ2ZHHt{AA3{ok!yS{u;co!R+`h~BeyRNozY<Xhq
zS6E(G-6-rqgsb6l*C)q+HAgvT#}B5J$DeHbxYzbvO>2S~9!~+mloSj=S#rG)POGyo
z^b&~oqmH-Nzhk8=<Z%Vk_P7e(>1M9w2?j*kcih&wU62#62V_GjR{CN8z``Oj{qNTu
z)^vmBCHP~pLZFX`slOD5s8xfLL4ms@k=Tr5TtlljTki|#n?X<FPNh4pP#ATLX;X@Q
z<(a&KbxP>X8x~gG8)A;1e}l3qKMxx3RR5MzPHDcyKL1_(>Fx!XYjKvdm&7|io_Oyx
zJYr}gHXeVqzH1W~?l>p!^WxR0MTS>Z*PrtzXBI`{?-5qRpPG4eJv%ary@g`p72tsC
z_E?e2R4uiop~ofJaT-9v8qoU?4;w7hup5wAbv1=aQ!eOCXSAt=a6}wXf7j{}0~eW4
zF^DdwsjTLm$Oi%=t|Y8Py0(vv{p@QxM~2$kd{g-F8F-a2m^PfTA`u}g6&;0)C3i_%
z?rcck^t4iUMVZO)<n~WY&Sn@>rDyG3>!na(eni=lM)>gKg^r0f-v$Yf8G|%I7hl61
zvl-XskOIM(@XY<KuTAlSG)-B`cw<or<RI70fXrL87X<uIzlT!@vN|(im>v44M?m*Y
zo{U<&X}(X#{cyd{kbr<w34=Oh^LVA9a_C;upCFN4J*4VLrNKF0ytP$gHBuwRp-_Uq
zCv0kc1-P#ZUhVKqF8|suJ!R_KXF9ANG#Y6t8n9s``ns8;xw8N9Nw6UrQtjD=4wenc
zvd15$1LEG;+eQ=@(+N-a*Rzc6)blrgw$rPSKV+A@w-2$;50PQu9f*{$*|G_?t>?HR
zMXEK9gfp?kib5iT5*dt6^kAD!FI(S-#jf87-39bcb$JFFnV(Lexh1l9yW(UIy*acM
z)idsLuii^63xP2rJICc$l{F5auLe{7&8#loK>WKHo!0u1gRRf}u9qy;dqo1PobN1M
z?+3^x$VI|%zlLIbMuj#Uulk~NQ_kEtelPuiDv`f=Q|)d~o3GJ~3LhOi=|KDwVOGoB
zffu|nff%Ds+VQqu^G(BCh%Ccn&<esgW}(Xa3O7ypJSjbe;OJ}DZJC64W#QjklgQ4n
zL@fS$N3<yW+CLeQxtsgv*<II>s{D0N*!_#|1Tsp4)#UCF=Y~uBeLiPPGjyHU-cw(0
zw=H)Eer&!!^aZ5BC|%dLYNBIS9jblh-&zz0^y=1iiw#)arU6P&mgp}bcCA5&kZ1eL
ze#Gg21`qB2HAv|OaRo>9>kgl%<uww%odF)ds?Ut4H`p+GaTQGu5X<q4G|J)A%eWKy
z6nvD@aKEG!DV=qMsLq)FFpz!EO6!;F$ufG@a|bVAQ*32cRhRrzkx+w9hpBH);fFN+
z=)%>Qk$BhDo500FP!&5w6+a9eNs<{uRI&8UGeMjL?#O@qXt)-r2Af3|T-(S2z{+8g
zbwp#I4)2h)rYxrB%%zowvKH&n7sUOaKjE)uWCzg?y!K_u*3g<$y{}wGbPDzDBOaM_
z>=ru&Am?_YrE$uB=L=wU|HqkF-tFl9$ttEigBmH(co?uQD{E?!#&?{^QKqlbGf3BO
zg4<N&1dS5!-iF{p=4cdY@a+Nl#*0SY8!bw4S1x!2@di3DMSY~1R7bX3#@~TSd@)A{
z-q95La%^Alf`#P`4G4-u{%20#m_Dkx#ELN`Iz%EJPhfCYHhVHwu*wP#T9?tq@43dI
zS^19esxk9q-BV(-HeiSKhdF^A+xuEkvGMJflWoN$n7V|K=#tOYixKGM!L6zuS`Bz7
zR|%;iiov`^Hs6yf<4CMJP`(5$ejyW@Qy=XwZnBf&!qglO<z!v!jfcvcCU{1b74;p&
zdU|_7KTiC*x%PN@dYtB{c)zKGE%#l>%k1G`y<JD<DVq3|<m|q5ge1POe^_Iq%Yx1q
z7eWl(yZ^lLI{b7g)dPIBEp55&%ck5qiUuai7lqPGHbY%Ewzk4^Kqhkbd~{p`_frZk
z+HskDis^Td`!Xd^3j($?epU*-SwYlW$cR-0oA2|OP0zuTtN>xni7&4>6=Ew}wSC<|
zsZDqy|H`7;OZ%AdG$soj5i-=;B5@ID1Sx%i0V-0q0-_QLB(2FXB048-hMQ)J$|=Sy
zPSn&~nTO*f8FWgU+kFQvE|u)aNa#i*ie}L?vXY-HLu$$XnKqunOn_$2P2^F$R%GG~
zacEk~bZO>O&2xHO8P=;c{5XWY|JM$F1!Z!hN`uYY7fJB#)k!U;6cHc=$zJ=dTgoai
zJ3c);Kp0FRLYgnlm|`^+O*6r>Yy6>c_5^qBrbdA4QLb#wq8V45m+#vGo|~VFO(T`~
zt|AFsqfHA`1l}6Tn^f4Oh;QWl{jYkSA0@lB4FN-m63E_MIqk{)3Ured*rBNWW4{S$
ztB}aF%;vFu+)Y+V<}B>ftaUTV$_vNLQR7h-(8vqR;zD8(8gd-8KCxTr)|uEch6V&S
zRvP(3ZD$V<m+-`kA>+hqoX(rhylKQb*&P$x>%lR0J!!j#SA34{2t=67I+c9*MTB5l
zo2Hs0+ZNK88Z0ZP4yf)Vu9CbH>x2szR7VYt5FP1o7C9kOJ~5;~zt35i=oyLLW!?s`
zsmC<#xEl^>!wxz;zqqIh2zq^b>=|w0>y8s)ick*sQQvdj0up$dhR7z<1deilwtjW2
z^22%-ncR39*f@B;$uOM0+>N9(K|e3udnuCxA$>(@@&CHSms@K8TUw7JCpQmofrJUC
zZg#a6;v-4>S=Z)g4hM^6EvX3n{zV^<Q2Fd%1APTWATC!&6Mpr$`EKU6a!4C^nW<`P
zUfZOq(p%JBhyP8MCNa5@q>w}QpY^^^$K=2aE=+LXfE^$Ep`L}NP@t)MO4J-zO3Lp~
z72i8zbVEwf7*#`dn0;B%^m7PKc7j-QqF7S4c@0Gl$D2TTI>b7f&q9#J)PGU{5yI8k
ze?=+25@h8Knl}g>0ylD4BhX~+Wbsd-npl5gvg}ZLX<Xzc#d<1}F3=i-aP6J57N*Tc
z<hich)@#DLK+4P)lIF#}Seiz3-{8rGVD!c~cEtoxHh<Me0~Vq>`>gyg0ySC|rAsNY
zp6F1TNbypH#Nv+|^4?haz`^a{VUs;MMif%y#w?;~&5r?Vw!PKl@3Bii%6(dMkWDn@
zhRfgQ$dn%eTRv=)vX54fmoWKYiE4&CiQ#YKr3g0WtXe%^nwZk8g7urbLcv<;GGg)=
zyQxu$s!oQ+Np|)PWQ@9(dho3Jcm;{&@h7z%e^3K!`#y<|L8$WZ0KW51cs;sfmXm`W
z4g>odcH$}gHauwh?##J;m-~BTzXUPe2lSiPfqH|NtPJD5(a};LhU<?{Z(i&!)b7*H
zUd{i08OUXMmZRuC2jiToB6!Egt&M);8WL{!UfDD0Vjfv{$v*`4Sh)F+r)=jLVIB&X
z`2l0xy`5>3o!yq#4+zPYof_XIg4rvuGTK7*Hf%SNXK0;R$>2g(T&ZI&EH<WCG*aF_
z=l9LgOm1Xk7}{qL4IRmDk($qu_N=%XIkwzSQ+R!YB`AK2j)q)arAvR1K6fgYZfzfX
zxZ^*8P&?|bY>R)ME;`tG;##?wX@88lmd}HI*H1_jqP}aMfJzZzj=6bJky?6V>&yLr
zB42QxP;)@<!@nIH4QlbM7z=7~#TZ_2cFOo%WXhFrMb?S&QRDH)n9u`lLUHqu<$4oc
zaAEc1`tl-5&Qs5QQp??M=Dn8hC#n7xE<w&GNAb*vLoV!+o7)($EKGZ{@p>owab5)$
zxW=eH>kxp@CNtBH1KB19kDkl`zTq_tRs$K~{s}99jqKmU4Q6S*qW(-b<6)(mb12$9
znwvqLY+_z22S6I~U#U7zA0e~W{^salH%S(owLtdWh+x6FderA%Jq<clxFHuP?#b|h
zQS<FJ)y$7i7ry={!N}Xc_Wu2#N_k;dq&kx{qXL*o((xD?Q+5yM!Hw)-Q|k&|rbT7K
zQXe7F7MHL|i)?4dD4{V=^YIGT-1ptLC<6--BWU*-2gb{iFYR7te;HrK{s9u(A<_$h
z?{gn|syX#dU8w-FAT(=1_o=F!lZ5fnLl0gdcSNGXL4~K~(j+&ZPYmr^s`dZg7wl6@
zxdU7~$vD@YRx|J{jP+g^Yiqryd~oA2nkyDBnDknplj;paK0%#Qg$$Kl1nb0*CfVTE
z%Rk}wcI1UdenFdSo{?+@;)XeN-F_KU<sTu;<1tfHm-=ECEIC_w$%^CsmWsJ4kb{f%
z;Stf>xZLcerZ2_HDYK2apSAR3aQBa(W`Ow1f1FkT1gVz!m*x98H|-q3S5Ku-3q<u0
z)AU7@H#RB@ip5_mljlG9^W)@)o&s-`A}e?LT4tUz+KWQT*;X$Xo~t}R-=Cai|4GXc
z^tgr;4^-bQ)HK;!OiGP2-SsV=F(bKY!WV<zD!@9C@p@PVR>egvOiIqS$u<H?aF@ok
z{Ow)(CFDvVEObE{l7x;c!JZAaN{NW?&p>F|R+;3>lRGwSyk(lq+m}tO(6k?P%_=c?
z!}<z(qPd0YBOFc7KCh#GqH^UL?GA?E#mKM7aYuMa<v?kgr+nge@IwTONGPF_!y7}f
zZIe~CJl|uTcUW``v7}mE*}DM9%nX)sb7_!t5M@fvkxY4tSJ$@tCiNG*t*xyv*A+n*
z!bASFZ&gyrLg0l3S#H(~2A@dVw8|^e%k$ud*^1HTuU#}f)9A#so0gM%LpN<fYtz<R
z?^G0pg}y&O+3QqiNWV<6f7WB*(Ab)z^QL#tiqJ3%u`OMK-g1L|?o$B3LUKNqH_hM9
z1p|$chR#4&^PDI}-PVo~_qRp2Z<tT%Bm?%_zkgx{v*$}C%H4)&t3T~rKOh%>GTK?9
zeB|%BSg7IDU@In|PI`FMrPo5}_+mUAHKX+?edsgi2;W?t(fOqiZ%H2$HcmPJ|LMyo
zwb0l}6|50I(Rd9Y%A+Ipi+q7JRdH|}!akptVk9B9;1{X>9@&NZ=Jdd4cG#MLOYEMT
z4CuMk;Ku#!##T^<bHMIw@TZL%z4;YuJ35~s*%sdXnkn|`U_xG>DmcAa3Wxs*rWr{Q
zxicpr6;BU)VPjtNSOeYqKWb7Zl#fU*@HG+#;M$&+wdMi)MbXq`UCpz_*(K*}x9lUA
zD(1Ycl8~kARkw*#`_05MTxyGWVfX1BDTT3>0EYyj2dRq`R!zyQMmXPcsd@q=vqE*j
zgV;;MpC&QXdj?o~x;RS_tTIIftSTFkzqgOc>mtFHWCB8-u3@&mF$eYryu|xDqFLFo
z6mTqK_$R<fDZ!&%SeAd!=${B-s1n!r4dJ9oMtuCjcH+aEQ%hOU>;;a}_l~schT>uJ
zLWo2}W4whl`zk)19cJo;MxR9hu-1!{QPoo1yJ!{-pAJD2;}MYA6WTbz8*-p*PlRX|
z6(y?RV|`;`t$UrbJY8=}N^*5Qkj_^#<kszGGzT!5gdB*DXK4$ci`3Bt*L+WP5(kQ`
zqC{2naZoq^yO?uxK{p27Nbm_*wV%u>#pTCYCf-8?rjypV*@wXA`U7J>$B5aT{S0fv
zQ>IO6+=I`c`UapTIKVzB_hnLye(yJCEY6kK)3sbnP7&|G^P{ut@*qgd(Ne*VYk&>#
z5RD)E#q;)l`^x(#J0#A0afy$XnsuJ8T(StEvDGHajwGbT?^Lgz088KhSL7DIGx?qm
zSEZ${2_e-vx(x^38yWd=Q}^pv%d^Q~$oT2Q`m})ObW{CJQ-x2(Y0ha*jtW;H2}hzh
zhGgK1-Phg#dUjzr<QS~xpTf$^onEE@L6BW|pKvcO%TLsCFe?H)8X8(GxBj&9^uGzW
zTQ|>ZqsP?8wKH#Eb)s_O@GyfSXv6qEx^>o&&v9*MyIeT;>7^OjRK4xwPM<H;!4+Z8
zMR$9ZaH)E=^@KFkET^vzuG;YAggkLv-vU`l`a{Gb+kO=d_X(@v<p)6=jV4Ce`@5dl
zIjLuBkY8b#N3yArW1;D9X(jl!Q@5!oikju?$XRa{d_Cv**5GZyk4~F2a}aIgc>(Tt
zEjxFEs~?xOI@S-H_u^~&A4*E<A6vD%zLN1dVP;7)nz^G$#u3b{-{_Qefo3$(#V|jh
zA1{h1P?N6V+m=#L30>z{C}I5q;0$XCj(=+$7;Nk<FM~s)(@+b_5P(SgE6U~;egZj*
zARzPoxf8}AB5v0O@)__CFQ>~bL-{CLuH&xpP~+uS+}Kj&y^<bw_zi-hv<N*bq9Ymd
zn+-KzuxG3VCH&(e%+__Hf|%8zr!!aECf$5#$TMeRPmLt$0b=iVw&eiqxJloBV<L*)
zo&Ymi9ztzV+C1$ggSh`eZz@XUTI^C9umZLix<i5UyAQnD<4>iOULl?H`q(n4KGTJ^
zsEqS^W+Hn_c$`=s)0yf_M7aMmHb~&sb~gV(SBZx!atM^)ddo9=>YQ2aDH(x{`1^0-
zA$-!5q#ZcV27Tj`PAYIrp|f#YD1x%qjQRH+(uy**`z^2S8#m@)^Np!v#UM*v->*fj
z2rA2|3y~N{D`#Nqb``=qu*Z+Q!4Cvb&h;+^cc8GG00~t1P@7d`JI@BH3TRvc4N{@z
z*q1XbjZhv3I{NbL?I6fAFj?WQ%8~k(HjZYsweNcDdg>)eITFy1)qh%u?b(inO;lG}
z{f5apYJGAt^-Yy2i!HD@(n*dxJqmpaT~B6@bv^_Aj!y2r)U5PX3TAV@7+Yn}wMKF@
zL{)poS}qIvF)OFu#7(yu?=*37>Cljd9hAniL^uLxKAP9S{OJVIOB%}>pnv>&q!2xW
z<6j5!T0d>g3jsemOm??y&U0r%&Mh}h(VyQ|_^ChG#IT=8Csj-SYF`feuwwYA##ppJ
zcKpqZOG^ifd@XO+d%p_=ZXTjJl``3QfPLaFe-NSs4a}yj(@546{cDY>NE*y)*;iXo
zvE<kmD~qt??rfN5Rwut6@ex-6pSwKYrYkFghFd6j5nvivUHNIE*0U53oFl5e%x&!L
zPi*G2K>e|4_oxWmp*%d};`9e~bSSXJmFL1W4Tky#Rq|`fa5L;0JX}%wpm(^E5DnaD
zXi!Pj&jEWGmQeA~GX_}V8Mly{RyE(vRHZvPS<kxai+pZFd!1|vd(_G5ODa-8h$Yn1
z58;**n6F2>kw30gj+jSOsvp!2kn|@TuG_GP3Y1&`)ssYOZ2F+7I<EA35hHe|BrfPq
zrm)Rx+N(5cfMEbuO;j~g6<QIpxexkOF`i98$@Z37fhra4y<=xBmvPaMC*{lIud<8G
zM<%hWmD~c7RU?g367Ktb;(*lolzH+7waY4ifbvuUBGBQDyv9BoGWxVxH}z6HMgvE!
zp+<Z56QX*?<A4(+Z>evnw58m|?!R8`4CR^rl@+7E3ZDz2st~^uH6r9lo@^S@*f@L_
zXejQkznZ(OfNR4LJhIpl%O1yQO*(fqqxH2~qqpKW5xofsviH1MmC-OcSX?f@oVyL^
zSA@!X7_5^PAf%rhT|Ys)a;uM-82Lc;C6VPvn!-2@Sb+s7AYaYd?&~T?|0Ad&D9^f0
zAQU$;d7wT;t4vA$CpbjfmM7?27(q^tpMAxO-QRoB>LX4;LB-kg88=p}n<=Xqa)#%&
zF7K)(*Nz*g=R|@@XL8rpThD+E?it`xM!Im;*T}HSGxXp86BG20tXMP2&hyA};yvD+
z6vB@5rf^@<+N-XvwzlF$oZ%u7r%FPVBCyuTQ@}%~){Bl-Up@UAt%srh<Ht&rA}f7X
z0zYe@QeLOwdPj$>Xl`*`O1l+Ca6dRzrLZ&9FkLc&eyuANE_0GT15mb7vpiP??ek;D
z8amu6^GXq>mZ!}hZ}eT1YYzVIln~AJ|2WDPh85VCs7lCK6ftV)i;dPn^^FfML;4tg
ze_$~m=6zab$}Yqu12HMjVQ!wPFeYn$*Y~Y*{TnP5p5cle7&5=Jr(3yt*m;96{DKE#
z7R|)Z?e5&Ww>(7$fZU!-$Ors{vXH$R;qiFjQm*U(N=_;`&>!k~d5aA=?%k#_D^+rT
z;?EEp6#M=}jg9s8w9_Ntnunc=hMr!b=R>~y&!XpE8_T1ZjF)X>NCw3LcfnG2TN+)*
z=5#POtNxY$kDOt3-mD=wbUai>ZBNTz>m}_cFQ25S^mekj0cstVG*7~x+PkL&gK*^i
zCKa<L<F5C8p29Iku<2DNX%s!0DPa>~@6G*Sbx3kHk&p}VoqK%+_lebyO+i$~<+7#G
zf5<rx9aOb7pqu{?0#ygSL8YTgm6XmT%%|^5hR2gbrJmJaqjnS8>v4NItdcF1n7k_E
z%ZiDQ=K?CVW_Tir!sMaSu9eU?0vl5AvE3NmcptV0pa5xIA&3+KL0*rw*uzkbC>r&>
z_&j&mN#N}4hr?^Z0K$v8HVji*-m%OS_`Fo-InXs^XcbP}SP>6x*2rLhjfke8f<dA#
zZ~1o|2bKg|VbiDMo!HplIq@GzM?S90w~6zyA_EL1bBHNclAE7MNXQNZx{WH#b+IK;
zVT%Bgl0K3P_{6{rM_laeBNqe=0#2J${j{{{te@(t^;<iBcc>`GnC{9g>nQ)R_VVFP
zVQOh+#DXQAs4~hFo>qXF4!UexjlP;fwq4&&VVs(AoQCaF1gdf(|2Qm`)~|(vTCwxK
zzJ<BzPLlWGsJ(WFR4=}K<hq|3@GJ-{S=_{#ev;U0lKA}17}#tX)gfs_>#Nu$33$nf
zH?v00{N-h}V<Y;>JMrkZdjbESx;oE<7SExrt3A<S9Et}yzv=zktC`+H@Nev15#J*l
z*h*hQqIPzDbu=ao5h`Y6PTV0Iv|?p7>waKOT=}-u9faG94zK-1D=Kc@8G%_vf4_RP
zfvg_V#b&w!&odjf)8L*xA02HiCH2-ixwp4i31+encu)DfiE>}FaV7FpYcJKcj*#|#
z;fOJ!nF+P=O}EEMt^<z?Ur}?40-S;!=@O^}S@G_Jv}Vo6Wi%UkJ#*aShq+l;Zvem`
z)8Pw(;C<CWl~h4DPQ(9*z#6HJ{x8*5!87Vb&#-E}vkAOlm?qnx01i`DRpm5kwQi3i
zLIk&&J-k+{aA)n81d9sBSV6%_AFaFN%{#lSy`Y>LDIB?dU{V?FA1#JT%tSLOK_!F&
z7*^pdu$Y4;J*@Yb-WQ>16|z=&0JS?;LP=20Xh8wkaF9Q&cLuSYup4G&_^W+Tw^lt~
zTP)rfh|Sv~8G?(6Q+#L`)85wJ%m=dK!d7`7#*frkE>*7Nd_QIxc9Z?n*=!>FrX$2u
zo>zZ!zb+{zP9+f%wF7f`II?O~@U;0{qwlyN4Ug6XucmQpu8x_I**9E3$~5te8}Vc&
z1l=!+c553YoZ7>NyHKb(sA9=Kb?FBW)vSBpa+yRM{uV#lpxGWf&abuB?L<RRHoXt#
z@_<GVCABO@6@tv+29`cj@CqY&41768j;>Es)sXhy_N&uNxD!4ZXVgab`Kycj)t9{{
zPZiO=vyE3YPAg=4gY$equBYkh_wDMfzx79aOXh%!AmhI|7X;Z$4)z;=D?Yu1UGE|r
zxBsJ~$P6gD(ras*#Hg4qIQXhA(^{ugG*>W;h)$*ajqxCUHy;o8;A^XeXRJQXz$$Ve
zj@P=wZ4FNA$r<FH-K<=rZ-z(K<zVAW!4bwuJ7-4<&kB}l$FH^<V2NA`wOVV;fSl|o
za#m?^iNtSLxBIhyu-tm9yx$Fr9-+IYG>_mI!&GjmiEcJneAc~-!n0-{sV9e&Ut?WU
zqrIIzgA{DiFe`1#t%vmH<7~SU-0|@LD@Aa<a`CD~hsLBwL^c|TnS|ZdXq+Vj@-&*{
zg?ldY^WvF6#>fQDQjX8=KaVQCViFn6FECTy#&qqnIG<Z%Sh#?W__P&l(fa2k=#dU>
z|MD<)9txXYVV`kM_gKbwMW>fD-5Oif<z+0Zk)F=R%F^#C1EZaWX~V(q*?pqy;gt@B
z7!DnABBEiHpJuSK{a29X;>h!1wlZWmtfd|1>25zjWg43sPtvA2HfI$7k(!93gr37K
zk}b3b4ewif(3Viyr+}l^7|dYHA?~%1j04TJNRv7P2U&fnujl!@9iFj0vGossqx#Lg
zVg-Y8i}l(@pJvTbsoxQzq>K3^Qbkz*I$|*h2u?|%`>}wYvxg^#HYpoiRfXlS-a14^
zY$Qboz>iPWzxE1iD7vkgyex}&IZyoEX{@~o@}-nUmAHQzCSh468DQ2*JK}4phQlP}
zi9(7kPWcvOhO^aXxP{jfnz(?$DQ+-^tBcRX)(BFkX6n`UY20U<!IH<%e^<f!^0YAR
zrYibzby&^{AT7#EEI&^IZtyyt7_hGlx6XEf5O+$&;9He5&}R2B%dl*mD~)dyL&^I5
z%9)(#>u$qq<}@3S`TFm$#%X#4jXwHg_EN6jHCJVbQfs6fZur~FH#v4<{a923ytswl
z%asH|J}vP39_6Ku$ee3q4LID;bK!Kz-46OB)%NCywa-RsoA@VQCr_Myhx0@2)9q@2
z<*vZ;LaC-JijT7%AzI<9o-VbZXWZT84);^R#~G5B8Sa&HVK-`_y+pTRiYVx6cgq?j
zF6jd^h_+2Qc!h;;3~J%SwMk}ZP7J4z`|`hL__}Io{RgHpI*(*XCT>u<!qN<+guX7K
z?2+1sKH3TjktmCKaynW0WTbnSdJEXaSTNAzUJDi$79NiyX?CJx*`uyln_%N4RMwnH
zeuzA^9*L1@wD|@We7*Si{)WPAe|tFE%aXWfaa9Vwv2L$aA_*}XZEoLRIAa<C&4=79
zBkJBS8<uPZThdf#b2+y1seiC)|6z0g8-@uH%8VTuP$((;QAhUSxSifWB?=H1f9I2u
z(fsvI;H5aX_?vKKq<g=Cu`eV4ih{P}4fxP(v0mqPLYvHS#2R0l<ubsOe=a36f?6YI
zI48uO_)EoZOIQ82+_6_5K}}=uIHFI8ld{?4X-2RV={QONRi#5>b&UN@K`9T5_#sm&
z>1X4BoY^{sxVHc<)MI(oF9p!+r~fA+Te1hv76H|b|FsH}LXkV=mssRGH0bQU5bnJz
z3(ChJN|U1CFTR2At*x>k2^VhKGdM!(rT?bY4w=YUR<azpP|##VfU4jRSVsEjxYB)K
zQ%n(KjMS2(!DoNd<NmO8{}LX6`%x|bu=MnK&(CHHqw{;`fa}rpIW3U;L>&OzTN)md
zV%gOGGo^`n83B8P`%Zd#(*JRPV{3fxHFM!NlleWzYVVHR>v_1qQBR0KwR622rP$Se
z&ptV&G+fX1-<se;d2ZY)T^hoD2Ncl9-xMR_Q(<Y2ctlk~vCynG&W;|x#^EaDa#Y(z
z+f|md6+Rs^sx5Vgb_Jlw=JWA8pHH3(mr%`KqHibUg@T_NxMS_7w}^uS0X90<D!a{p
z?hCHw-MD@}8<><mUI`Mz3Q1vl3RL#jHETbs43BkbCj;<09$3*){m1>@nmAaahMGB>
z2d{W!FwDaBwrHyT_X@A70d=E+&;`-+YHWWtxkXyab7s;w0PWVzvAW7iDd}ydp8b3^
zxgw95(6WUxIXqZC8Ucf<`aefAu%KRH9M7i7n=5cwjze5z1AuQ|5!LR7U|ST(#TWW#
zS!ft67*=k6AXrj<ecGa2Sx5c-nIJ-+EP{EQzhMi!qI||d5Ny3b8kXNMz4~{1G^w>(
zsVk-RG7Y!@is@`k{G=LOso{?k61ZmvJx594mD1AN|6!`MYebnaAfNLhv0JmQzx8(X
zdiUorHn0yadp3bvw(=0^y^)uBidX!P(M<YLE0lM+&pcErBg?>9@VnwxXH&RixWk2`
zZ5KLnhG>nb>+3hWyKx@bGO)YJ^)bG_GdYzdvLL+=$ag-xK5G3CbdqAJ%+OyqtdUaj
zbXb!(iS1OH>b{UUTs3%7)pRn16?iYj+vF2djih|yW*V(0UJs?a)ke=-dg%HGk-|RQ
z)z*9GU3r3>S_85UTE1Y$P)IC#{!xdR)`{^nwG?2xC-n97oGku{jo^mc1^1=k^0VK*
zr)cjq@G?4mex(+WjAx#F8}Em!f8_2BJl=WMuj>4LeA(={+kbsX^V{U>4xQG@fq=33
z1w6!h?p1oCtInRL&V;Y@4KSyIS$z)S8IgQ`fap0cSpw5ZLZlNawIgJG674f--iEhu
zIS9eB^;Q&frb8FrkoQ|`m}F`hwVagF4TuB+3_j51<5T<Aeoq^|ystJcR`w~mPFa4!
zaXR)ACi>U5OoN}c(sQxlU#<qDG1IFGwu;WvAV2m5%d>RdM3dX0eU0&G?$4n*ihQ=Z
z<Rp~lZF*ABbt^v<LBqVMsa6^PyCePoQ3Q@4kb*f#ic!YIdXC5aK(`(88I^kj2?E@V
zph}{13sEjh&1V^V9sbjDw2dCAfA^^ZMhKR;aD<w0g!WEyE*@K>d&R{zIFeT#<ntI}
zBAIz3sL=6;(>ve9nx~+H?=iI(hn$pSVp3iVCQMc0Hpz2_m@II|k8HG^!3Fl8oUP<O
zqBbhSU};?)o{t|EL*Jkpi-3Y%3v_kGI*~i9>BZ!FUq5(PaO=L&P>V6ZwzZBJz^P06
z_O;5Cj5L+)D3efy@f?YUCN^HPgXpgZRR9WT??$5d?-mN098NJ)JQ+jU65mnN_@~8N
z7I9%7fiVq#O71zGrhc66r2KOKknZ8RCU=7r_4W4NV4MIhxp<M0n;TM%FF;J3YAIh5
zM8u)vpgj1lI{K_*)%TD?HQR@{g86-eVZ3fv&f<{J{lKHMi?_9bWw~JgukHP}48u*f
zWCrc2i<%@9b1P!DF4sQ2n<f)8CcgY-L0=Fy*C1R2;#3|(?~zeU(L<QRenj&NFCzD5
z^`;UjV)C(yB|*>`-F_z~rUGyLjt^dYix-rHa1B<cDZ8!!&P)<HvV=~n>>V|2vC;E$
z_Sc6X<4w7n=Vg074}KuzhpuTyZ69ULi|3T3kxXuab@Nn>=s&WFHy)a+<F;vcDSIy>
zoD9EtTs%nqxf`1wJhiBQfJy((pjK+3kt^^U9wTQ!%~n?HrcV~m>;Twx4ZpBBtqeiC
z7(zaZ6}(kdF(*S#pg+o~?y2oCJ!NaMM;Ss)?-(OsqH+XFw@*3Jp}j)l?&JwCXW#wJ
zm7x|R4}Hpl{3!?w(iWi0(?ZoZRfKb1ZKL;Wjjw(k)`I%9SG}Zgl1x>xaLw3-3YYX4
z9B6=q#%!3i>tTEb07It-A87f@zXVii7Nl-^nfW=(NnY-#xUeKdNI)Qu@YkGi>LN{T
zn|7Cm%5|@kluuoGD=^u`%J1KQ_h$>Yd5wN*s5J6RRB$`Rss5Qz%R{2pn}>cl;*Qj=
zrgo^zM+@co@H2y?FM|{!q)o*o5W&S2!^0J`lOD0aI`Eqp2rF>KW{sI)Qu+Q|XtBq@
z0kL)`9#+R3tPuV;BW364NC2;h`f`_)tIGisEl;dE5olbiP4A*sxTEVS5B;jeiYy<`
z%t!l#`UgV-;<M&5$_A<|%`)>rM@E)(Sj7}@SuWwuLx5n3Jw3Qi8xLOn6d5vR7vk!l
z8_x|agUPD^-;HNDWLXAOk@!L83U2)1(9j+;Yo`#;?knhsRTOy!@GaxO+m0ce9;-eB
z9tG#S#p??JX7Z5No{*TbXxiT2;`a?kaXK9tR?if`Qx~S%NpRT^>~NEfiSDU_F6g0q
z?)ayruItQ4^4|Psq7p{$t@`0(<@f^KBMs0Q7y(#@&pL&CYfjWciipO32}Hs;ia3w}
zkG4>s+kpD#<<+aYd(lc7Ik+*_cx?pTVG9x|^AFAj^eM=Mr^K=!Ka(?2?EZPixmr#b
zCSi@`GK+U9ays^q(YE#*55iFgQ|1ZGO2?EK`T^Fv;Ti8w8fop2u>zjdfaEVF=tPhL
zEug4ft3dV^Y8hyeSs-kroVydN_4G&C6RUS^>qgr_xk<^t8o^RNi=OxhYl@APBXQc<
z3F3a>C~#xU9MnMuKS-hY9dvUKN21b?6PzRPMP9*3QJ7jFe3Nk#3DH*aTLOHk;lD1P
zG{nszjx#YQ(1Nww&8Wz);nT-2q!05!C4d%Z$>=i|SLMRduTR<;zZI-Bd_g7~&(Qz%
zk&YV?@b5H`*zqOr!ss(g*lgpdN7G4>SgFf?%{J(MuX6^)D9?HhVY30d(P}-j21eR*
z_0~f+yIZq`a&=5;8sb;9#|6PW>4T_SMrjU9B`IVPgDL};yk-?af5NPJaO(7Afz?%U
zJ58V7nmx~F&^Sk}m7;Y{e7?d^fqv)JGGd!SoK-`l);p)u)%*RnPc=P%F{d3A`=fY<
z>A6IL6?^}YCflvRi%;_Ke3&n?9@8xTa*OFO+~|(7<(o%Zg@hKkk`eN0x?{VZRPHyE
zNn)qd)}r>-PcmkRZ^#e*)JUEuFrfcF05cJH-oxuWcw=-R$h)BT^TnlBGgIO?pK3#+
z8!42ReUjzs3di~Kt^-Vw^Ji90bYgW?L76Ms2EE$gnUuKtyXnQE$Kg%W+f!g8JVVq4
zKJi->u~-=F@MimUXS2?m2O8LGR;-GOWt-=;gRg(iMP8Jc9Vjb&L1O&|9H5QtRgGta
z7@~hEZF6PMV9?b;V8p#DM+fJ3p=!p8oAL7CBT10|38QfSo@Ya<+V>~XH^KPf*L!?f
zq4T*)-W3+d3)y?D?(P@D+|GZ)e!G85-{}^MIG*+sYy?FsnGL)n_^Uo^cM3^B{LmZk
z_cz>o6o5-0u)&+uHa(OM0zS^qN<~Vt42~dyoX^}cpF6Z@(-}RCtC@TZ_dLm4Qrj2a
zinSpGvikfcmeEX2)vZ|a9$sZZ8m3R2t0LJ=YejIXQ%d2gHv02P^q+m}2k8~}a&HQr
zjZz9k?t%!aICX^>c{6#l0{#*_nP2_iGS5E3*0)xVrygB))5>`n69Tjz<-dFb(2&fi
zn|aCi96@n0u^iv0ojq(KVG(aIkw#VZ{UY3+==1-vzb78V3RE<BW%81FwsTExx(zB-
z85~U$d9*8)eCi((CVml47Sk2T(mIFjjqOwoV&uO5-B9+w-FU4wb@luH`zL&GaPTqI
zXmj_FB*xP}!lDg`DM6b+=$E$DO8f!a2w$Oz9{u4fBVD@V&zg4WT#68WYF(W{iuWHX
zdq(p6LfYB{ek?Gx{V`2s*X(&Q25u!i%wAG6DDC0-&9`)lCB7<VQ%gq0#hHKM4`U%K
z$5<wibW7toKu-6<2_!)%&TW-*x{n&391KJ`9X}tk%sp`d2t&?`Ys5OvvkPgxOG+HV
z<ISkYW$(bTX|Hcre8r+1w%cw+C@rjA!kBA1#qE8gfAebA3pA6~6h?9_hs__XQt@O{
zp`UMoH<Zd896Y8(oK13IcRm4wabTJ3*717+i(Hddr@f!k%oT5pdTKRwYueP{$OSC8
z`17tlPiyf5UQ|Dq8G~D}esp7iHol0Qz6*rUWO@r*o){b~<@Kp~)Bq~J$`vWtgQ*|O
zFB>31doK!|Kd&rXDAL7~79FU12&DIWYTDR)cu)zr=y+wVVd?$}1e}V^fxqMl;2SQr
z?HUe_tdsa`h&&lJ_n*Y+6K}Q{KdQv($O-T`M;YG%tJ7CIhs3jCbI9#Km<2VX5mi6h
zisU_EfJzi2+D!R<F+4};NzZ-}Rh}Yodgg<g|ExGpb}3>+A#;hBYwv`T@!c<)54QqV
zVLfeLkvzizqQo+C6A*z;;(ynj91EnkhHXDT_q;ydKiu$YO*<~_K-+>v7#-v&(j;A`
zXQ&u}FYcZ5r5`u#V)u*`Esh#5!t4PiA{y}I-v40UGWLckI{N#e%FFVphAP5?Oy2(u
z6v>c#Z}vPOA*jXb)%m0C=GHrv<(BBps&yo_M&+j1sUym&8eMK^Ym5&o<>pFiJueGs
zaTEbNYYddY1Ufx^xlzwhcbkBwRGklSLlP6D8<HUde`678!4A=@UcI++R~X`ss7i-)
zx;pCVj^*L(%Ku=SwL(Y?k-TT&dUW}oDX3hmK`q8Tpk6-k{s{{7bXP^y;KWd@CWpN_
zT48Bh(M`tRzh;u+wNS~fES71`*HTvD4Z;2YID5;ms+#Ws^w8ZB5)x9<-JyUYB_$=@
zDc!X}8VRKv0qF*5IEU^Mq~m~ech}v%zvuty-cNUbI?vg&XV$EoHM3@|EPQ0CpNGT0
z%s!0KEp9}rYvAj)14YK|k4-6)mTA6M4S0@lxiC&ijV{@?Dt#wq@u$BRb5~~Ip5;P|
zH#S~kk>;|3<EClC;Z5JSrLjNv;!y{Z-KU)ti(s~t-ClBoyvJ#WW@~N%p8&tU!+fsA
z$P-&V^Si~PywfA|M(xJ6BY~xWN(r}!J=R1f;_fbKkyx<=U}MuHpu&ezavF&~k>i_J
zsiLO4W3jq?VY%67BqGSNBEeQZ1;_~9ZIeZnt#6{-HFKA9WSs@H1dG>$48Gt8AU*yV
zGqm@Qfn85YhLydJ`ND-FrQm}dHeuSz*TK5LX=;U99XVOj#nNW3zpZG-Sj<<N3Cns{
zKOhS|&3ms5<Zd8iV<mi-$hR?nKzwG4Duwavuicl{m<rluZZw1Uu5LI_9VdrQ%nez0
z_I)^0YI{vfe$bE~!BUh_CI+8At^Ymd0+);~pIzej(sdVyEgsk3x1A87mRxUUBV%+-
zm16&~@try5N;6+J$UDNNrlIl@lS5BV#+aUdPaf_11n92l^zcDHa!2olR-9}HB5gO1
zy3ADYXqFovwT@BfuT94bO~yX`&xvWk2#9@=sWO&fXg`C9{S!YcC!+ate~qb)w6Jb%
zD3x5ksx-0lx`pM*^bGnSv3YWVP16pM*3(@f?BnfR#0gq&EamU|5ic=GBaWk-Y|*~I
zb#H-;RG;4m*4mY(i9A+Uii9(*xQz#>?HR=c=^_zrw&Dqdsl30#obh{QDBK7+yW=Eo
zr{7*~z5MWD32%<AYmUwI<;(j~>U-6-R4s>Al{DZ!DeILNdjH6%2`(;yohBKh5tr?^
zS~s51dh6YqT)E%h5S3pe)9uJZ=E@Q4O{;AH_JHSz`I#cLjs9J0r(ec`uFM-<d$y)c
z0%C86o6Zy@HQ7Wq*J59E*VqHLm_3Nl2Y*e&2kIzX#_*sg#HFfKVeh!qJf>p%vg*2;
z_iipY4Vo`8eG}B)D|HQ;4d7t&aEZLJwnLn>eq*tpL-P32RyS_(`mVZ6l-0<X?ChKu
zz|w1Lx=@3VA}pW0PSVpny@6FY@0$Iwc`EpXRZ~(GM&S}m$kpPN!|RV|!=gVM2APx;
z`QlS5zuC$2_xhQQF_pbNL7tyH(=GSH%>L^ct9jK*#Qebipd<uhEG~6s8J0MqUVO&)
zJ!5UBV=9>P?;`R-Ozqz4vY{!U(;lxu0KA4o!Uei)ws7ljIf(i+G72{e6BC^BZ>mj9
zZpdFVNZq+WaHDB1aXKck8eihB4!^#$r+BTi4>4*<7|6n)@gQqiI&KX$QdH;CcR1cn
zMCm>ATJ~8-SI!b2vS?dfcFd3z+ZT9>ke5dFVRXA{pdjuGE-j_EwSE6ewC<+a6u5Gq
z^!14CmMQ)PoTZNgR~I&EkN50-H{|W$s*sZM`DW_gOm(u>EbQzC|9kzP(i&DUqs<iT
zzth;e-e<3ARpj&SjcAWA_;9P@>dr@e@s*Q!xPuJZCoE7beZ%i_r0rn0EUy!&vf)ME
zb!V_!_@mEdp5z(uBD3Ynpb7X@(|K#FMMg!%Fk|Pun#lBO`OH4UukgoaAjJyy*7qP`
zLQZ;{+m*tvO*wL>&sp`wT+20>r0A%K#4Y2xBdto`Okj^Atd`>&_(!hw#q#pH;KP0!
zS$L)loH#vR^Je4tpRHv}=!>1t5|{F6kgBoxxF#&_Q$|o5^Or<z(0c*8OqSMxrZ&0-
zjJ9f+S~ODK2Zs!6-wHd2+^^^sosmj0t@mo2x&qevOtSndM*o;aTtQjKvL%|7@>1=P
zk9RDy^smv9iqE#Y?ylHiCOV9pPzMY13!XXNC%l{Q58*r1kdYiNvF5z(w!|Ke-D#$x
za>IPuSf19SV=5vEh%X@dccWHN*l)8}o<A}RSxCUaWjDBswX!J++ege5KqIA7n_2se
z#p6&z(_)&fKDyg*pn+L1@o9w#k|rC<WvKTq`?(Bs4}T!uQf_xyGwQzV-6<X>PP~fx
z^}EHjinrfNTr}lbBhTgKnF)*WrQ*Vo8GgJF&@SN&3TBR!3+@Dz7MC>KCSWue5&8H|
z6K4sS{f#2e1(mKN#vf&9^+H|x`*1sK5{=rT?yeQDp0~W&tXN9H^UM-4U1%BV;A`&X
zz%ye^$gP2PXmJ?+?Yg4eijWSw`5S`u@kFz7)%X6}-lHjs#k|(r^8g*ZpZVoxB9dRH
zmE2haZDQG*x}H1$L!=)S)|L9B77}P&k^+M-UG8*d7fp5siDSGC8U|b5{hur1Ftl7V
zGaq}uK9)~iix^0#R+olCFaNxnj+AK-pZ*Vp1k}P9C+R(6wvjDGv2MiXvqg*ARq>}k
z$>l_77N}QaqnNeY-Q}9xI6<kY&j$rL@uvkGoxSz}JA|Du^qIat{QG4Q{NFlQX3fq>
zq>-K{n9|jdXfF5G;J7}^-K8a$5c$!EqwPgy`ha-k*(XXyPEHp;z$Ga;_PV+sxH*tK
zmbkQqT}jzr24c+(%#JL&{a-9W-d>t<-#c36oo=}(-#|yVOt~e?Tq~Xw{#O=JiDmgf
z`KRW^>7PZ`QjJpKD(G?GanX7BbJ+Ey$hl^fmD>>EJ6nS3urOrZ1#T=Yl&j2Pn*5bP
z{%o>ozF=sLURI(S53jf<8Z)Vxi**0KalL?`Dk~6EeUbe7%Qpcl#v(GAuSZ1GACZ??
zZ0>X#FX2{f60$w4->G~u^o*}7R*t>`hESEy^e0D*D@sumzSl@dA8j!zvnx;gr3sKk
zal18CO81dBt{T@LkDdsZPCoU*#C#X7>(bP>U*mGc<wh4ZrX&ka(qk%w*`_mhr@e>O
z4x9UCzE%$ZxtovKtQVutDVIoSyl8Wf(T(8-d-u`~KO#H;pW)-J<@igTh?rIefG{x9
zW4*#oy6~eM@f6w34)OtFeW2$RLAMdfMTpCvD^m1JkL4|%DmFC_i^NQ_cCz=mhE3-M
zKq>X_3jyDQiuJfr=?+M{V_em=tIi}nXp6tsu_X<fm#CE6&Nrz&qY`M};Xr2JDJPm0
z*S!p%GxbpH{w%+eZpU4fv!|R1j9FwO|Jfg>p%!z;Gl#D=oo%JeEt;5Z{WUi#Mrlf1
zg3Nk6{V%RS5Iq3)U`xFw3+!%vn*Ciu$~vAvn5HJL{0zyd?0s&yy!dM~my{kl)w~aX
ztY~mV1u}9MtoYKE{Z7v2BOZ8zm}01tO(!SOX;oCap?-J$6p<rCmH>Laz3~8<sMhOb
z5uT{;{^94+zhqR$8Q$>H+jzg{lnGV+q{)b3bcecpksMJ0>+Xnn^C3g%4M(!6iOCnx
z9SKgjF9oiSO0%yg$FfJq#2sk`z3h}~opZ9B$b{VSQcvXWM=-mLqf>J`R7TBcOh01Q
zL+#S%3n~U8pLG)RlmiIN$R`d@^L?`@0c}%!-n1%ckzl&Fz#%MxtU@O^Mp!|5RVz7R
z2QfkE{;s^+;DyxX8153m=+9?DO{(YjVu2~S^<Kmd2Pl6NISDHKiA~QqjSecUIK-8z
zPWj0xNS!EN&|T4J?$Cd*fA*>;9r~0-dOGZ)bv@6EWzQP{NCKhdCaP=FN33dWR=$r4
z#D~JW4JJ?XZco~DAt{6QD97xJFtVr9V|z~m(X}w#SKTr%b$(Ikl8ul#Ib+`AYnIUW
zmm($-aAjh+n$bCqYzrh>3l`DKefh={efLrW#q>M=06GJ)92Rz>iYS0lPQ(o6nxm0(
zUxWqel7x7Z7XoQCF#J66Sp4ulT)G&g&PgmjySHoKV{VfnU)$5(zo{xrTGDR>Zbq2@
z_MI<m8gimzIzvL3|5|`CBwS4%&T$!^YxRm%)JvMI$ttnm{f+{wI5EDbwU@NM>bWFe
zSXybIKs2pWCuJUaR9)pCx{XKa^CB^FxBBKF?oTQC;Tkv%Ig2VQ<60QqBfc)@*4?_i
zhP@BG9bw)D2Cx1LXL(To-*75Va+D!lWqmXG=j{~tuaUCEb<7wEK5_;=>FkXQrQs7*
z)WfDQ`s0&^`o!<l)+Cpbu5AT7Cr=kcu){}cxXVpe_Vr1u8RH==n+Cnn?Lh=ANdqzu
zc{D1Jo}SJIy`~=={EMw*vW^NK`sy&}=%SRh=QTBbQNx6_#uzTqvsH2n3lDV6sfNA~
z3bjs)ii+YA6N@s}u}c`*l?DD<YH=>k`+Kd7n_{I_2kE9I;_wgUI(lXe|KWR6_ohO}
zqJ-v^IW}g@iw(BVBNH3-9B-8{#a^K!%Si15R0(irq@%-;dG{XS*QkFSIanK?mQyMv
zbuE7sosB537tauJaCq{m0tNS6{wMi+M{LRIzGp45hpA)}F8VFu#&CFTr9M^plHRa?
zdc3Ji?I>K#?K`;VXM4eX8-%XuA{>p^+R%Rfv%}CYzjr^X?<Jnw3Maz!>$)YUC2l*w
zV<TqI8Oeibk`LwMGqZ^kQyCqR=y+4B!sIGUfxjnR%$&hktTNj`1(6oRK*PGPKBf`x
z-qEnx8|6R?LKU^ZNP;w)?<LaWQefP82#s}qNr@)F^ShHe2RTCRTL1}Gr~n&J1uA}T
zzvS27qmXd4OWMQqz!_2}Teq~Mj6;9mT*FA=eEP{}!EN82A?Vkdid(zYXT~obQD3?)
zP)RwV2<@U47F>MMg&c+^Ex%orx13=f4z)Ld)y)27;;A9KA?@IKa7&KLQpoAdgEvk0
zrPsn^wr!{r*2?y^&{1Y~;q$lm7a?cZ9PCb2OZ-g4Cdn-cu!TsAtN*Rx0KYq3<^YJ~
zX}shNVUEleufeZRA(+83-xQvOGCqS+s9X?Vj?;klOS_cNM<OjXB5Kh{noRQ`WO7Up
zb~|JE3y(@7Mc8RQJR>d5#KIy}k3*I*-q_PK1v~*}lnrx2A5U9I@ekSj%b@6xK41P-
z`wg)U+^99h*upnhz3>A!0P@xKwNPzs?Z4O>KEB`r>-*(wf06s*>|3qmY2PiyllHD;
z-aNE={>ccwg<LL4W&bAxI>GM6Wusm>GS(FA4aLZq>XhnpjfHWwnaXDs??nT;*{_bW
zuoQ=I6qAJ}5}99_VVMl8$<fFR?~uM^>}8LkcA1@zoLh_uU#S7)6SUX`@eEp^w8&ph
zPCC<@ZJsy|Hni+d6DtkYZ%w@NN#4OoyDT^gPuP{$g}rB2Qzvoo-Iniyb4xc)os;((
z1}km>hx|vk;((Su2g}j?r!j~{T<v>$GRx#|L34bsejawb%S84<>duv+;x#SS`TmZM
z=1-icf0tZKHF_{$^Ev$2fewY^r@LT$D&ndo5*(D9$kFkFkW5D3KQDj9GFg!#bO+Uf
z>Zv2q?H)_v&k+R^`9K{f42LaZL1R*2_*nB0ZclvtvYDg%AZyOP7BYnD{H7he6|VG3
zn47yp(fV7tMNr9Bu|`*;-t@1TQzx~W1aiWCoB*GWmCOVH*65?2=^%HgG<n^b8g*9O
zT%f@wy|vmToF(L&qSP>;HI{Aa=#_fId<b2ktLj`Hpms8R_@6r}*w9iCVads+kpB(S
zoH-<uo`sabrX4GOHI!P(Ua+fa#G7VjPeN-D!`u?$^HWA;uE6(@@^DbTL>@(HX`xYK
zT)UYIn9_ssTxEqRA3XH{XTJmEuNGhOEA2sIw!FZ@he<2GW4~;n7`Zs)g?fxH0W|2}
zc*@~P17^%5U#-$YEB35D4c2AfmU8yO?uVYd%)RoU->4*=*+t##df1`_LjDkmuc@R+
zO4-{>R#W`=T*hnuRuL~HYF!bvcJtHnZwKK5px(yHS(hl614W6}-5UbOfFOWN|Ah<N
zU)>GZ#dpqR-Sk}PEWBT~3<74x7FxIT-<}E&Y{5Qm)ScO5N^{xLLOHYRBGu!OGK9E$
ze&3uteJ1*Q+6l%P=&o;;v$ME8d68atp%`1g-ts#daJdc`ap4pw60{LJ@l+maz*(^X
zupn31{V-h!vZE%f{J_gD){ulu#ah78=N=n!x5yGASpWNlDDq3MKkCUUl?6*m^fod~
zw}GyU9sG1GAHprWTaKMA)el(VPDIS*`Gkz$mZo3XJ<k*YFr9d%?tV&r9Ov(rt_}Ct
z58F#e<}}Q6_YGcIQMpr1Z+A0#d)`|OxIvEX7hy}6ai1HEy{_(A5rf*vxT58kI+Rv$
z`ra%w#5#z0;;YMNwYW#mBqtqr{*oS1#2=-?y~kT8;xBj0^!0d7R$aLFgA}q*0muJB
ztPgCuEj%_eg`jb1G9S+dA`Ro<Ia!+qX)QPQ_iw&yI7PD#?{F>=xJnp4k<*6(14voP
z=aS3++gCe6g`m(RNNLHZMs&(048DzEX?i23ca=L(LosSMjU=#(pv8)@ph@8KOJ-l7
zm_sku>5MUg`bXUR(CC_t&w3PgWqN7n0uK9k%SWD1`&WKf9-GTo%U9c}iUmktiaX=%
z<x2OZpS=Z>C{p%WQ|72;Y69w@0o(<A4>@y{AAd77aOmkY{f*j(eSa?c%Lea*7C$Q~
zT`*513Tn)Yp41dN8`SOeJ;k(F_c$Ah@;at1R(pcH1yGw^6W#b+mSD&H_OP~i$xBH4
z;k9IK9s1TMd?7@WTomqKw8x8HU;C)pd3egs>MVCNBqnLlpCQ^&oB)luv5E4}O>Jtr
zALnQ<$8h4u7JxlDmEvYS7<6E2FP*LO<Lqo1{8ZHteU-fZPw>Fqa=fL<@XFp8KYFJ~
ztRy+F$V4EF$I&+Vc4n=Y54WuiWlrazUNk0K-nc^CKNlzP=Ig>X-a%OEn?J0As)dz-
z6c8(sldiaR@t^jd<bZ`tSCnJ4klW324#q(iS5f|{M}1Cwxs{m>6~-^ZmoUn_HsseG
zZ^XPIPOgX?Y(%ZqG6z|!_SaYe6h9-Vmnsxv8?+ubMrc&vD8EBUkYf<lUuPu|dUS9V
zMMs~G=SUAH%Cp%gdmYYeR5;kXjfy^h7q71B=}I3HYo0*v(*i)qq*T5;8_Ug%83+!C
z2wZP`PB$f56BDY%`?(U5E~wK2MhDqMW8`0cfw?ci4poAx${#P5V1EBp(4_}*z-RQ2
zm^cX)&n$93GJfa}k>goGJ$c_1%QQ6N=v+!rHHY4)DmVLwhb*s)=Glm@V6naq4Rc{n
zRy^}~=WWu#X8>fH3PUP97FJWWo0mrb+$R)z*8+Wc*6&yNOBxL~e2HfE@p-$O{&J%?
z|IJ_CvA5ZehS}w9-j|Eb_FFS$6Mss0TY-`1%UaX>QZzq5N=-WUzI!!H-NAxG@NqXK
z5xgsrQk*+rH2ouipY^RQERnm8Up-kj4PWEcTXl4???5N~@b8!dO5nkIi2Fv<628!q
zKkH~KVkOkx`Q9q<Mw(=c)7$r8PQ-T4I9<tE;IAL~V)EFWvmM)5|NFq|?_xngI+!S7
zc3_>6tKV)&gT%=rBVb#8&6$!ihd;&Bt>yU8?K}gdalVcSQ{1D60x`ArWSC}`Q(EiY
zNw7&ZfCSX(AJ1r3dGi49nA-*{#03l*P22mL78*yxJI}pNktPM*l(62_YkHgFFSqjy
z+Qq-#Y0r@l2+GCDF6`32o(y*!Av07~Q6t!v!}MoIPmnkIwFuMv@%`ji%=`=w=No?p
zDbXcwi<IXw65M$C*sZQe4(4Bb#a|-3WPadO1xixfS1Mbv9_eUq-mO$(A#PC7aN#9P
z2=^na*vLL#PWX~96}akm=V{~}T4r2T1s!Gm+Mvy%72aawlJvLHlLk9>E8a{fnSM=V
zwqC94V1@`?k5<5!wxl9qp){@Dv4@L<j#gyE2P<ZzW0l~;h$8QbS);-7W(cd6<Mg!9
zHgL1<E>S!$$5Xl=r4@TR^9AO=>G0p3k_UYxBP_&xH7k~o*Q~08a)gO^MEoFgIfBf^
zVlULRgg$43%%=Hrnh;Bayt`jGxDNATZ)V~1n)hq2vU1CyTMLPzvV_jtO`~<quX5X>
zYRqSk>P(*}$LpG!bRPcp3>mlm4(9;$^p1lI(9%+^cT)pD^Gdc_lk~Az`2Vz64@+;3
z#|!>L1abNC-rhZC_#9hJ@I-KEeF+mR3fF3+Ht5ddPs&?RZ}D9J7!8U~2U+I3Ji^6i
z_IP7dfD+gPilT?~N<NC`Nz~|T?x8L`GwWsyWl6)W3#=DV`0jgzmyCb)oAH4@XPu#}
zG)f~I=Ya3u#q!lc6??n+&a<%L^s30l!F!<}SvX2dHS8DXO{|*~%MUq2j->)bCJBSc
zDEK|^zf;QMEtHjoh+ViwH|fMOz0fMxbcjrvXh665oP0V{Zo~jbzju3M)WF(Ek^5C2
zWbUk?-VvTT7Yd;QlvpZcrCh)O8tDBQW7mKJ*@b+-DKL$+C}=T<$-Rhy?1X9oCls^#
z8_g(F|5@b6f!u^Q85!>~QodLOczYvg_40j)cI&$jdBs=TjP<yve|**8Y+C=Zy*_R}
z3(&O1-P{SL=R%FDr>(-!<Hxp<4%*L7UCpX?VpB40Qd_;)Fi&DJucrV;9Il~k(w5BW
zYscH@VY0FVIs&X0<d*i!orVS`tp=8iJE{+2?t0JzFHN}g&0d$`|Cqx8`8C2X+HtEl
zKbF3<=TdY_D@nd6_5S^_>G_~DuUYwvn!gw}7B6gz!p9jpE=i($bQ@V&WiEPgi(~>x
z_*pe)XPr$d?HO`x0s0(=?m%0H97~qO_c=S?ErbI3GGFgnFe@>QXMVBV4AmPM4f(t+
z9iYnmEi;Xgmp|k?D?Yz?T>0nFgdx{Ac?sMTQShj0{i+LwzVT^xX?q3Q61DJxXTR<q
zdp*`}+k!A>HEW{86WVF<P1(c0(|{R9Nk`u&Y1u({GKCp?u>t!<OwZdJkr@Y6neV$|
zSrI8SD?fsf=-dvLram(`vIkPo?&>8Z{e~D>scbE;;etC*Kdis-TBes(@C*5~tv{+C
z<cZkB8C3RuasxgchW8DDFb?A54{KU>J;*WNn|a+JbJ+bEI*cv5bVqPBw0A#ta}AmU
zo11?lbkwsj%K^B9&yZyy(m&oc6HB$LTZ>96cQi|JboYnE%%iCc(|~*5A4XpH27fJ;
z*&?x4+;BX~mf4~Dc0T*+YC==dqYEy$f7^zIZpRvUz|Hp4<(sh)CD#H?BZtvIja8Do
zqOzi+nOQ>I8omrcX&t#>LxXm?X7QZ_j%0gmZVV4xKp%(~3I$KwUWo{(BQaRWGsvf6
zSF0^DCkr>k)rV4)O{GSg4lgSgmXlo9y=iJzcy;i94Df{T&-AcFht8t}HgTz<NGhT(
z(Yz?W`7M+GTtq`KcR#f3k7>P05KVd?GYLMq%mw-3F3aIOi)#71KduffS&`DI!O$cb
zAh6&g-OmChDM8cXh3apo^>}{bYevr^h1S+)^GwO+*s7@s?6d|@+(JiEPBJ=PGcJJ}
zI7xNCi2MEsDCvXLwqd_M3!(Xucrm2k?0*CaT$2CM^FdLUmCG>d8>8UtLBmD}uj5Y5
z2Z8w2jys-v;9$wim&(%b=w$3{czBK;P^h6l>UF2otv2Z~V?sbQ6U4F2c_xLSg3iZB
z%ACN+zF{zk({`04<q#;qjxtC%tvBD<_N=xEBk-pj`dk9D>OQ^u{_F{d&XA79W)m<R
z<x4*lLpm3?e<WJzMYXeC#_Qq?eH34adKYUcpmlTc5M;NkmIpZST^gaj7(R^yUhm}3
zZ0Mc7jQ|gajXV;3iw|3}`G+$PYMtMHpHyZYSE&)J%Ng{;!{%`?2&vWV8BP}^yr;p4
z((RbK>MC)#q|ymlwL&t|N2k=48%YaF*CX_;-5d`6E<Z^m%3J|g>hMabCGBV>nH7!N
z^W)HwvhRZg|9&GuX<yK_FX8wK7z(?5p0ZKPJ!B!xjW)L5xzrH28fWh5rRx{(pvk?2
zxX&eLHJUaQD|hXag`aZJRYoqvD~xB2HowaRdRr?^G<~m4U;6JUe)#NQX`s%_4jxg}
z{mBitA>;X2PS8tG$K1<{3P0<=dGS_~X6ug3lsSx66cuf*%7;|fW4|2^)P|*kIpo9t
z`b|D#C<GY9$K0zN49zuQw-(MJk_6w^h#`~sR(n!L)07#prsQ;6X)JY(O?qGFQCU{^
zJLLaN8&>?5q^$8_HoH?%gkcpuqrgZbKRHEk(tb%v`J={`bV}T(=;De%qoliz#i?B2
zP|>QFJnG0ah|)kpcKnYb0If@098SH)iPj!tV$mu-oKq+k=~v`5`;aHA-ccxw;a}I=
z3ad-Fsweezuv|&^A4_SQ3y6(C2g2|XYh!NMjcPU<llG7I7g6xUO*}VK1L~*gN;OHW
ztuMFtVzr-KLzdml-49}BC#hHeN&{X!x%qWHTPRqFN!g!_9v6QCD|M@>ELY+}G72ss
z#8j#x9cS;azmi!;y0rA(sDTwNuf%8_e=4U_6c_L?wJBa2G5kE9b;nG<iW8Ku*znaB
z;?<cpxxzn8)o)a4$pOevOI0eS*ooEp=IM|5H*@lXb;iGVy<z>8@PmY*<0wZd;VksD
z^Lc{SsGOw|c{O_}V3ztI?eZ{Tej*bJLkey$OB1OlPvOUED7bTc_pnugEoRB?<BYIj
zf-$3F(i`=Bn2mq@BlGyTp;aFePCs}Za{*;2wg&4yIk`z+JB_^+zJuepUgy+lE|bw&
zzs%vIhPH~oGs%agWxHC%l4H*vWn^Li$nZN9U9!{{jE<wkfQc-3q`oP8WI9M!^G1?7
zJk7kz4rlFoU5w|<vir|*=k#NCzKVsmi6zKi<1pBbD%)t(v8d)teJsY;8tksaCw&W^
zm!htD&FbN%4}o<MJ#Q#`@!FsNwTX7LBID(gdBrlh-}ft7%wk>K;+dbtx*s{_<6&<G
ztnFKEi!*cypwh0LA?GzJf5qhYSfupvTJ$~o@RT3I*!wR(21<0Si8+O3bn81!mB|Dg
zE~^E`b_yAC%C&zbuyVIt%GkjPYJ5E28v@-cDvJB<J-DVgH|^uIR@Rw2lheDrr6Yya
zzfA%%TV75}Y8bB-@Rak~W_ZiX%<RZ*7Aq|KSsznW0<S8Z*}C9wq*jU`YjHNa!@nZ=
z)BRkGOv6gnvlibPpFx^(@Ew*FwHGlzN2{RI#Ka#9>UH60#jB7OVo`4*DK0Cgxu5yh
zn1+^C`EiOh1zBwwu<#<XoKX~K%!dxerlC0(aa@}#ZJ=R}^wHl>g}uHUDHH-ptVA6D
z5cKmEu$0W(hx%rsd*1Q~{L|oc-tL`DR*%kC-Z|tsT#C2gl`)AZtMHd;CbDPOPo$CW
zStfPrIPd!2PKy~lS7(^AG9>sufF58f^+S#|@I?%b`+7Xhw!HB^d1;PqNwBIy6G;P(
zW@mkeO#(%U47SEg)KXfXP}56Is-V$46C^3gSU_vo)CED{n0xvQcOE9oz<LWV>Dz8&
z8NFh{#L{cy5MRB#4jH~JoDr1RP~YYaUwJQwBHFD3Hss~eR)?!~-vx*A=f`ovk1VJq
z7k-b7Ecekwh<l=&GlJFy8f5V(snfU8buOf3K7{plb>|m1$Zuj$&X6n`(D(#(B2m6>
zF#vaiQ&eWMgs7$bed8*_F_{Fq4O6qXdWmYqz56-@Ukz5Y{dbEZsdq?^V$588cA+U@
zyU>K%-_Sm`|As<RgmSbG7h!$*Y@PDLEeq73v{(BEUzW_jI0tXtrCdHA|0FMM00~t3
zVnE3x&dAC?s~f5>-ALsVp{H2Bt^OHcS4oG<e10=In@nDC_nE0`Aqtm|_?_~(*y;#0
zOa<rHTJVmq{tx@2QcQvG`;!*!lC#b9bFQ41H;-F2N3lWH%!dk`wKnkalodf1X4d<N
za77acB@yx@qw$t-*b$B6=*Hv?qJr@{d8w*c9(nJ`#!r@69=&M!uBq_VPu-3He*xvY
zefB==kQjNhA|dH;2A-r@?Z3^*wocllYfUKuDH%@B#ARP`@okD@2IiB|C+BC#a&O^~
zAUSx@R{1zXXGpIL;0+cuJA0Ocy(;{nB^|-9ec3wU2vSB5E1`BJ@#kM>%-$66Kb%sz
z_1D{ljOZHmedt<lOLCseBl(m8)UG2+b0jBe(iKfps*<hU5j5#3N=qv$)S52q^>w1C
zu<euH+gN+fq1fBKwP-DYbK?P~QY*9kU-qsHrS;!d<=a!oyqMUde2jV1n%U*)!+MRR
zVaMOw&CU4r`Sc1~H<V%2OC~?S>Rnb*xwd49hu!fIi;mAQRE5_yKwi@q5bJ`c;0s-f
zmEnE4$Pp>Uw#ebSYwGte965W;W|SYxv7;!u^Gf+W@^^}xR`>(SBGNyr^a>x+_YtX<
z(HKv5g(f_nM%z&i->&FwMK$@m=&64GL|avLhA2>@&2rArm8dH6yMF9S;d1|zoAPNL
z-86jnw$W>PMYsP375)i89K-ia%5dnvd*KC-!?R;QT6mONx!Cesp!Rg9IUWgc7%^Hx
zhuf%KyfibscIg8d93${TDQ!806Fvdu)Qi_Js^K#274;SM=xB#vCmVZ`)$|aFVP&E9
z(D4bpR#5O;SvXqo3I7h&;@AWD+qXL~O-uc`>Gx=;D~TF7kb#()j8v44I12rq!OOKb
zq?!T)1ECQn8J14M4t4<a#B5Le3c+Ut%6NLhqVrM%HUJtv0_43b%bW@kZL->piG|yp
z2ieF`>+z9khEbMm^Gp7~8HYJZ78}zbL&6!23nGG4XM|(O8!lUtOH<j=Rp+_IK-K+7
z<8}GES^i*EK(FL&MGko{&J?qKQHawk3?POpG9u$;Ove-oaZtyniQl1ekn?id;{%n^
z+8|*#E^5~Eb8*p>v*90>Bi}4X96ueDk||D+myk&XMF_o9f`*YH_U$cb!X>LDuq^@^
z7lv1<M<13A7;wCIHc@w_;3`YWXGId)eYLwD-|+iWfMYd7)seL6S}vjb$VB}Y16wpN
z)H}!_s3Y6sf&zd3Xeq1>VEda&8+l*;LF+i_G~%*=qpk%@if+mbjV4xcKxTFyX;tB^
z6g<s5B`ZvHJo<=6e(02ibSeBeXan+e>y#DvJp&}Y75Hy=%=b@?_fMVnzi>6RZDrJQ
z6!!?30*ZFn-yIZ3Y6~`X)KAKaucs5l#}fQ(L&a?ev-pXFUNPl)E3sQ|GL&KYzZ_}n
z<GrW)Nv{3WqYIa<QlYkp8!?k4?fYno%Sf&sBA33jc%0HMXz*03im>Ua^?;j0Zq+*n
zTxgV)@n}2VY1N$W9Ms&+HOp&eK(9XOGuZxg2Fx!jEuxnk@(|C=zz?eFgxrDYqnQ(q
z&-xdYP(*EN#Jw&fzES8vNp7{mQ)2GFDMll%q|l(tJ+<4pX>jU%z#R+B4(*`%@Wq%z
z--IK4?R;XjZ}bMY%*Fm^vr$w8j?8pQKe^3xN?P4ceoiE}1{S|*5xC*Uh{H9YW)H~W
zRW`5mnIXfZ(Z9GWetS+~;p~>fiN|R4R3Nk~rKrz9vU(Nuf58O3Q?oPlTCixX#OE5{
zQ-@37#;E^j;)i1UGjikdKoH2FA({z$UCW97q9~5P{>FI_4ThwFBKO$A?+%L*m&LOb
zUh&L;>uc_)Zxay+BOtB-o*Er|=oZG~BFB!NxUJvaLgTX^_8nHl8jcj0?$n%6O}My2
z`{|V$a{|#7t>X5iu${b@`jbaaw$}vTym7SqR*c7ck<&{}bT9S}ue+?WyW6d!qW5vc
z0S((vo&Q=~8DC7LcGEL??VzO^!Ml}3Q|QA=DcnObdBp=gkP9mWh{Etiy8|L9e0FyI
zwN^l&0+CjPjK3ivOMP9q%0JjG!P@y;>p&wYf?l9Yc)jQuh*$6~|A;Gy1`VCZG|1SG
zD1)kyoVT8kw|?hy>k7|jDL8HL8zE1Wp_rRHZEmy*i|B_141!x385x9QPZX)$&gC-=
zvc;6_+8ay#2Y3OXz9JgMr44iFwapS8uXYP-<j$0a(;|1CT)qseI_d?hwsH_(|NB~n
z@g=1M+-ZsPM@G>bW$>SW&wAsh7K@Q7+nF-!jL6E7-Q#fZQS`jNJJ0Ys1B-|+FW1>l
zXB0!2>FDU3O~POv3FPDwzf3mdlghOb95XK?0kD041jVDpLtiYge|x#_lp5xLM$zCt
zk_JnWuT&>~O+Y~KJ>u+lk3#aqpG7g}p2$Sj6Tc@|g?{a(6v}^ZiTdaHZI^$K&t3<D
ztzw!b`Zu(f=P=ZZUTGt!`~z~k%MiEG{;d}2^dWWS=4iIEt<T-UbcN0t0SfTH9=epU
zNI4~7&>fGm$q$lLV`q;x2Wk96&meEX?+dEINwgNIu=$(qoNl1C>E~##CzuaGB!2!k
zFP=92WX-Frt58nun&5)X%{{PZmp1qGe>3Cz1x_UWh2J)<hY;%Jp<BblI+H!vvkTLn
zTPY%l6@bp!Z1w1z23;cU!=-OOIXQ)#ET-~&0RI1`_R?i3&U^^{%SzQzqtyT*W=Ln)
zzuub=fBe^b71;aG*Zhf#Gg1z*8px(se6wQ4|K6>(9R7)kaoV~U{RsMl#um1FdrYRU
z!+)Q|%iShVPPOB4=(Ksi_5q}2WEgi^`l)vO($ms~x4vM--11}NVmlsXdi-5HgC!_v
zR%TT#7C@NePXhm=s>Cm_Tvsl$$X?u3DfPGkNS(D2D*4?ssVHuuq=i4oY<;5lZFzsj
zk8_AwwLaLu(ZCk*sVo6RD;HXZJ|!-P#O)#NQd@ewRcP91ivZUB?j8Jb!aD@UUmL}}
zFzWyNYk$(9*Y)GwT=nM#CJ@S7*p4D0ILeM$1%w6iB1Ew5q4{mQTUMPQhknhs+EI}(
zDHn>b^YXs8eH7X)9eH(61RuWoVC2m|xyGbFU8Fz#I-$o6c=8!2F7&6-M@0+xR5u7L
zJE0kqL9gS0snVkf9R@l&%m5}8i0=(?rQb5k9F^o9Y_dT9vfdU9Y}z7ztgyX7<nX&u
z5W32!E$%rEtd#7v9m^OnV)&azom4a@CdhUa>LzKrGzn(a@p$lnxu3x^gIABJaH6B1
zd=EoN4+TwZ_G-r_&W^hbVP+S*w&$>y1O%!OF$4f{g`v{7i*7~4_8_`;i+%m?R}Lc!
z1zxPpkxf?kJ*j|r?f2E3H(a62We>_Ln+w3{!z+CTpQ{V%n{`dzqcQ)j27}%O&Fn72
zr#n=8pWI=EBxJDEi64g{U;D6cH(U~mZcB$*-)WnK%Ts#$Y;5sDye#={T@ZTSBq<ru
zX$aspu4Q0x2ua%BQtfrz9h%O7cY~b=cBir@p5j2>M>w8EZ8sG`Uyqz=-SBIYGVY3;
z)LQmjla=TfeB9w}UE38LKf4wwsrxnqyTv58;N!JDMC54MS0iEj<ef*2Ou^x`LGkEV
za(KTddA~IyX_|aL=S2#OwAIWGLU`d_0CZZHANz2o4(<OKW^co~=?k+|$M}lf$GiR2
z!nrS=fHb=yPTBYTWp~}6EU0|KBs>ZIdhI_odY&M3QNL~uzceh@ueC^hOr{4Fj2%@i
z#B++G;>PUT(8JOZ^rYeDzEEPcS843DL$WP`6Yk6!D|U%2`4DU941ZW!q2!1GyjD77
zx3%ko&qjR+$j)wt3?EtqmFhAt`l#EiRblYQrr!Lm(^V~YCTwY&I`Zr`Z-Q*E1#7z{
z;r?B75_OE{Wdf@u1Qmn?VM)<bO=Vt=XbZU(SqA5f?&<X~ucJGMeWBmVRsS#jL4QDT
zP3y<@RtAtMFoyUp=~lEYYu{N`w*FOHcDisdjWT{vr$`mFB&lpZHHi!ni<PX-x})Aj
zHRS^Rq;oN77At34_}G1=GJeRatQPFCTpi@r>h#C?b<7?d(bKOt-RYXD=O($#bdhux
zqs+(gclF1s4)$A<9>eq{+C?%d5jo^*B?NViK>K9Nswm7i4eq(+lnqF{k$AeklRPz4
zJ}>sHP$=~o^XVdG(~$z}=(@#ozibAz4&sWc=j1}Ap;`G=Q_ok@vkKc~nR3lMwer)|
zJ$MfewJ)b`!@<h1M&VjU7g>-CH%AOY_*%H(@`Y_DSFYPMCHAI+!Gq{g2BAicNlq2u
z+G3jzb9$~YkM)w*ee2B2{`NAj_2lbusS;K(_MHqd(grg|;1s$I_a75~XmMttI|cMA
z?Tx_{e~`Fwj1(;}AK~o`vcP5m7`awy|Jgxu{jO|#xAW6o6NvQTsXldZ$AN)&L~#z{
zIYND3J+O5~;S1mDnt`R$prdz%1I$q=a}&b{u;wt>(_g{HwNanA0=Qk*s$Nt_m0uqR
z^yx^li~K7$swDag;6WEIx&wk;?f5&s&i(f9yKq~vW@DymUf+9Nao@l7Uf2l=D$()n
zS|5T8`HLZHUuj*jC*&1gt(4Smo$PqDhDUz>p~9@^|0NVQ8ANk!B{Fvg(ArwrnVn4J
zL#Tg0rGWw$6ODnR8I6;lU+uytAixDI+v)As9CvR)kNG8@VhwXD9q>3};#WxfUiv|5
zX&P_lEa#x6q`>i=gZWg62AKQ=f1R;SUXzW);1_MySeahP*prp`){}G$>r+WG04;p2
zeMaLdmks+hAlO3hIslLe-#dmYe6Z~nmgNpens$#2xesC5ZgTtowmTBJpdnWmgCs@v
zd<8RFj0)#+<raE~j|x9tjTo+y!tTfXh$Us0lJsQff9`roj41IoUYnC1pGf*iPLoIW
z3{=J?Muzkt)klb%cU1~>e`E$u`ws<fOW%f5$~ZZv3S6mul{KUmbw1%L9OfYC<3>&S
zJt1GMt>>Ma`4L=XG_`88=t}~toi9aSi7O9vM}&t{N<Yd-Xq%euymfk}%0_a1>+u+!
z4S!@!v*4@tFfv*faMGVeawM~xFUt(>NO2k6?-Z8hK)13_m6I;^q&)`a1{PI&Osac~
zy^3nWT`aGhy%vZTtGzhbmkq=ue^#o|N5=n<-HsEd5Dl*t+zrpnCx7=c_Bl%Qvxm-M
zqT|-)e^&N^(N}`<|E%l`XrCV#O0@t3Y7Nlz6_Z0K$Vn(n$tcMSKun>6uCGsozL?t0
z(CwqSA~}Fa`}`SUAGj;Ah5wctdc<8?4qjoA`wvgzD1+U-TS*sKUQ-#C$4b##B?rG6
zGs%d8>Wq|Xw94fg_M^#d3flE!Kd;AWxZK?F$5uO8rn)3QyDj(|Q4KB)US?6&7B{8p
zxNK5h*n&%<fi{ojn}2fQdw65-11kAX(*U?YGIK@*V?9lolUe!L?ZEW+HKto1qPUIN
zIU;54)1whzFyMsNeG+okz(;=eHQtbcl>}3{ZXO|vTji4cX0^ae2KCeZlFaw8GqGcc
zo!U(;su)t15=S}hDc1c(TlxL=iJ=R1sZe=Mv<bJb4NDdosiD`#PgrPZ?>hsh9)S2Z
zArf3NR$&|<&5o<gBN;`lo-AMRB}Cr6yX)nSX&!`o=A}k=eCqPUb45B%ba=$l&02V8
zDs4ScYSv?NvOH;d&cL8xONN_P>>2I*aDbqEf5G<nfJAHn^+XC;#An<xb|#5GYZn|y
z3T^M`)H`(ABJ}c_e`rgH4DoR#2f)GmPxx|(+e6h(UfITD0MT`Ji@$_#q(9B^l4U%v
zg;aBs)pFvK+uls+U!CsVQ8Px;f!U@(2?dEnjCHe6srS1dw$$>~Sd^$NC$B2-YjYA$
z9+_iL(^=DXNbSw<rSzr~T?#L|;{^Ki8&pIrXvektPo3FVw5IcC3e|x2b?OIcaE&XR
z#pq3*;-j0EKA~q>HQn_o_NwiU{BhOcDelVf>cgkB^vO-buiWltkoWG?LA3oFj-$rq
zJ!fL%6!P%~45BVmgN36<DGvj+56j;-mwNRQpZ5fOD(?lakE=dAO-tt3oSgY}+Id-M
z&ACr=gvWrug%ha5;HU%Cr7Mi3C{$~EzAwxHwY%a1M4N@!0r=g-NgsK6v09te=e1Rq
z+vdi|2@KpU-U~iuUOhe@t=>Jp-x#BpG<)T^4t09=+iTugKL2k*Q5^B<O}eCek78PB
zdI#?!wa4ie+&h>CeZs~(8VZ##n4ap*d}<3)0&2g_WH)nL69Tww*K$C+$!7}S)I{2}
z*mD|XE0b!E?-?jM))Wv!?~W$r%r=`1rXZSR3*mT;<D!qH*x0xPAq1tIKF?>MYa{EY
zC`RxA{Gd5f^gw3JrtMA_YddD82$s3H9?n_c-oN#GPi3}5O^wuILvYuzwM~BIl{*Qi
zj50huj^v0nASJ7?;iQY*WpdY$@KJ2A)yF`Pb0_1ju(Vl(di>Qtzol;>SUK}V`{))$
z`Sa|r9R<TX0sn7&8(AKgEE2vCEwhs|*@}czee3s-Jsn^8T5l{6$*$WF4VKm`A52Vc
z`%*EwVX5!=IH%6Se6Uz|R{*;^A)<ab&%>If7|sXkYQ7s9!li73!ni}3Bd>QJ(yzP6
zLcO|0StI7ARj@ryV{T$y)=HHhhOtP7pN>CDaO*wjiBGP|WUcTMg5JpoGa_j3VPuTD
zU^dib?t&D$t(VK(P1dypgJxF(Tkw7q1XW6+P=cVYu5Q)gyx4Nn$%2u*PD9E*Hl5aR
zQXtc3Gy6l`G1~aF$l2J_wnibaA`7E%!o4E+l#M2cr`omEhj+AoVCek?-sXoAyFQ8v
z$LH!U*_ME|d6QBDYdeC97spH>nwaWMHTk{l7h=+(x8=aiw)mBJz!6$-9Sh($DQj(G
z(@iE#_IA;|Z)x$iQnK57x&NWFsuxVs%(gn;@N{UI#I7%vAEef#x8vBj=kE&VrQY{)
z=G}9DckkP0=RVt%kSj6Y=HL7&)U#`@ymdF@t)XLMdb-7M3dsnx1OiGiGvvkhC7;{n
zCy-LGhXvr81;oD(@Km1h(3!aCc7$|)r~DYC-vZ`3B9$c|>sna87a0`>&Y~zb$1)$Z
zCe4{bjXgyii(T{}htJS>ohslRlR}3GSGB$pPd`2g{u9wvB%1c|amO&1!{%(b{}vjx
z|F2~BvCo!6N$g~{PEJu5V)LJLo7T-qoo{+LZ@#!3ZceANlT*@y*x>=ADGD@)O3Y4B
z+Fw<>@CN#CEl#$Jw*zC5Azw<&z!r2&@rPLkrEN6-e*gb_)T4fL;Qs^E#C_PjO=#(V
z?(2si$CiP5-aCaeVb;f3d;VE*#Twv3Lk3s!o;Uz__X8&dWw?1W%{FP-by7)T5_U7F
z`)_zAR7o6vtboZttN?|;Awh>_Us(WnLMqiP7a_J%Lk9(vK$yGJ5F-Vx46y>TjM{p{
zYIrkP?nH?vw1qlTu6tF^M<Y;E>81T|tb)|CxrWT2rw!!SNGk<1(91gb!QS2iRUdHj
z!^NHpyGz`5rlJiYC3D$w@FRjal`Po%cWGQeLWO?kOpscLSjcU<Os8<!d5E2qQ@iR1
zm$RvDTa(LHmOe}3;ine&gAYGY8(oS1ePvDfNFLZj@AtTjd(Uv3sq4_@=0e#QWGc9|
zxH6h4N^N6hrSd<o-?{(_2jDvG6oIh_hELahlF$mxQk*DKNG<;LA9dvi!ve4&gUY{7
zx5gB7AQ^HK=PhK~u2ULXZU#OFb+zJSqAQDoqrxN{dY->CJ(j)L$6xa}to#gpeSz=~
zKVFZ=TJR%>SB|?G!Y)a`Dwd)4-0$B6Vh$^(VwH7uZX0DfK&}778ugPWg^D@h9TLkw
zMh>SGy4RsmR=Y`8;@LJ$J-SnXo#%6A`plUp^Hc5yZ8$ec$;$S5Q3%@KdwF<V8N_Kw
zy$+K456e;250Cy~zu<5j!NqZk&{c%H2dXm3m1eiS#}K(gydsH!f0SLb{CVpSU<JNy
z|2qV5!tQ@jIJ7!t)lE|#28nEG*O(3DH^BYxj(8&;5JpaXYe25-f?_;Fieua^6JL6n
zO5OKU)C?6LVIeS@{__R|Nk5ayPlOXxMeAgP)eh0{x9!&LkzQw;<<~c3fd6tNF{`sI
zB{V8Wj|0yi^soG9s2^9Umr>5+`Ox~906ob5;ST%vsFWS#QAH06AMYixxF#n%azyDL
z*w}?0V}-`Yaw{Aw1V-YH%37APZ?}s6S*a?vd-nHTaO)<$inVE72fve2!-w7HvQ+I+
z#$#FH6oyZ?GqBbA1$!S7viC?UP8flGY><LL2L?wk@>>zPcO%0YMTHQ7{G4Op#ftln
z%F<fXhEW}mV#4xR?@|3+A*=x#zzHefv<f1Uiz#_X>AgQsZzB$cz#`OaAWjnE9{&v1
zX-x{5WL$1)f7>3ivw<1MQ_@$x<D&h6(*p^P=8s#px4ZB8daL3eL31YM-rc)HGPU&G
zrgT6l(Gr=TpJ(J7650ZCTaKW2XPo{gU!O>36(%+gQo`CXumYCE+iC-^5GxTzGrN&A
zQ4Uf35qv=~*Pva#)Gx*{|1^t;UT)u$f)KxIqtwQAb#-%VJNAL!Eqe_mbB-x{;`4^u
z)QNz3OYYZUt+!K^j|5zN8%RbT$`0Qc*F6v`Q9rB-;jsya1L&U5uDOrL=ruZa&swRG
zT3=}6_|})!=IL(1z?G5QPIP-*eSJM~!=m$0qLzV|`5rfxX)l+M(Dk44hUMFOFi%Nl
ztRp3AFy-gxF5Dog@ZR5ErM_}q5nI7t@oRrVSe{#&6y2j)9gE}Bd17$nmwS5q56>7Q
zph&pu>H@lFeG-?|iKK?UPGGT8mnoYmjZzJ*;*WayYEH(U*CEY9G5X;Db)QB;jJI={
zBlDOe74j!?XW9<ksMm#*etXEAjk;c)-?q=SQzKMnw3F&G>`Yq9y@M+T6Us?;k3lTm
zug?7uJb!>R-Y;9QM95}%zQc>HH@`G_2egO)qM_&9pw1L-Dl>#V!f^5MWI>cM9c4)Z
zkIgo9^M5nacQR~UM@PWi$LGb$ekJG2SJ11fnm?ep3!f)7v~C2p`CLhCc`Z-VpbL<G
z?NK`08UqUQ^UW7dFayH$tM?9fM!qM!eIgzB86MV^kKlk;g*2OFpB_+7?}B8}0sKmV
zLM<jxlI04b2R3oVCgg~Y5TMAur69Ntw^>O@a5-rs3sFZeEz7>3TQZQD`Xkn>5dRSp
z;hImbc6ZgAavR|V(hEcZh^XAVR&2yB)4T2b#NJIloUolSFg@L8lw*@P+W9bB!Q;;>
zn|#|36vw$v_E!=sNo>rK;o$yj#z%yzmcoYbKjklV!#tD2f7V<Xk=Og9i1B`y+ym<j
z?PQ{r$p<ai&Iv9J=V+o*4Op!r4p4@42sPXw9K-qYqd=fCToJg+@BNa0!r*5pWo*|E
z_}2sj!6OumEZ0;tDI{{CHcuFGA&$$);`bISv4KbKZtmS8`k>AN)_<Z0ShwH$tdvu>
znwrQ=NFJfJTY}teFPY^)pV`R(@kjF{a^xQH?v#Cr2t{8k5=Qu^YW{t-aTMPkhU;8=
z(XJ&|@M%CP<P8xhHoS5L1vf}>9WQ0q{8z+5<pi7F`Oltx*`lzypAHI!eQp<gulaOs
z2)+{s=z~NV^_yQD7fwR1+wy!HL)ve4wk`kZeCwkC;`YO=<;nNcQ~F$^***cV-QE4`
z!H+-?IE+F-X@IR9YBc5HA3@q<qLl}*w>`JPe*|*1#KTW>ra!xnCVhlrwYrJ~O9oVo
z#uNquh)`vorQy}nz+^<rpOX_{V<0@k69L~7Z{QEh#bCQzyDm6&cct2^8<UkQq0_0i
zY41rwvWnH;fvEb>2$@})Y<YIwo>D4^P>J;D)vOdY0kW~w3IHjj+>p-1$w-P3AOT@d
zt-t3sennI4%3j)X>$C!Mb#uRWZEkA<XTuu+Lmgd1Pimtu6?Viu25jSOiv9upi?0N6
zc4|%)NkY|QO1+(0x#4(bY0`Fb5N;WuAh*dR_USA@3*zEB|F1Cy5v0Y(8;<oWA9jfV
z{F$0Nc`8`F`-FW@?D$;P@TSy*!!h&&#XmVWMx;6Rj;nJrT`>g_1kWxwvLzWn9yLUM
z#F<SoFhm7HWB)qo1}1|dOyaituWwg=H7ZbO+VC3_&32PH<A!|%#WLY~Aj2b#XNAr)
z8ZkIBR?*|QxX9gJnp2`xl8LO4wuc46DN8S+|LxYt<lnxbA<YlmeiK*c8&-Ii4(eet
z`pmn^mckj3?H1D?_wzd(NCvz+hTgxs0kUwO1yXW};>4IDo!#tQ;;T%)0=E+BCV3zQ
zwp&>WJlcQJc53XI5^i^FLDJBzRJ#sMi^WVlR3mTG7vqmI>WHr^#tjys$hVgUKJ_1R
zg5UBSAkxTf9PzAJ$8``fC4!{4`;<&Rz~doq&Gm~u&)?LDz>(otmmbNCd=e-zDVux`
zf?Yrq|G~~z;yAmV8iew`&3)*x*~eQ+%Q8$sdX+7%gWiX!hT6!R&5m6D|EcXeqnhf1
zc0)&6P!N!+FBU|4N2;P=Lj;j7y&8I?6HY)uMFc@9FCd7Zh!CoP0VF}BXn-I{=!72W
zNGPEMzRkPt{r~;AH*00Bth3HK*=P35>}Q^ty+?8>=uor*kttC=f(%J1CDe$Ky<SV4
z^+_*xpHtQ!I?v6$N`G-XG5V`MI~Obh?bF{#pP$k_iWFGyi6<l5{&+P!yi2}(_zZW5
zOFzV9g?^gQfZEh}+;}$SECt(|F-y09c|wQ1A4})-?!xLiUMSxfs&yEJ{t<l&(10Fy
zV_s(Jp%rGZ9vX<@I8VwfSu4qDHH)o8p;d*%_O&8<Wt-7)Gh%cGwmMMlhYKgD@Iab)
z(#F;QaHD%<$}e1P3KvWh5@;&x6hdC?c1}2Pd~cKP+a5@cW^@dk@b@LB?SK8H8L}*h
z+r;Q}VU5aAyM0=PPBiMToo_(Of!P`0zx!dGK(8Ef$Hy&|S|2hX=bP;-trHj!vX12>
zw4x9=LC5H_I1k7ti;X{>5~AR-q2?!V`5j~<OLxH=>8L>5-*Vy1`u85`f;pHDWySM2
z1^`!Ua&G<-j#lm0$z<=DaHO)^10#mL6;)$}P#`(KV0mT1(kAnLqUVzYkF(&^WQInt
zh9F;CfH3Q5yIWl!nvIO=wEf^+<$v)+kbVzE{&&%TVWcvQRsSw{_G6VdQGXF+8>a+o
zdkJW7(?^_?Io)$JCbz=tk4O<uVpKyxPr5lwj7Lz*S&+|2F+lWao7`7XG4|f2XCV&M
zwDaoL$cw27@b4VZp%_M(#;@pf10l&Wl~j`C7+1C7E?hYjC(IK{gcag%$&(+K-xk56
zX3_GkO^s*mDNpYo+p$}G+OsMcdo(~4I(qdeVDY59OkYfeO0IU-mxU2tTh*##_QL*q
zypr|ak((*44c$W2n1XrAnI>XYXpVZN^}>Yp^XplU+ITol$S1oOVWQT{f_Ny}cA_pW
zNg9deq+?fqxU`vaWi0Mo?b2k@R$%#->z0y<g7%vw1ft0%wJfKR+~UML-cWDzuF9$j
zUS00%ymV&>5R}r9vjvQ__hnFhuTYf?Vtzv#PTu;ft;Zd6eYMK#p1*lZS!rj;BD-Vj
zW88YW>G4Yx(E$FVEdhZiu3j;{CKPwY)SN8SuzcSyf?7}-kX@=N8WI$2o`j^?E{@OL
zz_8{R73Db<n9TmYg*Fv3gT%!_t%xR($trU0o~6(4wnIKFlLar2q7PGFC{j)z*L_ae
z^`cQ%dtsjQI}D^JjZ7?!6y;;=y$Tw~)+RHg;@R_0@5MS@<Bz+}7to^;Nv<E;ob@<&
zelHdM5#Xr6hNQnlh}L|dXjeSiJ<#**TP&xSxA!e0M~Q7kjbo6LkdlG|K26qEXmO!g
zomH?+zHw5u40}@oz@+3U%EwGJZhgZqJwdT}Q<Zvlg1Cj!CY$W;4L&R=)0`hyPw}ku
za_(VXaO*26G0Cg8;&bjf0JG`y;+<z-dgK0*&Pw=jR?-5$B3QD*Qf3wtLvr<A`Szz~
zW?I#FpXls_I$fRUK<!Ixv|L)b;#>Y%AYoiW9ntuqg=?g|;2jMRklcC%^Gwj}r8YR4
z(>V8%XURKr4vAL>KEh*a<X~rsKSDP;PsYDfj@C-*=eccU&Gfr+<1vsol>vvr_!O)O
zGB*`udt1-c6cs(&+zhU1Q~cH4{qJcylS{1rQ3$+bv-q4CE|L%;V1*b?(FHjO-UJRv
zvJa>DNGI`nPf-MqUxCDAqrNb6Q#+!PRD;@1TanSYJwY@v82HNroq)G%QYJ6wDfH+e
z*MDobg%EP|a*21P_@7Q`+%Wj$#%T2ZIapSh+3@n@iI)X17>vL2`jt!OYhs9mIZ>#O
zLNsBGqFHx;%9@-BRkUVNz%cHN{pn9ry(!{y@o-p+72#q)dV_oMYTVG@)1tPoSn-jS
zh|POWZKXMZ4K)>QKhKu6z_9t-ZD9R+Dw-qd!)Wh`vFzB{eX+hv-7}@r6Fq3fZ~-}E
zzKZJ5LEDGBX|Iuq&it{Q(J!Dje_Z(Kn+?VmRqkptxAOLX?kJGR{k0AX1YhN2AKNOR
z48q!Mv}*0=gz)_mXOXL>0%is$FL&aB>EBg`h3C}Dh|ne?uDf++eg8>rx_na2`k|z)
z>1o>=JR_AZM`6A04tj^979URLc#G_EO~uJP-gp>7ovsVoIO2Qy8-$%U%$GQSzks-u
z%eti#hfKKtv!#F-^0TP0GO+KHX<NJ1P0=<rZnWFx2FoESSHurH*cKuCRFTv|bJAJ$
z{2XwV=Xv*e_!)KN|JAq{995I%->e5s)%&bOE@TDY{*5Hb{uKaA+Lc#dIeTD2u6goV
za&22E@rZR(_pThs_`O-4xinzz&!^r1JsLS;wMpS1i-EPvvnX~-Xxc)7RscXDrW;%n
zuNqo74c78I96R$u@pb%}eQKhX20cO9P_{o^jlnkMtfPYj;0=<`3&SuQ0%uVN^A@!B
z%Vej=IE}<5I&Qmj_sNqd@(iB7UfV-IQ!n7Q@bs+%C_OJPj{vi=wLPeq`rJ#>_CKIQ
zfEjd18Cx#)$PQ@T;yK4GoMQSdhjM0teK(-)#?xBfjF*Q<43SZAPnYKyOm@7GzG%pp
zr5LA?IJdG=XeDD-+_y@fHgBH^1SuS#>}ZPhgFfj;2F>Qu$MG+T6i-j76v9lKxXCvK
z=rkANu~W8OOS(B58yjnYocNKvE-Z@A^jw+oBmF~M5DZg68d=cFe@IJgT!<8n_sB&B
zdy#W=#9A|?a*1S4UeW`fq=z9mhNo2vpZezaa*QNUUn_z&>g5vO#ev`Jsiyp?H(DlJ
z@21PvZ*5;biQZ@^_(!NM)c)4u_ID^i8y@P<_|1VtmdkWr*iFpjI)`BFx@>j#u5#lF
zUtD!^RJM=-R>1W8_%J$B5l=|>5BR=%=Y;?F3V3U?X1SV|&1R&8ccQc6+?1u9rBpg$
zmvK@9#odd}xhMVNuoR)4p9}3kCmncIl4eUhj7+G3876hew#2I4ot-ffG&Ho6R9I%W
zy#j;l(8g`S#nK#A1j)n1wqjBZoD+vT7^TzcemTk>U4?0~4pHjh{8sJNi2C5=2A;QO
zatEKZwfFq<tYjq2j@>AH_6*Y!E+8@pN^ExYjQt>j$gT-~)$)L3WO(3iTpl3$ijy(M
zE-~`dcuxJwM6!{19`yT;<KSelw3|`UYnLy_l&Y}p%lk_2Bk^NRPB&UaQy*L*Brry7
zT6lW0f3z^T5sNO&88pC}&7_t^o)NsiuEfg5wiPi}!ePAyXJyelv=5+t)k`FIYWw>>
zJp{a-?7)B37+sO0er#mOqqB~%MIWtl?+kaHuG`#nm=1)nomK9{DDC=EfjA_Cu!zV(
zA3WxMlJ;8rZkOiP2vJmp!Hv#<X$ccoORP}4G4|-iaI_=`+KWaoo>*1?IpAfzwk`TT
z?wC-s501t{KIn(uXFSmh+cgunCKE?U+9tl@lY7dU*xd=;x-`{a^#L#M3JQcdPw{$$
zs0H|Ki9;6!)K?cbm2L{Wre&4+6$mtqV3F9xO2S8r;yD_x`UBn@qKJ|wU>ZNOqgw|~
zkg7sST9fk<`W04@m1Y=SyJCys9MtCE`=zC&tXX32!SvoXHMaye`c1Imt>7OFPEL?H
zYf37-oVwnN!@3dD5_RfBaGbP`Q(vRzi_zjxvY^vH!w(-%5ML(PztG&j*&r4~W0K-u
z<9~kUU3)Td2Ih&#Z6P>p3&(Hyxo-DZ*oY5xT#(a!bK|e6oW=@&JY2Wg`U0i5n=T{x
z^`WNeluLGB^~)fWmC5zq+0_<_$Ty?)Y{0erIFi=&)k<Qo(#x@O0YFz*4mN#+aeg{v
z0W+@oK72G`N5^fhN2}Rp>Ck@G=|u05P+#5j-G{ajyEO*bm6W@;x3_Gncc>@XKc(Jy
z|H2?!-PcwBT8%}yag4WXbDZQz2zDKN4q1u=vtzv>n@;Gx^WbE{KauiBTvBg*7i|2C
z$QdRPN8$Vf6)rE&sdHCO{42JuTMa!~(qjD+<*lU^%u~Kxq~jeGESR*u{0{Q_H$oyj
zO+zVkztJ(Bz#@5**r#_8N`-^<_|T$S2VyGRT`MV)Z<gIW{mTQWvz_vC=>!U6lq?tZ
zNjUk#hYyX56pchC9^}{;Zx#+0S+MP)BDNVt54zcK?}GvDW^ezsRl+wYU4ofE{wiqw
zX8SbXjC*?wzT8qJ9w0gqA$}0Haxn%k$>mbw@oY+nXtT^A8A&!VGPivvb+&ywG?*Ng
z{DQv>vIhmRAXw&yVN^8{^Rv5;nt7rDM_CRs)AA#L8>xSx=)}uB8ogqfINg#Z$qo&=
zwvdEMDy$HJM!fsbp4ahxo|CJnKrD<{HBi?LGS~ATP-?VGJ+2FEzP~pv$?fX=Xiju}
zx8&O6V;GB<p%ty<0vV`qqFZgq19k3X$&avLy}ebogzDy{Dt8pAswRa%*-}wa6aRIR
zOa8=_Niq8eC0SJpMegEjy4U)*R6)QnGZ*}JA<LnP7jiFovce|G7na0KPoAptqmNJ5
zD)uK)Bh0rVclRe8;WT03gk9r-w#c*&G-p!%N&>NaDRy#OctC8D#OIy^&KOI{iSWIS
zwaZB-%!uobfI1Gc&~w$zmnqkT_hs&6m9j;6_ZEA|Hm*$BX-_aIy^|8Y|5v0C{tlo8
z2!N}nr&L;LM)kk56lXsgcJlCWsp!;)QGwi2-xucW3`$0Fd!2bnxnC*kv&nre6IJLI
ze!>qHSM6S~GWK1LoZg{nRb*adF8%sKpJ~~ttXFqXhYZQtHm6inf@0tF!W+r?1Getp
zzt_bOJ_k%&WN3*bYbzk}<9Qc_Y5-N+EPYnsqSV&b>V*t6C83nzA}$YzeEXFf4~y?Q
zqR9C?=zN3z3Y*%&7bUz(+S(nf-QDeXeE#!wa{@5MnS9Wa#Gdxek3YWU94jkp=}4nX
zTNo1)lk%j7?zE9C94@%IzR?Lv_Rf>H)Gee_N0J-U3Sgc;*^WSWeNYhigXpOxrjz&U
z(+iv}<@m1ta*A!X!5CugKA061<j0@NHDL|0EbcR{y~kG$=6(9&NHv-*nv{>~2}4rG
zUU9~Z)(5XNexm#`GSORDtkUzs=oHKk)om<T!nt{JG+kN~a@Ez<^~9N*ez8_HF+JAH
zTFyNL=E47n@9pSAf5ODyo1MQub7qjI+ROt0j#nFbuZ|n0jC)}6?notM?!S-HQtLa+
zNBsK-HlTOZWN3&~^R*h|vkOE?wk|clm>W9z>}FPGCP~(+eEbKcer2`$jz_hPPDE1-
zORbF67ynV_hU|U7I|)6#{rb_H7mb~a*8E21()UVK8z_*@%Ea-qP?p%s4CJltS#{ix
zE!+VrzGbpqMQ-ZHCzN0Ptg!vsq~KkQML<`;GL|x#ou8L?Me+V|S8tg4-9w42v!k`n
zuKm!ut+ixpTkAbH0_gsrW&;Db3>XiU7$UI{_NX-@5MzPJc$;3~lD#UZU`*Q5F`r^7
z(};(F;#eWD<1w6Hz}L|CfZ(v7qQC{N0_d{b@14axEhHoady8!0ko&rB2AW#P%F0?H
zPKb&Y0GuN&V959}=Kq)@j{fPw4zxOT@bNvv+(+Of^XzoVf^B~nZ7?-|UdG%KP0vQg
zN?Ef^OBo!kCP(!hrw2{=L9Qq=-}yZ;DVTeI{{vO9oEpwDGi$6gP{W83W6g2gB3~9t
z>o>D@3N4BONDONh8Pi81m6hE)97pSd08lhAU@|r~R#8=T>e#0qrcc^cIM7A1JOWsi
zOJY8HrBd;0tr-kNYK_EC&`7|bHNy$9baaD&?3xg=)(<5>8G0T!d+wQhX40{TskA0A
zH%bNSKSqv+rKvam<!+eZ#&ve8lRHeHo!$U8Um-+Tn-=*8rzK``t}xd<G&I!p)4x*j
zhO8;CpFA=8%7bB%0Re0$BgkpJLi+x?@)Zp#r1UC7|4tUeH#R+TkzF3qMDZo+hfAJ!
zHzO|oQqG28V8y#8Fj;vN7a&^U(w69|^7;Cwhl4|38&?2w#GfzB{+2~v6Nn^ARNL7J
z#Z7av#GG^lUD+h_Aw;!sfT*&D#x)4i11T`!6Z|PG1{h`#82|>#v4Nne{wEueQJSyO
zyQ)qb>Pug|)tqahbmn$Y-R<>AsTHj5<Lb{)O=W4Vx;5XRO+xjqz{6s#5@nB$@j67A
z@y!prlu3p7Kf_o)&S{;b$cx7Y806xG7FRsFH8VZBL{*P`HiUu5>Q+9CR%dBHyH7Up
zwOz@!jYS%L7GFJmF7Gs#W^L3hTJf8Y6Y!J4zUCVkY;`IqyLF>}FutzZb!)MpdrlW>
z4HxGWkQsL?3yo!s1`hF7KP)5enTIyzq9}icVPAHMQY><20P8XT%^~!kCph|MG?LZ`
zCsl@cK2_j)C4IQ@F(T|*bP}qw!+L;_bB;a6w72`?5s-B}4CDLl!UFc1bLo?&QzL`D
znDazUqs5W@n}V|C`aDv(ToYxGZlor~)7yJGLAlFue{UO>e-_<Uv$$h$<n;#86vyzn
zwpJOq5K|_7!*8_4d)tSLfi#;wx>zn^a8?3CpE;I|2vV3SMq9rsK>GGivLJI=Zk)SG
zQ*O<uXez0wNIrhSg7@lCl8rV|1lwV;sd49?zbjPfXYNNAh&xqU3jG+QYOihY?O%xb
zt~jfZE_oPZUFSm232rm-$SLuu$d4<+qwiFablLf@vqoMy*L*3s3#-6o#EN#!E47kI
z+{<Rc%dGdY;Y&C))TTWyl{Wf0)wuQdS+Z9ZIek+ou)&y#iMxNX8!Jr$^&RbhgUtKV
z$#v`Rnlut6oZ~~F#j@i4Ao+}5d&v{4rdrlKYnx(P%aZXRcA4XsKMcj~ST89Y+XuL5
z9+Ft8j3O*o`Ei_pe!F-OQ!#>|z56qS>L&w(k)W;70}}~Q$&x%p&>Lb4ojD_q+H9*G
z9rSh_d>vI7x4}v27-IeM>iizV@}|T7+7p0SBD_o>6F8@Utg}T#gpwHNqTo6@`4f47
z!*R2A$MHUy*-r1*dgwj8RQy1rk4QxDvg_>#Eoc{{6?b;^_9k=^)NzN&2hnCLl}k~P
z!*4u9Tm)`aH=?~ZRtC3`LlUgcDXLK>ark7mO!OfB9YL;<HmSFrueZ}azN#=BviR0c
z4!T?1CuJ$k#m#LhmtI7A@cV%(z(NV{Or3mP9Y`!q-h`NUl(6ZZcn3LlaOe*I^Q&uE
zQE)7KoY}LqS$AO(;V%;|61#0=?NvMqAMVKaBeNqSI#V|d7-8>eSm}0>!wEzOr{XNj
z-80M=DGFUanWJMvQ(<b$^NSyIuC%E^Y#lIn2F~caH(Mrql<Vp)4i68x?>0I}32-#k
zlm906f^FNWH)3r@-7prCw{{o$<VP*^o*^yHtn0w_*x4g<!GTktE^93;5G&faLQMja
zl?1-O`T@pbxB^KjT?T0OlMTj~RSjmsKxC{(Go1Y0W_D;C%=iuy-+HKu&n3+`nEhdw
zlm7yx)7K%lk@)jEs7_<nm+a=~U`s2w<S*BKS&3t)iZpatcjfr=tGGK-p|O!;1Paxj
zmsyRS5l~W7)(G!99=n<pHhuo9a)~aMoXuY>id(8}WTh>oO@X*T<lQ_Gs9DnYAV9S3
zC~tB}g*I%FxrUJl6$~TwB@{{yE9sTEnH+@~DNY^#whBQ?W3Q2NDy!WMgFeHsB)-sR
zwU1V>8)~V)Qel#3o=rAq&gz8;z2st6nzAGLv5k(-x!Hxx^~jbEUw(VJr=$J?H_EnG
zws`+u&)Y-twO1DQ;Z!+;OI?Cu6`-bu<B+3N%4f?SUg)7xoL<j(7Mt)j>8Pq6j4C&}
zMFkcPnArLk+~`@5x9syVy-#~SFNe_A<PMLxwzIdy9Lz)qt<*gAf$p`hbE73Mt!~y2
zB`99#?GBLH(4>fCCuangZ>5J)HJbXjbRN5i6r3tg2GN4@bsV1c?HxhbLhYki{9?dp
z1}`L31+~b3;zT<MFH7TjuOIjK6W(J5&h9^n1Tr$?>rQ^b3n6WUb<g&^MK1rnU>`N%
z4vWQ^wvkfIFHyb5FC?4qubqB$Wlu4WSX|$+4Bxe6Y%2ykJ@KB|gdJXuY~Pvnt(U0O
z|BB2^86EHQdaJc|oH>!u{qQlo7lL~Sb@_Y+1KxDAl-?6lVct1?9QSs4YiHG?l^IvT
z;J>)7WDho%vvgc`GOu;JRDN+b{J*-A+ubm$l|mei=q$|aQQ*`qa*ltqkRdO(V9<YI
zM!w!LbkQYfYuz1`)1M<8^LrAIz|FQyQ6C#mV!F5Adhrf>Ng3Fra}m<mR0H!9sKkta
z269=5>zNw)AYl^Evp^L`Akk=b`*E$`u+X>q?HYQ@UBts%vuWqrcNI=|#(&xq8)%A2
z*G!;CYD^e2{NFt(z(xP>KhXdF*8eYey8XX=>hyQ&0Rx;nkE_P{)oDO<!meMveWmoW
HW6b{mZ@EG4

diff --git a/ui/index.jsp b/ui/index.jsp
index 60f3cc3832..2541c2a342 100644
--- a/ui/index.jsp
+++ b/ui/index.jsp
@@ -1763,6 +1763,7 @@
         <script type="text/javascript" src="scripts/ui-custom/granularSettings.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/zoneChart.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/dashboard.js?t=<%=now%>"></script>
+        <script type="text/javascript" src="scripts/ui-custom/metricsView.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/installWizard.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/installWizard.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/projects.js?t=<%=now%>"></script>
@@ -1799,6 +1800,7 @@
         <script type="text/javascript" src="scripts/vm_snapshots.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/projectSelect.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/saml.js?t=<%=now%>"></script>
+        <script type="text/javascript" src="scripts/metrics.js?t=<%=now%>"></script>
 
         <!-- Plugin/module API -->
         <script type="text/javascript" src="scripts/ui-custom/pluginListing.js?t=<%=now%>"></script>
diff --git a/ui/scripts/cloudStack.js b/ui/scripts/cloudStack.js
index 8b27452ddf..1dcb99470e 100644
--- a/ui/scripts/cloudStack.js
+++ b/ui/scripts/cloudStack.js
@@ -164,6 +164,26 @@
                     }
                 });
 
+                // Update global pagesize for list APIs in UI
+                $.ajax({
+                    type: 'GET',
+                    url: createURL('listConfigurations'),
+                    data: {name: 'default.ui.page.size'},
+                    dataType: 'json',
+                    async: false,
+                    success: function(data, textStatus, xhr) {
+                        if (data && data.listconfigurationsresponse && data.listconfigurationsresponse.configuration) {
+                            var config = data.listconfigurationsresponse.configuration[0];
+                            if (config && config.name == 'default.ui.page.size') {
+                                pageSize = parseInt(config.value);
+                            }
+                        }
+                    },
+                    error: function(xhr) { // ignore any errors, fallback to the default
+                    },
+                });
+
+
                 // Populate IDP list
                 $.ajax({
                     type: 'GET',
diff --git a/ui/scripts/instances.js b/ui/scripts/instances.js
index b8d1299f74..8c7e31fe6f 100644
--- a/ui/scripts/instances.js
+++ b/ui/scripts/instances.js
@@ -288,7 +288,23 @@
                         poll: pollAsyncJobResult
                     }
                 },
-                snapshot: vmSnapshotAction({ listView: true })
+                snapshot: vmSnapshotAction({ listView: true }),
+                viewMetrics: {
+                    label: 'label.metrics',
+                    isHeader: true,
+                    addRow: false,
+                    preFilter: function(args) {
+                        return isAdmin();
+                    },
+                    action: {
+                        custom: cloudStack.uiCustom.metricsView({resource: 'vms'})
+                    },
+                    messages: {
+                        notification: function (args) {
+                            return 'label.metrics';
+                        }
+                    }
+                },
             },
 
             dataProvider: function(args) {
diff --git a/ui/scripts/metrics.js b/ui/scripts/metrics.js
new file mode 100644
index 0000000000..4fce7a0ab3
--- /dev/null
+++ b/ui/scripts/metrics.js
@@ -0,0 +1,1087 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+(function(cloudStack) {
+    cloudStack.sections.metrics = {
+        title: 'label.metrics',
+        listView: {
+            id: 'metrics',
+            fields: {
+                name: {
+                    label: 'metrics'
+                }
+            },
+        }
+    };
+
+
+    // Zones Metrics
+    cloudStack.sections.metrics.zones = {
+        title: 'label.metrics',
+        listView: {
+            id: 'physicalResources',
+            fields: {
+                name: {
+                    label: 'label.metrics.name'
+                },
+                state: {
+                    label: 'label.metrics.state',
+                    converter: function (str) {
+                        // For localization
+                        return str;
+                    },
+                    indicator: {
+                        'Enabled': 'on',
+                        'Disabled': 'off'
+                    },
+                    compact: true
+                },
+                clusters : {
+                    label: 'label.metrics.clusters'
+                },
+                cpuused: {
+                    label: 'label.metrics.cpu.usage',
+                    collapsible: true,
+                    columns: {
+                        cpuusedavg: {
+                            label: 'label.metrics.cpu.used.avg',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'cpunotificationthreshold',
+                                disable: 'cpudisablethreshold'
+                            }
+                        },
+                        cpumaxdev: {
+                            label: 'label.metrics.cpu.max.dev'
+                        }
+                    }
+                },
+                cpuallocated: {
+                    label: 'label.metrics.cpu.allocated',
+                    collapsible: true,
+                    columns: {
+                        cpuallocated: {
+                            label: 'label.metrics.allocated',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'cpunotificationthreshold',
+                                disable: 'cpudisablethreshold'
+                            }
+                        },
+                        cputotal: {
+                            label: 'label.metrics.cpu.total'
+                        }
+                    }
+                },
+                memused: {
+                    label: 'label.metrics.memory.usage',
+                    collapsible: true,
+                    columns: {
+                        memusedavg: {
+                            label: 'label.metrics.memory.used.avg',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'memnotificationthreshold',
+                                disable: 'memdisablethreshold'
+                            }
+                        },
+                        memmaxdev: {
+                            label: 'label.metrics.memory.max.dev'
+                        }
+                    }
+                },
+                memallocated: {
+                    label: 'label.metrics.memory.allocated',
+                    collapsible: true,
+                    columns: {
+                        memallocated: {
+                            label: 'label.metrics.allocated',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'memnotificationthreshold',
+                                disable: 'memdisablethreshold'
+                            }
+                        },
+                        memtotal: {
+                            label: 'label.metrics.memory.total'
+                        }
+                    }
+                }
+            },
+            dataProvider: function(args) {
+                var data = {};
+                listViewDataProvider(args, data);
+                $.ajax({
+                    url: createURL('listZones'),
+                    data: data,
+                    success: function(json) {
+                        var items = json.listzonesresponse.zone;
+                        if (items) {
+                            $.each(items, function(idx, zone) {
+                                items[idx].clusters = 0;
+                                items[idx].clustersUp = 0;
+                                items[idx].hosts = 0;
+                                items[idx].cpuusedavg = 0.0;
+                                items[idx].cpumaxdev = 0.0;
+                                items[idx].cpuallocated = 0.0;
+                                items[idx].cputotal = 0.0;
+                                items[idx].maxCpuUsed = 0.0;
+                                items[idx].memusedavg = 0.0;
+                                items[idx].memmaxdev = 0.0;
+                                items[idx].memallocated = 0.0;
+                                items[idx].memtotal = 0.0;
+                                items[idx].maxMemUsed = 0.0;
+
+                                // Threshold color coding
+                                items[idx].cpunotificationthreshold = 75.0;
+                                items[idx].cpudisablethreshold = 95.0;
+                                items[idx].memnotificationthreshold = 75.0;
+                                items[idx].memdisablethreshold = 95.0;
+
+                                $.ajax({
+                                    url: createURL('listClusters'),
+                                    data: {zoneid: zone.id},
+                                    success: function(json) {
+                                        if (json && json.listclustersresponse && json.listclustersresponse.cluster && json.listclustersresponse.count) {
+                                            items[idx].clusters += parseInt(json.listclustersresponse.count);
+                                            $.each(json.listclustersresponse.cluster, function(i, cluster) {
+                                                if (cluster.allocationstate == 'Enabled' && cluster.managedstate == 'Managed') {
+                                                    items[idx].clustersUp++;
+                                                }
+                                                $.ajax({
+                                                    url: createURL('listHosts'),
+                                                    data: {clusterid: cluster.id, type: 'routing'},
+                                                    success: function(json) {
+                                                        if (json && json.listhostsresponse && json.listhostsresponse.host && json.listhostsresponse.count) {
+                                                            items[idx].hosts += parseInt(json.listhostsresponse.count);
+                                                            $.each(json.listhostsresponse.host, function(i, host) {
+                                                                if (host.hasOwnProperty('cpuused')) {
+                                                                    var hostCpuUsage = parseFloat(host.cpuused);
+                                                                    items[idx].cpuusedavg += hostCpuUsage;
+                                                                    if (hostCpuUsage > items[idx].maxCpuUsed) {
+                                                                        items[idx].maxCpuUsed = hostCpuUsage;
+                                                                    }
+                                                                }
+
+                                                                if (host.hasOwnProperty('cpuallocated')) {
+                                                                    items[idx].cpuallocated += parseFloat(host.cpuallocated.replace('%', ''));
+                                                                }
+
+                                                                if (host.hasOwnProperty('memoryused')) {
+                                                                    var hostMemoryUsage = 100.0 * parseFloat(host.memoryused) /  parseFloat(host.memorytotal);
+                                                                    items[idx].memusedavg += hostMemoryUsage;
+                                                                    if (hostMemoryUsage > items[idx].maxMemUsed) {
+                                                                        items[idx].maxMemUsed = hostMemoryUsage;
+                                                                    }
+                                                                }
+
+                                                                if (host.hasOwnProperty('memoryallocated')) {
+                                                                    items[idx].memallocated += parseFloat(100.0 * parseFloat(host.memoryallocated)/parseFloat(host.memorytotal));
+                                                                }
+                                                            });
+                                                        }
+                                                    },
+                                                    async: false
+                                                });
+                                            });
+                                        }
+                                    },
+                                    async: false
+                                });
+
+                                $.ajax({
+                                    url: createURL('listCapacity'),
+                                    data: {zoneid: zone.id},
+                                    success: function(json) {
+                                        if (json && json.listcapacityresponse && json.listcapacityresponse.capacity) {
+                                            $.each(json.listcapacityresponse.capacity, function(i, capacity) {
+                                                // CPU
+                                                if (capacity.type == 1) {
+                                                    items[idx].cputotal = parseInt(capacity.capacitytotal)/1000.0;
+                                                }
+                                                // Memory
+                                                if (capacity.type == 0) {
+                                                    items[idx].memtotal = parseInt(capacity.capacitytotal)/(1024.0*1024.0*1024.0);
+                                                }
+                                            });
+                                        }
+                                    },
+                                    async: false
+                                });
+
+                                if (items[idx].hosts != 0) {
+                                    items[idx].cpuusedavg = (items[idx].cpuusedavg / items[idx].hosts);
+                                    items[idx].cpumaxdev = (items[idx].maxCpuUsed - items[idx].cpuusedavg);
+                                    items[idx].cpuallocated = (items[idx].cpuallocated / items[idx].hosts);
+
+                                    items[idx].memusedavg = (items[idx].memusedavg / items[idx].hosts);
+                                    items[idx].memmaxdev = (items[idx].maxMemUsed - items[idx].memusedavg);
+                                    items[idx].memallocated = (items[idx].memallocated / items[idx].hosts);
+                                }
+                                // Format data
+                                items[idx].cpuusedavg = (items[idx].cpuusedavg).toFixed(2) + "%";
+                                items[idx].cpumaxdev = (items[idx].cpumaxdev).toFixed(2) + "%";
+                                items[idx].cpuallocated = (items[idx].cpuallocated).toFixed(2) + "%";
+                                items[idx].cputotal = (items[idx].cputotal).toFixed(2) + " Ghz";
+
+                                items[idx].memusedavg = (items[idx].memusedavg).toFixed(2) + "%";
+                                items[idx].memmaxdev = (items[idx].memmaxdev).toFixed(2) + "%";
+                                items[idx].memallocated = (items[idx].memallocated).toFixed(2) + "%";
+                                items[idx].memtotal = (items[idx].memtotal).toFixed(2) + " GB";
+
+                                items[idx].clusters = items[idx].clustersUp + ' / ' + items[idx].clusters;
+                                items[idx].state = items[idx].allocationstate;
+                            });
+                        }
+                        args.response.success({
+                            data: items
+                        });
+                    }
+                });
+            },
+            browseBy: {
+                filterBy: 'zoneid',
+                resource: 'clusters'
+            },
+            detailView: cloudStack.sections.system.physicalResourceSection.sections.physicalResources.listView.zones.detailView
+        }
+    };
+
+
+    // Clusters Metrics
+    cloudStack.sections.metrics.clusters = {
+        title: 'label.metrics',
+        listView: {
+            id: 'clusters',
+            fields: {
+                name: {
+                    label: 'label.metrics.name'
+                },
+                state: {
+                    label: 'label.metrics.state',
+                    converter: function (str) {
+                        // For localization
+                        return str;
+                    },
+                    indicator: {
+                        'Enabled': 'on',
+                        'Unmanaged': 'warning',
+                        'Disabled': 'off'
+                    },
+                    compact: true
+                },
+                hosts: {
+                    label: 'label.metrics.hosts'
+                },
+                cpuused: {
+                    label: 'label.metrics.cpu.usage',
+                    collapsible: true,
+                    columns: {
+                        cpuusedavg: {
+                            label: 'label.metrics.cpu.used.avg',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'cpunotificationthreshold',
+                                disable: 'cpudisablethreshold'
+                            }
+                        },
+                        cpumaxdev: {
+                            label: 'label.metrics.cpu.max.dev'
+                        }
+                    }
+                },
+                cpuallocated: {
+                    label: 'label.metrics.cpu.allocated',
+                    collapsible: true,
+                    columns: {
+                        cpuallocated: {
+                            label: 'label.metrics.allocated',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'cpunotificationthreshold',
+                                disable: 'cpudisablethreshold'
+                            }
+                        },
+                        cputotal: {
+                            label: 'label.metrics.cpu.total'
+                        }
+                    }
+                },
+                memused: {
+                    label: 'label.metrics.memory.usage',
+                    collapsible: true,
+                    columns: {
+                        memusedavg: {
+                            label: 'label.metrics.memory.used.avg',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'memnotificationthreshold',
+                                disable: 'memdisablethreshold'
+                            }
+                        },
+                        memmaxdev: {
+                            label: 'label.metrics.memory.max.dev'
+                        }
+                    }
+                },
+                memallocated: {
+                    label: 'label.metrics.memory.allocated',
+                    collapsible: true,
+                    columns: {
+                        memallocated: {
+                            label: 'label.metrics.allocated',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'memnotificationthreshold',
+                                disable: 'memdisablethreshold'
+                            }
+                        },
+                        memtotal: {
+                            label: 'label.metrics.memory.total'
+                        }
+                    }
+                }
+            },
+            dataProvider: function(args) {
+                var data = {};
+                listViewDataProvider(args, data);
+                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
+                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
+                }
+                $.ajax({
+                    url: createURL('listClusters'),
+                    data: data,
+                    success: function(json) {
+                        var items = json.listclustersresponse.cluster;
+                        if (items) {
+                            $.each(items, function(idx, cluster) {
+                                items[idx].hosts = 0;
+                                items[idx].hostsUp = 0;
+                                items[idx].cpuusedavg = 0.0;
+                                items[idx].cpumaxdev = 0.0;
+                                items[idx].cpuallocated = 0.0;
+                                items[idx].cputotal = 0.0;
+                                items[idx].maxCpuUsed = 0;
+                                items[idx].memusedavg = 0.0;
+                                items[idx].memmaxdev = 0.0;
+                                items[idx].memallocated = 0.0;
+                                items[idx].memtotal = 0.0;
+                                items[idx].maxMemUsed = 0.0;
+
+                                // Threshold color coding
+                                items[idx].cpunotificationthreshold = 75.0;
+                                items[idx].cpudisablethreshold = 95.0;
+                                items[idx].memnotificationthreshold = 75.0;
+                                items[idx].memdisablethreshold = 95.0;
+
+                                $.ajax({
+                                    url: createURL('listConfigurations'),
+                                    data: {clusterid: cluster.id, listAll: true},
+                                    success: function(json) {
+                                        if (json.listconfigurationsresponse && json.listconfigurationsresponse.configuration) {
+                                            $.each(json.listconfigurationsresponse.configuration, function(i, config) {
+                                                switch (config.name) {
+                                                    case 'cluster.cpu.allocated.capacity.disablethreshold':
+                                                        items[idx].cpudisablethreshold = 100 * parseFloat(config.value);
+                                                        break;
+                                                    case 'cluster.cpu.allocated.capacity.notificationthreshold':
+                                                        items[idx].cpunotificationthreshold = 100 * parseFloat(config.value);
+                                                        break;
+                                                    case 'cluster.memory.allocated.capacity.disablethreshold':
+                                                        items[idx].memdisablethreshold = 100 * parseFloat(config.value);
+                                                        break;
+                                                    case 'cluster.memory.allocated.capacity.notificationthreshold':
+                                                        items[idx].memnotificationthreshold = 100 * parseFloat(config.value);
+                                                        break;
+                                                }
+                                            });
+                                        }
+                                    },
+                                    async: false
+                                });
+
+                                $.ajax({
+                                    url: createURL('listHosts'),
+                                    data: {clusterid: cluster.id, type: 'routing'},
+                                    success: function(json) {
+                                        if (json && json.listhostsresponse && json.listhostsresponse.host && json.listhostsresponse.count) {
+                                            items[idx].hosts += parseInt(json.listhostsresponse.count);
+                                            $.each(json.listhostsresponse.host, function(i, host) {
+                                                if (host.state == 'Up') {
+                                                    items[idx].hostsUp += 1;
+                                                }
+                                                if (host.hasOwnProperty('cpuused')) {
+                                                    var hostCpuUsage = parseFloat(host.cpuused);
+                                                    items[idx].cpuusedavg += hostCpuUsage;
+                                                    if (hostCpuUsage > items[idx].maxCpuUsed) {
+                                                        items[idx].maxCpuUsed = hostCpuUsage;
+                                                    }
+                                                }
+
+                                                if (host.hasOwnProperty('cpuallocated')) {
+                                                    items[idx].cpuallocated += parseFloat(host.cpuallocated.replace('%', ''));
+                                                }
+
+                                                if (host.hasOwnProperty('memoryused')) {
+                                                    var hostMemoryUsage = 100.0 * parseFloat(host.memoryused) /  parseFloat(host.memorytotal);
+                                                    items[idx].memusedavg += hostMemoryUsage;
+                                                    if (hostMemoryUsage > items[idx].maxMemUsed) {
+                                                        items[idx].maxMemUsed = hostMemoryUsage;
+                                                    }
+                                                }
+
+                                                if (host.hasOwnProperty('memoryallocated')) {
+                                                    items[idx].memallocated += parseFloat(100.0 * parseFloat(host.memoryallocated)/parseFloat(host.memorytotal));
+                                                }
+                                            });
+                                        }
+                                    },
+                                    async: false
+                                });
+
+                                $.ajax({
+                                    url: createURL('listCapacity'),
+                                    data: {clusterid: cluster.id},
+                                    success: function(json) {
+                                        if (json && json.listcapacityresponse && json.listcapacityresponse.capacity) {
+                                            $.each(json.listcapacityresponse.capacity, function(i, capacity) {
+                                                // CPU
+                                                if (capacity.type == 1) {
+                                                    items[idx].cputotal = parseInt(capacity.capacitytotal)/1000.0;
+                                                }
+                                                // Memory
+                                                if (capacity.type == 0) {
+                                                    items[idx].memtotal = parseInt(capacity.capacitytotal)/(1024.0*1024.0*1024.0);
+                                                }
+                                            });
+                                        }
+                                    },
+                                    async: false
+                                });
+
+                                if (items[idx].hosts != 0) {
+                                    items[idx].cpuusedavg = (items[idx].cpuusedavg / items[idx].hosts);
+                                    items[idx].cpumaxdev = (items[idx].maxCpuUsed - items[idx].cpuusedavg);
+                                    items[idx].cpuallocated = (items[idx].cpuallocated / items[idx].hosts);
+
+                                    items[idx].memusedavg = (items[idx].memusedavg / items[idx].hosts);
+                                    items[idx].memmaxdev = (items[idx].maxMemUsed - items[idx].memusedavg);
+                                    items[idx].memallocated = (items[idx].memallocated / items[idx].hosts);
+                                }
+
+                                // Format data
+                                items[idx].cpuusedavg = (items[idx].cpuusedavg).toFixed(2) + "%";
+                                items[idx].cpumaxdev = (items[idx].cpumaxdev).toFixed(2) + "%";
+                                items[idx].cpuallocated = (items[idx].cpuallocated).toFixed(2) + "%";
+                                items[idx].cputotal = (items[idx].cputotal).toFixed(2) + " Ghz";
+
+                                items[idx].memusedavg = (items[idx].memusedavg).toFixed(2) + "%";
+                                items[idx].memmaxdev = (items[idx].memmaxdev).toFixed(2) + "%";
+                                items[idx].memallocated = (items[idx].memallocated).toFixed(2) + "%";
+                                items[idx].memtotal = (items[idx].memtotal).toFixed(2) + " GB";
+                                items[idx].hosts = items[idx].hostsUp + ' / ' + items[idx].hosts;
+
+                                items[idx].state = items[idx].allocationstate;
+                                if (items[idx].managedstate == 'Unmanaged') {
+                                    items[idx].state = 'Unmanaged';
+                                }
+
+                                if (items[idx].managedstate == 'Managed' && items[idx].allocationstate == 'Enabled') {
+                                    items[idx].state = 'Enabled';
+                                }
+
+                                if (items[idx].managedstate == 'Managed' && items[idx].allocationstate == 'Disabled') {
+                                    items[idx].state = 'Disabled';
+                                }
+                            });
+                        }
+                        args.response.success({
+                            data: items
+                        });
+                    }
+                });
+            },
+            browseBy: {
+                filterBy: 'clusterid',
+                resource: 'hosts'
+            },
+            detailView: cloudStack.sections.system.subsections.clusters.listView.detailView
+        }
+    };
+
+
+    // Hosts Metrics
+    cloudStack.sections.metrics.hosts = {
+        title: 'label.metrics',
+        listView: {
+            id: 'hosts',
+            fields: {
+                name: {
+                    label: 'label.metrics.name'
+                },
+                state: {
+                    label: 'label.metrics.state',
+                    converter: function (str) {
+                        // For localization
+                        return str;
+                    },
+                    indicator: {
+                        'Up': 'on',
+                        'Down': 'off',
+                        'Disconnected': 'off',
+                        'Removed': 'off',
+                        'Error': 'off',
+                        'Connecting': 'transition',
+                        'Rebalancing': 'transition',
+                        'Alert': 'warning',
+                    },
+                    compact: true
+                },
+                cpuused: {
+                    label: 'label.metrics.cpu.usage',
+                    collapsible: true,
+                    columns: {
+                        cores: {
+                            label: 'label.metrics.num.cpu.cores',
+                        },
+                        cputotal: {
+                            label: 'label.metrics.cpu.total'
+                        },
+                        cpuusedavg: {
+                            label: 'label.metrics.cpu.used.avg',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'cpunotificationthreshold',
+                                disable: 'cpudisablethreshold'
+                            }
+                        },
+                        cpuallocated: {
+                            label: 'label.metrics.allocated',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'cpunotificationthreshold',
+                                disable: 'cpudisablethreshold'
+                            }
+                        }
+                    }
+                },
+                memused: {
+                    label: 'label.metrics.memory.usage',
+                    collapsible: true,
+                    columns: {
+                        memtotal: {
+                            label: 'label.metrics.memory.total'
+                        },
+                        memusedavg: {
+                            label: 'label.metrics.memory.used.avg',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'memnotificationthreshold',
+                                disable: 'memdisablethreshold'
+                            }
+                        },
+                        memallocated: {
+                            label: 'label.metrics.allocated',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'memnotificationthreshold',
+                                disable: 'memdisablethreshold'
+                            }
+                        }
+                    }
+                },
+                network: {
+                    label: 'label.metrics.network.usage',
+                    collapsible: true,
+                    columns: {
+                        networkread: {
+                            label: 'label.metrics.network.read'
+                        },
+                        networkwrite: {
+                            label: 'label.metrics.network.write'
+                        }
+                    }
+                }
+            },
+            dataProvider: function(args) {
+                var data = {};
+                data.type = 'routing';
+                listViewDataProvider(args, data);
+                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
+                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
+                }
+                $.ajax({
+                    url: createURL('listHosts'),
+                    data: data,
+                    success: function(json) {
+                        var items = json.listhostsresponse.host;
+                        if (items) {
+                            $.each(items, function(idx, host) {
+                                items[idx].cores = host.cpunumber;
+                                items[idx].cputotal = (parseFloat(host.cpunumber) * parseFloat(host.cpuspeed) / 1000.0).toFixed(2);
+                                if (host.cpuused) {
+                                    items[idx].cpuusedavg = (parseFloat(host.cpuused) * items[idx].cputotal / 100.0).toFixed(2) + ' Ghz';
+                                } else {
+                                    items[idx].cpuusedavg = '';
+                                }
+                                items[idx].cpuallocated = (parseFloat(host.cpuallocated) * items[idx].cputotal / 100.0).toFixed(2) + ' Ghz';
+                                items[idx].memtotal = (parseFloat(host.memorytotal)/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
+                                items[idx].memallocated = (parseFloat(host.memoryallocated)/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
+                                if (host.memoryused) {
+                                    items[idx].memusedavg = (parseFloat(host.memoryused)/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
+                                } else {
+                                    items[idx].memusedavg = '';
+                                }
+                                if (host.networkkbsread && host.networkkbswrite) {
+                                    items[idx].networkread = (parseFloat(host.networkkbsread)/(1024.0*1024.0)).toFixed(2) + ' GB';
+                                    items[idx].networkwrite = (parseFloat(host.networkkbswrite)/(1024.0*1024.0)).toFixed(2) + ' GB';
+                                } else {
+                                    items[idx].networkread = '';
+                                    items[idx].networkwrite = '';
+                                }
+
+                                // Threshold color coding
+                                items[idx].cpunotificationthreshold = 0.75 * parseFloat(items[idx].cputotal);
+                                items[idx].cpudisablethreshold = 0.95 * parseFloat(items[idx].cputotal);
+                                items[idx].memnotificationthreshold = 0.75 * parseFloat(items[idx].memtotal);
+                                items[idx].memdisablethreshold = 0.95 * parseFloat(items[idx].memtotal);
+
+                                $.ajax({
+                                    url: createURL('listConfigurations'),
+                                    data: {clusterid: host.clusterid, listAll: true},
+                                    success: function(json) {
+                                        if (json.listconfigurationsresponse && json.listconfigurationsresponse.configuration) {
+                                            $.each(json.listconfigurationsresponse.configuration, function(i, config) {
+                                                switch (config.name) {
+                                                    case 'cluster.cpu.allocated.capacity.disablethreshold':
+                                                        items[idx].cpudisablethreshold = parseFloat(config.value) * parseFloat(items[idx].cputotal);
+                                                        break;
+                                                    case 'cluster.cpu.allocated.capacity.notificationthreshold':
+                                                        items[idx].cpunotificationthreshold = parseFloat(config.value) * parseFloat(items[idx].cputotal);
+                                                        break;
+                                                    case 'cluster.memory.allocated.capacity.disablethreshold':
+                                                        items[idx].memdisablethreshold = parseFloat(config.value) * parseFloat(items[idx].memtotal);
+                                                        break;
+                                                    case 'cluster.memory.allocated.capacity.notificationthreshold':
+                                                        items[idx].memnotificationthreshold = parseFloat(config.value) * parseFloat(items[idx].memtotal);
+                                                        break;
+                                                }
+                                            });
+                                        }
+                                    },
+                                    async: false
+                                });
+
+                                var cpuOverCommit = 1.0;
+                                var memOverCommit = 1.0;
+                                $.ajax({
+                                    url: createURL('listClusters'),
+                                    data: {clusterid: host.clusterid, listAll: true},
+                                    success: function(json) {
+                                        if (json.listclustersresponse && json.listclustersresponse.cluster) {
+                                            var cluster = json.listclustersresponse.cluster[0];
+                                            cpuOverCommit = cluster.cpuovercommitratio;
+                                            memOverCommit = cluster.memoryovercommitratio;
+                                        }
+                                    },
+                                    async: false
+                                });
+
+                                items[idx].cputotal = items[idx].cputotal + ' Ghz (x' + cpuOverCommit + ')';
+                                items[idx].memtotal = items[idx].memtotal + ' (x' + memOverCommit + ')';
+                            });
+                        }
+                        args.response.success({
+                            data: items
+                        });
+                    }
+                });
+            },
+            browseBy: {
+                filterBy: 'hostid',
+                resource: 'vms'
+            },
+            detailView: cloudStack.sections.system.subsections.hosts.listView.detailView
+        }
+    };
+
+
+    // VMs Metrics
+    cloudStack.sections.metrics.instances = {
+        title: 'label.metrics',
+        listView: {
+            id: 'instances',
+            fields: {
+                name: {
+                    label: 'label.metrics.name'
+                },
+                state: {
+                    label: 'label.metrics.state',
+                    converter: function (str) {
+                        // For localization
+                        return str;
+                    },
+                    indicator: {
+                        'Running': 'on',
+                        'Stopped': 'off',
+                        'Error': 'off',
+                        'Destroyed': 'off',
+                        'Expunging': 'off',
+                        'Stopping': 'transition',
+                        'Starting': 'transition',
+                        'Migrating': 'transition',
+                        'Shutdowned': 'warning',
+                    },
+                    compact: true
+                },
+                cpuused: {
+                    label: 'label.metrics.cpu.usage',
+                    collapsible: true,
+                    columns: {
+                        cores: {
+                            label: 'label.metrics.num.cpu.cores',
+                        },
+                        cputotal: {
+                            label: 'label.metrics.cpu.total'
+                        },
+                        cpuused: {
+                            label: 'label.metrics.cpu.used.avg',
+                        }
+                    }
+                },
+                memused: {
+                    label: 'label.metrics.memory.usage',
+                    collapsible: true,
+                    columns: {
+                        memallocated: {
+                            label: 'label.metrics.allocated'
+                        }
+                    }
+                },
+                network: {
+                    label: 'label.metrics.network.usage',
+                    collapsible: true,
+                    columns: {
+                        networkread: {
+                            label: 'label.metrics.network.read'
+                        },
+                        networkwrite: {
+                            label: 'label.metrics.network.write'
+                        }
+                    }
+                },
+                disk: {
+                    label: 'label.metrics.disk.usage',
+                    collapsible: true,
+                    columns: {
+                        diskread: {
+                            label: 'label.metrics.disk.read'
+                        },
+                        diskwrite: {
+                            label: 'label.metrics.disk.write'
+                        },
+                        diskiopstotal: {
+                            label: 'label.metrics.disk.iops.total'
+                        }
+                    }
+                }
+            },
+            dataProvider: function(args) {
+                var data = {};
+                listViewDataProvider(args, data);
+                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
+                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
+                }
+                $.ajax({
+                    url: createURL('listVirtualMachines'),
+                    data: data,
+                    success: function(json) {
+                        var items = [];
+                        if (json && json.listvirtualmachinesresponse && json.listvirtualmachinesresponse.virtualmachine) {
+                            items = json.listvirtualmachinesresponse.virtualmachine;
+                            $.each(items, function(idx, vm) {
+                                items[idx].cores = vm.cpunumber;
+                                items[idx].cputotal = (parseFloat(vm.cpunumber) * parseFloat(vm.cpuspeed) / 1000.0).toFixed(1) + ' Ghz';
+                                items[idx].cpuusedavg = vm.cpuused;
+                                items[idx].cpuallocated = vm.cpuallocated;
+                                items[idx].memallocated = (parseFloat(vm.memory)/1024.0).toFixed(2) + ' GB';
+                                items[idx].networkread = (parseFloat(vm.networkkbsread)/(1024.0)).toFixed(2) + ' MB';
+                                items[idx].networkwrite = (parseFloat(vm.networkkbswrite)/(1024.0)).toFixed(2) + ' MB';
+                                items[idx].diskread = (parseFloat(vm.diskkbsread)/(1024.0)).toFixed(2) + ' MB';
+                                items[idx].diskwrite = (parseFloat(vm.diskkbswrite)/(1024.0)).toFixed(2) + ' MB';
+                                items[idx].diskiopstotal = parseFloat(vm.diskioread) + parseFloat(vm.diskiowrite);
+
+                                var keys = [{'cpuused': 'cpuusedavg'},
+                                            {'networkkbsread': 'networkread'},
+                                            {'networkkbswrite': 'networkwrite'},
+                                            {'diskkbsread': 'diskread'},
+                                            {'diskkbswrite': 'diskwrite'},
+                                            {'diskioread': 'diskiopstotal'}];
+                                for (keyIdx in keys) {
+                                    var map = keys[keyIdx];
+                                    var key = Object.keys(map)[0];
+                                    var uiKey = map[key];
+                                    if (!vm.hasOwnProperty(key)) {
+                                        items[idx][uiKey] = '';
+                                    }
+                                }
+                            });
+                        }
+                        args.response.success({
+                            data: items
+                        });
+                    }
+                });
+            },
+            browseBy: {
+                filterBy: 'virtualmachineid',
+                resource: 'volumes'
+            },
+            detailView: cloudStack.sections.instances.listView.detailView
+        }
+    };
+
+
+    // Volumes Metrics
+    cloudStack.sections.metrics.volumes = {
+        title: 'label.metrics',
+        listView: {
+            id: 'volumes',
+            fields: {
+                name: {
+                    label: 'label.metrics.name'
+                },
+                state: {
+                    label: 'label.metrics.state',
+                    converter: function (str) {
+                        // For localization
+                        return str;
+                    },
+                    indicator: {
+                        'Allocated': 'transition',
+                        'Creating': 'transition',
+                        'Ready': 'on',
+                        'Destroy': 'off',
+                        'Expunging': 'off',
+                        'Migrating': 'warning',
+                        'UploadOp': 'transition',
+                        'Snapshotting': 'warning',
+                    },
+                    compact: true
+                },
+                vmname: {
+                    label: 'label.metrics.vm.name'
+                },
+                disksize: {
+                    label: 'label.metrics.disk.size'
+                },
+                storagetype: {
+                    label: 'label.metrics.disk.storagetype'
+                },
+                storagepool: {
+                    label: 'label.metrics.storagepool'
+                },
+            },
+            dataProvider: function(args) {
+                var data = {listAll: true};
+                listViewDataProvider(args, data);
+                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
+                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
+                }
+                $.ajax({
+                    url: createURL('listVolumes'),
+                    data: data,
+                    success: function(json) {
+                        var items = [];
+                        if (json && json.listvolumesresponse && json.listvolumesresponse.volume) {
+                            items = json.listvolumesresponse.volume;
+                            $.each(items, function(idx, volume) {
+                                items[idx].name = volume.name;
+                                items[idx].state = volume.state;
+                                items[idx].vmname = volume.vmname;
+                                items[idx].disksize = parseFloat(volume.size)/(1024.0*1024.0*1024.0) + ' GB';
+                                items[idx].storagetype = volume.storagetype.replace(/\w\S*/g, function(txt){return txt.charAt(0).toUpperCase() + txt.substr(1).toLowerCase();}) + ' (' + volume.type + ')';
+                                if (volume.storage) {
+                                    items[idx].storagepool = volume.storage;
+                                }
+                            });
+                        }
+                        args.response.success({
+                            data: items
+                        });
+                    }
+                });
+            },
+            detailView: cloudStack.sections.storage.sections.volumes.listView.detailView
+        }
+    };
+
+
+    // Storage Pool Metrics
+    cloudStack.sections.metrics.storagepool = {
+        title: 'label.metrics',
+        listView: {
+            id: 'primarystorages',
+            fields: {
+                name: {
+                    label: 'label.metrics.name'
+                },
+                property: {
+                    label: 'label.metrics.property',
+                    collapsible: true,
+                    columns: {
+                        state: {
+                            label: 'label.metrics.state',
+                            converter: function (str) {
+                                // For localization
+                                return str;
+                            },
+                            indicator: {
+                                'Up': 'on',
+                                'Down': 'off',
+                                'Removed': 'off',
+                                'ErrorInMaintenance': 'off',
+                                'PrepareForMaintenance': 'transition',
+                                'CancelMaintenance': 'warning',
+                                'Maintenance': 'warning',
+                            },
+                            compact: true
+                        },
+                        scope: {
+                            label: 'label.metrics.scope'
+                        },
+                        type: {
+                            label: 'label.metrics.disk.storagetype'
+                        },
+                    }
+                },
+                disk: {
+                    label: 'label.metrics.disk',
+                    collapsible: true,
+                    columns: {
+                        disksizeused: {
+                            label: 'label.metrics.disk.used',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'storagenotificationthreshold',
+                                disable: 'storagedisablethreshold'
+                            }
+                        },
+                        disksizetotal: {
+                            label: 'label.metrics.disk.total'
+                        },
+                        disksizeallocated: {
+                            label: 'label.metrics.disk.allocated',
+                            thresholdcolor: true,
+                            thresholds: {
+                                notification: 'storageallocatednotificationthreshold',
+                                disable: 'storageallocateddisablethreshold'
+                            }
+                        },
+                        disksizeunallocated: {
+                            label: 'label.metrics.disk.unallocated'
+                        }
+                    }
+                }
+            },
+            dataProvider: function(args) {
+                var data = {};
+                listViewDataProvider(args, data);
+                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
+                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
+                }
+                $.ajax({
+                    url: createURL('listStoragePools'),
+                    data: data,
+                    success: function(json) {
+                        var items = [];
+                        if (json && json.liststoragepoolsresponse && json.liststoragepoolsresponse.storagepool) {
+                            items = json.liststoragepoolsresponse.storagepool;
+                            $.each(items, function(idx, pool) {
+                                items[idx].name = pool.name;
+                                items[idx].state = pool.state;
+                                items[idx].scope = pool.scope;
+                                items[idx].type = pool.type;
+                                items[idx].overprovisionfactor = parseFloat(pool.overprovisionfactor);
+                                if (pool.disksizeused) {
+                                    items[idx].disksizeused = (parseFloat(pool.disksizeused)/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
+                                } else {
+                                    items[idx].disksizeused = '';
+                                }
+                                items[idx].disksizetotal = parseFloat(pool.disksizetotal);
+                                items[idx].disksizeallocated = parseFloat(pool.disksizeallocated);
+                                items[idx].disksizeunallocated = (items[idx].overprovisionfactor * items[idx].disksizetotal) - items[idx].disksizeallocated;
+
+                                // Format presentation
+                                items[idx].disksizetotal = (items[idx].disksizetotal/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB (x' + items[idx].overprovisionfactor + ')';
+                                items[idx].disksizeallocated = (items[idx].disksizeallocated/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
+                                items[idx].disksizeunallocated = (items[idx].disksizeunallocated/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
+
+                                // Threshold color coding
+                                items[idx].storagenotificationthreshold = 0.75 * parseFloat(items[idx].disksizetotal);
+                                items[idx].storagedisablethreshold = 0.95 * parseFloat(items[idx].disksizetotal);
+                                items[idx].storageallocatednotificationthreshold = 0.75 * parseFloat(items[idx].disksizetotal) * items[idx].overprovisionfactor;
+                                items[idx].storageallocateddisablethreshold = 0.95 * parseFloat(items[idx].disksizetotal) * items[idx].overprovisionfactor;
+
+
+                                var getThresholds = function(data, items, idx) {
+                                    data.listAll = true;
+                                    $.ajax({
+                                        url: createURL('listConfigurations'),
+                                        data: data,
+                                        success: function(json) {
+                                            if (json.listconfigurationsresponse && json.listconfigurationsresponse.configuration) {
+                                                $.each(json.listconfigurationsresponse.configuration, function(i, config) {
+                                                    switch (config.name) {
+                                                        case 'cluster.storage.allocated.capacity.notificationthreshold':
+                                                            items[idx].storageallocatednotificationthreshold = parseFloat(config.value) * parseFloat(items[idx].disksizetotal);
+                                                            break;
+                                                        case 'cluster.storage.capacity.notificationthreshold':
+                                                            items[idx].storagenotificationthreshold = parseFloat(config.value) * parseFloat(items[idx].disksizetotal);
+                                                            break;
+                                                        case 'pool.storage.allocated.capacity.disablethreshold':
+                                                            items[idx].storageallocateddisablethreshold = parseFloat(config.value) * parseFloat(items[idx].disksizetotal);
+                                                            break;
+                                                        case 'pool.storage.capacity.disablethreshold':
+                                                            items[idx].storagedisablethreshold = parseFloat(config.value) * parseFloat(items[idx].disksizetotal);
+                                                            break;
+                                                    }
+                                                });
+                                            }
+                                        },
+                                        async: false
+                                    });
+                                };
+                                // Update global and cluster level thresholds
+                                getThresholds({}, items, idx);
+                                getThresholds({clusterid: pool.clusterid}, items, idx);
+                            });
+                        }
+                        args.response.success({
+                            data: items
+                        });
+                    }
+                });
+            },
+            browseBy: {
+                filterBy: 'storageid',
+                resource: 'volumes'
+            },
+            detailView: cloudStack.sections.system.subsections['primary-storage'].listView.detailView
+        }
+    };
+
+})(cloudStack);
diff --git a/ui/scripts/storage.js b/ui/scripts/storage.js
index d56835cd7e..ee913f591c 100644
--- a/ui/scripts/storage.js
+++ b/ui/scripts/storage.js
@@ -253,6 +253,23 @@
                             }
                         },
 
+                        viewMetrics: {
+                            label: 'label.metrics',
+                            isHeader: true,
+                            addRow: false,
+                            preFilter: function(args) {
+                                return isAdmin();
+                            },
+                            action: {
+                                custom: cloudStack.uiCustom.metricsView({resource: 'volumes'})
+                            },
+                            messages: {
+                                notification: function (args) {
+                                    return 'label.metrics';
+                                }
+                            }
+                        },
+
                         uploadVolume: {
                             isHeader: true,
                             label: 'label.upload.volume',
diff --git a/ui/scripts/system.js b/ui/scripts/system.js
index 7169a95632..8d097f4fcd 100644
--- a/ui/scripts/system.js
+++ b/ui/scripts/system.js
@@ -7622,7 +7622,7 @@
                 }
             }
         },
-        show: cloudStack.uiCustom.physicalResources({
+        physicalResourceSection: {
             sections: {
                 physicalResources: {
                     type: 'select',
@@ -7705,7 +7705,23 @@
                                             });
                                         }
                                     }
-                                }
+                                },
+                                viewMetrics: {
+                                    label: 'label.metrics',
+                                    isHeader: true,
+                                    addRow: false,
+                                    preFilter: function(args) {
+                                        return isAdmin();
+                                    },
+                                    action: {
+                                        custom: cloudStack.uiCustom.metricsView({resource: 'zones'})
+                                    },
+                                    messages: {
+                                        notification: function (args) {
+                                            return 'label.metrics';
+                                        }
+                                    }
+                                },
                             },
                             
                             detailView: {
@@ -9390,7 +9406,7 @@
                     }
                 }
             }
-        }),
+        },
         subsections: {
             virtualRouters: {
                 sectionSelect: {
@@ -14371,6 +14387,22 @@
                                     }
                                 });
                             }
+                        },
+                        viewMetrics: {
+                            label: 'label.metrics',
+                            isHeader: true,
+                            addRow: false,
+                            preFilter: function(args) {
+                                return isAdmin();
+                            },
+                            action: {
+                                custom: cloudStack.uiCustom.metricsView({resource: 'clusters'})
+                            },
+                            messages: {
+                                notification: function (args) {
+                                    return 'label.metrics';
+                                }
+                            }
                         }
                     },
                     
@@ -15073,11 +15105,12 @@
                         }
                         
                         if (! args.context.instances) {
-                            array1.push("&zoneid=" + args.context.zones[0].id);
+                            if ("zones" in args.context)
+                                array1.push("&zoneid=" + args.context.zones[0].id);
                             if ("pods" in args.context)
-                            array1.push("&podid=" + args.context.pods[0].id);
+                                array1.push("&podid=" + args.context.pods[0].id);
                             if ("clusters" in args.context)
-                            array1.push("&clusterid=" + args.context.clusters[0].id);
+                               array1.push("&clusterid=" + args.context.clusters[0].id);
                         } else {
                             //Instances menu > Instance detailView > View Hosts
                             array1.push("&id=" + args.context.instances[0].hostid);
@@ -15608,6 +15641,22 @@
                                     return 'label.add.host';
                                 }
                             }
+                        },
+                        viewMetrics: {
+                            label: 'label.metrics',
+                            isHeader: true,
+                            addRow: false,
+                            preFilter: function(args) {
+                                return isAdmin();
+                            },
+                            action: {
+                                custom: cloudStack.uiCustom.metricsView({resource: 'hosts'})
+                            },
+                            messages: {
+                                notification: function (args) {
+                                    return 'label.metrics';
+                                }
+                            }
                         }
                     },
                     detailView: {
@@ -17414,6 +17463,22 @@
                                     return 'label.add.primary.storage';
                                 }
                             }
+                        },
+                        viewMetrics: {
+                            label: 'label.metrics',
+                            isHeader: true,
+                            addRow: false,
+                            preFilter: function(args) {
+                                return isAdmin();
+                            },
+                            action: {
+                                custom: cloudStack.uiCustom.metricsView({resource: 'storagepool'})
+                            },
+                            messages: {
+                                notification: function (args) {
+                                    return 'label.metrics';
+                                }
+                            }
                         }
                     },
                     
@@ -19649,7 +19714,10 @@
             });
         }
     }
-    
+
+    // Inject cloudStack infra page
+    cloudStack.sections.system.show = cloudStack.uiCustom.physicalResources(cloudStack.sections.system.physicalResourceSection);
+
     function addExternalLoadBalancer(args, physicalNetworkObj, apiCmd, apiCmdRes, apiCmdObj) {
         var array1 =[];
         array1.push("&physicalnetworkid=" + physicalNetworkObj.id);
diff --git a/ui/scripts/ui-custom/metricsView.js b/ui/scripts/ui-custom/metricsView.js
new file mode 100644
index 0000000000..ef5dbba4ba
--- /dev/null
+++ b/ui/scripts/ui-custom/metricsView.js
@@ -0,0 +1,140 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+(function($, cloudStack) {
+
+    cloudStack.uiCustom.metricsView = function(args) {
+        return function() {
+            var metricsListView = cloudStack.sections.metrics.listView;
+            var metricsLabel = _l('label.metrics');
+
+            if (args.resource == 'zones') {
+                metricsListView = cloudStack.sections.metrics.zones.listView;
+                metricsLabel = _l('label.zones') + ' ' + metricsLabel;
+            } else if (args.resource == 'clusters') {
+                metricsListView = cloudStack.sections.metrics.clusters.listView;
+                metricsLabel = _l('label.clusters') + ' ' + metricsLabel;
+            } else if (args.resource == 'hosts') {
+                metricsListView = cloudStack.sections.metrics.hosts.listView;
+                metricsLabel = _l('label.hosts') + ' ' + metricsLabel;
+            } else if (args.resource == 'storagepool') {
+                metricsListView = cloudStack.sections.metrics.storagepool.listView;
+                metricsLabel = _l('label.primary.storage') + ' ' + metricsLabel;
+            } else if (args.resource == 'vms') {
+                metricsListView = cloudStack.sections.metrics.instances.listView;
+                metricsLabel = _l('label.instances') + ' ' + metricsLabel;
+            } else if (args.resource == 'volumes') {
+                metricsListView = cloudStack.sections.metrics.volumes.listView;
+                metricsLabel = _l('label.volumes') + ' ' + metricsLabel;
+            }
+
+            // list view refresh button
+            metricsListView.actions = {
+                refreshMetrics: {
+                    label: 'label.refresh',
+                    isHeader: true,
+                    addRow: true,
+                    action: {
+                        custom: function (args) {
+                            return function() {
+                            };
+                        }
+                    }
+                }
+            };
+
+            metricsListView.hideSearchBar = true;
+            metricsListView.needsRefresh = true;
+            metricsListView.noSplit = true;
+            metricsListView.horizontalOverflow = true;
+            metricsListView.groupableColumns = true;
+
+            if (args.resource == 'volumes') {
+                metricsListView.groupableColumns = false;
+            }
+
+            var metricsContext = cloudStack.context;
+            if (metricsContext.metricsFilterData) {
+                delete metricsContext.metricsFilterData;
+            }
+            if (args.filterBy) {
+                metricsContext.metricsFilterData = {
+                    key: args.filterBy,
+                    value: args.id
+                };
+            }
+
+            var $browser = $('#browser .container');
+            return $browser.cloudBrowser('addPanel', {
+                  title: metricsLabel,
+                  maximizeIfSelected: true,
+                  complete: function($newPanel) {
+                      $newPanel.listView({
+                          $browser: $browser,
+                          context: metricsContext,
+                          listView: metricsListView
+                      });
+                      // Make metrics tables horizontally scrollable
+                      $newPanel.find('.list-view').css({'overflow-x': 'visible'});
+                      // Refresh metrics when refresh button is clicked
+                      $newPanel.find('.refreshMetrics').click(function() {
+                          var sortedTh = $newPanel.find('table thead tr:last th.sorted');
+                          var thIndex = sortedTh.index();
+                          var thClassName = null;
+                          var wasSorted = false;
+                          var sortClassName = 'asc';
+                          if (sortedTh && sortedTh.hasClass('sorted')) {
+                              wasSorted = true;
+                              var classes = sortedTh.attr('class').split(/\s+/);
+                              thClassName = classes[0];
+                              if (classes.indexOf('desc') > -1) {
+                                  sortClassName = 'desc';
+                              }
+                          }
+                          $browser.cloudBrowser('removeLastPanel', {});
+                          var refreshedPanel = cloudStack.uiCustom.metricsView(args)();
+                          if (wasSorted && thClassName) {
+                              refreshedPanel.find('th.' + thClassName).filter(function() {
+                                  return $(this).index() == thIndex;
+                              }).addClass('sorted').addClass(sortClassName);
+                          }
+                      });
+
+                      var filterMetricView = metricsListView.browseBy;
+                      if (filterMetricView) {
+                          $newPanel.bind('click', function(event) {
+                              event.stopPropagation();
+                              var $target = $(event.target);
+                              var id = $target.closest('tr').data('list-view-item-id');
+                              var jsonObj = $target.closest('tr').data('jsonObj');
+                              if (filterMetricView.filterKey && jsonObj) {
+                                  if (jsonObj.hasOwnProperty(filterMetricView.filterKey)) {
+                                  id = jsonObj[filterMetricView.filterKey];
+                                  } else {
+                                      return; // return if provided key is missing
+                                  }
+                              }
+                              if (id && ($target.hasClass('first') || $target.parent().hasClass('first')) && ($target.is('td') || $target.parent().is('td'))) {
+                                  filterMetricView.id = id;
+                                  cloudStack.uiCustom.metricsView(filterMetricView)();
+                              }
+                          });
+                      }
+                  }
+            });
+        };
+    };
+})(jQuery, cloudStack);
diff --git a/ui/scripts/ui/widgets/cloudBrowser.js b/ui/scripts/ui/widgets/cloudBrowser.js
index 007025b14b..b7a5c38b39 100644
--- a/ui/scripts/ui/widgets/cloudBrowser.js
+++ b/ui/scripts/ui/widgets/cloudBrowser.js
@@ -321,6 +321,14 @@
             return $panel;
         },
 
+        removeLastPanel: function(args) {
+            $('div.panel:last').stop(); // Prevent destroyed panels from animating
+            this.element.find('div.panel:last').remove();
+            this.element.find('div.panel:last').removeClass('reduced');
+            $('#breadcrumbs').find('ul li:last').remove();
+            $('#breadcrumbs').find('ul div.end').remove();
+        },
+
         /**
          * Clear all panels
          */
diff --git a/ui/scripts/ui/widgets/dataTable.js b/ui/scripts/ui/widgets/dataTable.js
index 4c025314be..22ddda6307 100644
--- a/ui/scripts/ui/widgets/dataTable.js
+++ b/ui/scripts/ui/widgets/dataTable.js
@@ -141,49 +141,95 @@
          * @param columnIndex Index of column (starting at 0) to sort by
          */
         var sortTable = function(columnIndex) {
-            return false;
             var direction = 'asc';
 
-            if ($table.find('thead th').hasClass('sorted ' + direction)) {
+            if ($table.find('thead tr:last th').hasClass('sorted ' + direction)) {
                 direction = 'desc';
             }
 
-            $table.find('thead th').removeClass('sorted desc asc');
-            $($table.find('thead th')[columnIndex]).addClass('sorted').addClass(direction);
+            $table.find('thead tr:last th').removeClass('sorted desc asc');
+            $($table.find('thead tr:last th')[columnIndex]).addClass('sorted').addClass(direction);
 
             var $elems = $table.find('tbody td').filter(function() {
                 return $(this).index() == columnIndex;
             });
 
+            if ($elems.length < 2) {
+                return;
+            }
+
+            var stringComparator = function(a,b) {
+                return a.html().localeCompare(b.html());
+            };
+            var numericComparator = function(a,b) {
+                return parseFloat(a.children().html()) < parseFloat(b.children().html()) ? 1 : -1;
+            };
+            var stateComparator = function(a,b) {
+                return a.attr('title').localeCompare(b.attr('title'));
+            };
+            var isNumeric = function(obj) {
+                return !$.isArray(obj) && !isNaN(parseFloat(obj)) && isFinite(parseFloat(obj));
+            }
+
+            var comparator = stringComparator;
+            var hasAllRowsSameValue = true;
+            var firstElem = $($elems[0]).html();
             var sortData = [];
+            var numericDataCount = 0;
             $elems.each(function() {
-                sortData.push($(this).html());
-                sortData.sort();
-
-                if (direction == 'asc') {
-                    sortData.reverse();
+                var text = $(this).html();
+                if (hasAllRowsSameValue) {
+                    if (firstElem !== text) {
+                        hasAllRowsSameValue = false;
+                    }
+                }
+                if (isNumeric(text) || !text) {
+                    numericDataCount++;
                 }
+                sortData.push($(this));
             });
 
+            if ($($elems[0]).hasClass('state')) {
+                comparator = stateComparator;
+            } else {
+                if (hasAllRowsSameValue) {
+                    return;
+                }
+                if (columnIndex != 0 && numericDataCount > ($elems.length / 4)) {
+                    comparator = numericComparator;
+                }
+            }
+
+            sortData.sort(comparator);
+
+            if (direction == 'asc') {
+                sortData.reverse();
+            }
+
+            var elements = [];
             $(sortData).each(function() {
-                var sortKey = this;
-                var $targetCell = $elems.filter(function() {
-                    return $(this).html() == sortKey;
-                });
-                var $targetContainer = $targetCell.parent();
+                elements.push($(this).parent().clone(true));
+            });
 
-                $targetContainer.remove().appendTo($table.find('tbody'));
+            var $tbody = $table.find('tbody');
+            $tbody.empty();
+            $(elements).each(function() {
+                $(this).appendTo($tbody);
             });
 
             computeEvenOddRows();
         };
 
         var resizeHeaders = function() {
-            var $thead = $table.closest('div.data-table').find('thead');
+            var $thead = $table.hasClass('no-split') ? $table.find('thead') : $table.closest('div.data-table').find('thead');
             var $tbody = $table.find('tbody');
             var $ths = $thead.find('th');
             var $tds = $tbody.find('tr:first td');
 
+            if ($table.hasClass('no-split')) {
+                $tbody.width($thead.width());
+            }
+
             if ($ths.size() > $tds.size()) {
                 $ths.width(
                     $table.width() / $ths.size()
@@ -194,6 +240,10 @@
             $ths.each(function() {
                 var $th = $(this);
 
+                if ($th.hasClass('collapsible-column')) {
+                    return true;
+                }
+
                 var $td = $tds.filter(function() {
                     return $(this).index() == $th.index();
                 });
@@ -238,9 +288,12 @@
                 $table.find('tbody').closest('table').addClass('body');
             }
 
-            $table.find('th:not(:has(input))').bind('mousemove mouseout', hoverResizableEvent);
-            $table.find('th:not(:has(input))').bind('mousedown mousemove mouseup mouseout', resizeDragEvent);
-            $table.find('th:not(:has(input))').bind('click', function(event) {
+            if (!$table.hasClass('horizontal-overflow')) {
+                $table.find('th:not(:has(input))').bind('mousemove mouseout', hoverResizableEvent);
+                $table.find('th:not(:has(input))').bind('mousedown mousemove mouseup mouseout', resizeDragEvent);
+            }
+
+            $table.find('thead tr:last th:not(:has(input)):not(.collapsible-column):not(.quick-view)').unbind('click').bind('click', function(event) {
                 if ($(this).hasClass('resizable')) {
                     return false;
                 }
diff --git a/ui/scripts/ui/widgets/listView.js b/ui/scripts/ui/widgets/listView.js
index 07b60d9538..9b83940eaf 100644
--- a/ui/scripts/ui/widgets/listView.js
+++ b/ui/scripts/ui/widgets/listView.js
@@ -765,10 +765,12 @@
     var createHeader = function(preFilter, fields, $table, actions, options) {
         if (!options) options = {};
 
-        var $thead = $('<thead>').prependTo($table).append($('<tr>'));
+        var $tr = $('<tr>');
+        var $thead = $('<thead>').prependTo($table).append($tr);
         var reorder = options.reorder;
         var detailView = options.detailView;
         var multiSelect = options.multiSelect;
+        var groupableColumns = options.groupableColumns;
         var viewArgs = $table.closest('.list-view').data('view-args');
         var uiCustom = viewArgs.uiCustom;
         var hiddenFields = [];
@@ -776,8 +778,110 @@
         if (preFilter != null)
             hiddenFields = preFilter();
 
+        var addColumnToTr = function($tr, key, colspan, label, needsCollapsibleColumn) {
+            var trText = _l(label);
+            var $th = $('<th>').addClass(key).attr('colspan', colspan).appendTo($tr);
+            if ($th.index()) $th.addClass('reduced-hide');
+            $th.css({'border-right': '1px solid #C6C3C3', 'border-left': '1px solid #C6C3C3'});
+            if (needsCollapsibleColumn) {
+                var karetLeft = $('<span>').css({'margin-right': '10px'});
+                karetLeft.attr('title', trText);
+                karetLeft.appendTo($th);
+                $('<span>').html('&laquo').css({'font-size': '15px', 'float': 'right'}).appendTo(karetLeft);
+                $('<span>').html(trText).appendTo(karetLeft);
+
+                $th.click(function(event) {
+                    event.stopPropagation();
+                    var $th = $(this);
+                    var startIndex = 0;
+                    $th.prevAll('th').each(function() {
+                        startIndex += parseInt($(this).attr('colspan'));
+                    });
+                    var endIndex = startIndex + parseInt($th.attr('colspan'));
+                    // Hide Column group
+                    $th.hide();
+                    $th.closest('table').find('tbody td').filter(function() {
+                        return $(this).index() >= startIndex && $(this).index() < endIndex;
+                    }).hide();
+                    $th.closest('table').find('thead tr:last th').filter(function() {
+                        return $(this).index() >= startIndex && $(this).index() < endIndex;
+                    }).hide();
+                    // Show collapsible column with blank cells
+                    $th.next('th').show();
+                    $th.closest('table').find('tbody td').filter(function() {
+                        return $(this).index() == endIndex;
+                    }).show();
+                    $th.closest('table').find('thead tr:last th').filter(function() {
+                        return $(this).index() == endIndex;
+                    }).show();
+                    // Refresh list view
+                    $tr.closest('.list-view').find('.no-split').dataTable('refresh');
+                });
+
+                var karetRight = addColumnToTr($tr, 'collapsible-column', 1, '');
+                $('<span>').html(trText.substring(0,3)).appendTo(karetRight);
+                $('<span>').css({'font-size': '15px'}).html(' &raquo').appendTo(karetRight);
+                karetRight.attr('title', trText);
+                karetRight.css({'border-right': '1px solid #C6C3C3', 'border-left': '1px solid #C6C3C3', 'min-width': '10px', 'width': '10px', 'max-width': '45px', 'padding': '2px'});
+                karetRight.hide();
+                karetRight.click(function(event) {
+                    event.stopPropagation();
+                    var prevTh = $(this).prev('th');
+                    var startIndex = 0;
+                    prevTh.prevAll('th').each(function() {
+                        startIndex += parseInt($(this).attr('colspan'));
+                    });
+                    var endIndex = startIndex + parseInt(prevTh.attr('colspan'));
+
+                    prevTh.show();
+                    prevTh.closest('table').find('tbody td').filter(function() {
+                        return $(this).index() >= startIndex && $(this).index() < endIndex;
+                    }).show();
+                    prevTh.closest('table').find('thead tr:last th').filter(function() {
+                        return $(this).index() >= startIndex && $(this).index() < endIndex;
+                    }).show();
+
+                    prevTh.next('th').hide();
+                    prevTh.closest('table').find('tbody td').filter(function() {
+                        return $(this).index() == endIndex;
+                    }).hide();
+                    prevTh.closest('table').find('thead tr:last th').filter(function() {
+                        return $(this).index() == endIndex;
+                    }).hide();
+
+                    $tr.closest('.list-view').find('.no-split').dataTable('refresh');
+                });
+            } else {
+                $th.html(trText);
+            }
+            return $th;
+        };
+
+        if (groupableColumns) {
+            $tr.addClass('groupable-header-columns').addClass('groupable-header');
+            $.each(fields, function(key) {
+                var field = this;
+                if (field.columns) {
+                    var colspan = Object.keys(field.columns).length;
+                    addColumnToTr($tr, key, colspan, field.label, true);
+                } else {
+                    var label = '';
+                    if (key == 'name') {
+                        label = 'label.resources';
+                    }
+                    addColumnToTr($tr, key, 1, label);
+                }
+                return true;
+            });
+            if (detailView && !$.isFunction(detailView) && !detailView.noCompact && !uiCustom) {
+                addColumnToTr($tr, 'quick-view', 1, '');
+            }
+            $tr = $('<tr>').appendTo($thead);
+            $tr.addClass('groupable-header');
+        }
+
         if (multiSelect) {
-            var $th = $('<th>').addClass('multiselect').appendTo($thead.find('tr'));
+            var $th = $('<th>').addClass('multiselect').appendTo($tr);
             var content = $('<input>')
                 .attr('type', 'checkbox')
                 .addClass('multiSelectMasterCheckbox')
@@ -794,18 +898,24 @@
             if ($.inArray(key, hiddenFields) != -1)
                 return true;
             var field = this;
-            var $th = $('<th>').addClass(key).appendTo($thead.find('tr'));
-
-            if ($th.index()) $th.addClass('reduced-hide');
-
-            $th.html(_l(field.label));
-
+            if (field.columns) {
+                $.each(field.columns, function(idx) {
+                    var subfield = this;
+                    addColumnToTr($tr, key, 1, subfield.label);
+                    return true;
+                });
+                var blankCell = addColumnToTr($tr, 'collapsible-column', 1, '');
+                blankCell.css({'min-width': '10px', 'width': '10px'});
+                blankCell.hide();
+            } else {
+                addColumnToTr($tr, key, 1, field.label);
+            }
             return true;
         });
 
         // Re-order row buttons
         if (reorder) {
-            $thead.find('tr').append(
+            $tr.append(
                 $('<th>').html(_l('label.order')).addClass('reorder-actions reduced-hide')
             );
         }
@@ -826,7 +936,7 @@
         );
 
         if (actions && !options.noActionCol && renderActionCol(actions) && actionsArray.length != headerActionsArray.length) {
-            $thead.find('tr').append(
+            $tr.append(
                 $('<th></th>')
                 .html(_l('label.actions'))
                 .addClass('actions reduced-hide')
@@ -835,7 +945,7 @@
 
         // Quick view
         if (detailView && !$.isFunction(detailView) && !detailView.noCompact && !uiCustom) {
-            $thead.find('tr').append(
+            $tr.append(
                 $('<th></th>')
                 .html(_l('label.quickview'))
                 .addClass('quick-view reduced-hide')
@@ -1033,6 +1143,7 @@
         var listViewArgs = $listView.data('view-args');
         var uiCustom = listViewArgs.uiCustom;
         var subselect = uiCustom ? listViewArgs.listView.subselect : null;
+        var hasCollapsibleColumn = false;
 
         if (!(data && data.length)) {
             $listView.data('end-of-table', true);
@@ -1088,8 +1199,25 @@
                 );
             }
 
-            // Add field data
+            var reducedFields = {};
+            var idx = 0;
             $.each(fields, function(key) {
+                var field = this;
+                if (field.columns) {
+                    $.each(field.columns, function(innerKey) {
+                        reducedFields[innerKey] = this;
+                    });
+                    reducedFields['blank-cell-' + idx] = {blankCell: true};
+                    idx += 1;
+                    hasCollapsibleColumn = true;
+                } else {
+                    reducedFields[key] = this;
+                }
+                return true;
+            });
+
+            // Add field data
+            $.each(reducedFields, function(key) {
                 if ($.inArray(key, hiddenFields) != -1)
                     return true;
                 var field = this;
@@ -1103,6 +1231,11 @@
                     $td.addClass('truncated');
                 }
 
+                if (field.blankCell) {
+                    $td.css({'min-width': '10px', 'width': '10px'});
+                    $td.hide();
+                }
+
                 if (field.indicator) {
                     $td.addClass('state').addClass(field.indicator[content]);
 
@@ -1110,6 +1243,19 @@
                     //$tr.find('td:first').addClass('item-state-' + field.indicator[content]);
                 }
 
+                if (field.thresholdcolor && field.thresholds) {
+                    if ((field.thresholds.disable in dataItem) && (field.thresholds.notification in dataItem)) {
+                        var disableThreshold = parseFloat(dataItem[field.thresholds.disable]);
+                        var notificationThreshold = parseFloat(dataItem[field.thresholds.notification]);
+                        var value = parseFloat(content);
+                        if (value >= disableThreshold) {
+                            $td.addClass('alert-disable-threshold');
+                        } else if (value >= notificationThreshold) {
+                            $td.addClass('alert-notification-threshold');
+                        }
+                    }
+                }
+
                 if (field.id == true) id = field.id;
                 if ($td.index()) $td.addClass('reduced-hide');
                 if (field.action) {
@@ -1136,9 +1282,12 @@
 
                         $ul.appendTo($td);
                     } else {
-                        $td.append(
-                            $('<span>').html(_s(content))
-                        );
+                        var span = $('<span>').html(_s(content));
+                        if (field.compact) {
+                            span.addClass('compact');
+                            span.html('');
+                        }
+                        $td.append(span);
                     }
                 }
 
@@ -1376,8 +1525,8 @@
                     .appendTo($tr);
                 $quickView.mouseover(
                     // Show quick view
-
                     function() {
+                        var $quickView = $(this);
                         var $quickViewTooltip = $('<div>').addClass('quick-view-tooltip hovered-elem');
                         var $tr = $quickView.closest('tr');
                         var $listView = $tr.closest('.list-view');
@@ -1461,7 +1610,7 @@
                         });
                         $quickViewTooltip.css({
                             position: 'absolute',
-                            left: $tr.offset().left + $tr.width() - $quickViewTooltip.width(),
+                            left: $quickView.offset().left + $quickView.outerWidth() - $quickViewTooltip.width() - 2*(parseInt($quickView.css('border-left-width')) + parseInt($quickView.css('border-right-width'))),
                             top: $quickView.offset().top,
                             zIndex: $tr.closest('.panel').zIndex() + 1
                         });
@@ -1476,6 +1625,14 @@
             }
         });
 
+        // Toggle collapsible column to fix alignment of hidden/shown cells
+        if (hasCollapsibleColumn) {
+            $tbody.closest('table').find('tr:first th.collapsible-column:visible').prev('th').click();
+        }
+
+        // Re-sort table if a column was previously sorted
+        $listView.find('thead tr:last th.sorted').click().click();
+
         return rows;
     };
 
@@ -1794,8 +1951,19 @@
                 reorder: reorder,
                 detailView: listViewData.detailView,
                 'multiSelect': multiSelect,
-                noActionCol: listViewData.noActionCol
+                noActionCol: listViewData.noActionCol,
+                groupableColumns: listViewData.groupableColumns
             });
+
+        if (listViewData.noSplit) {
+            $table.addClass('no-split');
+        }
+
+        if (listViewData.horizontalOverflow) {
+            $table.addClass('horizontal-overflow');
+            $table.parent().css({'overflow-x': 'auto'});
+        }
+
         createFilters($toolbar, listViewData.filters);
                 
         if (listViewData.hideSearchBar != true) {

From e7291fd600ce922a76b1fe9cd2c120a40d4cbc18 Mon Sep 17 00:00:00 2001
From: Rene Moser <resmo@apache.org>
Date: Fri, 6 Nov 2015 12:25:10 +0100
Subject: [PATCH 088/115] CLOUDSTACK-9042: VR: DHCP: fix missing DHCP host
 enties

in /etc/dhcpentries.txt we had:

02:00:1e:07:01:53,set:10_102_92_5,10.102.92.5,songlog-1,infinite
02:00:0b:a2:00:3d,set:10_102_92_234,10.102.92.234,log-1,infinite

This sed matched unexpectetly "songlog-1" as well when "log-1" was processed, resulting
missing dhcp entry for songlog-1.

Also fixed other potenials problems relating to sed matching.
---
 .../debian/config/opt/cloud/bin/edithosts.sh  | 22 +++++++++----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh b/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh
index f0d9c00ddf..efb77909a4 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh
+++ b/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh
@@ -110,10 +110,10 @@ logger -t cloud "edithosts: update $mac $ipv4 $ipv6 $host to hosts"
 [ ! -f $DHCP_LEASES ] && touch $DHCP_LEASES
 
 #delete any previous entries from the dhcp hosts file
-sed -i  /$mac/d $DHCP_HOSTS
+sed -i  /^$mac,/d $DHCP_HOSTS
 if [ $ipv4 ]
 then
-  sed -i  /$ipv4,/d $DHCP_HOSTS
+  sed -i  /,$ipv4,/d $DHCP_HOSTS
 fi
 if [ $ipv6 ]
 then
@@ -121,7 +121,7 @@ then
   sed -i  /$ipv6],/d $DHCP_HOSTS
 fi
 # don't want to do this in the future, we can have same VM with multiple nics/entries
-sed -i  /$host,/d $DHCP_HOSTS
+sed -i  /,$host,/d $DHCP_HOSTS
 
 #put in the new entry
 if [ $ipv4 ]
@@ -143,15 +143,15 @@ then
   #delete leases to supplied mac and ip addresses
   if [ $ipv4 ]
   then
-    sed -i  /$mac/d $DHCP_LEASES
-    sed -i  /"$ipv4 "/d $DHCP_LEASES
+    sed -i  /\b$mac\b/d $DHCP_LEASES
+    sed -i  /\b$ipv4\b/d $DHCP_LEASES
   fi
   if [ $ipv6 ]
   then
-    sed -i  /$duid/d $DHCP_LEASES
-    sed -i  /"$ipv6 "/d $DHCP_LEASES
+    sed -i  /\b$duid\b/d $DHCP_LEASES
+    sed -i  /\b$ipv6\b/d $DHCP_LEASES
   fi
-  sed -i  /"$host "/d $DHCP_LEASES
+  sed -i  /\b$host\b/d $DHCP_LEASES
 
   #put in the new entry
   if [ $ipv4 ]
@@ -167,11 +167,11 @@ fi
 #edit hosts file as well
 if [ $ipv4 ]
 then
-  sed -i  /"$ipv4 "/d $HOSTS
+  sed -i  /\b$ipv4\b/d $HOSTS
 fi
 if [ $ipv6 ]
 then
-  sed -i  /"$ipv6 "/d $HOSTS
+  sed -i  /\b$ipv6\b/d $HOSTS
 fi
 sed -i  /" $host$"/d $HOSTS
 if [ $ipv4 ]
@@ -201,7 +201,7 @@ then
   fi
   [ "$routes" != "" ] && echo "$tag,121,$routes" >> $DHCP_OPTS
   #delete entry we just put in because we need a tag
-  sed -i  /$ipv4,/d $DHCP_HOSTS
+  sed -i  /,$ipv4,/d $DHCP_HOSTS
   #put it back with a tag
   echo "$mac,set:$tag,$ipv4,$host,infinite" >>$DHCP_HOSTS
 fi

From 14940a3c9aa142cc4ba7acafc86aa5b6968702aa Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Sat, 7 Nov 2015 16:49:14 +0530
Subject: [PATCH 089/115] CLOUDSTACK-9020: add instances count in host view, ip
 address in instances view

Add minor features based on community discussions

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit b4d1fed849aa7873af870b7e583ac91dd1ca4cc6)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/metrics.js | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/ui/scripts/metrics.js b/ui/scripts/metrics.js
index 4fce7a0ab3..77044695c0 100644
--- a/ui/scripts/metrics.js
+++ b/ui/scripts/metrics.js
@@ -550,6 +550,9 @@
                     },
                     compact: true
                 },
+                instances: {
+                    label: 'label.instances'
+                },
                 cpuused: {
                     label: 'label.metrics.cpu.usage',
                     collapsible: true,
@@ -702,6 +705,26 @@
 
                                 items[idx].cputotal = items[idx].cputotal + ' Ghz (x' + cpuOverCommit + ')';
                                 items[idx].memtotal = items[idx].memtotal + ' (x' + memOverCommit + ')';
+
+                                items[idx].instances = 0;
+                                items[idx].instancesUp = 0;
+                                $.ajax({
+                                    url: createURL('listVirtualMachines'),
+                                    data: {hostid: host.id, listAll: true},
+                                    success: function(json) {
+                                        if (json && json.listvirtualmachinesresponse && json.listvirtualmachinesresponse.virtualmachine) {
+                                            var vms = json.listvirtualmachinesresponse.virtualmachine;
+                                            $.each(vms, function(idx, vm) {
+                                                items[idx].instances++;
+                                                if (vm.state == 'Running') {
+                                                    items[idx].instancesUp++;
+                                                }
+                                            });
+                                        }
+                                    },
+                                    async: false
+                                });
+                                items[idx].instances = items[idx].instancesUp + ' / ' + items[idx].instances;
                             });
                         }
                         args.response.success({
@@ -747,6 +770,12 @@
                     },
                     compact: true
                 },
+                ipaddress: {
+                    label: 'label.ip.address'
+                },
+                zonename: {
+                    label: 'label.zone'
+                },
                 cpuused: {
                     label: 'label.metrics.cpu.usage',
                     collapsible: true,
@@ -823,6 +852,9 @@
                                 items[idx].diskread = (parseFloat(vm.diskkbsread)/(1024.0)).toFixed(2) + ' MB';
                                 items[idx].diskwrite = (parseFloat(vm.diskkbswrite)/(1024.0)).toFixed(2) + ' MB';
                                 items[idx].diskiopstotal = parseFloat(vm.diskioread) + parseFloat(vm.diskiowrite);
+                                if (vm.nic && vm.nic.length > 0 && vm.nic[0].ipaddress) {
+                                    items[idx].ipaddress = vm.nic[0].ipaddress;
+                                }
 
                                 var keys = [{'cpuused': 'cpuusedavg'},
                                             {'networkkbsread': 'networkread'},

From 1391f476f1db211392b7adf23a58358f10d0aa4a Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Sat, 7 Nov 2015 16:50:08 +0530
Subject: [PATCH 090/115] CLOUDSTACK-9020: add ipaddress in instances view

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit edc74aebbffc3f8fb4853de3cf6740eee83c78fd)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/instances.js | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ui/scripts/instances.js b/ui/scripts/instances.js
index 8c7e31fe6f..68bf0984f2 100644
--- a/ui/scripts/instances.js
+++ b/ui/scripts/instances.js
@@ -164,6 +164,9 @@
                     label: 'label.display.name',
                     truncate: true
                 },
+                ipaddress: {
+                    label: 'label.ip.address'
+                },
                 zonename: {
                     label: 'label.zone.name'
                 },
@@ -371,6 +374,11 @@
                     data: data,
                     success: function(json) {
                         var items = json.listvirtualmachinesresponse.virtualmachine;
+                        $.each(items, function(idx, vm) {
+                            if (vm.nic && vm.nic.length > 0 && vm.nic[0].ipaddress) {
+                                items[idx].ipaddress = vm.nic[0].ipaddress;
+                            }
+                        });
                         args.response.success({
                             data: items
                         });

From 0d73788464b69ac70dea15cd588143e78b222bea Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Sat, 7 Nov 2015 16:51:09 +0530
Subject: [PATCH 091/115] CLOUDSTACK-9020: Increase UI container width by 200px

Based on suggestion from Lucian (Nux), this patch increases the UI's container
width by 200px as most modern resolutions on desktop/laptops/workstations are
at least 1400px wide. By increasing the width and adjusting css properties
throughout the UI, we get more space to show information. This also gets
rid of horizontal scrollbar in case of metrics views. This also, fixes the UI
logos to include our mascot 'cloudmonkey'.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f7b64726d9ad4ac53c19fb47378068433cf86ae3)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/css/cloudstack3.css       |  91 ++++++++++++++++++-----------------
 ui/images/logo-login-oss.png | Bin 22165 -> 10864 bytes
 ui/images/logo.png           | Bin 21781 -> 9257 bytes
 3 files changed, 46 insertions(+), 45 deletions(-)

diff --git a/ui/css/cloudstack3.css b/ui/css/cloudstack3.css
index 3a4e963abd..e928409e6b 100644
--- a/ui/css/cloudstack3.css
+++ b/ui/css/cloudstack3.css
@@ -46,7 +46,7 @@ div.toolbar,
 
 /*+}*/
 body {
-  min-width: 1024px;
+  min-width: 1224px;
   font-family: sans-serif;
   overflow: auto;
   background: #EDE8E8;
@@ -61,7 +61,7 @@ body.install-wizard {
 }
 
 #main-area {
-  width: 1024px;
+  width: 1224px;
   height: 729px;
   margin: auto;
   border: 1px solid #D4D4D4;
@@ -96,8 +96,8 @@ a:hover {
 
 /*Table*/
 table {
-  width: 740px;
-  max-width: 777px;
+  width: 940px;
+  max-width: 977px;
   margin: 15px 15px 12px 12px;
   font-size: 13px;
   text-align: left;
@@ -480,8 +480,8 @@ body.login {
 }
 
 .login .logo {
-  width: 250px;
-  height: 31px;
+  width: 290px;
+  height: 40px;
   float: left;
   margin: 72px 0 0 209px;
   background: url(../images/logo-login.png) no-repeat 0 0;
@@ -1297,7 +1297,7 @@ div.panel div.list-view {
 }
 
 .detail-view div.list-view {
-  width: 730px;
+  width: 930px;
   border: 1px solid #DAD4D4;
   margin: 41px auto auto !important;
   height: 536px !important;
@@ -1305,12 +1305,12 @@ div.panel div.list-view {
 }
 
 div.panel div.list-view div.data-table table {
-  width: 755px;
+  width: 955px;
   margin-top: 44px;
 }
 
 .detail-view div.list-view div.data-table table {
-  width: 703px !important;
+  width: 903px !important;
 }
 
 .detail-view div.list-view div.data-table table td {
@@ -1321,7 +1321,7 @@ div.panel div.list-view div.fixed-header {
   position: absolute;
   top: 29px;
   left: 12px;
-  width: 760px;
+  width: 960px;
   height: 47px;
   display: table;
   background-color: #F7F7F7;
@@ -1330,9 +1330,9 @@ div.panel div.list-view div.fixed-header {
 }
 
 .detail-view div.list-view div.fixed-header {
-  width: 703px !important;
+  width: 903px !important;
   top: 49px !important;
-  left: 32px !important;
+  left: 29px !important;
   background: #FFFFFF;
 }
 
@@ -1354,7 +1354,7 @@ div.panel div.list-view div.fixed-header table {
   position: relative;
   left: 0px;
   top: 18px;
-  width: 755px;
+  width: 955px;
   /*+box-shadow:0px 4px 10px #DFE1E3;*/
   -moz-box-shadow: 0px 4px 10px #DFE1E3;
   -webkit-box-shadow: 0px 4px 10px #DFE1E3;
@@ -1890,7 +1890,7 @@ span.compact {
 }
 
 .detail-group table {
-  width: 96%;
+  width: 98%;
   font-size: 12px;
   border-bottom: 1px solid #DFDFDF;
   filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#f7f7f7', endColorstr='#eaeaea',GradientType=0 );
@@ -2435,7 +2435,7 @@ div.detail-group.actions td {
 }
 
 #header.nologo div.logo {
-  width: 1024px;
+  width: 1224px;
   height: 47px;
   margin: auto;
   background: url(../images/logo.png) no-repeat 0 center;
@@ -2446,7 +2446,7 @@ div.detail-group.actions td {
 }
 
 #header div.controls {
-  width: 1026px;
+  width: 1226px;
   height: 48px;
   position: relative;
   margin: 27px auto 0;
@@ -2554,7 +2554,7 @@ div.detail-group.actions td {
   margin: 0;
   position: absolute;
   top: -47px;
-  left: 890px;
+  left: 1090px;
   cursor: default !important;
   display: inline-block;
   float: left;
@@ -2944,9 +2944,9 @@ div.detail-group.actions td {
 
 /*Browser*/
 #browser {
-  width: 794px;
+  width: 994px;
   height: 100%;
-  max-width: 794px;
+  max-width: 994px;
   position: relative;
   float: left;
   overflow: hidden;
@@ -3068,7 +3068,7 @@ div.detail-group.actions td {
 }
 
 .detail-view .ui-tabs-panel div.toolbar {
-  width: 768px;
+  width: 968px;
   background: transparent;
   border: none;
   margin-top: 8px;
@@ -3234,7 +3234,7 @@ div.toolbar div.button.main-action span.icon {
 
 div.toolbar div.button.refresh {
   float: right;
-  margin: 0 15px 0 0;
+  margin: 0 20px 0 0;
 }
 
 div.toolbar div.button.refresh span {
@@ -4357,7 +4357,7 @@ textarea {
 }
 
 .dashboard.admin .dashboard-container.sub {
-  width: 368px;
+  width: 468px;
 }
 
 .dashboard.admin .dashboard-container.sub .button.view-all,
@@ -4415,7 +4415,7 @@ textarea {
 
 /**** Head*/
 .dashboard.admin .dashboard-container.head {
-  width: 766px;
+  width: 966px;
   height: 331px;
   margin: 9px 0 0;
   float: left;
@@ -4475,7 +4475,7 @@ textarea {
 
 /**** Charts / stats*/
 .dashboard.admin .zone-stats {
-  width: 774px;
+  width: 974px;
   height: 316px;
   overflow: auto;
   overflow-x: hidden;
@@ -4486,7 +4486,7 @@ textarea {
 }
 
 .dashboard.admin .zone-stats ul {
-  width: 796px;
+  width: 996px;
   /*+placement:shift -2px 11px;*/
   position: relative;
   left: -2px;
@@ -4494,7 +4494,7 @@ textarea {
 }
 
 .dashboard.admin .zone-stats ul li {
-  width: 388px;
+  width: 488px;
   font-size: 14px;
   height: 79px;
   float: left;
@@ -4514,7 +4514,7 @@ textarea {
 }
 
 .dashboard.admin .zone-stats ul li .label {
-  width: 111px;
+  width: 161px;
   float: left;
   font-weight: 100;
   border-bottom: 1px solid #E2E2E2;
@@ -4685,7 +4685,7 @@ textarea {
 }
 
 .dashboard.admin .dashboard-container.sub.alerts ul {
-  width: 368px;
+  width: 468px;
   height: 234px;
   overflow: auto;
   overflow-x: hidden;
@@ -5145,7 +5145,7 @@ textarea {
 }
 
 .system-chart.dashboard.admin .dashboard-container {
-  width: 740px;
+  width: 930px;
   border: none;
 }
 
@@ -5166,7 +5166,7 @@ textarea {
 }
 
 .system-chart.dashboard.admin .dashboard-container .stats .chart {
-  width: 136px;
+  width: 300px;
 }
 
 /** Compute*/
@@ -5183,7 +5183,7 @@ textarea {
 }
 
 .system-chart.compute ul.resources li.zone {
-  left: 96px;
+  left: 196px;
 }
 
 .system-chart.compute ul.resources li.zone .label {
@@ -5195,32 +5195,32 @@ textarea {
 }
 
 .system-chart.compute ul.resources li.pods {
-  left: 199px;
+  left: 299px;
   top: 112px;
 }
 
 .system-chart.compute ul.resources li.clusters {
-  left: 296px;
+  left: 396px;
   top: 189px;
 }
 
 .system-chart.compute ul.resources li.hosts {
-  left: 407px;
+  left: 507px;
   top: 265px;
 }
 
 .system-chart.compute ul.resources li.primaryStorage {
-  left: 407px;
+  left: 507px;
   top: 375px;
 }
 
 .system-chart.compute ul.resources li.secondaryStorage {
-  left: 199px;
+  left: 299px;
   top: 497px;
 }
 
 .system-chart.compute ul.resources li.ucs {
-  left: 199px;
+  left: 299px;
   top: 406px;
 }
 
@@ -8135,6 +8135,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
 .detail-view .multi-edit select {
   width: 93%;
   font-size: 10px;
+  min-width: 80px;
 }
 
 .multi-edit input {
@@ -9073,7 +9074,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
 .network-chart li.firewall {
   /*+placement:shift 282px 188px;*/
   position: relative;
-  left: 282px;
+  left: 356px;
   top: 188px;
   position: absolute;
 }
@@ -9081,7 +9082,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
 .network-chart li.loadBalancing {
   /*+placement:shift 167px 342px;*/
   position: relative;
-  left: 167px;
+  left: 237px;
   top: 342px;
   position: absolute;
 }
@@ -9089,7 +9090,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
 .network-chart li.portForwarding {
   /*+placement:shift 401px 342px;*/
   position: relative;
-  left: 401px;
+  left: 480px;
   top: 342px;
   position: absolute;
 }
@@ -9166,7 +9167,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
 /*System Dashboard*/
 .system-dashboard {
   height: 258px;
-  width: 762px;
+  width: 962px;
   display: block;
   /*+border-radius:3px;*/
   -moz-border-radius: 3px;
@@ -9264,7 +9265,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
   position: relative;
   left: 18px;
   top: 110px;
-  width: 78%;
+  width: 83%;
   position: absolute;
   text-align: center;
   padding: 8px 0;
@@ -9279,7 +9280,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
 
 .system-dashboard .status_box li {
   height: 178px;
-  width: 178px;
+  width: 228px;
   padding: 0;
   margin: 0 0 0 8px;
   /*+border-radius:3px;*/
@@ -9303,7 +9304,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
   padding: 65px 80px 5px;
   /*+placement:shift 31px 19px;*/
   position: relative;
-  left: 31px;
+  left: 51px;
   top: 19px;
   position: absolute;
   /*+opacity:56%;*/
@@ -9340,7 +9341,7 @@ div.container div.panel div#details-tab-addloadBalancer.detail-group div.loadBal
   /*+placement:shift 13px 5px;*/
   position: relative;
   left: 13px;
-  top: 5px;
+  top: 13px;
   font-weight: 100;
 }
 
diff --git a/ui/images/logo-login-oss.png b/ui/images/logo-login-oss.png
index e0f376780458e69877e3a6fd55b58f1fa6d62d1c..92fc81ce77573a6c98bb5f10e9a2dc08f35b44ce 100644
GIT binary patch
delta 8267
zcmV-RAhh3=tpV^<A&F2<M-2)Z3IG5A4M|8uQUCw}A^-pYC<q1s003H2_hhj)T?!BY
z24YJ`L;(K){{a7>y{D6rAs2rD2XskIMF-yt2MQGnXiK-a001ANNkl<Zc-rlqd7Kp0
zwa35J`|KM7%rGE=bi@Tw!6-)Dh#L`YHBr&1n8a$0QL>0JaX~chK8;J#rI^GeiGtb+
zDn3PwxS)uFA|TBw%K)>$>|1wNy+7)-))dt<!+?2#^!a@F@adkaTjzh?bI$Lc?N&pE
zGL)eVW#}6U|7+{0DIZjg&a6a+GW6d?%AOqTlDD>oni6`ye6Ooz`icGi=~0w;clS(w
zzbbo4b=%`xS`w!wbt7P4Q0Vh)FVFS<aP}DkKFWwFLmA2dQMWW<_WC~cN!PPmTM{P&
zBz3*X?NV~Rio&3L|J8r5jUVu6x_d8sr{<u~s+zuN=}0QMUKj02owlTb4ix%4l?Rm-
zAM(s``8zUV%20;(ZSw5y0Gr#my|E*Ha%q-lO-aCWOH;yF5^x&_R<$N?T2<Hf$hog?
zu6^OO0ngg+n>26h$WOL5F3xegxcH!A`e%Eo>(H6Iv5}I1n^k}H9p%fmHIx7uAj(jN
zGC<Tdoqq7ZU)Jx~al@BeYFcNVabTN#y$pC^#B=M6uNvdyfSrJ7Nloi*N!{SC@AaoG
zX#h}~1w#r-Pz;E!YhYewlQ$!x3}q+-MBUQu2f15;R;R!933%3TZ0h(r{F^v$>v1(r
z@t0Z>dhyzZ4(@*+Q%1XP;B_e^4FlZ(pG(0o43fIR=(4=#RT&v&C`0=^xxUT8ceEu2
zmS%aj0G#noy?c3e+oTJJ6%~J{z)w;)D9!Rx-J0NE8=F{O+lJ4r@X?lLKHAcZM}al9
zEq@&`W9`(8m@<^13=s8-#zw!or#@~Ne>$OJI>57I^C^Guxm*Vo2Y9=(i3HFRPg3A@
zb98wQMF9`(37z4^0Y;bQa#U$H_l+q#snqBB$*oK3i|pf{HD~jI6W^$OIwQgiWhetg
zjx_1*Ey3D${TD;>z4wnScCUZqtLB_MPzwCYpKkeZ%X?n8(wgseF>`f21%5YPmqK}t
zhsx#zilTpD7_fhlkJ$D$symX2q1pOQxuPEpEgE^kfZU76Jh$fPBWJFw$cQpS8QObE
z`8Ea}{lfZ)VX*(A^9G-K>g-L&SGC6PYfTv2CmmAq<0*&c*G`zT`Pr2_+Ryv-VWpJi
zc&TcRGoo)cTbny5@OelY234&I@;z>T{ZZv#S6qKE<nm4r`1ulV<jNtdD{{PpYTA;<
ziXCk)ecbGtIPd$#ZTp&lG)+4TxC+qaUoCK*s;b-m(|Hd^V@Ckj16hC{GnaT*BozE`
zZ<Iwi8Y=^C1qK6#%<0dOQ1H2Z86?8dm<#v=FdAqAa)B2CEfNYQ_rx<idzxv(FtSF@
zSg(I(d0fYz^SR-5S60rPd{}vDeS3nN7jC=m`Vj@!9XfNv)QTMMd4uzPw8V9uSh<7v
z@>)g|2dHjOQjz85^!@Xg@?j;Dh8IPq*q(9OIsK*$D+&xsBz4Mjy-IakeCWJ|+X6t_
zKBxx=1E*L%*8sNz+x7z9D}d91Jo(%L{1bopa4(fb0dO)f#PZ$S{{;?<2RIHm*7DtY
zzzysXAll=h*~zmvU!KredEr6Di!Ur}FUa$GO8qX#_qiEYk$d<t(e+uQOI#aj+mj1g
zlRAcCR>`(^Bzb*PBjwp1j;+Y!-X+z`P9B(h%#@Ku3$5c{Ie+VrkE_~TORHPS@w$J|
zb%V<0MEigNMTvb>33S<g(|!I=rlgJ6gz&$&Qqp1VUH=6@q&v)0*^_#>$33Eei!&63
zwbu^MYrJ!nk;rl@9e~g0R_L4MF8j0&&w@}z<2iFSUiiS0n)SCI)z1hGDNx?s+|2M|
zKZSlb&wN??ctd;ZFaP+x{hCwbp7(#o=8Kotv|qQls=fSxLf;dgZ*RSNbwk@DwQc&s
zq{5Zgy{0x#-Zzz?RSY<lCo_QfUc!6a0f^f7av<uk1^~9t`!W#O<<`C{Ks0sQG#8K~
zdfYPg=9}BT6(G9)!)o{4N0%nIv?lx>g$95dhAFK_J-`0+`u4=Eqx<LN%-et5RCDH_
zoaFPsi#I*JsrG~4jyn65O^bdrvXmqGWmDIh;N|rVuf0BD;1$Ckp6~yly1i)XhgFYm
zZBCr`MNJ3C_RpI7#7Sj$SRVWJ@sSz(t`fNDoXb=AmU4UF0x1rk_jV6L>E?59^DyIq
zQ^mO568cP!go1VdA#+xG@LhjbNgEd^rvT#sW$LtPe*#K?W2fGH^X+>Ch)$lh;i4DU
zG<|=>bL$Svaw{X7bfbRgGizS<dtCo}?Sa|PJ+~?OgF6;iy?t;=;I%>}aneb%Hu~EV
z`maaLSa*zK7{+xADwV^E1C2>|p;_nUqh9#xH_4=a>CfNZa!AtPwE=&*?yKhfV9@k0
z$xw#&S^7Tk3(M!2?5}nE#Ow@`m<~!3C<CSfeFe;V4@BR6wO0A?jA9ObZvERk+VtZe
zIJOT57W(kJT_g;npgFEjn6ai|!nF(QZyVh&aLI_`z)zdv`t)^;aVlF9#FIKc1zM7Z
z(xDqHuWR?~24fY4OFe%sl+tYP)PUFhqx+97U2|Zbw<Dvc8QRCmDfCJ1E0ddg%Pq#O
z)26OB6!!`Y<2~Rq0ijoRD>VCC-dttOi$^DqEejAC+u!k;TZ>B>KPa#Gig&iYGOWNi
z_4P9cDggH`ZR#^~W%Y`>cB4;ZY#DBsg8I%TU#{1+f1b~E--mza4*t4O_G+5vYntY<
z@E=!IwO2yZG)=)Q!y2lpw)f)x6d#80q3`1TE{U5JpraS}`*-8s6z{sKs=EyK;b=?&
zeDeHcBoy2uxvOwAmf~xVjoAwxyb>byng`qZ#JeeVw~7v>!kreNaTlKBm9V#0{94vr
zkA#99dvG0H7)gI4a?WrA-Kaz{=Ah6BERg55^g6zMIacexadE@qWBUh&|2Yi^S?S}d
zHsky^E0x3h1TMIIc>X6-KB$=*a48o}KCBM|a=o-Bbi(sDb4>s2i8D_r|7RD5699$+
zhXKQZViDdp;B#Q1s;XOT_jrLLfI*naQw4ZiRn<C8(?)*)#{(lUla4EZkAS7Bs<w5(
zM?UZ!;86L$K<?iNEC!aSs#?<x2=tNX9*)_U;sz>#rNF1Es&16)eg)jcH_7Ts%#ywv
zvot;m2uM!hBjEk6Kt;gk09lhmfIdJo=0W9;fMwkQS~waj5FU;IhRO4*h4)3kx=1Lf
zhoiC6Fb{t`7s#zUfXgGH;7bl;W{FIX0D?e1X3t6tSOP4Mgn~^D_myCll~ehrB(NY7
z3RYXL@nQDBlw-Dd_<@y?P;jZkcxAxR@-OxFhfjbv<&w8V{}A1~IT8xqZW|*<<eFL^
zudL6Pz^A~fNGO;HM`J_ey6wP~zz;3Mtd;PkO4fg36Yy~)6iis2(@%78gy^?Vz-zV0
z;j>66sCOYpx7;^cbfHviBqnqIA`%KV%60RAv6kB-z%^FT3rAx|VzxGPh#ZQ*s5TV$
zJnifQI(8-T)*~7d-7rzX`1^Zj59;wf^DA4p=*=ySSsqu1$8D6{d}KdL0v>#Bg%{S;
zv7&!2{?gnD6`?f7;}fBt51fbDpW;OC0=KBD`nKiXBH$_D2l7=C2w`UM9|Zc@#;6CL
z1RhdVb&ZXWJYWnkQO3w~;2{Cb0;Z~}x-<<COaOiYoR%he`yntLcpA7Ic-Z3oEdzcD
zTw|G2isHcCz}>2<HaR?dFz{30LOS=tq-cLD@ISy~s;btfQQnh*D}b{_@$Iw<_zUou
z7)TT-><Wm&(b%D4i08}ZVy7nHAHd_0P;ik0KXW@}BjB`1DENlunsUjvSo>f!;A)#;
zkHu_QJi$qYfj<FLL>C=_C>)Iq1Fi#pEC6k%uSBj7OLF?Do|+JFRwNXx3rAxEfHQxA
zi-7N?xqch)0Psj86l_id;6DQ<3Gh4V@jqqGi-0+jXm$jma5Q$J$bGO)7FQXHOViFi
zpvwx|E>|!nR~w$~t%-|foKn6^O$0~v&Ekl@{=8s;ujH|@11Sl3F@S~+ofUN*2neME
z#zQbWIVX1kLSQysJ)>#baSn@WHP(L{fhQb52-&@_0j6u3W`EXM0y3AR0ijg5dk*jy
zP16QBfY5c~C7jX4`X3GaUUu$!I+sZcMLB-paGzJ^7IpxkgMh!vxI@xBw?A+XaJ!~O
zavYR*67U@Gqck9dcmTJFchf{SeM4gW&j=6|r@1Uwz;8x48ap+O(O7dUMmK-gq&_Pa
zK8_QxJ0T4ZW5v*hbupI#0&qV|1401%i4F_|v%1_v3IK|9IZp%r+yw|Bx_uXLy?BIH
zJ}X2Q?o0zhDLwu%aIwX1?AW2mc*B7|+CV5Sy7pLiAk-@$dhiYO;YGePvfQp+a;E|w
zh0_P+Qsj4|E1+ZGb1N*WYQcYn5w;+x6V-{Un4+b?y|Oz!VH0RMaHXbcS(Y*5Hh~@m
zWLp-@>A5EWcS{Z_MQebSHV^DZ;8(!&HlrIw=PC%mrDCMsooWi5d8h)eS5>u9!UHQ0
z10=L^GOiR|WCc<23jb&`vN{2kha_CEl4?=Fl=2=gJ8VfeM&1V8AmM*hL038!j>ZlY
z!yVBB-~iYkm>!PCMp?eIH+UKj;HNtnQX+MqggAG}+LG=%(V4t1)cmKwi8f<gD&gD~
zOD<@#d|#1<Un}29izlBdnJ*ELM|A%m!0!a07Td<S#^S*dj>d9Dj%W5@&EEkYmuF`=
zL{rIdG}c#Sc&P2~j{<-9cNH4$G7uStk^RFrDt~go-`8F_zG(BcSssOa->x@S?w{{v
zb$vS?1#&ztmesa0YhA<Q|2--GcvttSs=5}q7I+=_8*qWDs#8=|y%+Nw))l~J%Pq$P
z2X+&J)`(|une1RMI8-UllCe^JERbg{5n=vVRn<SJs``M8^J{<cV7>+;$pxWl+E4*b
zw@uMzi8m0I5MvAGS+bcH;Ivbl2>%i>Ap6c*0UTrl7OPwRg#e8zAUYA4X%VPbf%Bev
z^!^fnNwYQwfIBR?o)momTrGS&FQM0cqJYhoL~S~{)+VP^=y|h*3^z(xV4qu9@-VwX
zPJJ*bBRLy5#`b^r?Gk=Wl688qD}@h7WBC%cTj@;+;V%Ntl`(FOgn|)C2+x<X&rem4
zY$4pWvU&Xi^Q>1>Bos_WLcxb+L;F<LKO6}K?~H_kw*VJNIBfOs$4Q<C$wQrIdsemR
z^CSsPHv=C7KZ}Hdp9xObv0|Mh-|v%1#7fW0JbRq<?y`SscICS@gEuy`J}`2|S7#Uc
z6b>%((V8$=)(|%)ytY}n;fNAO_YL58_slmc^0{e97}T{VnYXElm%nP*x@zK((LF&l
zRaMt&nszbJpsH$I)3j_!;w1&SKa!9r<rNKd*d44&b~!LtRn=AjikE<Ol7DeqcEAwu
zFAE<ZYMOsG!IDhQm(W3%Jj72e23sNSYK??aLv6dygTOtis#eQbv*mj0S*)bPuJtG2
zCRJ5iG)+r+V!yG3O94qjr;_4lTkdZL9#B=)T990+Y1)lqj44m*aNtPb4KT(!80wS2
zjge4rlNjP$30sy#LP5g<wCN0Yq(gYQK-O<XBou!%q#86s!jO|K*PSaH(tEp6&@m*T
zo-ZJ+*u2F_z}!eE*dqMCC<)|i9Xwh@7Yl9Q`NhVnBcb57a5Q!)mX`=hvV5t<JG6%D
zn=lWRrmKKG2s{%B1uNzLKEl^l0U~R@H3)d6GB(j6mvjj*KN1SI31H0zS|Xv~Dx0U-
zX>NbvXzW^t@#ahJZI}9=(gM+CZ&jZ8&ZfrcNB7O@dvUOs@*FP;(4I8d(XK0>)wXc?
zTU$73U^b7A?N3jz$gO}|(Yb!X77{4ik1xx)bxd^q-G-qAfB*irOa5?dzwVgN0nXMm
z?JzOeJ|b*gfXAL!NJq~Cuc)eOSOBJ0)3kp(C2SjO*)@l0n&wee)#|qP(KKy>rCL!U
zN}$`~<U9)>V{G2gGT=^CRkvGs*kW<v(@_KPq^hbda!*{-w5WJ>rKzR1xYCC?<b=j)
zn)V$_c-ky{T5|~{5(=flRI7y71CORaNQ|mlcGjNKktwjW82=w5q2O}Mm<F&a9F2e7
zBS4sK$&-CYfM|EmJ5@*y(n^1cgo3lIUqnK|+Hf>BRYI>L(<J&givC#hN^^lv!_nC1
zvRQtN^MU0Yo7a&g>$9Z`4{t;`8vB_5O}WTWk+H1j!wN+|OKh7Vm~Rhw!!pmLEe+yC
zN%7$GZ94syfY2@<$aVyxTRyHnZu)=n`hWazNI~vd`{&c48#Kpt`e!Q)FY;34R|pLW
zFnL4)<7RE({VmOmE$`Y>P8x9cl3JSLI?Ztdw@WE}r?UAWmkVz^2^(7VtHk|xs+whs
z3ww>k@jZE$b#|KX<G?#s5V8Qlc1_d1pmUirM+8};X<9$b*IG;xp?BAZ<pzH|(koPE
z``Z^*5ZVQbvvap?ht2y?EDBO0U~Qexg*|*$N~m_;zZ5Xq9qMCSziKg3C;CjnNvn~U
zS-dW#i=Df>?+a~!h(pdSWu(pFXl$7i5J@@y9|Baxmf}H${QH5(ZgDsoivUk|lRr^x
zMsD>c$6%KBkCV;A)dM-Y#CCu3ZGT(X3)#6G3OyabtC3K!R|g<=GNfrS!}si>bvK_n
zFgN$YU?H__NecW5NA&R$u(>@Y0XK_(w12k`Sy|W4$+I>wy424-$MoaavMgHShHK8o
zCf7@An^@Zzr@B2^kp_gaB)4*l?N6zOuNJ;(8_(&XLUwghUw67*dYFIyDDk|N>c!n|
zwg}s2OF}!H%jxamPlMe%?_{07%OUJ@S^lM~jO~e2^oj$3B)j3e6Ua;GrZ`-e>>&uH
z*1%)i?K`^J2+~nhK<!4^0J3e*@ncp*50}q>?PiU12N3$Mc=Q8p*X<CUY7tMouVroA
zeA8#8bdl)qDJ7*)Gk||@s%}2uqHr`eKN1Rl(i>#!L`&CIp4dOfJMR1g3aD*M(l^V+
zn0~&UK&Yp*y1s)`W^dw=<N6Xky@K<G=24dIVQ7Jus}CvS)$tWf`c45$Yuc_HH*3??
z4ns_ogq&5W-jxL2c+7Y8jF&`UPn6FGd^Zi~`7Pnd*ZCw>RqKBw$v57%1I&^5`V`Eb
zpmE|YbTT;U`nHEHhYGm$MrN)a0Fhw{<vMJM?q{URa;JEqcS`c}YRNU-W0=*ncV+nP
zw)G6+-1@L9w8OR`6gwoYQ#8aOq^Oe6O>x*<y$)+ulxFN!O9d)rv<Ij0MEsa-38e9u
zj7TW>n0P9aG5ddT7GqXH?YX00O2vsTz`n!we6JKXtRPg2Swa3G=6SVKB+seabRpIF
z+iY8x;k|TVUX%!>)fR3)7>>pYciSUc(-0p&Za^*y3IVsmu!7#7i!}^*I@Z8x19Lcg
zf9I;F->q=ds1mAL63pG)`nz$jR?eC`zI=n_k~8RBGX8(ujH1*PHW1mB_YqyJY1(X6
zRo`={;*7QJ7%5;m&X#w29k^6LD#e4xY3G*zKgO)Wr9k8$;Fp@F-IF?=B4ze+RaKYm
zW<?0wdTp|VA08m4s_K0XKs+4Ss;X+I-;#3~iT5$9YgQn-A{>p~90>&*#7KOYCEO)F
zd~4qlF`|EROQ?2jI2v0X2?aM=jBkJ_yfu7k!t8=idB%p#$j{)LPUw{E()G(!Vs;{1
zJ@QM#(b$`jQ1E>R{W!b_bMr<*!N-Be!_io&0Nbx*BTLD@zW{Gl8X4v~q!$L$xiS~W
ztWG^_1FXTeur9Se8$}naKz3y~8v7^`3VvX@|6qSfR<G+~j-`=M@R4vdHpfyV0<*X2
zhHy0YyIpyE<4!13=yQek%QHRlfIC&D?;Rx!gW2nwc;dwFkAXZqwjbqBt|=>SPaFVj
zuqEy6J6OHVfPN}Q-cu?Ep42q$Q2`paC~KI`eIku~Q&tT)@X=u5!7JfoFbzn&idp&}
zY>9u{e-D&vn)bHrfae2;X__`!Rn@sY3@y4ORaGlBO?wj<X~|psLesQH;GdEgE5ST2
zau={#)3h6;Rl!73J^q#$zIFG!8Yl`!W3R|AdopHq?jFq6g6;rvG4MW}k2RbQ{3RTX
zJuMz&5oVjg>9%{{uq0HgL?5g`^^<TkwpoAjO8Wu7W#|4MMMAr6lJq{oX7GOtM`M~4
z6?|e~s)Ih-y{5B(+rrV<Q@}r@s`amMG<JdjWV+DH<=_QQ2}fhk2=6;EtG)Jcw#D}R
zgB{WsDOt3Mmu9Vi4g<7sG&UWxN3KG=xyo=fc99ezoI>C-X|DVo<`EGqxLqN#oz;J9
zATpq$$mhZUyu1147{h?(xK4@R-R-ry0Y{VuP%tK7o@@C!S`;NoDZnV;F-_Cvh#*H{
z_C@6HB6~xC`(;;lvvcVc3B6LK^wkm@rzSH2cuGJd3-kEEx#<$=s;YjjX__WskTr>T
zHD<3!(!xVT)3iyds=n)xjO`6QBrbpZVHP01A2?Ifv<;$sV}+jqz)VfkZdFzFae&7{
z2h@k7v70a(Al(*E?-H4Fo5gFrBOHyjL_)!*N#86=BoyojM`L%$24LN(#tAQt;uZL9
zx7GrYNGO;(5LyQ;w|TO8m`7c<W42PHD{i<Y$^5*e0Ib!;10>|B6+0>DZjpbbJNteK
zBkuyv3`b*Y<ldugUP?@W63aZSp{8HLu<_y<EtK_M$~O(IKH#QsG&WE+?{e9YM>zqJ
zv_w3ES=zTYULJzk4p1X&9uP0?!EiJ-S-v+MK-3)x1y_cnv3o_wtObC3!_n9}r}KP0
z$`QE~g}CtzIP4C&6gdBYd~$z!h-iJY+|<Vn`;Rp~iP<M)1<&y!@CPvafpRdLu#!Cp
zS9DukTapHZKEv$QN$pzCVK$jrJ++HO0QX}ylC_KSr(3y4FwYp-DbL2kP~bu70jljL
z$=hwXrmE^D*`+?Wg)paLmi<q+CHhOTz5m-liOTNR;ZTt&vE_OmkfeWVlWi>&8yGE-
zaHq;4k5}RVLiLzUqt=b80r-0w-A?t^)QI6H(}3b<;+;C3uPd>DP&MXRx}*aL4HSJG
zY60r8m=)G@EFoxW9uL`iZDz~Z_Bjle#B;IeuD!8xKg<TuRFmT<2{#*^);$sm?vNak
zQ-!jR&GVlqxmXWrenfv&Xgct+?Yp3WWO1*6s6A<{+R>ggdxmuL7gu{r9+$$jqxw)1
zaQDb+s#}v}dED>WJc;F!K%M813-C+at77&rxGYNI>Ecl@N|LrcO_KL5;4)QJS6ld4
zDc*}+S+d1&mWxrZwg}#9%`3@4)ZfZZ7fS<JhA8|@*(Hk|Di(hp2RZ6Cu=Uv1aiN5M
zPur5S_KMJ(vRiignQ$#MOvgMBd$E9YI>o5R?5thm5Dx8BiHn4SGsL5PgY=cSBxbYY
zxxiD_+=G<BpB0dI$`ft^el8)li_XV2tolC#vpar8nz?NdFn=daXtfRVpzm7JSO1ct
zCs$#1@>|zoDR6(2Y^X*Wy>$tnx7u`9k@+Ms57FK!wqaO6QLzE<kA>g*bODWozp1o=
zm(IsgzAl<XLcvyf<~qwflLElkg`=@<i!wVIYeLsw{i?BJ^6(-*tqFte?FN0alyCXn
zqy{YsgT*y%4F?waS2~0>%QQ{95VIHKL~-R?B+oEgRn>n_B*geqc7g!uyKWURxI0Ao
z&k^(vh!VUByq4;Aw(&7X)3g=h+I~+!q7JiBEvl;ON=?&r32##I`y$&IEfRXY0-Pk{
zREV-{lk4XJ%T-m?HBEaL^N?gp@tfGWA#MX^UrE4XZ0|Vm|D~pBD(2CJapHdW5k6PR
z+}~GKwIP3v=a2wqhNH2!C0srMv&t9{&uuYg1K(#7daV-R^~?O?I5f*eLcw>#(bxr&
zyEq=RSusa)Ppf4v??*zx?P>UG2uEYT5qVA!FG3ekc`6bLej1L(wu+|^w|Kk>8=$=u
zj>Z;ZRzSy!T;dX*KOYGNmxZIT1__T+eLnLoq2_<%Qp7l3Jd^zdAX;R@T!h)Jy*Z6;
z&Xf)6G)amViY%)HNSh*|U_2a+{XqcYERmr{K;SLlCGluIGQVv3TeEG=R)(XopJSfY
zJW0a#5}EH>8UNi#C|E7Ipg&8hqFpwVPwCvs@G)jr{84;!*f~e+!%sKAu(K1sod4$5
z;I@CJj+Il6=!;tcj|+}3_v2Q+9RM;gLGFZ?HqvJ3(?2?A@Xz+-6EsaL#5}lXJzw*z
zcszUai`+Amp}m5_(U@X6_S3V_Y+zZ*y2{r0OV6*aBirL5uEYGwc52)9+^@j2Bn+xr
zb-rrUSya`*#5cFFBd#xc`J}$r{F~OsVDEo<0eyxtv{zGiAmkXD-FJvLe%pe|OJ{6o
z{i^+on!+m%DWNT4@JUUaJdeV_TsIZD?jAF-qg|)I!=RzVpe3Qxt{dnEB$D8EDI2%7
z#KUeE1I839FZ3_WZq0}-LmB$-Bgcg9O~;fs07ae|>#L_Otm<>sA;n~S-Rx-BscC=H
zSy&w>;86&;z~@$Qi*sRMkkA$4hE7Y|47)roa4Q&!w9dN}SF6`;EGY`Or;YCGng4H^
zr|yt6G&17PP=@}4fha}SA3d<_zJ;59H)X-r(7{E%kzThOk797zpnL}9d5P-~Pa2>Y
zxJ)c+_b4>$I<ai8tJbAZZJ=z`b-jPV<5sFYin8puGT(xK^BmpmT)ipezvCA=GnApd
zABZj(<W2z7E}ggSq4f=I1#4<MT%}nG`{n!n1%6K!F2nG<6jx2FUWcAE6orl~k1N@l
zFj}(wp7?i5lnzBv{=a_`MZxTSiDPE`J?xn#!3<?6Lwkt+51pmjK$KFCPyh=6002ov
JPDHLkV1kN6`U?O6

literal 22165
zcmeI4byU>b_xA^+Tck@$8irx0p}Rv$8XRB<X@*7+1ZhDeC8eZ6KtW2z0+CBgNh&3c
zG*Zu?_g=m8y<eW^_pINa%vuxs?6cqdoYy|*@cFRTOw@HPWkNg}JOBVdsH&o%i+ul%
zd@|x-Az#H+VV=l0TsIYCH~@fu<?M+DNYA7K0PwUO<mInlw|Dh)h1<KjF{;YTGrD=W
z+B!JF007@lS$cN*dW#g2dz0I8>XE@o>aM!vIE=b-F~MXBY+OvZBx;dNxufJduP!Sp
zV$i;S9C;}&E;yE4hld~<Zv=amDK9QGKQj8m;pc#S$D!uE`L2`a!%_?7TUoU|*a#eg
z6cw<JP%uG>9K+@5(Dt`&pJ(}GLhxAK03<lIHcaqi7Bs+qkc0#`GXnc10L^y*9|wTY
z%s}wdMVt~Z$vrYd3l2j=cqWLd;{=ldWc=ggo&aQ&(1Nql*z^F8F#tC^t*vGN*LeXq
z+3(B`0D`mj9|fQROp}<%(H<uN7_Y!06#(|)fbyOj(TV^gegK)R`dbKKgcrcCYG|th
zcv=rYbd%uM0B{HZ{5p~MH~|;|fSd1GSbPCtj{sy!n}!nKxGPB(xR9hC)krk3LKH(x
zad_Ra4GsAiIJ#9Sxygi~=+JZ-zSn+_s0Bg<iKn;z0015*kRxZib?n<sRN37v99KtV
z$-C5wb;@jIHFGl8Q|2ZE0DSfg>O0{9*3txvV+A{(<Xv0Cu(!Z}?6ntTTSF}K9PoJY
zli`-z85_mi2Mwd6bF;G}YH#ICp&twbPwZY>A`Fk64uT|(_I9RUeqjv}Fb`42*q?s=
z$F@cxUC%?@Fst$Tc;%yd{L>@)0p_==Rt-j6WHUOX?r{p~v0DO#%u#X=Ip1CDKehQX
z#dCN`YDx(3^p+G_Kmu>Ex%H)8b#@XXPsEo!0ARDp_0>lXoJ+y>p`UwvPS>T6l^<UN
z1ly`UbO!(|6j=H6Kh#RM;{X5(k3+bg%F=GXqT)ed(Y?YPe}#W^Q#eeH_3djp5;;7Z
zU^<VRoaJ}rIKsQ0(sSJeew3jXMCjOuC%O^wy*7A3B<V){9g36vilaFM7en?v&J`%r
zr${ubXd{+59Lh)c_L*L(V35YJGIm6g=`gD&2&sT{qxBgLROmM)J<uT$W=f3-;_m?h
zcaOrGl|e}%H9C?X37*S06pPS=Ddpk!+IWJ}<0&3z^m;s_k&G42UFa>dC;k*KCEw1E
z_)3Khe(S`~*Y-xPT9gMj(YmvmxtyS^jppf%@=HxoJJvnbJ{Y7SiU?d`3?Dg0D1)qu
zk%p1hh)OXd9joBwPq-qum%?;jvoj|at3P9FynOJM%1QtfVWh&tGDI4G1xOMQDgRc4
zl{89TfW6@Xx@vWSem`lyQooBX%OX!nhM)=!OJc_-8^;=KND>bt_xpRZS+j3u!Lzip
zOq-^7SynRc1^aqmICMYUQlp+DnG>ADf~5(_8sw+zP88?rUlxitk*mn9)2-5pD83@-
zl@93&rBGEbtjJ3qps}a4-*c$?>e+aCBAG!ewb!t}b5Z$g>eox#J_Ll}<e}}6b{y0h
zRM=E@)IL;IX&O(c2V$t(_4!3W%V`Ubh#$Ec7;)8c-6l`?fS0V6%$7{c1=KGoeNsAE
zif^!G(5W9^VxbpUsbm1wn<>Hlm{Mj?nst3yk5<pFM7%hn)UMc7U%DX3_&5s7_>IOJ
zZTSM7$JLfI&25bM*3`AWJWP&+W#L{SLT}lsyGCz&b2X(M(>KLPmX_o~<iToS!&=>~
zBwK0hnKbwPOiwM`1&*TBt)S>hvUSccoU~5_H5x!LGsn`D)D)vKl`@?&<>eOP%GIK*
zCoPIi#)lz9vh8Z@X6(v#@!gnN3won^6GeDM6q=G^JC%H;j)k<jO$t7(E=6l;*)J`E
zvo&0cCjD9#zS9K)kM)n8zZdN&6BuFD60l;85p+{Yyc2SFm7oW<kA2gTH-94|UkFWx
zrhX1fXy}v3A5^-pL>%kTW;Vk*<J{)lmd}R8#>A$sxum(4uB+Mbg!75GhPXz1*B@PZ
zT|<wAG9*F60t*=n8N(S<^*2p?O?c{x>t4WAYi3QJ7_ZeeyWBH@7#A8Dn3&fpRb*9M
z8)~X(D!N?Mpp~dqmOW(m=IOV(j=GY1>ZfxfSYwrS&UJxMJ1a`N`gfIY))HG10~-VH
zA4_5rMvM}b(VNf*!Jm1MiQN#JOz+NIlMZ~how5kDGwLDf83E7KUFqa}>yV|FF`#Tm
zY1aS`-HMEfQoq~Dmny}VLEAR*zGYU;bI0BMvw#0iRz_{c>(%11sx{#?hqZ|DoIeC}
zIJ1qx@ZLA?<)?M#`lRu5lKCB{%7e7!wL|QlFR%cufeD5c!%yoAeM<MB>y%QvQXV-o
zQZo`FlLC{*mVbyK>fhIQYQJ&Kw!Akbe~0DN=G6bR4^R|*4bARSRETVdDf;2Q|81t$
zIBBsl*lx|}s%-4z23d01_`4N%=U!DX*}q?TP{Fjfkk*~h?Lc(zdeGOQUTo+*H0DhZ
z0sFm(dxqiCac+@DG<~2{A)mf+dH9sVcZC#%$qYM?Hl&JIO^8dXl<$_rCy_?MM(H*_
zTjM_ljk1hXoz&?dd|Z{nE>16}j#jrKzGQvDp9!E$1HLzR^ULjiy?w8UqJ)o>M=V7~
zBT`E=X+xHTtC%A8+U6CXYjJpfujyagF$4RA`yxl=&A1q}HdVMZ{U5F*Gz<B$z5^HX
z%r%6umpo|JAk>)15X+`W_hxh!kQ8eHg+5Gp;4W9nq?uS}w`4bO>)lxnyH|7a&LyTE
z$dHWP;aK~i9MhN=uTJjCSA7$XVJ_?%JD8zuYgg0<NJ?2Ych~A4wI9YFh-9wkoUW3-
zCjI=dt}tBPkeA+QzNP#Yq(;KsZwzmS9Fsfz23EPmi|9Ho=RxhVRm0TEpcXcNO~(+6
zS0C=adXDC}jBkK9cQ0^xe0bGd+X!ep^&I*=Jd0L}JSw`9Y>YCM{LTo+xbGZogzJaa
zN8?G)O3L0g*!0-;+b+&e@@AV7rIe=5rxLjkj(&PZICbOM>dvm>7%;VqW2`B(PQD?(
zRpLc6tf-^AOI%vNK!02RyT0&R|HO0X@V-mm8f`%HuHeexm}&Fgu~f&)F#|LM%|Y8i
z*rDoS?VfaHRO#Y=%AvD)g_g7XYWt=BOUKwOM0LXr9|!6CCG~aVhq#xOiQ2EeJjq)3
z;UyF%G`OGH_Jzew!EbhP4|i&hfl%y|cWglUXY7Hi-t>0#z*}<Zo9Rj!dg+IzR;G>G
ze@OKWElv6#DUV$x&J>g|_EX!^?{N6Ecy}PtZnGygD>*ALi0@$h=2%``z=C!6)GcDy
z^+poU&;5$0F$?0&;@xJOFFZGE#^$aVzA#L$60>w(@?4TQNgU8_Z^~>+uWT@LY*_Pe
zc^+W9w@8~U(mk==;`fc>bZ9UeB015r<?p)pZf|FbVj{?c{kXfcY1D^(t)f}G*>YQE
zRd!T<B4SY5^kjTwef-WXgwNxxzH#L}tb3t7CkZ?8#PXQ&kK#MS3B#AOMWrB+FVY^z
zi$_KBJvKdT*_0=FC!Lj)6u_YU!R6uZzO=sF)XmhyR_EJ=$4iK1>Z-A}*KG_hJAA<)
zi|reStFL^<edyQor--#@Z!_NEIJG~h-qGtVI!vTaOgzQ7l(uzb4dxvK03aL=`bM5c
zni^u(uFiZ=8&@kBpRcnU@<J2<kdXFugIYVnJQ=NEb`CC*%<E09%#02;lFWuen*5q>
z@-TY`6@L$yp1+p9wZEe^#D-Z~3QxjU3@P9Y^Mo?`Iy<?*#e5~1f9Q%KKc6)NnHhg{
z@pP1AmOV?zXry_aQQp-9#wf%m#B0qD5@ZyC@PULtf}$WEMge{h7|0I>g222W0Wp4v
z7)Xfm&j+&<9`cifhmEb6u7c8^>5!Hrv%ROMn-~!2<Kx5U1Lkw}umgf15D1W804N~9
zi|oM*_jB=t`trKKS$>NArK13YTYEUTc{;edFrMi`tz5l4C7GGe68-)7b6(DFe<yN*
z|H%$X5$Fqb1A_SYf&Ug{WBqrGo0o^vkD=LE17S`uXPAp892p1t*EqMoF8==x|3}Kd
z-TyT)vL>3E{~r9;c%7a9H8tE*(Hn{2Po)1y`&T4f-_H#O)P=!ay*#X8ir&bnu>9NX
zJsoU+73UvHXP*B$c9^fje+fJD{0#fC6n<7n0y$SPc@G%W)73-Y)zwMr=PLVk|Af4K
z;?RUzJGh+PPjN~BQTzWY_Ae=z0@M>Gb+#CJLHxV|g8Cqk7)VeIEXvC-BF4}Eo5;_e
zC>olsHV(Fa|DhptrXeKwyT)%lQ8kd8#|G*N{eM#Vz3*>2Hr8Uct{%=%Pbmjys2vRG
z=3*xS{MGnd&%c+Hn7pf#s|RveFe$JE@ZXyMH41r?dj01;suWyTS&mUvQC=7X5f<hZ
z-~;_G^IN}v)lqP@_Bz`evM$yzII^Pf-ztr)_mAB#2etcW>t7Bh2PtH6`D`3)!~{h|
z<pe<@{2&DpFbJdwhR6#D%R&SN6cq%N6u^pd62P<ljtuxUiZhiTt^d^jee~yz?riaB
zYKp14z&)YJ!K*6#7>fgPEFz-9V19lP5ne%%HI!FSSk#IaY6XV!+Sq_>t%XHJg}@-l
zj}`UL@LwbQQ~Iy$e@dTC^M4}!TljxSYkN2#&wQxUZ+-qE`9DeVFEam;O2y%<u6`)s
z&#IvZbN^@Sue$y?o!y`waM;<|Bgy>N;q&)#j_msPL*mC7CI+=WJJ+SG&yEI|jRf!?
zt-pqa8s_l-Tfm?CzlHzz96t6im-9}SpHe@1{dW<#tF5OG)B`4Khukm!*HiDO<UeCj
zwa?oW|18d5%k@8tDRFkTiy;>Ra!}A81wiiq|7iP_`DcHlvw}K#{pc?uz>j<YL1(Xj
zhW_qG4K+SL^mjLE=&wiv7Y9!%fj_gMH2)TL_6O+a0jY<)R)R?(r-s^u+WWeLFU-kE
z!2x-w!OxbXfDm$0KY~y_{~BrhD-w(x-><;m9DfG>tln>zG(R@e&sO9G6Y^RO`1i%y
zf9$ircftSWhhH=L-&94>x=4Zo<b3l2*ZF)<ycf7ofShk$;5wfViuVE+3Xt>73tZ>(
zLGfPTLIHBVd4cPEJ}BM`Tqr=!H!pCV&j-bOfeQu5`Q`<#^ZB57FL0p%Ip4g%bv_>y
z?*%RtAm^JGxX$N;;=RCy0_1%20@wL`P`nqoP=K6oUf?>P4~q8!7YdN`%?n)T^Fi@m
z;6ed%zIlP`d_E}N3tT8b&NnY`ozDlwdw~lD$ob|4uJiezcrS3F06E{hz;!+!6z>Ht
z6d>oD7r4&ngW|owg#zS!^8(lTd{Dd>xKMzcZ(iU!pAU-n0v8I9^UVuf=kr1FUf@Cj
za=v*kF1%k~e}uUpzw_vW{BonRh6WV*#YjeL6<tjL!2cQm5F82s9GoKG7Xbh-egI(U
zCIBFo1^`gHKD2zN1OSl6sw&9p`+i!<3b<`BnB3mFFi!h$Lya*QJ=b=&4=+0USv2|E
zJ`>LT>HMo@gQdL5OGeIirTM(EtFd0Cfssbsk5`|G>6Lgr)pK49R`D}3eYS~1e3@KP
z<_$QEM9yVR@_6QmXmoT1zOIQlAZb|M>WJu(>}lCES*{OqtOx{JkYJD%Fk&9K#aJ5M
zy-POx2H0U-YfHcE$dC4d`u$f|b~o|sTd!UUGd^;#a(>6L>%A0pwP0-P!DU1%pil<%
z^y)st#sX1k%u9q%Fc)KQCIecK7XiljI{H=YrI1Pl-A%S>!B~x&FbmpwU9<Xo2yNTI
z{RzFIhdejw-vr~|?-36Ukn&ZQX4b`xz0|k}zqDb4?Y%89eS2DAX5_Us(=>X1h&E08
zBo^{lEi4|dIj6?vDUUDY8}|<xWeA<baXGYqI&6<5{Is<lS3pleCt1+cRUs-=AohMl
zk4Ra%_Z59hN5A3#=*!o-Ng^8`Ph#nbu$)g<&F5oAcQDk<l0F+zT7Gq4E*X|>TZ2gX
zcy8=^+;*vo#g^i&Qi-II#`?%`4Zgc6I^-cRpb(goIBIF3IGO^pIVvEYyobPSTxXZL
z*B=sq7iaOnT2Tt~_Tc`J*v3blFJGON!!^K%0s5DHrMlite64oZp@|o(&U=Zd50Uct
z9)S0;g|R*QMX`J1j8^*_^`eao;@*)KQlJVp!=w6d&0dJAkZzC71rMFQ0(U7ds+cdA
z>s0T0&&T(P=8ZR0ykon{(Jz|*$^FhZ=s4|t$$@UOflFeGQ`?uz=@n+g9`-nuk@e{s
zXwio|D=sH?D&^Y<=e;3BObRy_snmU({Kinp`}R|Psw!qkDo(S8Ew=?fWqb=l-QO~_
zvrj!Z1W|%eRa?3A`o;j)P3nzoc_>S8ygi!4>l77UemYUZQ(?5_;8wt(jCIN@A8aYS
z%)C3Do~KO+kDHiKTAqyU{s3+El}@(c3je(_{~HAgO^=_O9(0M`EEt+|zJL6VE?Nye
z^cfqwBi&)JP~#m<hF~3~kzHCef}z8D$CWAo?M`gnY*k_ZBF@dop%)fp-k48s<Tyud
zO7!q=rwV4Ph+W<dK2)uGhw#5YobnQ3{JpH#<di&(c%=hO<(XiSzr)$@Ymw+8q7u)(
z)M$>l?%3jgWi5B)$@39{W{u_7EABO~KG&>kp+|@mL?lBzAN2-aP37HAiEpliR0$*4
zu9|1(LWER_B^gH;_7#CER318dInP^1DOuI0qQM_jbXbD9L%4AcYx#`P$2FHHZ4GbY
zZ4iIY#Nta9c;Zm4F?#6;J&mZ@A!`{clhCZf&J!M+OTAy=@n9(pVvc?r_XWoj(H%Q-
zt89`lk7AllqZ<a(u3*(RXy4&0Dn@5RGwf@mr0Y0D#0MLjV5ephkK<@0SvZXXjx>7g
zSz9Uo;6!NlyK1)|_)n)I@&#_{X<a%Q-lwxSUod{`f3@Ne0S+<cX{VNd!DL%*O%P)s
z^WhyG_7xZVMhaywYF}mlK$RIkiFpXS$pS^^H^-0@#5=@72;6F|3XK5}#KY)=Hk%qk
zi&4%e9;6Eox)#rICwtps(1dcbE7#l~vWOv<0g)SX5}?@!PQyL?;k{458hv2#c7-z2
zdk=^4R9PMYjs)8fT_8)gf@ZoAo2(}DHvObIYCGKE?1yh2b?a8XyGkZ6QuH<Zs?kC?
zI&nLdJ8S!;J;xQFI;!`thNl3xEtMX2^`4q9TjpSkQ?cY<&7MoIL{HVmB{}JVCaJR2
z6Iu}rpR5?yZK*?a#zmFq-L_BAA8gf_!S6avi^!PMQfWuMGC3jKw~AYiXBodYa?dR^
zd9gUTCN~B?^6fdz40oI-Vg)M;L&6^7rzYz|;Va9h9G_=iQLMl^DDXmj)_4ByP9i9Y
z1}CS6V&zJBVv!Yrb$MPe<h6+6fd&=`bDw?Mp|e=o#6UlIc^0EC5qpTL?y?L01b5LU
zk2MXMb#ub)Nh?Xo0-S*kN8EZBEy^rGn1I{;t2Q_r9lokbUnEFoX6Hp|LYfrnJKs-g
z9j4J)`!dAgZunS<vD~-b#mYmV@li+Q3e)Z>YV}Fm()D>|SsR(LCi1Xrcif<);+zYb
zb`-Oq23x?#9YUj&cq_=Utjn&*1nL2vj{CP&SiNDhmqMo4O$U<3sL`I-3}N<%C2u{l
zf<2KSIO3mb)Cuc%MXO)jI`r6lj#ZIU6`>R@W~lT`LOrNj{_>Whrd8%w``6La3+Q(~
zE~JtfGwAqlJT9inD+NZ^q*8ZJs;|><+*C7)zD=~>LUv+2_tK|SK$YOwQQyB>Ma!dh
zQ}jx81dWr80Q6Mg;h=xJF7+RbXuae*(DqPnQrYi|u?y=O0gBgD)7OON$vbjvY?|I$
zb&HVEQQa#RZP4@=fZYe!=jTl+bXIeRRDGQcbmoa2&0%55#EGrxUawi1VJ>vENNMaE
z9jZR?c;>J3&9yjA@Xh0y#N;@0yF#n=$mCUu>#iT+{Z=xCYF<yG=oK2a@8Cb<6QWwe
z{IEVyQ_WrO?m~Gb$e@m2btezVO|C8q2*}UgyHw4jmrdc=)l_UpF*Au?dHHT(Smne{
zjUpGTxvjzu8j&YBd0%nbkBP^m{61os&~Bw1^DsYI+R}=wvl0IqSRht4TwXuAd*uNs
zw#iqBrapv=PO@ydt7X~&d+7utt@KFJigb!!H<}bpBPmBqaBYfR;WW$LsU@w0BNR8Y
z^2-MaoHkLq&y<bq=!px8V}?|h`DxR0=8Hki1v{p8`j2x+pJuz7`9L<{Xa)h-q6;P*
zM&CkfvS<a1u;??aF*5V0lz~2;3J?2T?`Qh8zSAfp^xmR=lPk=v+h)*P)B&ld@#oWJ
zyxr#JnG{Otz+))xaR9{eq=6mw+?u2<->F&f&Y1CwF*q!CcI=p{wAIodY*9<(PI-+b
zy4fiDs6yoyQ4ssa)w~^Rf{$0r-33kGWvR#Bvb#qiU_Hk<5$m4mthgoQKgBmQ5)fAz
z!t3QxgB8jk#j?HXtgpvX>Q$P*;T_V5nMJs;eru3{OCdR5u+1~9p1eWCR0kSB>lqM^
zrj!7ewC8{R{)I3Ofim?B@9=)A$Npgjw?P$X&W@|tYP7vxv8yMN)8-}jA!zIS0y(E4
zCsj-AA-<}4d9iWnjvo+To|><PSjTO-bjIAiMY_do*BFXPi;=fgj@TTgb4;NqTXGrQ
zMu+%mO4MO#=_Uy>FWdAzK7rsFQ|-NAy@o~dR^j_#c)l_ohoQcdR>Kyd$wxEsJ<`TD
zA2L!yQ?2Z(0y=w#y<SOqG;(x#xRl}CK_#D3XGhZT>`DYnOZm<iAG=$JT1D!jLLlML
zG%QM@AuiQ4I5giDT9YdTikmDKoR`RlUuR`3Aq!BAf^}b?lT2h8RC${zZu%H(GQF~p
zt8DplU_z|EoW5}j^2~IQHD&)3(-qwQ0=0k|$LV`Xt+f~u#J~xS>H3db59R8_^<ROn
zeY)N&(^=QZ=f~9y>0}iE4X1K^F>}b8ViBwBG5SM`2&WcW-eS3iBiejCG=CHrQT@Hm
z(#+?x%5D5ExTw8Y`wM3huZpr|h%8aQrb%BZCw6aJ2N?Z6C;CYDP(bvc4#Yg?6x>eJ
zFto1$>PH*$YJ%wzT0IPmeXdGH9spEl0$Zw<kxb;I44JW$hfp?Ag-{ka@X#WLE)Nf^
z9vgU0exr$c5*}I=?-6avQ^;!&SEm~{@919DCEt+s%m_}m5KY*4OX<KwGNAe1P5iKK
z+PM{K&VU#BVh#hJ^e`Ciugd626Dt!Flup@@Z`#H%r&1&O2%Hk!8Loz%@+AOQYXG*9
zB!LT1(eExT;Aj)c<f4}|FLo8M=f){6`Kw~jY#H==bOez%d>|~MvL%yuJ{0A|rs`sL
zIyEo;dIEwdTwR7(8e)v6U}`ucIGI;C2%qXkw{LgTbS?0J!o$ejZjn9kr&;zO-G~rg
z;^RCWWeflc^;bKTejRR1X?K;930%+pxI-&@Ag;c6LoaY6B&XU$tW05Mc&;xlD$!Bj
z&1k6@J-(U*n8%!7(R@nGRr%2be>z$sGDV9&)3Z1!u=R3?KgY1iK-^a<_Oc}PJ%P4;
zv54K#g#IbwtX`JO1u9sY`?6axVY~{pFW@X2RnMLYi{m!mcrfKXOD@nKgq7T?3D~Z5
zH@{Qp#MV+NvORUP!mrxN_NBX%;F=~=aoP@6#aP1d;t3`FuDd@2oSWH6U9z;XgTG?R
zSN^meAEWNw*QaGH$K^F#hnxoWS3S&9-GWb=YA~;Gxah7<YqwQHO@{9q&yQrdfxFG}
zafm)+WjEoB1!{?J+!c&^;=g;_hAd>EK5tDJeXOaDts`nPIf%<%l1EwVJ=IIOWvN9A
z^3^=GI>|UO^#&ht0xsR@^;tRtrO9pH`>@>LB{lM%mrt0rq&|XEos#>qZDY5}(#I05
zc>26Qt#^D~N4HQrct>KRVxx;cYh)|fq=?wg%zJyll{8s(%bgEk!l(Sb+}$Y?52_uB
zwnM@ZU%QrN*Zan~2Kx%mOIGii^rwnG>=C=IET1e{5LX=`A9{r1h0v?vWH;5|<$D;f
zZ_Len7_BGuc5cH9{!-kqeiP(VTr;UjV4un|;qY{gc3uUZe;};3V2cfVI)6X~-7D1H
ztvArW9iS2Y(a`#Y?X#BV6$zIlmpd7}!UrWvOI$q?U%w8T6xfF-M>BK{%H3yO!S{B}
zzm%ymvOd9yJf6+KsVO&xY2}J>IDrWQl((F6Se*{ZU{U2@0|${9)_RV+1@}RJTz}<?
z>pTTsd$^eQu!u%xPhO{7Q+JK(eo?FavQNK7k+NPCDSFS8{DVhoBU4&b8guyR@cdVe
zYsudvWshtNICdHg0Rhc}m#J77mu``hvXqL2ro42oFhWq3jk)L0<@3a7k)n?jB{Qc_
zM9GF73VDAZ>fAJ1=rb7(LGOye6){eZ(#p`;^+HP+_2Sn{uu>fR7QNE>Y;y3KQ`(Zk
zh%G&%<nEQ;*jV>%8H77$g~)Cu&xaOyM+;^|8e7rS=U!{2E#oS$bQf~bR-n@LEFofN
z7l}xZzBZCXhWO#TQZggN>&zJ13$k|LXKSz<Z$%H(c&)-3TWdDkb(tnT@6W-x!dE_6
zjZ1s?mcQrk0ug*<-t(A!b#Sr~=GSGLyTTRoCCFs;k^2p%T9Mwg-75s;6;DK4ascbp
zxju>cd5%wRNEW7o6{|ye#EhB5n!9wAOWZ^c7^ZVVC}XX?!ZH-hp2rr~H_OK*ck2$G
zQmh>xlZPj|8d@y*cLTZt9-}c^V~nIybE*l(FW&gH$5U}Q)JIpEG_{w++g&}hjZt`=
zI7&5EUvQGPcC9H{;3eGvF6hznpw%7KPCF;R*r6$r$o{617p+ax`a>qKyBL9@9@SQJ
z^oa&kTZGqGYef-siiwv%n8}!ko#-zK<%ZkOllzRr8*XTAg;zgSykTJpr148607m+q
zdMgf^w96IJ!?$>8(%j8zHA-GxdC|H-I(K{P-frzBiN=E6Y3!~(@EumJ76JUURh_Wg
z1G1^+$wx(R-_OHJW|gN@n#_2(oV&d0WIh@cjS?K?>k{M)jTr|z(hU#P7`LZrqIW8S
zJ~k<7Y*p|CKTOFQCpe1tsx*nKzBYfXGkC-~H-}vg&)PX^e@7E@e}R?9&a&i-M;#D|
zsTQC2tR`}3%&RMJBd7(Q59)aaSo0ol5+^QM%avH<dTlZ5m*-FTVJmwuSeSEavJ4y8
z_2nxk<hul+ZRFZ0v;3*#TGv%L3@4S#Zkf~WD5f-i`8mn){iBYPI)l*S1vp}A8Ir84
zbieYBELOthz}5-=a(|+U2T!A(R+(5)Z85j+TVCPlCQ)QyBa8QzRm3a~eI5}zT*@-Q
z128G}yj9*vcFl^R)4<fI<bA6w;zs#Fp_^-)5wntDv|Hyl<#%MexT2H}X6}bXOJoG|
zoQ0+RCKZXFTT7W|ZsbeW^`nOqd|rDG3mY?UR{?Ssx@vb4Ezc(D<OEbFL`#%1uQo)N
zv%g29C3|4e_uVP#QF|3RfKRut%B*pmEuduB_a!&I#si{6j~dK$c~=u*Kd&K3K+}dl
z+O#$-qA0qh0OJOJVd`p4iL%WpHpWnuNkv<#0rw#Wuchr0^C?I7p!ue4ccx$3BIlfL
za6_w4U2hZ1>GjX2G5fOVOBM@mj5^WEpYL>Wsx+}K1KXqo+&8dy<?o`=FJM#P>pqC%
zgRm%k7Ma1*ePA5|VaQ#up;JsiC+1a=l~Rbyp6*?8^$X!e{<B9po-S(2D?W%xNYUta
lOweM@gM3P4Yt)f50IVgw?u6O(?CjUQR28)pD&=n8{XbQYBt!rJ

diff --git a/ui/images/logo.png b/ui/images/logo.png
index f36a9cb9e237d2eb228ac473377aaf64cd2d19b8..2e3aae936c41ea80481f2d05ae83065b6ba6b344 100644
GIT binary patch
delta 6647
zcmV<T83^W;ssX7;A&F2<M-2)Z3IG5A4M|8uQUCw|^#A|>BM1fn002zZOjofsT?!BY
z24YJ`L;(K){{a7>y{D6rAs2rD2XskIMF-yt2MQSsTAFPa000?VNkl<Zc-rk<d6*Q{
zwg26!-g|mhW*D{^Kxjlo91#RDf(wfq*eb*&YE<O*Q(w#z*QZg$7!$H+&}f%NME$Y|
zXrrQ0gF!_>6yib@XqJIt8J1!8-n;6)Kl)U-6g|V>65)G&zHdIdy6S)4d+xbsKc^bt
zdw^luD*KqFOKr$Q9`f+51N){EOq?GnSKTg$$By`diB*lAJv(M`ZKaW9!vussEzsn#
zi4{vP>c2jJ40*`I5g^nf=hse*2{Azt7-%rT00u>{*H7+U@WR~F%iH8<g%Ir2g>{$4
z^bB_}HX^PYuCxK+R@r}QpAB~|pK{Ey{88i~58n=aEf;vyOZ62k$>=ndvB3_T8dex;
zle%$oMhL!UXL}65Jo)+23u`Aa#%7+<%`<pFk%P6R3~X#kB4vn?+uKrS0LTk<9`f*g
z3ia}fEB6ll%Z7(ayx#a&Uu5G0XP%i6Ld-jP!Pdu8hA~12@f?3+Oq~DPwt>y*%#e6m
zTtB9#_qg$Wd{C6Eb8t$92Rox_ytui=2_YC56ZzxFLms{-p=MbD{1gD*+y9+DVnOY`
zlmZW9OpKhrVL*X{{Q<E3z!18lrreFTv;n8e;8YnD1~?P}x5~=Te!Z^WJHY1rapWNn
z-yD>0Yofp#k=}ng!~maNT>}6mUT<+vujANar{WSqC_)G{CNgM@XAn&rXozQ^3&u_?
zb^XYzsCQrR>JE=Q-}I$Bj-9?_$I1C4%0nK$2ce!af4;i0MZG3%KreL}@7}d?dsz<`
z_HJuSE&Qq}wI`Z3#I9HdeS8j-du&K#3{-mT=wIYSO*enH*9KJg_ozO3&J#*Km-j7p
z&p7Aht)~Nm<&P>4dH4?9Z!6TZVaKbAa)w)BvtubXrmj`FYIiLC!2mD&?PeyLD_pjF
zeRkEpJC;UD7qBY~0y+wyBAPZ*Zo9H<&N-F4&G}|5+dH<*X}`GKC61j?U2t5%;w@J!
zx&UjBRw93EnsyF=`v3@{`7b!<uOA7x1;dg40DcXi41f#3qENv9%OjDF!El5DxD&ud
zM9X~ut`7zLyN^b`2!<nt05kx-k*!261@J&9;Lm)oLOo1dWpB%{35p`>m|bk|?{m)_
z+uJvKeN&?UXN`%sif!V}VwdfjQkUBAlRYu^L4AKaN*pSVD|MsPsirozCYJ7P&%CkU
z>esnrx<1sVpntK;W@}3u-5V0D^e9)JeF6Nya($#gF@Q4xl+g8-Bbbg1z)%3E(seTc
z?@`PbF5-(`bRGRRyytK3ewUPZ>^63Ss$xm0;*9$oil^AAqHm$I)WKN)e_VXb$Ei%_
zu`PdXsYExI4IY~UpF>47t+%afO8sVItGMOu&*px5=c>k{Qy0{pyG_a5v7t3JXl+w!
zO{6K+xG$l<;xLk1j&h-n0g$zC@(98$Wx=QYNF`z@;5UetG98Vhm@jky3F$h~mHo_|
zHH*!hHB0$UEcK7x`pg??XMHoesDKbQcS3*PyS+`!{iweEP6IHuN0V&;P~>1sKCF*T
zuIc6;drALd#C4-}OIz}hy~(7;p!XR*<i~fsTibG+FhmlJE%({jGau}3QXGoCZ;9gh
z>>pDHwI1a{E$C0aKGN_znrQir@eYO~E&x{oC?(_e6@b@CaeQBVVW0~QVa&)dq1b;e
zm^o|K$%OYx0Aps}ci;10Tc}T4wARNA*SLL2byAf_IhH{juS0Z?>NveQnpv_fmYI{#
zjX<f>He%Gm%_n}*lo_AM7{lt?lIZQTH#k(bVrMktO&a)>B3Kz?_)=Ar=UonC)q5B9
zZINo$b@{YM9=;>+0eA>Nce;K9z*~Rhxg61O|IAs&0}sqp1yi~M7y;nF0N4S1J)s`@
z?5D+<l=IHhD&3c#-P==jLYb4fYzk7ksEITuYu?!&z39E2@x?Bc{XMB0MF|7F(uO#x
z%w_WoC~{zJQ=%l6!ATBP6sW4QxX@{Tr>Y>c{<$-&6aSAGDxb~&{%M!8xblDPp@2Vi
z)KEd_UxKMAK$HPE1Hijq&;1rciT`EO^b4zfw@e>g<nH6MA8@-*fekg?T$RPn=Ia;L
zwm&hVhw|`}t;VH2J@$*w?p=VIayOp-Y9Fg@OTSodcg%S^(0f~F%W0a%kj)GZAk7*F
zu!(cNImfdllr#|lqMY+)P1Aqu0BQjA0k9juSDf?4L#){Yz(7hMB>~jZn))He^(8z#
z0QLY_&pB`EfDvOfW*~sUw6ArX^Fz_21i&Bwm6TLj%Q@fP1y{2>fMdzkYzD9{6!6y{
zj-Uj?5gUMGkWKPA0n`JCgaZDS9M3wD&87=-ZJR;?e@wbxK#92wt=)fM6{ui1;-;in
zF93}IJ`V-_ja|t{1jCUkqLUlh4Ecsoz`sXYyMWGD-nSzdj#ScjI^kqka2^PtCw;Z2
zqy1ZODW)^7pmSdz3i#_Jy0cEks&v*S9z{Y?cWRT5X@wA*0I>x?dgguiJuk=Dho$vK
zzqEDSuyW_Tn}-zl7+8PoWVwR`f!#4353Oow`EXZkWlxWz=JX!k@)Ntcu`8MuFKupq
zJ#832`TOL)wVg1p3&2<a*N_$}A@?E;ppD$5`#I;elJGwQ;D<EDJo@`RfRQ9<2>?3)
zJPqJU&Usu~&k0~SfExguV_7eXY;XEZ&iNNPa2-wV&pD)cRAPU;dH^o~_yd5m0sNJe
zr~%+wVvbt@6cQ7)0{9((M>yx19ExTdfXhkAxe2#s0DlHBn{&P=2U83t+$NJiJ7`=Z
zfL8&`A$;Ef(1V6O6AJjJS>~AxAPC?TQk)9Wb0^VxZYbbyke;6a;8}^s?hFO|&rA1b
z0JzOmzyPib1^j=@r27+*Edd@+drbk@4q!HblL6dBkM066DirW<k%ajk0F#KWDvfOf
zu#omU6hMf^S4f5}4xoXqBLJp`0{%Tz@|z0a3IJ8aOM;%?0$_G1;Qw<D+E)O$k$AEv
zDMDT1-#KJ3RsitRutl_PIv9>9#1B6t<>vwLiD1fg+C_f@c6KJGUCw@woL}c=LO<_}
zp6<$y1Uh?y43!=mF6>)S)W_=>KcSDW{G@U>1b}tT$;N0(|5IlIO>hl>zX7<62;wGU
zyXhdV0`Q8aX;l*ARFGDyB<6n$zyttAB%nUBR=>^4i6%F@T#RhT>($bF3jNy+KmfoZ
zP1BCE2-|-Rgy)qMn|bK)3dvIZoMN74DIt;qa5sR50hH789>RMz39r1yU;wWHm_-`j
zC()t@fEfT@)U;5gg{j6<ocQ0wj0GgrUh-USBIS}GX3J$M9Kmqp0TPIbL<=|JTtxW%
z3c#XZIMPoV>LuKI(7p;SQ<u{BJqQ<%wB{55F9ClTMdR!=-yi_bNQ&EvYc-9VPIH@Q
z;R8@jbUK3sy(j(2o~oO0=|Muqg5gLh3EIN|hR~jEM8_gh5HAG75pKcdcmRt5+)q4L
zD4lb6;<H;x!6z*qlX(_D18@uNr8immpB+k|yCl?aL?X_bMO%9&S$bd(uVdtpGN;m&
zq~m|kZZ1@MY$$Q5P#MF<=0s*=OXA6-UjIrLbjWf5pV8-+09-->`n0s^Ate0ZoLh-g
zO@Hl_9kdeSDzeHZtOW1@eO>}!3R&LYN^w^|vU;YlO#tvHF%2Zku~EAIIa&EK$t!Zv
zL8r(f#4Na7O>Q<cO)CZPB!FRbZ!c-@>i~Z&kj9K<Lfm0qOkcFg4~QpmU_HDAz?af`
zFVkFZV)R^aEisqO{M!L+u+V!nfKV_T@k*r{8LZ6|2}^9NlQ8rH@Jm_9$s(>NFAJnt
za%IDROrC_f-m7$eE9kpl0|*oSHzND4fs9v_&SML$XRiG+ecp;}<ICCPwL~Ntnn8cA
zJ4g}ykvzYD$Lj#rkvC@Y_q~!bF(Dla_>EvVavgabChP`qWhmhPq$>uvL!rK9X;bl-
zm+LN{v(EKYcZJQbbUU7INf|Y7)kU$k@z7;fhsxl!Gwh9Luxd{fAMK7VwyCzcE2fM(
zWI~K{zJ>($63+Rhob#7C=Wlb)rvra@TzYgox$3##A7o)qql1`(18acOHBIYA>un}M
zxdFgL&iO*l`BKjLZN$_j4A(TROw%+QX?~By#E%0Qk8Cr+O#uFvT=qB#g{%p8lEoQK
z`;_DSD$>p%w{MIj(33dlGdSnZa?YocQZeEDKZgF$FU#fZW&r)Ady4^_Pu73$DgeI$
z5DW$UdpqI*V$vCsGK!N+JeKx&IVnsN#sRqWYbLu4X}>bwD@ehf2H-66WYU(grUE%d
z`mPPYt)YPbHo|ohfcrxMf0VqQ(E!f1R9D^va5~-lA%MN1fIl7z_-B%G8y5=rXNLm*
zrJ;adqy3vT{ek3>nTl|vH1B`Mw69U*5k3y!+EBn>n}hcC!Ej_GJ!6-YO)wPjzu#4_
zI%lHn!dEtRU)k7l`@llS6(^Osd-V3%VN)1dk~$*INzD1836uKyFtN%D#&Ub&8ABkN
z(ecve7U%}HD5}_)$)qnE_gdXD2=U>eUbW<$f1zob&@}B@B3cD$)<J*LW8I{9S%z%@
zZsDB&%d}FOrrk;|m&tg3nzw=0+oWll1HfhE@^&Xd>?6%vL2g%1izfaXfS*dqv?n^S
zCMG<^IbTGd7iyX|Uh*7V034d8Da3dtGyoW^Y1$w<@OEMfgZ@1Rz@QrzZEhep(}eW^
zrb~&jmnG}d8JtD*F=2mhDByokx()}!kv0IY&>1iQ7XWy!BX_<N(5VG<jKw<L918gV
zN!N`4?j&V%bq)m~C#(tq{3#fYECH|@!0J%I9|r&u>}W6?Nm-P9l9XI7cn!d*lw0U4
zg=etv29WK}GocB<v{1mmhOXbCzuf7ltWlUOS?}GHk63g##5{jUsHZHibFZyS&luj#
zdE?oA3f$#xJIY-Qr7i_Ny8@fy#d|xVXijDj%NX$5RZD_gAfXE^+|-7;whYQ#3Itg9
z9qp-UEh$lKKs++#-94Wz=%jOrgzA1`>cT_d@9e;RUu#hkx~6HbOG3@aMPEU&`2%Fx
z3p+_5I!K`UQ1*Y+gr$edj$2@h<+{PbqzbLoQ~G`|fVrK_sglAemTIp6@V+I}-Bsve
zxz5E{%K&^%RtNyP2g4CZ4tHA|;@VVZ)zbAEizgsk)T=G~1|=mYQ|>@Tww3f$!lfY?
zj?4$}pp?*4E&T5ah9mY+z@L`96+5}w|3h)Dy%TzQC}V#wpV_}8f$oa;GRX4XN1=fK
zxx+oUgM@n5E;0VZQunlRRX%s6$A+o`1yuz$*cANRDxcrC0BJ+Op|FE8-z_N}&wSN_
zrj(95YRYhIi4$o<xYz7Uxc^oc#fshW5%mqx<0+2KCD494pkdP2YbmB_p?Gv?7xty(
zuo%|Zu}y!|v_b$+QOqt|w=I<5>Wlro#sUX-0ilzav@-$h%6MUkLtAKHW+^01v8@|`
zLx818ABk^(8#;)KbIoJ7SS&*-V|6x{(g9PmF4UxR?k5!RzZDEet|9?Ep7IzbFH{2f
z34q?gaO6j()yBcyT-I~_356;qGz0j8EU=wC3$K5KmvxTAZNq+(jFf5Z#|FcZ8$$vA
z6NfX&L5u2!G48k$XGxh;MK6znzCIi5Dm%c<Rv3d*RSt5!4Fg!br5(Fs8QeUi1ZVd4
zqKDUpDxV$aRTtp)no^AG?Hv^t2u^&Xp(6`?yCl#_01uK|auMhJGD_|ovib(#1dFn8
zQ(S)uY3?<Y5E~~kU&wTWXuW%LFj}o84nAAcG|yqsy)))Dg(68wDLFwknPS>=3Fon-
zjLs5_ov(<@5(P$#LF|&ooe>O2`hE?e-fm&gOL9Cj#-d<%$(BxnK9=hNIrg8RGN1`3
zS(P_g&I>z2nB3I!h$cbGmdh^nB#W^)fPH`Ex1*@Gf1M>ZzK}wUi^;2#=VqaRKWRzI
z9v=)xMjZyt*Hai~hLc4A9u9^hKlnzLy25Qgv45cxE*nF4j|x@kdMUd#ZQ$cQ35@UK
zMR)gsQ!~a;?Q`Jb{yt^(-sFVlSo;tFALf`wc0u+6c+PCFAgdba0xFdNp3yYzUdn&e
zx~YT^upCl7xqOPGi8ao79j)icQ9@BDlevt948%lFX`1$XO43|LS@F9#=V=^%7nI65
z7n-KMBH>(33g~y7^SGvID&aO2z&)G?mz&0gha>L*tVR-`=YrwLOcK=5q!8{31^k^g
zySxwJUsPoPfNLp+o<|w$;mEdG%87r<h4k+}@*+%kby_eSSxy<}^KzUaqpa_{6w90W
zlBa{=$bE!|n*?=gM+gVQ5mVXC4h8(H0cgQ+<VhN5TGKK~k;qnmcrY9}6Tl`(pem&M
zZ-)Z@52UpM7FU}|`IQUkb1{HF2E&nisPZs`LWfzDE3ooKRVd)!6bwfmB-($P`GH4+
z;mEmW1I=Lzb)iG);j%F>1~?AWaZBq03S$^h<mfPg*1yn>US74Zwpp+4K&ZdO{?`<H
z0{ES#X<<6l%W>c<jGaLZl`!gwFeMgO>uJt;TGO<8ve4#%KdNck^CY|%NP_!snvuXg
zN|v&SzQ2+*c^me>N~Z$&DG7hU;Rv?*?5hCYCeOi6C9-ogP5YD*V-qR%{(+`xcXQ64
z$_{3a0pdbQL7qVw@CJ&vodC*%;mGwlvdN~^+Y<~&enp`WBVM_cvh{H~8^w}ge?zkJ
zb%djNjtj}Vsp`aIT!3ty-hAc+0Q1TE`7CE>73dMjHv04fFo6_=n`nP0R~^h4*K90;
zRI+@L6w*!r*OT%-T~cZ>O2Q6Bwz0&K1C@E?)tJiZINH|^Wcw046b4*PA>{#dpoHNZ
z@+wcG?@tEs>tHx?Lswc^4|2bgx`<~CKnNgnnD46;ITc(nun@hx9e1CS>#iFI*Jn+5
zR1$WDT&8C!qkOt0dE$TWAZ}?UEAJo+XJv*t$aZ3xnstfArF;h2n)qa?W(kU)Y?OF=
zmn^^@OV+iQTp83f?JN=kn<e2UgPiR1NNY3^bG<3uA4_rLBx#-u?U@8}U>&k`+clPX
ztE9EYA={{7Sk`w-g8e4|cUhRfjFLt&-Cw6HZ%h)N=Pi3Ip!I)aIPlkFJ?1__0slGx
zH(L^iHX2ugY@K(71y_SwSnnpmGzIBKDlhet!mWow0l(Q|+=~5OZzhye&So$@KTo>X
z3&1Z($=ybKY_*;#(SRfSg9q{+s-+U>FpAf07CO2B*g^q+JAgYVb~oW_0Jl>j^6-Ru
zcRaJ9DVagq0GfZ2280k@e!tDBDj3n-4PQ<ZpUp2dCUxvh=z9gT)pk(IT2I#C1xi-M
zh<Kln>vcb}jVY_?yL1Qf;5Bq;+eoO|Xv|Lm+-_#8Ip-~89YW-K#fgc(K(^WBCR%4T
zx$FrE*T0f*JRv1eV&omXN0x0l;kXjODw@aoOC6g4{F8s~e<amEL7~S~66E)3?gY`~
za{!M4IE`~Y-(qP$B5nT=;oU%cYov7^Mz%@9pfy(!4jU}<%q9<HKC%rLt+dCT#JIO0
z+uFEW8Y7Tx{J4*job5E`bBY;%Ms!()Y|~GxH1;*}kp4>UdYtZmM2tO?KCdPLPf;xV
zzsR-)uOfd%8>7VHCh~Zuh64U4EjT_#<35wlu9>crp@9DxQVt)}TnX|(G-T`NONci<
zmGd8=fPW+1zm4`+PjfdB4W1z5m6CXQHH8`G93RqN|0(Tv93=q{D`A7-3u|YLs_^_~
ze3cKSP6Y#sZ0P1zz`oJTF#?7FlDfe2>zl>Ab?tw%CzMs)`@oqj(@9xNp?I*AHoui~
zzK{B}ONbeDDPc92tP_avXHo6>SnPj!ppJ9CyOT8skhabM*v>hxr@rzE(n>mj=3M0~
zP1AajYwI8;uH&4y(mfYhaX~b1<(wy^v0k!d=KHjb*8XoPr(m{xW&qT4&UYM&`oVCd
zoGgEhn;3J4^n!y8`}?F708z3O);Sne0=m(&Z2-3Bde$<on&`p+Y!3zeJILA;6Fm$7
zt+^6x!EnSpk2HYVP{6;B#um|h27pG(ix(ACj&l=@ngG;wkiav?R8ojw_Qr3Ql@!sh
znk?(SP{6-|zAq!1sQ_A}thzjRF?lux#K(WTLIM9yx~C9tnpQ9o3iw+sG_N4OV}xIu
z{7jdG`t*fc`!j~e&#Nw&a8kKPDRwYa`BaoT6*yD|g>@|4LS%*40H7OyE(GEkfwr_j
zd&+2izdn|DX>;o`K)>hP{O@*1@MNLh3gBGM`BD43W_ifN*M)<E-w!UW-aLGM?VNv)
zcE?Mj8RL{;6<(!1Em)z0p~#`YV`s3j?C*9nQ`HJU7eLw&Na{kw(gu<`jI<CLA<&dD
z#7Z6PwJpu5brnuy$BXCo-;yVN9`f)X5^4bWWNN=RPg}4x`bK;Ev`ww)@!ef&h1;em
z#}qly+h>Q0Y<4_r>qP>B#dSl(44{7%0&S|oni<1p#<0?+s9zR)?2%JSS<8347sc{9
z|3d_M$P2X$%coQ?J7@l;FLp+gHQS<!U(X18H<zmR^*QVY0AWBEOr&iPZ2)UfncCp6
z>w7Y>cvIY7lD0*mpF0p~#@K)2H=h(7_-2n22i8yXkcYfb1Hh80$Fv~(GbuOk0teO-
zjxZ3Ae$EBia#lnBc=M2lJmet{dB{T^@^ECq{{ePzc)3U$yM6!w002ovPDHLkV1f>!
BhztM#

literal 21781
zcmeI4XH?Tm*XTnpQj{V}uL=l+gc=CFcj>)^5JG67M5-WI=m<y^1S!&sN|lZxMGz1W
zkdD$s1XNHI6mHPt(UarDeeQbSweA<PR!H{j*?Z6Y_RP-Ahd+_$b=4@z8OZ?v0Huby
zvH|vU2>a$DCC2`JX==2G{UGyDH}?hrj?o^x@c`+!P5}VqdMG8O^XHw=7__$&+Jjv~
zNr~OV3+;$<MF0SP6PbocBg2)GGTSp-idqpNNm^(FdQx@+#pn>agfsjcWXCllIC946
z^&g&4Q6XgN&W<3semx|HUSEJBiu?u10!QxkD|r!7J-aUh^IS%owwL<$YQ|)j%QiEs
z21wdSDN@u$^u<CbiWON;%w6ev-1%}rNIsOD+XHZ%w90|Q`x_S?;Bzn(dXBS=qy>QI
zH++l~(592oCd?eZPyI&mrWIbuRlGJ#f}|E{2pvE^;JRV~KwcFuBs1-dAt0L&VAl(`
zp9h>51lXOuv@{F|$^3jX5D#FP#6gdjod95`MMNkAoTLF|113=_05f3#ouk%c2;hYv
zKv=`nQ5|rv4$#(r{8%M`lmZ~EA90NjKo|(H>*nI}16;icpi})|3VnaB;`lN@mekEk
zXgxPXCDf8s(38Z}REU+gUxVQsoj431mM$;!$p7YPaHuHt+~!jNAUlB`JKN1~e*IJx
z{r%$CYpHAn-?S3%bK2X_?=23LddOolh6x_r6985*hDZ~Kxb5ZgtP?uf9Lv729qm|2
zEnfr3UYRi6^f+Lnk`rG)KEAlH@Iv#kq9v@yG-wa`$hOV&o9mZg=-2I!b1kp9L&4Ue
zYJ{KX9zEUC&SxIDL3Y)CYAH_bYu&N^uPnoyk2UP;&G_l&^=Uk>E2qb7g7Y~e6>so$
z@C@xcyqXo*C6JvJ1Ke|##S2UjEV70Ze9}65+ziw9Y8wFf(1?EcoR^d!#Ocb*0pI-%
zxo>LOJb(~KjT@c-fQ>S@kWo*STo)+-pqw4be@}sF>)|PZHe%+7L{krseYF$6s>uEL
zk>YVha)%IRFFU@n%Zj{VefL=S?SRkaSw!3Pox&15sDvIFKcJHFpx%LzW<BI>3MC^{
z=q9CwaZE(u*+-diT_<I@dF?aDLv=!$Xm0i=5p?>TS_xw6AcH6)c4Kvx4>Df(kZ>#2
zh6L$u0QmCPuqHK7QfQ^V%yWtwrTQWX#;dBi$DTQ0K<RNOvooG~RWr)Oi03RnD|Mot
zh?7<75^j5aibUkGtFTaKyW)LG0kTAR?|sfPiqcNTdnRQBjgcSW1NVIiX+l-n$ixYK
z71?2|3hHLsX1Xubi`bdDMNdqSNstj-)qixBGqFgk`b@)#FON^zgF)eD>H=J&G;y@R
z<AD)Mk0rQiB9*{r>*Mh??%y#Qq8U;hayQ^w5h%_ORcGW%d@|wSQb__y5@0{qeQhCg
zp?yJQfoXx`gC%*Uy}ak0&xWsf4SJk4PcI%{6kQ}nq=6NT^U@8bi*k%kh{ahbmgm$O
z+|>^+q7}W64(YpcQbQ}hJU4lm(TTxn8+G?Jrs2eNGOKRtGt;5o6}8u?uL-t%DJa9}
zuXIHqc~57YA~}UT?R)BOns&kI;po#{M#2)H)wJcC)Hl(_X8g7M7wHpv$dfgb&m=SP
z1C5GH3QA^5ju~$n_Zr0&+ZYB_s2YnH&KHwCPboDn$vnSm$Yh8tmM#h}K^CEn<n9EU
ze~TnGZ`W?uQ@W#{ecyJzsgwN}{B)I{0EY`@Y1oBOvBzib_l;ll;cra)#?lxqQ&OA*
zQ4-M<F|9J#OmdVXnNRcld<&yXw#-|Yx)~fbL$|^AijS#4RJ$I8uyQF$Nlh^;RWH>q
zRa<QquUIS0ENE6~G~W%SQs~k=Yjsu)8P`vgxokLYI9*6ycv443>SKjaiAz3HPNTAK
zt9#*kT2_lqNR~FbaK^uRd51X&_|52>+fLy}H3~E0Dhh7mNs9hc&<-(AG?WF{HThm&
z$+}%$DIb;$OMQ7Yp?(mWH=-J=N*#mhw3_Fhck6WP%sWGThU1Ku&KsTebOW9G0=@!i
zZE5YUzNdY;eWN$UGGstw;N^_vjIoT_Iy(zL3xV3A+6M@Y$_0x8^Yz*$_iGjq^L#U7
z3+pP?^2~Cc(Z=$|!V`t{x{11_S)<7Id+%$X)E3vBzPI>-c(S6_tu_dTv}ZupbyT#k
zCpISrH3Y?elOdrDAEzp1v0w@IuJ)pnGLf1|@4vM!7u2zpvI0b!4ICeMAu?Y}+spSD
zm1&qUtcGMj)_Y&sjEIiZy4)+2Dl3%1)H&VVyr7Bs=xO~jVCZ9JMpee6wW7(p>*DLE
z_3)|NPepI@Wtoe3KWpz+n$uq#lsk4iS=eQ^ELcxTFBDm`%msu46HLp;?$zb{mTbc|
z7-T=mdflFvorg-yfM?8YpGvgVb=URkwWG6augxl5;@WrE57-|B6o&BNAqgTw6+$iX
zcRvSQ<Y>JvCpC%qR5`w;5R+Z6K(7#Yx%~3t!*UL%?zi#f9NWuj{R#ajs%z(iUynW`
zfi1zJ+k+|2UJJiw8YXw$Bf^Yv5R@wBJ2<7}J*&K<oT5CFfduJ6?h0y(@ynJ7IYTET
z8bll9I)xm~pN^PinrXOdF++s-E5zMhTV}tmZHB+fe06L-kRc7&ZSCQo)BkAeTH(oJ
zAsPXx6nX6kUCE?(3di}2PR8(jp!MasPVWDR<q?t-I4C|C@j}UppH=sRI=@c9jkgI+
zV*cD6BKZP~^;gdp$2VzHYENfKWt~j-VRr+|NHv45+(?M`R4n1pNvuV_K`uG^^p+v6
zRql1TN7n&alS!VqRK=GOnG2HFDi*vpvfv%#C#ggtOdVVMB6}byrCI0t)}B`NOvX#x
z+PJ;HM)Qc~<&E0>FfCI-7PF=1GG|C7)YE^Ge4d`@T$l-Q8T3I^Ex+4{Ug?@?YDIAK
znE)M^P@9K6mmk*PxvU;DCSSZ3v^q7mX02xiG@q@3?Sy4A$<jwgRnSc`q|#q{!8_%*
z$P|w5X}vj>R9#&9xZYvFamaCHX+|*1k}9Pnbt#p~opOAlnsU~pdhO#Ul}TV~AMa%2
zm0G3xyjJLgCPd+r{yu3rqdP`hMmt90>qFBuu(8kXgX>IzO`k;Hj!arMZGV$}(lTj`
zXRI^gID**K*sa=@tB5RF`JA%rW?io9=DF5IFhuZ;go~<ntp523%aDwbLEPxMRW+(E
zwwArj4PQY@aZ2OZTb-}CJe2(xR<_Azw^=ErCVXN7%U+TUv-z+fS%A)p=^xTnGYr#r
zE$uBE^q$HNj=q@*_^LL^Mtw^ZYVNPOY4ij&v2uAh5&2;tCNnuRC|Kyrl-*=*ZQwGz
zf7Y2Az0q(S^KwXKKYCfZNxI+a!voBR%E?7q(+8&MccpCI-eBH9_Y#Nox*BgardQNk
zxzw)*G}i<=Zm%$9N%T)|HT%Cmxj#CR1(BI<-V8u*cWi&0Jvklhb@p3-Z{xV{+4b@!
zy(Zf&`89=crRneyIm^AN7aLQToZEb}HwUNGwu!G@8Q4qs7)Px{6n8VOH;giDHA_+!
z0(m9p^=;*Aq0)fEz?m$Dz1+Rt3Wk%w;LjtgWBr3^gE^@mQWIO<F6MuG)3$p0?quhq
zPS%zuej*^7EtB1~hrUz3EE{>V)OrgS*)Q?#JAJwT(ePQ}ZsO_0#C<}7w9T(@5y43S
zKx!6cWQH-*(UyXv-GpEcXnTZ^pPL8vAPN9L<@`Kga2EuI-5!BNxyx{FG`4cGqa0*7
zO~rJCbv%?1PAK&NFN9%$t`R)I1rBlGl#?Zg`bl9OxFIkwc0V^)cW)^_8P4y1rLf-*
znt`0`-@9O3WH=QL0<xRwoM%@;dm-4xgv12l!XQz035XC#3?wQE5?}`lgG7MBB0!Lc
zAP6ia43PqfvH$hrlqJW0gL*kQN*O4t{uK@@$#6PhFdkAsps%m5kgtdk+6xH;K_C#I
zFc=613u1c+di%R$V19z`-dsPN{Pd%Y@P>P#JTNG<JNtoOm_7OeMuwB~Akg2hzvkuU
z@pmA1@4wh#DFXdq9zc+gFz`=C4)DKiJT7>-ejl0x9Efm5xFOsz-dH=(AMHGT9{&F}
z|3}Eb)&DUtHYYkde>VO(UN^TthW5s&_+SzIh4dd`e_DDQ`FkLM1_*ET1ur;4#RoeT
zu0PElgL3?poPT&a(EP`-Bm7YR!R$cu!|eM~_>mzfcCJ!NUI-Wl?PY{UyUPApWxwuE
z*y|Io4h)WRKe$ivL4mmae<k~uD}*u(gOEK~jDjFxL9nP12qXm(l@gH@6qb+@7XHo2
zkDfR_bkGhcNB@8M5R(F9-3b5g<F}r;KCqj|0fvG7S6+Va`<ovJxRfK>%MFH+MY+L{
z2%v{M5(@m)_*>7vmz0ze+7<1E9Tq}X1Pc69^B=9Sm(=q=?x?cf25O4z8Y)WSAc(lQ
zAXo_WyPMzo{n3vy8h+tmZz#CK5#HF0djFPbY`(wmenlAapRGR?t|(b-a)lgF4pO2L
zl8T}r31N`3ga`<vA_7qYiz`4x!79pNRb>$sMJVuKzhe!4jpD$|_tt;<|9$j_jqYIa
z=;%mkxO-z@*uiTke;*49I~I@wLexRR0U{_Nj$KcpjxdBEOcG=-2!_MpATUf6Brbww
z^e^*YBm2ws&**=-KA5JxgrlS*7y%X(MmRbMii*HMf|9~;xF8554wrNk5q6LihWvE>
zoB6+7>v^HDH6P~sTc4jK|6fA<!Og!ysiO|^>W>5dARC4V&wsZ5%Io*)>;d!gMjX^0
z8P1=@=kIck?fUl%`n`rp!QcmVT^4>&8W0Xp;6GY_4GY%{_3s4!cL;v?|IPeA$MAJR
zxF1$sez^MH>pwg3Mmu7BVO|IYBzC|2U#s2^m;bcE_5J5ffd%w^+qt6t2U+lj`TWmv
z@ZW8s|49yTs`LM+930U85gP6Ub4MZ^WPv}I?$3t*E^R-O`OiJ|vlRS$4?+)qlBKZw
z7rT~V-}eo+B>k)HSL7f4%?|dV>xJ+ACBVYi7Z7yt_b=1m)wrhShnxPc#x?zAY3z=|
z$b$chhSU6;)xo*p$M2dU_K1s+#ZC>k3Aguolpn&?Oc{m!E%H97B47}9Qs0emHGi};
z|79s6_PgP4ioXnh<mtDQ==U1<qZND3#U8PNf1k1cRUZE?UjLh4e$D8A(<_dzqaZjy
z4i}Gb9nJ?wdxQ%I$l>A<uEY7@XpeB=06APd!gV+w9PJS<93Y2_N4O5>gQGpdg#+Yp
z@d(%9d~mc!xNv|RE*{}JoDYun2p0~J!^I<9hx5VF9^t|Pa=3Ve>u^3e+9O;zKn@p=
za2?JEM|*?|2gu>#5w64e;AoF<;Q%>YJi>K29~|uwE*v0-i$}N)=Yyj?!i59maPbJ&
z;e2qkN4Ri+94;Q=I-C!V_6Qdaki*3zT!-_)(H`N#0dlx_gzIoVINBpzI6w{;k8mB%
z2S<B^3kS&I;t{UH`QT`eaNz(sTs*>cI3FDC5iT4chl_{eBLDT&D#9K6sH!janN(>R
z`9$pVtn6@g104V$fCm5wxdH%u*~fma000++0f0Al*hgX0000K`4ciV?0D#(9Ls`Md
zZ{lsHKgP<KrAuxDQR$;IoH7)jk{^v%<Jv(q-rG{m&ROJ&(0|DF>UvZXm%Cj}NG08P
zS%A?!I=o`mq$qXzD5qoj<wg@j7_Ia(s2h$qZ!WWKHZOJc^*WHtgrA?;xCP0S-kfRN
zuDf_?vN@4hpDy9NB3Uzpoc08F(s}$lS7|gulCUlDG@86Qgz98G)#vz#gnieirW5K=
zZ4#mC7lTRsT*q`zBv2}*#6mB-#t#`04YsuD$kU%E767zJ$S<A(*y1@xJS=bHX<Mo*
zwx%FjC;UW%*25noSQ+zXq4B8`*;yp=XY-k^8T$l4N#r+&ay7k|&w1GflF#pSA-=~<
zU`PH=HZ~(f0S#~DO|&+0nW{Ypu9}9_xNJ9RF9R$rQ|q!u@dUcc98imCK}?e>#IJ?t
zueW@OBpuEq)E|W;38S6sG7J_LEd~Krvy&PrjrP-swyw|<;GRXzx+-*zwFA)&n^YB8
z)LI~`y7{n$L8hPrU4bqE)o8;$9y8HbS6>nXMS{36z%22nXP>v**ywUd(pDoP9?_&b
z&*;7Hj*PLY5w=WP=Z(7TK|LotH!S~N`h>cIeHXg^Z9|jj{R{G!yOr~E*Toxp&v`2d
z^fW1-e@>)N@4<bK*VdV#C=aB->OgXj@iY2qO)@`}i{4E~aYaF%vcA9HEBpR!`VBH|
zqZ2b^O(hT!B2l_C0Q$C*c0BjWsTZY*bP1h1#>nStf|rU2&k(>L&-b?N;8))xc_)+)
z(n)uj*JVVKztFpw@@CIi-ur1y{z5}Y!cc)*)*#hMAgXWrIQ;RVvw)Ena(}e-+Vj+T
z?m{oG%;tUdv+nB;hwd&mDtl4hStSPcF$o04j`(S@?tOFA6%@7rn~{}?cnzH0<t*1&
zB@MrJb1SS?zeZ4LHKi=fiSk*wI$bATF@+@KgY!<Mbi56rYvd2do^(%Nt{{*tc^?!o
zP0?iAIgR%m&lj(**RT9lA%1Fti}B=_iI7(Os*rrpQ`U-SQaX0P8<i6Hn<2NInA4z=
zL>K8lL+ejE5j)`plYS*_{dSXJJHO4}OJLE$lJ=d}oGP3*#kr<-1z$gM-GwliWGc6Q
zw^Xcv;5I&0auqqx0OgHM88B2$jbNK``eH{uORgTit*9=#z~Sv{Zm&rql87-ONDR|%
zF{~5MmZU%4DjI|4dYAn<6MrgaRV^b>k1#9Q-2`u0y<qpvx2~<P<mG`R^;FBTL!o+k
zq30YD;RyI?cxzpEu!w&;y6VCui%nTIy1uukTJ(CKHSnC?m~mx}7ZQECV{@Nbl1=is
zq|R%q>UW@qb!c;EMqu<}GIDk1TnAm7dD}p<uDXeLG66FEOG<`|(C}v1W50!*Hp(_{
z@aOJ3bYo6}Dg1Ym)>t=c@E16Ox?dgJS%=yse%T}R3Zx4R+)gH?xV~TSpJdM2{?$Ue
z^E^2PK?|^5W>&IR0lzgbXQr7erb4QtF)xnv7Jb(G83NzHkQz}NJBX-brV@AICBAD+
zOx~C3!3<3KYVnh%fpKH(q}&;NLw(1eObp_AaT~&yiUC6L(7Rilu67ttL677w?m_ES
zc1rO&%O3+qBW|A<2DB2%3dDJ)-h3^Ce@kRXSFdQEr+V?jt(1NSQs!?2eij?I<H3bw
z+(JC#YBSRT_aLkh;&^w{-cx?4Ha^3dOr~u8;o{oNgitn84|z4WkU+mVcT{^0j|uNG
z?~WJ0W+GM86XKWL5$@aa&ncQ5mNM=llY70p20IL#dJJD*g8H)wy`u)ZS!=Z{NjF*W
zz#YEIP%BF(QH`LWm2pBdD#Xetm8tPI`ye0Mckv7RQ9T5W72+%K*d=f8fwA41sIo3T
zsk>mGU84C@ssOo<^3O{!4IMAGB`88zF7&1#dqN=-WmNOt*NhBJ%zFuMkcFKHk?T2L
z0k+vbqX)XaM{&_Kaf9#p#ZJH{uY4v-nm5{BOo`i!9kP7K`$zps<Oc;_8lP&fx1MRX
zIpLnhsjb>HzJ<EdG&rnzWjzVsDgdl{p#$RVB6U0y@2mBEU@~#A?!4g@-Uc!9N2VRi
zEsiZ}h-|IU`A}*nw~qxbi^HehpE{MdQ!$igGIzy`Zg+KeKC~)ycUHc=EuUxEZ`G!(
zf5IN`HO-u}3NQ58gnG3#YSS4KX}G}d3yA9$4<m@n_;NCR-E`u)dKF<s>yuE)Mn9_0
z(Z!imw0=Mn$jjH}GVuG%uPEkBR5ngzF^j*MVPj&QB%CTFchmY@+-`7sw!`AJ6G(F0
zN@VD{T#60t3megy&zs~c$ki&1fC?>olXF(LOEJ#WeYW$9&Fx#vtDdZ>3ex#ADaZ{1
zJonHUIo@!On~`Qb_+OtaWf7OVR9>AbajD$#l?xinZWtQWgv7?4q3Hw4vvq08USG#+
zL3C0-v13c2!q0EnW_XtNo-c1V?nBc%WXL7wsiFvBRsBg4L{+Nhp5mOp&0UsG;Ym6&
zx8@PPE*iDCcxfGwwSLR38K&Hd8L7^TwK_Fx;Mn~;rWY-RkR-!8NfQED3|k+R^@(#S
z^v@?TsMk2N-eOL)-Q7;=yto%5WzkZ}Dk4vwv?pjn_rRv+*)wQn63uDPSSVws(pt>>
zviF^oS+J|=E@fvE19w*5Q4BY@Ci(ZQKBLzR445YZjeRwquBJ{~x6{z(XZR@ML*>wv
znk*1k@18@#jnvq5xO(N|`0ke1;G%>VA?1>6>%&Dx?OO5Oq}(|h8}69WpdOjbW+!<g
z^`xw~L7#l(9+BvWtyjJj9b@j#-dVgOWf^ffo>yR<=#B=c<701+eulBFHXnP#HBjeT
zyKiHNh^biI$5$@TxnE>tRau{C_RV`@2wxD{QCyE}YREOeSYL~(gQ6hkX-;5zNtDs{
zZd>}xk7Wua3lwNO{8qKI0@9%6bJ>7#$j%k#*;3=Trl&1W5nME}`+PN0SO4jRV9?3W
zp{FJI3@6Ua#DOos^q-3Oe0njdNE8Ow-rgjaYbVR4D9>|2u^9Kp_i6FD1;-B6?${&-
zKM5%^v{@irOj$0GUyq|AnPC}DhKw9r?0s$|Im7#viq?KWOeM#7y>uq{xu;ENQ<a$F
zT<F>7JEMUrdl<59hw?8@kPvttyQEmmkls~?NdnHvX6YLeKI%TrNIJIb^-H`1#cm&<
z4S9@cC`Z^n70`?I)Vy$X=<sHlf9RVWT6&H3PeU~#_6@gBs-w^wZUv^Rw<@+i3Lt<V
zS*bH^;Hv=I@?$y4n(wWP!P*yAPBc^SW^hD+tBu$+=Yxk|Gm4fl#Jl>HnmSqDRiUCM
z_%?Wo>^<G$mknc)Ic+^*rexi#o%2)0DFKB;NpYQi!^tx(U6E1FhV&q0v4Z}suBuNA
z_c=${YH1-l>^7VOei0J`fB|KN7dLt^?v%M(x1T1_a<{{|qoa-Fo^Mr!6>7(>NcmNb
z2xbZl1ZNm<YB!VA>zqGUq{WjLSz<j9gJ*EEO8V~3wvhEI#;=NzCTQ@9SJQ=|`TRFK
z7WF1KA#Ruq{?oC;F4c7dTWVtAwJznz0F;&88-!Z>$ioZ{)_$57)a&g+oy8{mDW)5J
z??;E=G1JoBCzFSS-#@k~p4K7`h0}+!8Yn}6RGC4~6dKTZCk<EpZ#Uj~8ylsp+wJ{&
zoKIFqzfF&c%i6cPiP%{$OGv?#sUt}Dn%g^K&e4rKZM1|vOoRmt&#fdi?Bwt-yEHti
ztRENVW`97RI~;2$WsuoO>_1^(m(*Z49aIL3mY337)hLE}=NRPOw|Vn{w|>)ED7}1`
zF_V?eh>k54xjK(`y0vj>y2MS~DI*6Q_mqmO?n`r=e51O!_vJA`Ye$Pdx249Q5Zhid
z*LYVG02}!F9qZUKKFxYf`%%x^x!d;{H-If~xHrl3(-?}Z-Y*`HpDdFx&eSJt%AhN6
zuxFxHrC*<Bu3?-;B8x@>Gtw;9^Ibgsof31+Bcb(oLo8p9#|B$Xvt(3E31;g^1d{Wz
z`GnZs*@8tc%arte<|o61o4(i~=lvKpnzXWGl{<AhQNmWRJ}E6IvB0P{<9*+`ZbFq+
zI{y^^0T$$vl+AQgnMCXK*k_`8+Eb%*B@Uz}>v3d&wNATBOYbGkHtPZhn;yNpubA0D
zJm49dNM-r7CEl`Bn$Ih?Z7yb;{Pd+7jm1`-f%las19WXA8S`UuO~z)CEv09+uRQf%
z&_%ck?<$%Ut}W=gLs#Al&)nG$FWS?@o}q@3<!z}e5c{x@?R?p`-3Easr_nNV=>FGD
z%aPl6lj?v8974&yws*pmGt-Y#YYmDdndVW}ox3)Z5TF`vkj%vMEat>JPLR3AKtd9|
z=HQaXy^QL(cWL@t(NU)oV(u$%Fg>qrR?)w&>N0bO^ue=LeqDn*MTxm=Im@QE1*5br
zV+QH9VCNRrgh;Zep4=ddLKPLA;cm3i&$TA!Pp+G+D7w^oOC=jqZoX>yHs9>hFmf@y
z&aAT3Gzy}oI<<iEiFA-v-7Z)pY~|0?p@}P9d^!bbH`Y8y5<LrE*(X|ak;xH7Ro$Ap
z_{6DrNqvPrVp}TT!8Q?oZ%fbGkmt(-E-fwYF(mi4zD1ljO{;-rgQ{w)iqF00)o<9u
zq|TZ64Ds(R^@=mnUzk8J43x-ZB}09>g+`-h8O!|*nUiz_O_Mo|=*DlShxcr#b>AD~
zf1A=XS7qRoH@^HpePfJ|rYt4glZ1OLVITQ~mb<!oC^2@6SuRS{){w1y-FbM=ZNy5j
zbC@E3*-s<7Zd*(}%Bxik6@%hvjF8YBE2wE{*gq!F^UT1YBkF`9U(`@bVR?!|qe!@A
zOdV!<Nb$6R3mf(yW_f9=;4fJ0>~qZdJ>iMhUggevc|*<Q!|VRMIQNk-%L^OAhNfZx
zy9#+D4Zd^JXRI;XhK6zZ%L1<g26R;;<LG3<?W{3WJaLXTmx6~!H3Bt|*7y&J;q%D_
zCadpqZ&k_E4VZA&*F6S#?#4tme@d`osp4PS=|81R4D#$RICgF5T+?1eT%ZZZCEDzM
z#u_!2$G2PBCb{3nSu_#L=NR2aR)KW(&%VlJw#i?HTIW=Y7o2>}xfk!ovGcm8J-T$Q
z_U!_r#K*<O-Gtdu{H$p@+Vb*P^qSg|^tWx^8?Bt!D`;cLBWu4)>L2FouhOtL=LDW>
z5;8OA9J)Fax#bw_%<7+65U{g1t*J=1HcH36U#^9{#eNhsP$c6?0`TQvO?Z-?h2-p0
a0yrDbv$ty-XJaqp01Xvg<qAc+%l`+g!V;zc


From ebee0f0c9de98d3fd0aaa6357dc87b753d557656 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Sat, 7 Nov 2015 18:06:05 +0530
Subject: [PATCH 092/115] CLOUDSTACK-9020: Metrics UI fixes

- Allow all users to see resource metrics
- Fix instance count issue on host metrics view
- Fix sorting issue

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 53084c4c8a87ccbdb1a7017e0a4cc66dbc386220)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/instances.js            |  3 ---
 ui/scripts/metrics.js              | 16 +++++++++-------
 ui/scripts/storage.js              |  3 ---
 ui/scripts/system.js               | 12 ------------
 ui/scripts/ui/widgets/dataTable.js | 11 ++++++++---
 5 files changed, 17 insertions(+), 28 deletions(-)

diff --git a/ui/scripts/instances.js b/ui/scripts/instances.js
index 68bf0984f2..094957af4b 100644
--- a/ui/scripts/instances.js
+++ b/ui/scripts/instances.js
@@ -296,9 +296,6 @@
                     label: 'label.metrics',
                     isHeader: true,
                     addRow: false,
-                    preFilter: function(args) {
-                        return isAdmin();
-                    },
                     action: {
                         custom: cloudStack.uiCustom.metricsView({resource: 'vms'})
                     },
diff --git a/ui/scripts/metrics.js b/ui/scripts/metrics.js
index 77044695c0..609022a81a 100644
--- a/ui/scripts/metrics.js
+++ b/ui/scripts/metrics.js
@@ -159,7 +159,7 @@
                                             items[idx].clusters += parseInt(json.listclustersresponse.count);
                                             $.each(json.listclustersresponse.cluster, function(i, cluster) {
                                                 if (cluster.allocationstate == 'Enabled' && cluster.managedstate == 'Managed') {
-                                                    items[idx].clustersUp++;
+                                                    items[idx].clustersUp += 1;
                                                 }
                                                 $.ajax({
                                                     url: createURL('listHosts'),
@@ -714,12 +714,14 @@
                                     success: function(json) {
                                         if (json && json.listvirtualmachinesresponse && json.listvirtualmachinesresponse.virtualmachine) {
                                             var vms = json.listvirtualmachinesresponse.virtualmachine;
-                                            $.each(vms, function(idx, vm) {
-                                                items[idx].instances++;
-                                                if (vm.state == 'Running') {
-                                                    items[idx].instancesUp++;
-                                                }
-                                            });
+                                            if (vms) {
+                                                $.each(vms, function(_, vm) {
+                                                    items[idx].instances += 1;
+                                                    if (vm.state == 'Running') {
+                                                        items[idx].instancesUp += 1;
+                                                    }
+                                                });
+                                            }
                                         }
                                     },
                                     async: false
diff --git a/ui/scripts/storage.js b/ui/scripts/storage.js
index ee913f591c..78826a3602 100644
--- a/ui/scripts/storage.js
+++ b/ui/scripts/storage.js
@@ -257,9 +257,6 @@
                             label: 'label.metrics',
                             isHeader: true,
                             addRow: false,
-                            preFilter: function(args) {
-                                return isAdmin();
-                            },
                             action: {
                                 custom: cloudStack.uiCustom.metricsView({resource: 'volumes'})
                             },
diff --git a/ui/scripts/system.js b/ui/scripts/system.js
index 8d097f4fcd..3aafd8d812 100644
--- a/ui/scripts/system.js
+++ b/ui/scripts/system.js
@@ -7710,9 +7710,6 @@
                                     label: 'label.metrics',
                                     isHeader: true,
                                     addRow: false,
-                                    preFilter: function(args) {
-                                        return isAdmin();
-                                    },
                                     action: {
                                         custom: cloudStack.uiCustom.metricsView({resource: 'zones'})
                                     },
@@ -14392,9 +14389,6 @@
                             label: 'label.metrics',
                             isHeader: true,
                             addRow: false,
-                            preFilter: function(args) {
-                                return isAdmin();
-                            },
                             action: {
                                 custom: cloudStack.uiCustom.metricsView({resource: 'clusters'})
                             },
@@ -15646,9 +15640,6 @@
                             label: 'label.metrics',
                             isHeader: true,
                             addRow: false,
-                            preFilter: function(args) {
-                                return isAdmin();
-                            },
                             action: {
                                 custom: cloudStack.uiCustom.metricsView({resource: 'hosts'})
                             },
@@ -17468,9 +17459,6 @@
                             label: 'label.metrics',
                             isHeader: true,
                             addRow: false,
-                            preFilter: function(args) {
-                                return isAdmin();
-                            },
                             action: {
                                 custom: cloudStack.uiCustom.metricsView({resource: 'storagepool'})
                             },
diff --git a/ui/scripts/ui/widgets/dataTable.js b/ui/scripts/ui/widgets/dataTable.js
index 22ddda6307..45740527f7 100644
--- a/ui/scripts/ui/widgets/dataTable.js
+++ b/ui/scripts/ui/widgets/dataTable.js
@@ -177,14 +177,19 @@
             var sortData = [];
             var numericDataCount = 0;
             $elems.each(function() {
-                var text = $(this).html();
+                var text = $(this);
                 if (hasAllRowsSameValue) {
-                    if (firstElem !== text) {
+                    if (firstElem !== text.html()) {
                         hasAllRowsSameValue = false;
                     }
                 }
+                if (text.children()) {
+                    text = text.children().html();
+                } else {
+                    text = text.html();
+                }
                 if (isNumeric(text) || !text) {
-                    numericDataCount++;
+                    numericDataCount += 1;
                 }
                 sortData.push($(this));
             });

From ea5aecbe07f360bdf5f461c5ea2bce73c3a0e7df Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Fri, 20 Nov 2015 14:02:00 +0530
Subject: [PATCH 093/115] ui: Remove Metrics UI feature

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../classes/resources/messages.properties     |   35 -
 ui/dictionary.jsp                             |   35 -
 ui/index.jsp                                  |    2 -
 ui/scripts/metrics.js                         | 1121 -----------------
 ui/scripts/ui-custom/metricsView.js           |  140 --
 5 files changed, 1333 deletions(-)
 delete mode 100644 ui/scripts/metrics.js
 delete mode 100644 ui/scripts/ui-custom/metricsView.js

diff --git a/client/WEB-INF/classes/resources/messages.properties b/client/WEB-INF/classes/resources/messages.properties
index 54276e4579..f5e058855d 100644
--- a/client/WEB-INF/classes/resources/messages.properties
+++ b/client/WEB-INF/classes/resources/messages.properties
@@ -831,41 +831,6 @@ label.menu.templates=Templates
 label.menu.virtual.appliances=Virtual Appliances
 label.menu.virtual.resources=Virtual Resources
 label.menu.volumes=Volumes
-label.metrics=Metrics
-label.metrics.allocated=Allocated
-label.metrics.clusters=Clusters
-label.metrics.cpu.allocated=CPU Allocation
-label.metrics.cpu.max.dev=Deviation
-label.metrics.cpu.total=Total
-label.metrics.cpu.usage=CPU Usage
-label.metrics.cpu.used.avg=Used
-label.metrics.disk=Disk
-label.metrics.disk.iops.total=IOPS
-label.metrics.disk.read=Read
-label.metrics.disk.size=Size
-label.metrics.disk.storagetype=Type
-label.metrics.disk.usage=Disk Usage
-label.metrics.disk.used=Used
-label.metrics.disk.total=Total
-label.metrics.disk.allocated=Allocated
-label.metrics.disk.unallocated=Unallocated
-label.metrics.disk.write=Write
-label.metrics.hosts=Hosts
-label.metrics.memory.allocated=Mem Allocation
-label.metrics.memory.max.dev=Deviation
-label.metrics.memory.total=Total
-label.metrics.memory.usage=Mem Usage
-label.metrics.memory.used.avg=Used
-label.metrics.name=Name
-label.metrics.network.usage=Network Usage
-label.metrics.network.read=Read
-label.metrics.network.write=Write
-label.metrics.num.cpu.cores=Cores
-label.metrics.property=Property
-label.metrics.scope=Scope
-label.metrics.state=State
-label.metrics.storagepool=Storage Pool
-label.metrics.vm.name=VM Name
 label.migrate.instance.to.host=Migrate instance to another host
 label.migrate.instance.to.ps=Migrate instance to another primary storage
 label.migrate.instance.to=Migrate instance to
diff --git a/ui/dictionary.jsp b/ui/dictionary.jsp
index e0a41c1478..414dab8783 100644
--- a/ui/dictionary.jsp
+++ b/ui/dictionary.jsp
@@ -832,41 +832,6 @@ dictionary = {
 'label.menu.virtual.appliances': '<fmt:message key="label.menu.virtual.appliances" />',
 'label.menu.virtual.resources': '<fmt:message key="label.menu.virtual.resources" />',
 'label.menu.volumes': '<fmt:message key="label.menu.volumes" />',
-'label.metrics': '<fmt:message key="label.metrics" />',
-'label.metrics.allocated': '<fmt:message key="label.metrics.allocated" />',
-'label.metrics.clusters': '<fmt:message key="label.metrics.clusters" />',
-'label.metrics.cpu.allocated': '<fmt:message key="label.metrics.cpu.allocated" />',
-'label.metrics.cpu.max.dev': '<fmt:message key="label.metrics.cpu.max.dev" />',
-'label.metrics.cpu.total': '<fmt:message key="label.metrics.cpu.total" />',
-'label.metrics.cpu.usage': '<fmt:message key="label.metrics.cpu.usage" />',
-'label.metrics.cpu.used.avg': '<fmt:message key="label.metrics.cpu.used.avg" />',
-'label.metrics.disk': '<fmt:message key="label.metrics.disk" />',
-'label.metrics.disk.iops.total': '<fmt:message key="label.metrics.disk.iops.total" />',
-'label.metrics.disk.read': '<fmt:message key="label.metrics.disk.read" />',
-'label.metrics.disk.size': '<fmt:message key="label.metrics.disk.size" />',
-'label.metrics.disk.storagetype': '<fmt:message key="label.metrics.disk.storagetype" />',
-'label.metrics.disk.usage': '<fmt:message key="label.metrics.disk.usage" />',
-'label.metrics.disk.used': '<fmt:message key="label.metrics.disk.used" />',
-'label.metrics.disk.total': '<fmt:message key="label.metrics.disk.total" />',
-'label.metrics.disk.allocated': '<fmt:message key="label.metrics.disk.allocated" />',
-'label.metrics.disk.unallocated': '<fmt:message key="label.metrics.disk.unallocated" />',
-'label.metrics.disk.write': '<fmt:message key="label.metrics.disk.write" />',
-'label.metrics.hosts': '<fmt:message key="label.metrics.hosts" />',
-'label.metrics.memory.allocated': '<fmt:message key="label.metrics.memory.allocated" />',
-'label.metrics.memory.max.dev': '<fmt:message key="label.metrics.memory.max.dev" />',
-'label.metrics.memory.total': '<fmt:message key="label.metrics.memory.total" />',
-'label.metrics.memory.usage': '<fmt:message key="label.metrics.memory.usage" />',
-'label.metrics.memory.used.avg': '<fmt:message key="label.metrics.memory.used.avg" />',
-'label.metrics.name': '<fmt:message key="label.metrics.name" />',
-'label.metrics.network.read': '<fmt:message key="label.metrics.network.read" />',
-'label.metrics.network.usage': '<fmt:message key="label.metrics.network.usage" />',
-'label.metrics.network.write': '<fmt:message key="label.metrics.network.write" />',
-'label.metrics.num.cpu.cores': '<fmt:message key="label.metrics.num.cpu.cores" />',
-'label.metrics.property': '<fmt:message key="label.metrics.property" />',
-'label.metrics.scope': '<fmt:message key="label.metrics.scope" />',
-'label.metrics.state': '<fmt:message key="label.metrics.state" />',
-'label.metrics.storagepool': '<fmt:message key="label.metrics.storagepool" />',
-'label.metrics.vm.name': '<fmt:message key="label.metrics.vm.name" />',
 'label.migrate.instance.to': '<fmt:message key="label.migrate.instance.to" />',
 'label.migrate.instance.to.host': '<fmt:message key="label.migrate.instance.to.host" />',
 'label.migrate.instance.to.ps': '<fmt:message key="label.migrate.instance.to.ps" />',
diff --git a/ui/index.jsp b/ui/index.jsp
index 2541c2a342..60f3cc3832 100644
--- a/ui/index.jsp
+++ b/ui/index.jsp
@@ -1763,7 +1763,6 @@
         <script type="text/javascript" src="scripts/ui-custom/granularSettings.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/zoneChart.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/dashboard.js?t=<%=now%>"></script>
-        <script type="text/javascript" src="scripts/ui-custom/metricsView.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/installWizard.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/installWizard.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/projects.js?t=<%=now%>"></script>
@@ -1800,7 +1799,6 @@
         <script type="text/javascript" src="scripts/vm_snapshots.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/projectSelect.js?t=<%=now%>"></script>
         <script type="text/javascript" src="scripts/ui-custom/saml.js?t=<%=now%>"></script>
-        <script type="text/javascript" src="scripts/metrics.js?t=<%=now%>"></script>
 
         <!-- Plugin/module API -->
         <script type="text/javascript" src="scripts/ui-custom/pluginListing.js?t=<%=now%>"></script>
diff --git a/ui/scripts/metrics.js b/ui/scripts/metrics.js
deleted file mode 100644
index 609022a81a..0000000000
--- a/ui/scripts/metrics.js
+++ /dev/null
@@ -1,1121 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-(function(cloudStack) {
-    cloudStack.sections.metrics = {
-        title: 'label.metrics',
-        listView: {
-            id: 'metrics',
-            fields: {
-                name: {
-                    label: 'metrics'
-                }
-            },
-        }
-    };
-
-
-    // Zones Metrics
-    cloudStack.sections.metrics.zones = {
-        title: 'label.metrics',
-        listView: {
-            id: 'physicalResources',
-            fields: {
-                name: {
-                    label: 'label.metrics.name'
-                },
-                state: {
-                    label: 'label.metrics.state',
-                    converter: function (str) {
-                        // For localization
-                        return str;
-                    },
-                    indicator: {
-                        'Enabled': 'on',
-                        'Disabled': 'off'
-                    },
-                    compact: true
-                },
-                clusters : {
-                    label: 'label.metrics.clusters'
-                },
-                cpuused: {
-                    label: 'label.metrics.cpu.usage',
-                    collapsible: true,
-                    columns: {
-                        cpuusedavg: {
-                            label: 'label.metrics.cpu.used.avg',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'cpunotificationthreshold',
-                                disable: 'cpudisablethreshold'
-                            }
-                        },
-                        cpumaxdev: {
-                            label: 'label.metrics.cpu.max.dev'
-                        }
-                    }
-                },
-                cpuallocated: {
-                    label: 'label.metrics.cpu.allocated',
-                    collapsible: true,
-                    columns: {
-                        cpuallocated: {
-                            label: 'label.metrics.allocated',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'cpunotificationthreshold',
-                                disable: 'cpudisablethreshold'
-                            }
-                        },
-                        cputotal: {
-                            label: 'label.metrics.cpu.total'
-                        }
-                    }
-                },
-                memused: {
-                    label: 'label.metrics.memory.usage',
-                    collapsible: true,
-                    columns: {
-                        memusedavg: {
-                            label: 'label.metrics.memory.used.avg',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'memnotificationthreshold',
-                                disable: 'memdisablethreshold'
-                            }
-                        },
-                        memmaxdev: {
-                            label: 'label.metrics.memory.max.dev'
-                        }
-                    }
-                },
-                memallocated: {
-                    label: 'label.metrics.memory.allocated',
-                    collapsible: true,
-                    columns: {
-                        memallocated: {
-                            label: 'label.metrics.allocated',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'memnotificationthreshold',
-                                disable: 'memdisablethreshold'
-                            }
-                        },
-                        memtotal: {
-                            label: 'label.metrics.memory.total'
-                        }
-                    }
-                }
-            },
-            dataProvider: function(args) {
-                var data = {};
-                listViewDataProvider(args, data);
-                $.ajax({
-                    url: createURL('listZones'),
-                    data: data,
-                    success: function(json) {
-                        var items = json.listzonesresponse.zone;
-                        if (items) {
-                            $.each(items, function(idx, zone) {
-                                items[idx].clusters = 0;
-                                items[idx].clustersUp = 0;
-                                items[idx].hosts = 0;
-                                items[idx].cpuusedavg = 0.0;
-                                items[idx].cpumaxdev = 0.0;
-                                items[idx].cpuallocated = 0.0;
-                                items[idx].cputotal = 0.0;
-                                items[idx].maxCpuUsed = 0.0;
-                                items[idx].memusedavg = 0.0;
-                                items[idx].memmaxdev = 0.0;
-                                items[idx].memallocated = 0.0;
-                                items[idx].memtotal = 0.0;
-                                items[idx].maxMemUsed = 0.0;
-
-                                // Threshold color coding
-                                items[idx].cpunotificationthreshold = 75.0;
-                                items[idx].cpudisablethreshold = 95.0;
-                                items[idx].memnotificationthreshold = 75.0;
-                                items[idx].memdisablethreshold = 95.0;
-
-                                $.ajax({
-                                    url: createURL('listClusters'),
-                                    data: {zoneid: zone.id},
-                                    success: function(json) {
-                                        if (json && json.listclustersresponse && json.listclustersresponse.cluster && json.listclustersresponse.count) {
-                                            items[idx].clusters += parseInt(json.listclustersresponse.count);
-                                            $.each(json.listclustersresponse.cluster, function(i, cluster) {
-                                                if (cluster.allocationstate == 'Enabled' && cluster.managedstate == 'Managed') {
-                                                    items[idx].clustersUp += 1;
-                                                }
-                                                $.ajax({
-                                                    url: createURL('listHosts'),
-                                                    data: {clusterid: cluster.id, type: 'routing'},
-                                                    success: function(json) {
-                                                        if (json && json.listhostsresponse && json.listhostsresponse.host && json.listhostsresponse.count) {
-                                                            items[idx].hosts += parseInt(json.listhostsresponse.count);
-                                                            $.each(json.listhostsresponse.host, function(i, host) {
-                                                                if (host.hasOwnProperty('cpuused')) {
-                                                                    var hostCpuUsage = parseFloat(host.cpuused);
-                                                                    items[idx].cpuusedavg += hostCpuUsage;
-                                                                    if (hostCpuUsage > items[idx].maxCpuUsed) {
-                                                                        items[idx].maxCpuUsed = hostCpuUsage;
-                                                                    }
-                                                                }
-
-                                                                if (host.hasOwnProperty('cpuallocated')) {
-                                                                    items[idx].cpuallocated += parseFloat(host.cpuallocated.replace('%', ''));
-                                                                }
-
-                                                                if (host.hasOwnProperty('memoryused')) {
-                                                                    var hostMemoryUsage = 100.0 * parseFloat(host.memoryused) /  parseFloat(host.memorytotal);
-                                                                    items[idx].memusedavg += hostMemoryUsage;
-                                                                    if (hostMemoryUsage > items[idx].maxMemUsed) {
-                                                                        items[idx].maxMemUsed = hostMemoryUsage;
-                                                                    }
-                                                                }
-
-                                                                if (host.hasOwnProperty('memoryallocated')) {
-                                                                    items[idx].memallocated += parseFloat(100.0 * parseFloat(host.memoryallocated)/parseFloat(host.memorytotal));
-                                                                }
-                                                            });
-                                                        }
-                                                    },
-                                                    async: false
-                                                });
-                                            });
-                                        }
-                                    },
-                                    async: false
-                                });
-
-                                $.ajax({
-                                    url: createURL('listCapacity'),
-                                    data: {zoneid: zone.id},
-                                    success: function(json) {
-                                        if (json && json.listcapacityresponse && json.listcapacityresponse.capacity) {
-                                            $.each(json.listcapacityresponse.capacity, function(i, capacity) {
-                                                // CPU
-                                                if (capacity.type == 1) {
-                                                    items[idx].cputotal = parseInt(capacity.capacitytotal)/1000.0;
-                                                }
-                                                // Memory
-                                                if (capacity.type == 0) {
-                                                    items[idx].memtotal = parseInt(capacity.capacitytotal)/(1024.0*1024.0*1024.0);
-                                                }
-                                            });
-                                        }
-                                    },
-                                    async: false
-                                });
-
-                                if (items[idx].hosts != 0) {
-                                    items[idx].cpuusedavg = (items[idx].cpuusedavg / items[idx].hosts);
-                                    items[idx].cpumaxdev = (items[idx].maxCpuUsed - items[idx].cpuusedavg);
-                                    items[idx].cpuallocated = (items[idx].cpuallocated / items[idx].hosts);
-
-                                    items[idx].memusedavg = (items[idx].memusedavg / items[idx].hosts);
-                                    items[idx].memmaxdev = (items[idx].maxMemUsed - items[idx].memusedavg);
-                                    items[idx].memallocated = (items[idx].memallocated / items[idx].hosts);
-                                }
-                                // Format data
-                                items[idx].cpuusedavg = (items[idx].cpuusedavg).toFixed(2) + "%";
-                                items[idx].cpumaxdev = (items[idx].cpumaxdev).toFixed(2) + "%";
-                                items[idx].cpuallocated = (items[idx].cpuallocated).toFixed(2) + "%";
-                                items[idx].cputotal = (items[idx].cputotal).toFixed(2) + " Ghz";
-
-                                items[idx].memusedavg = (items[idx].memusedavg).toFixed(2) + "%";
-                                items[idx].memmaxdev = (items[idx].memmaxdev).toFixed(2) + "%";
-                                items[idx].memallocated = (items[idx].memallocated).toFixed(2) + "%";
-                                items[idx].memtotal = (items[idx].memtotal).toFixed(2) + " GB";
-
-                                items[idx].clusters = items[idx].clustersUp + ' / ' + items[idx].clusters;
-                                items[idx].state = items[idx].allocationstate;
-                            });
-                        }
-                        args.response.success({
-                            data: items
-                        });
-                    }
-                });
-            },
-            browseBy: {
-                filterBy: 'zoneid',
-                resource: 'clusters'
-            },
-            detailView: cloudStack.sections.system.physicalResourceSection.sections.physicalResources.listView.zones.detailView
-        }
-    };
-
-
-    // Clusters Metrics
-    cloudStack.sections.metrics.clusters = {
-        title: 'label.metrics',
-        listView: {
-            id: 'clusters',
-            fields: {
-                name: {
-                    label: 'label.metrics.name'
-                },
-                state: {
-                    label: 'label.metrics.state',
-                    converter: function (str) {
-                        // For localization
-                        return str;
-                    },
-                    indicator: {
-                        'Enabled': 'on',
-                        'Unmanaged': 'warning',
-                        'Disabled': 'off'
-                    },
-                    compact: true
-                },
-                hosts: {
-                    label: 'label.metrics.hosts'
-                },
-                cpuused: {
-                    label: 'label.metrics.cpu.usage',
-                    collapsible: true,
-                    columns: {
-                        cpuusedavg: {
-                            label: 'label.metrics.cpu.used.avg',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'cpunotificationthreshold',
-                                disable: 'cpudisablethreshold'
-                            }
-                        },
-                        cpumaxdev: {
-                            label: 'label.metrics.cpu.max.dev'
-                        }
-                    }
-                },
-                cpuallocated: {
-                    label: 'label.metrics.cpu.allocated',
-                    collapsible: true,
-                    columns: {
-                        cpuallocated: {
-                            label: 'label.metrics.allocated',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'cpunotificationthreshold',
-                                disable: 'cpudisablethreshold'
-                            }
-                        },
-                        cputotal: {
-                            label: 'label.metrics.cpu.total'
-                        }
-                    }
-                },
-                memused: {
-                    label: 'label.metrics.memory.usage',
-                    collapsible: true,
-                    columns: {
-                        memusedavg: {
-                            label: 'label.metrics.memory.used.avg',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'memnotificationthreshold',
-                                disable: 'memdisablethreshold'
-                            }
-                        },
-                        memmaxdev: {
-                            label: 'label.metrics.memory.max.dev'
-                        }
-                    }
-                },
-                memallocated: {
-                    label: 'label.metrics.memory.allocated',
-                    collapsible: true,
-                    columns: {
-                        memallocated: {
-                            label: 'label.metrics.allocated',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'memnotificationthreshold',
-                                disable: 'memdisablethreshold'
-                            }
-                        },
-                        memtotal: {
-                            label: 'label.metrics.memory.total'
-                        }
-                    }
-                }
-            },
-            dataProvider: function(args) {
-                var data = {};
-                listViewDataProvider(args, data);
-                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
-                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
-                }
-                $.ajax({
-                    url: createURL('listClusters'),
-                    data: data,
-                    success: function(json) {
-                        var items = json.listclustersresponse.cluster;
-                        if (items) {
-                            $.each(items, function(idx, cluster) {
-                                items[idx].hosts = 0;
-                                items[idx].hostsUp = 0;
-                                items[idx].cpuusedavg = 0.0;
-                                items[idx].cpumaxdev = 0.0;
-                                items[idx].cpuallocated = 0.0;
-                                items[idx].cputotal = 0.0;
-                                items[idx].maxCpuUsed = 0;
-                                items[idx].memusedavg = 0.0;
-                                items[idx].memmaxdev = 0.0;
-                                items[idx].memallocated = 0.0;
-                                items[idx].memtotal = 0.0;
-                                items[idx].maxMemUsed = 0.0;
-
-                                // Threshold color coding
-                                items[idx].cpunotificationthreshold = 75.0;
-                                items[idx].cpudisablethreshold = 95.0;
-                                items[idx].memnotificationthreshold = 75.0;
-                                items[idx].memdisablethreshold = 95.0;
-
-                                $.ajax({
-                                    url: createURL('listConfigurations'),
-                                    data: {clusterid: cluster.id, listAll: true},
-                                    success: function(json) {
-                                        if (json.listconfigurationsresponse && json.listconfigurationsresponse.configuration) {
-                                            $.each(json.listconfigurationsresponse.configuration, function(i, config) {
-                                                switch (config.name) {
-                                                    case 'cluster.cpu.allocated.capacity.disablethreshold':
-                                                        items[idx].cpudisablethreshold = 100 * parseFloat(config.value);
-                                                        break;
-                                                    case 'cluster.cpu.allocated.capacity.notificationthreshold':
-                                                        items[idx].cpunotificationthreshold = 100 * parseFloat(config.value);
-                                                        break;
-                                                    case 'cluster.memory.allocated.capacity.disablethreshold':
-                                                        items[idx].memdisablethreshold = 100 * parseFloat(config.value);
-                                                        break;
-                                                    case 'cluster.memory.allocated.capacity.notificationthreshold':
-                                                        items[idx].memnotificationthreshold = 100 * parseFloat(config.value);
-                                                        break;
-                                                }
-                                            });
-                                        }
-                                    },
-                                    async: false
-                                });
-
-                                $.ajax({
-                                    url: createURL('listHosts'),
-                                    data: {clusterid: cluster.id, type: 'routing'},
-                                    success: function(json) {
-                                        if (json && json.listhostsresponse && json.listhostsresponse.host && json.listhostsresponse.count) {
-                                            items[idx].hosts += parseInt(json.listhostsresponse.count);
-                                            $.each(json.listhostsresponse.host, function(i, host) {
-                                                if (host.state == 'Up') {
-                                                    items[idx].hostsUp += 1;
-                                                }
-                                                if (host.hasOwnProperty('cpuused')) {
-                                                    var hostCpuUsage = parseFloat(host.cpuused);
-                                                    items[idx].cpuusedavg += hostCpuUsage;
-                                                    if (hostCpuUsage > items[idx].maxCpuUsed) {
-                                                        items[idx].maxCpuUsed = hostCpuUsage;
-                                                    }
-                                                }
-
-                                                if (host.hasOwnProperty('cpuallocated')) {
-                                                    items[idx].cpuallocated += parseFloat(host.cpuallocated.replace('%', ''));
-                                                }
-
-                                                if (host.hasOwnProperty('memoryused')) {
-                                                    var hostMemoryUsage = 100.0 * parseFloat(host.memoryused) /  parseFloat(host.memorytotal);
-                                                    items[idx].memusedavg += hostMemoryUsage;
-                                                    if (hostMemoryUsage > items[idx].maxMemUsed) {
-                                                        items[idx].maxMemUsed = hostMemoryUsage;
-                                                    }
-                                                }
-
-                                                if (host.hasOwnProperty('memoryallocated')) {
-                                                    items[idx].memallocated += parseFloat(100.0 * parseFloat(host.memoryallocated)/parseFloat(host.memorytotal));
-                                                }
-                                            });
-                                        }
-                                    },
-                                    async: false
-                                });
-
-                                $.ajax({
-                                    url: createURL('listCapacity'),
-                                    data: {clusterid: cluster.id},
-                                    success: function(json) {
-                                        if (json && json.listcapacityresponse && json.listcapacityresponse.capacity) {
-                                            $.each(json.listcapacityresponse.capacity, function(i, capacity) {
-                                                // CPU
-                                                if (capacity.type == 1) {
-                                                    items[idx].cputotal = parseInt(capacity.capacitytotal)/1000.0;
-                                                }
-                                                // Memory
-                                                if (capacity.type == 0) {
-                                                    items[idx].memtotal = parseInt(capacity.capacitytotal)/(1024.0*1024.0*1024.0);
-                                                }
-                                            });
-                                        }
-                                    },
-                                    async: false
-                                });
-
-                                if (items[idx].hosts != 0) {
-                                    items[idx].cpuusedavg = (items[idx].cpuusedavg / items[idx].hosts);
-                                    items[idx].cpumaxdev = (items[idx].maxCpuUsed - items[idx].cpuusedavg);
-                                    items[idx].cpuallocated = (items[idx].cpuallocated / items[idx].hosts);
-
-                                    items[idx].memusedavg = (items[idx].memusedavg / items[idx].hosts);
-                                    items[idx].memmaxdev = (items[idx].maxMemUsed - items[idx].memusedavg);
-                                    items[idx].memallocated = (items[idx].memallocated / items[idx].hosts);
-                                }
-
-                                // Format data
-                                items[idx].cpuusedavg = (items[idx].cpuusedavg).toFixed(2) + "%";
-                                items[idx].cpumaxdev = (items[idx].cpumaxdev).toFixed(2) + "%";
-                                items[idx].cpuallocated = (items[idx].cpuallocated).toFixed(2) + "%";
-                                items[idx].cputotal = (items[idx].cputotal).toFixed(2) + " Ghz";
-
-                                items[idx].memusedavg = (items[idx].memusedavg).toFixed(2) + "%";
-                                items[idx].memmaxdev = (items[idx].memmaxdev).toFixed(2) + "%";
-                                items[idx].memallocated = (items[idx].memallocated).toFixed(2) + "%";
-                                items[idx].memtotal = (items[idx].memtotal).toFixed(2) + " GB";
-                                items[idx].hosts = items[idx].hostsUp + ' / ' + items[idx].hosts;
-
-                                items[idx].state = items[idx].allocationstate;
-                                if (items[idx].managedstate == 'Unmanaged') {
-                                    items[idx].state = 'Unmanaged';
-                                }
-
-                                if (items[idx].managedstate == 'Managed' && items[idx].allocationstate == 'Enabled') {
-                                    items[idx].state = 'Enabled';
-                                }
-
-                                if (items[idx].managedstate == 'Managed' && items[idx].allocationstate == 'Disabled') {
-                                    items[idx].state = 'Disabled';
-                                }
-                            });
-                        }
-                        args.response.success({
-                            data: items
-                        });
-                    }
-                });
-            },
-            browseBy: {
-                filterBy: 'clusterid',
-                resource: 'hosts'
-            },
-            detailView: cloudStack.sections.system.subsections.clusters.listView.detailView
-        }
-    };
-
-
-    // Hosts Metrics
-    cloudStack.sections.metrics.hosts = {
-        title: 'label.metrics',
-        listView: {
-            id: 'hosts',
-            fields: {
-                name: {
-                    label: 'label.metrics.name'
-                },
-                state: {
-                    label: 'label.metrics.state',
-                    converter: function (str) {
-                        // For localization
-                        return str;
-                    },
-                    indicator: {
-                        'Up': 'on',
-                        'Down': 'off',
-                        'Disconnected': 'off',
-                        'Removed': 'off',
-                        'Error': 'off',
-                        'Connecting': 'transition',
-                        'Rebalancing': 'transition',
-                        'Alert': 'warning',
-                    },
-                    compact: true
-                },
-                instances: {
-                    label: 'label.instances'
-                },
-                cpuused: {
-                    label: 'label.metrics.cpu.usage',
-                    collapsible: true,
-                    columns: {
-                        cores: {
-                            label: 'label.metrics.num.cpu.cores',
-                        },
-                        cputotal: {
-                            label: 'label.metrics.cpu.total'
-                        },
-                        cpuusedavg: {
-                            label: 'label.metrics.cpu.used.avg',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'cpunotificationthreshold',
-                                disable: 'cpudisablethreshold'
-                            }
-                        },
-                        cpuallocated: {
-                            label: 'label.metrics.allocated',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'cpunotificationthreshold',
-                                disable: 'cpudisablethreshold'
-                            }
-                        }
-                    }
-                },
-                memused: {
-                    label: 'label.metrics.memory.usage',
-                    collapsible: true,
-                    columns: {
-                        memtotal: {
-                            label: 'label.metrics.memory.total'
-                        },
-                        memusedavg: {
-                            label: 'label.metrics.memory.used.avg',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'memnotificationthreshold',
-                                disable: 'memdisablethreshold'
-                            }
-                        },
-                        memallocated: {
-                            label: 'label.metrics.allocated',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'memnotificationthreshold',
-                                disable: 'memdisablethreshold'
-                            }
-                        }
-                    }
-                },
-                network: {
-                    label: 'label.metrics.network.usage',
-                    collapsible: true,
-                    columns: {
-                        networkread: {
-                            label: 'label.metrics.network.read'
-                        },
-                        networkwrite: {
-                            label: 'label.metrics.network.write'
-                        }
-                    }
-                }
-            },
-            dataProvider: function(args) {
-                var data = {};
-                data.type = 'routing';
-                listViewDataProvider(args, data);
-                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
-                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
-                }
-                $.ajax({
-                    url: createURL('listHosts'),
-                    data: data,
-                    success: function(json) {
-                        var items = json.listhostsresponse.host;
-                        if (items) {
-                            $.each(items, function(idx, host) {
-                                items[idx].cores = host.cpunumber;
-                                items[idx].cputotal = (parseFloat(host.cpunumber) * parseFloat(host.cpuspeed) / 1000.0).toFixed(2);
-                                if (host.cpuused) {
-                                    items[idx].cpuusedavg = (parseFloat(host.cpuused) * items[idx].cputotal / 100.0).toFixed(2) + ' Ghz';
-                                } else {
-                                    items[idx].cpuusedavg = '';
-                                }
-                                items[idx].cpuallocated = (parseFloat(host.cpuallocated) * items[idx].cputotal / 100.0).toFixed(2) + ' Ghz';
-                                items[idx].memtotal = (parseFloat(host.memorytotal)/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
-                                items[idx].memallocated = (parseFloat(host.memoryallocated)/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
-                                if (host.memoryused) {
-                                    items[idx].memusedavg = (parseFloat(host.memoryused)/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
-                                } else {
-                                    items[idx].memusedavg = '';
-                                }
-                                if (host.networkkbsread && host.networkkbswrite) {
-                                    items[idx].networkread = (parseFloat(host.networkkbsread)/(1024.0*1024.0)).toFixed(2) + ' GB';
-                                    items[idx].networkwrite = (parseFloat(host.networkkbswrite)/(1024.0*1024.0)).toFixed(2) + ' GB';
-                                } else {
-                                    items[idx].networkread = '';
-                                    items[idx].networkwrite = '';
-                                }
-
-                                // Threshold color coding
-                                items[idx].cpunotificationthreshold = 0.75 * parseFloat(items[idx].cputotal);
-                                items[idx].cpudisablethreshold = 0.95 * parseFloat(items[idx].cputotal);
-                                items[idx].memnotificationthreshold = 0.75 * parseFloat(items[idx].memtotal);
-                                items[idx].memdisablethreshold = 0.95 * parseFloat(items[idx].memtotal);
-
-                                $.ajax({
-                                    url: createURL('listConfigurations'),
-                                    data: {clusterid: host.clusterid, listAll: true},
-                                    success: function(json) {
-                                        if (json.listconfigurationsresponse && json.listconfigurationsresponse.configuration) {
-                                            $.each(json.listconfigurationsresponse.configuration, function(i, config) {
-                                                switch (config.name) {
-                                                    case 'cluster.cpu.allocated.capacity.disablethreshold':
-                                                        items[idx].cpudisablethreshold = parseFloat(config.value) * parseFloat(items[idx].cputotal);
-                                                        break;
-                                                    case 'cluster.cpu.allocated.capacity.notificationthreshold':
-                                                        items[idx].cpunotificationthreshold = parseFloat(config.value) * parseFloat(items[idx].cputotal);
-                                                        break;
-                                                    case 'cluster.memory.allocated.capacity.disablethreshold':
-                                                        items[idx].memdisablethreshold = parseFloat(config.value) * parseFloat(items[idx].memtotal);
-                                                        break;
-                                                    case 'cluster.memory.allocated.capacity.notificationthreshold':
-                                                        items[idx].memnotificationthreshold = parseFloat(config.value) * parseFloat(items[idx].memtotal);
-                                                        break;
-                                                }
-                                            });
-                                        }
-                                    },
-                                    async: false
-                                });
-
-                                var cpuOverCommit = 1.0;
-                                var memOverCommit = 1.0;
-                                $.ajax({
-                                    url: createURL('listClusters'),
-                                    data: {clusterid: host.clusterid, listAll: true},
-                                    success: function(json) {
-                                        if (json.listclustersresponse && json.listclustersresponse.cluster) {
-                                            var cluster = json.listclustersresponse.cluster[0];
-                                            cpuOverCommit = cluster.cpuovercommitratio;
-                                            memOverCommit = cluster.memoryovercommitratio;
-                                        }
-                                    },
-                                    async: false
-                                });
-
-                                items[idx].cputotal = items[idx].cputotal + ' Ghz (x' + cpuOverCommit + ')';
-                                items[idx].memtotal = items[idx].memtotal + ' (x' + memOverCommit + ')';
-
-                                items[idx].instances = 0;
-                                items[idx].instancesUp = 0;
-                                $.ajax({
-                                    url: createURL('listVirtualMachines'),
-                                    data: {hostid: host.id, listAll: true},
-                                    success: function(json) {
-                                        if (json && json.listvirtualmachinesresponse && json.listvirtualmachinesresponse.virtualmachine) {
-                                            var vms = json.listvirtualmachinesresponse.virtualmachine;
-                                            if (vms) {
-                                                $.each(vms, function(_, vm) {
-                                                    items[idx].instances += 1;
-                                                    if (vm.state == 'Running') {
-                                                        items[idx].instancesUp += 1;
-                                                    }
-                                                });
-                                            }
-                                        }
-                                    },
-                                    async: false
-                                });
-                                items[idx].instances = items[idx].instancesUp + ' / ' + items[idx].instances;
-                            });
-                        }
-                        args.response.success({
-                            data: items
-                        });
-                    }
-                });
-            },
-            browseBy: {
-                filterBy: 'hostid',
-                resource: 'vms'
-            },
-            detailView: cloudStack.sections.system.subsections.hosts.listView.detailView
-        }
-    };
-
-
-    // VMs Metrics
-    cloudStack.sections.metrics.instances = {
-        title: 'label.metrics',
-        listView: {
-            id: 'instances',
-            fields: {
-                name: {
-                    label: 'label.metrics.name'
-                },
-                state: {
-                    label: 'label.metrics.state',
-                    converter: function (str) {
-                        // For localization
-                        return str;
-                    },
-                    indicator: {
-                        'Running': 'on',
-                        'Stopped': 'off',
-                        'Error': 'off',
-                        'Destroyed': 'off',
-                        'Expunging': 'off',
-                        'Stopping': 'transition',
-                        'Starting': 'transition',
-                        'Migrating': 'transition',
-                        'Shutdowned': 'warning',
-                    },
-                    compact: true
-                },
-                ipaddress: {
-                    label: 'label.ip.address'
-                },
-                zonename: {
-                    label: 'label.zone'
-                },
-                cpuused: {
-                    label: 'label.metrics.cpu.usage',
-                    collapsible: true,
-                    columns: {
-                        cores: {
-                            label: 'label.metrics.num.cpu.cores',
-                        },
-                        cputotal: {
-                            label: 'label.metrics.cpu.total'
-                        },
-                        cpuused: {
-                            label: 'label.metrics.cpu.used.avg',
-                        }
-                    }
-                },
-                memused: {
-                    label: 'label.metrics.memory.usage',
-                    collapsible: true,
-                    columns: {
-                        memallocated: {
-                            label: 'label.metrics.allocated'
-                        }
-                    }
-                },
-                network: {
-                    label: 'label.metrics.network.usage',
-                    collapsible: true,
-                    columns: {
-                        networkread: {
-                            label: 'label.metrics.network.read'
-                        },
-                        networkwrite: {
-                            label: 'label.metrics.network.write'
-                        }
-                    }
-                },
-                disk: {
-                    label: 'label.metrics.disk.usage',
-                    collapsible: true,
-                    columns: {
-                        diskread: {
-                            label: 'label.metrics.disk.read'
-                        },
-                        diskwrite: {
-                            label: 'label.metrics.disk.write'
-                        },
-                        diskiopstotal: {
-                            label: 'label.metrics.disk.iops.total'
-                        }
-                    }
-                }
-            },
-            dataProvider: function(args) {
-                var data = {};
-                listViewDataProvider(args, data);
-                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
-                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
-                }
-                $.ajax({
-                    url: createURL('listVirtualMachines'),
-                    data: data,
-                    success: function(json) {
-                        var items = [];
-                        if (json && json.listvirtualmachinesresponse && json.listvirtualmachinesresponse.virtualmachine) {
-                            items = json.listvirtualmachinesresponse.virtualmachine;
-                            $.each(items, function(idx, vm) {
-                                items[idx].cores = vm.cpunumber;
-                                items[idx].cputotal = (parseFloat(vm.cpunumber) * parseFloat(vm.cpuspeed) / 1000.0).toFixed(1) + ' Ghz';
-                                items[idx].cpuusedavg = vm.cpuused;
-                                items[idx].cpuallocated = vm.cpuallocated;
-                                items[idx].memallocated = (parseFloat(vm.memory)/1024.0).toFixed(2) + ' GB';
-                                items[idx].networkread = (parseFloat(vm.networkkbsread)/(1024.0)).toFixed(2) + ' MB';
-                                items[idx].networkwrite = (parseFloat(vm.networkkbswrite)/(1024.0)).toFixed(2) + ' MB';
-                                items[idx].diskread = (parseFloat(vm.diskkbsread)/(1024.0)).toFixed(2) + ' MB';
-                                items[idx].diskwrite = (parseFloat(vm.diskkbswrite)/(1024.0)).toFixed(2) + ' MB';
-                                items[idx].diskiopstotal = parseFloat(vm.diskioread) + parseFloat(vm.diskiowrite);
-                                if (vm.nic && vm.nic.length > 0 && vm.nic[0].ipaddress) {
-                                    items[idx].ipaddress = vm.nic[0].ipaddress;
-                                }
-
-                                var keys = [{'cpuused': 'cpuusedavg'},
-                                            {'networkkbsread': 'networkread'},
-                                            {'networkkbswrite': 'networkwrite'},
-                                            {'diskkbsread': 'diskread'},
-                                            {'diskkbswrite': 'diskwrite'},
-                                            {'diskioread': 'diskiopstotal'}];
-                                for (keyIdx in keys) {
-                                    var map = keys[keyIdx];
-                                    var key = Object.keys(map)[0];
-                                    var uiKey = map[key];
-                                    if (!vm.hasOwnProperty(key)) {
-                                        items[idx][uiKey] = '';
-                                    }
-                                }
-                            });
-                        }
-                        args.response.success({
-                            data: items
-                        });
-                    }
-                });
-            },
-            browseBy: {
-                filterBy: 'virtualmachineid',
-                resource: 'volumes'
-            },
-            detailView: cloudStack.sections.instances.listView.detailView
-        }
-    };
-
-
-    // Volumes Metrics
-    cloudStack.sections.metrics.volumes = {
-        title: 'label.metrics',
-        listView: {
-            id: 'volumes',
-            fields: {
-                name: {
-                    label: 'label.metrics.name'
-                },
-                state: {
-                    label: 'label.metrics.state',
-                    converter: function (str) {
-                        // For localization
-                        return str;
-                    },
-                    indicator: {
-                        'Allocated': 'transition',
-                        'Creating': 'transition',
-                        'Ready': 'on',
-                        'Destroy': 'off',
-                        'Expunging': 'off',
-                        'Migrating': 'warning',
-                        'UploadOp': 'transition',
-                        'Snapshotting': 'warning',
-                    },
-                    compact: true
-                },
-                vmname: {
-                    label: 'label.metrics.vm.name'
-                },
-                disksize: {
-                    label: 'label.metrics.disk.size'
-                },
-                storagetype: {
-                    label: 'label.metrics.disk.storagetype'
-                },
-                storagepool: {
-                    label: 'label.metrics.storagepool'
-                },
-            },
-            dataProvider: function(args) {
-                var data = {listAll: true};
-                listViewDataProvider(args, data);
-                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
-                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
-                }
-                $.ajax({
-                    url: createURL('listVolumes'),
-                    data: data,
-                    success: function(json) {
-                        var items = [];
-                        if (json && json.listvolumesresponse && json.listvolumesresponse.volume) {
-                            items = json.listvolumesresponse.volume;
-                            $.each(items, function(idx, volume) {
-                                items[idx].name = volume.name;
-                                items[idx].state = volume.state;
-                                items[idx].vmname = volume.vmname;
-                                items[idx].disksize = parseFloat(volume.size)/(1024.0*1024.0*1024.0) + ' GB';
-                                items[idx].storagetype = volume.storagetype.replace(/\w\S*/g, function(txt){return txt.charAt(0).toUpperCase() + txt.substr(1).toLowerCase();}) + ' (' + volume.type + ')';
-                                if (volume.storage) {
-                                    items[idx].storagepool = volume.storage;
-                                }
-                            });
-                        }
-                        args.response.success({
-                            data: items
-                        });
-                    }
-                });
-            },
-            detailView: cloudStack.sections.storage.sections.volumes.listView.detailView
-        }
-    };
-
-
-    // Storage Pool Metrics
-    cloudStack.sections.metrics.storagepool = {
-        title: 'label.metrics',
-        listView: {
-            id: 'primarystorages',
-            fields: {
-                name: {
-                    label: 'label.metrics.name'
-                },
-                property: {
-                    label: 'label.metrics.property',
-                    collapsible: true,
-                    columns: {
-                        state: {
-                            label: 'label.metrics.state',
-                            converter: function (str) {
-                                // For localization
-                                return str;
-                            },
-                            indicator: {
-                                'Up': 'on',
-                                'Down': 'off',
-                                'Removed': 'off',
-                                'ErrorInMaintenance': 'off',
-                                'PrepareForMaintenance': 'transition',
-                                'CancelMaintenance': 'warning',
-                                'Maintenance': 'warning',
-                            },
-                            compact: true
-                        },
-                        scope: {
-                            label: 'label.metrics.scope'
-                        },
-                        type: {
-                            label: 'label.metrics.disk.storagetype'
-                        },
-                    }
-                },
-                disk: {
-                    label: 'label.metrics.disk',
-                    collapsible: true,
-                    columns: {
-                        disksizeused: {
-                            label: 'label.metrics.disk.used',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'storagenotificationthreshold',
-                                disable: 'storagedisablethreshold'
-                            }
-                        },
-                        disksizetotal: {
-                            label: 'label.metrics.disk.total'
-                        },
-                        disksizeallocated: {
-                            label: 'label.metrics.disk.allocated',
-                            thresholdcolor: true,
-                            thresholds: {
-                                notification: 'storageallocatednotificationthreshold',
-                                disable: 'storageallocateddisablethreshold'
-                            }
-                        },
-                        disksizeunallocated: {
-                            label: 'label.metrics.disk.unallocated'
-                        }
-                    }
-                }
-            },
-            dataProvider: function(args) {
-                var data = {};
-                listViewDataProvider(args, data);
-                if (args.context.metricsFilterData && args.context.metricsFilterData.key && args.context.metricsFilterData.value) {
-                    data[args.context.metricsFilterData.key] = args.context.metricsFilterData.value;
-                }
-                $.ajax({
-                    url: createURL('listStoragePools'),
-                    data: data,
-                    success: function(json) {
-                        var items = [];
-                        if (json && json.liststoragepoolsresponse && json.liststoragepoolsresponse.storagepool) {
-                            items = json.liststoragepoolsresponse.storagepool;
-                            $.each(items, function(idx, pool) {
-                                items[idx].name = pool.name;
-                                items[idx].state = pool.state;
-                                items[idx].scope = pool.scope;
-                                items[idx].type = pool.type;
-                                items[idx].overprovisionfactor = parseFloat(pool.overprovisionfactor);
-                                if (pool.disksizeused) {
-                                    items[idx].disksizeused = (parseFloat(pool.disksizeused)/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
-                                } else {
-                                    items[idx].disksizeused = '';
-                                }
-                                items[idx].disksizetotal = parseFloat(pool.disksizetotal);
-                                items[idx].disksizeallocated = parseFloat(pool.disksizeallocated);
-                                items[idx].disksizeunallocated = (items[idx].overprovisionfactor * items[idx].disksizetotal) - items[idx].disksizeallocated;
-
-                                // Format presentation
-                                items[idx].disksizetotal = (items[idx].disksizetotal/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB (x' + items[idx].overprovisionfactor + ')';
-                                items[idx].disksizeallocated = (items[idx].disksizeallocated/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
-                                items[idx].disksizeunallocated = (items[idx].disksizeunallocated/(1024.0*1024.0*1024.0)).toFixed(2) + ' GB';
-
-                                // Threshold color coding
-                                items[idx].storagenotificationthreshold = 0.75 * parseFloat(items[idx].disksizetotal);
-                                items[idx].storagedisablethreshold = 0.95 * parseFloat(items[idx].disksizetotal);
-                                items[idx].storageallocatednotificationthreshold = 0.75 * parseFloat(items[idx].disksizetotal) * items[idx].overprovisionfactor;
-                                items[idx].storageallocateddisablethreshold = 0.95 * parseFloat(items[idx].disksizetotal) * items[idx].overprovisionfactor;
-
-
-                                var getThresholds = function(data, items, idx) {
-                                    data.listAll = true;
-                                    $.ajax({
-                                        url: createURL('listConfigurations'),
-                                        data: data,
-                                        success: function(json) {
-                                            if (json.listconfigurationsresponse && json.listconfigurationsresponse.configuration) {
-                                                $.each(json.listconfigurationsresponse.configuration, function(i, config) {
-                                                    switch (config.name) {
-                                                        case 'cluster.storage.allocated.capacity.notificationthreshold':
-                                                            items[idx].storageallocatednotificationthreshold = parseFloat(config.value) * parseFloat(items[idx].disksizetotal);
-                                                            break;
-                                                        case 'cluster.storage.capacity.notificationthreshold':
-                                                            items[idx].storagenotificationthreshold = parseFloat(config.value) * parseFloat(items[idx].disksizetotal);
-                                                            break;
-                                                        case 'pool.storage.allocated.capacity.disablethreshold':
-                                                            items[idx].storageallocateddisablethreshold = parseFloat(config.value) * parseFloat(items[idx].disksizetotal);
-                                                            break;
-                                                        case 'pool.storage.capacity.disablethreshold':
-                                                            items[idx].storagedisablethreshold = parseFloat(config.value) * parseFloat(items[idx].disksizetotal);
-                                                            break;
-                                                    }
-                                                });
-                                            }
-                                        },
-                                        async: false
-                                    });
-                                };
-                                // Update global and cluster level thresholds
-                                getThresholds({}, items, idx);
-                                getThresholds({clusterid: pool.clusterid}, items, idx);
-                            });
-                        }
-                        args.response.success({
-                            data: items
-                        });
-                    }
-                });
-            },
-            browseBy: {
-                filterBy: 'storageid',
-                resource: 'volumes'
-            },
-            detailView: cloudStack.sections.system.subsections['primary-storage'].listView.detailView
-        }
-    };
-
-})(cloudStack);
diff --git a/ui/scripts/ui-custom/metricsView.js b/ui/scripts/ui-custom/metricsView.js
deleted file mode 100644
index ef5dbba4ba..0000000000
--- a/ui/scripts/ui-custom/metricsView.js
+++ /dev/null
@@ -1,140 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-(function($, cloudStack) {
-
-    cloudStack.uiCustom.metricsView = function(args) {
-        return function() {
-            var metricsListView = cloudStack.sections.metrics.listView;
-            var metricsLabel = _l('label.metrics');
-
-            if (args.resource == 'zones') {
-                metricsListView = cloudStack.sections.metrics.zones.listView;
-                metricsLabel = _l('label.zones') + ' ' + metricsLabel;
-            } else if (args.resource == 'clusters') {
-                metricsListView = cloudStack.sections.metrics.clusters.listView;
-                metricsLabel = _l('label.clusters') + ' ' + metricsLabel;
-            } else if (args.resource == 'hosts') {
-                metricsListView = cloudStack.sections.metrics.hosts.listView;
-                metricsLabel = _l('label.hosts') + ' ' + metricsLabel;
-            } else if (args.resource == 'storagepool') {
-                metricsListView = cloudStack.sections.metrics.storagepool.listView;
-                metricsLabel = _l('label.primary.storage') + ' ' + metricsLabel;
-            } else if (args.resource == 'vms') {
-                metricsListView = cloudStack.sections.metrics.instances.listView;
-                metricsLabel = _l('label.instances') + ' ' + metricsLabel;
-            } else if (args.resource == 'volumes') {
-                metricsListView = cloudStack.sections.metrics.volumes.listView;
-                metricsLabel = _l('label.volumes') + ' ' + metricsLabel;
-            }
-
-            // list view refresh button
-            metricsListView.actions = {
-                refreshMetrics: {
-                    label: 'label.refresh',
-                    isHeader: true,
-                    addRow: true,
-                    action: {
-                        custom: function (args) {
-                            return function() {
-                            };
-                        }
-                    }
-                }
-            };
-
-            metricsListView.hideSearchBar = true;
-            metricsListView.needsRefresh = true;
-            metricsListView.noSplit = true;
-            metricsListView.horizontalOverflow = true;
-            metricsListView.groupableColumns = true;
-
-            if (args.resource == 'volumes') {
-                metricsListView.groupableColumns = false;
-            }
-
-            var metricsContext = cloudStack.context;
-            if (metricsContext.metricsFilterData) {
-                delete metricsContext.metricsFilterData;
-            }
-            if (args.filterBy) {
-                metricsContext.metricsFilterData = {
-                    key: args.filterBy,
-                    value: args.id
-                };
-            }
-
-            var $browser = $('#browser .container');
-            return $browser.cloudBrowser('addPanel', {
-                  title: metricsLabel,
-                  maximizeIfSelected: true,
-                  complete: function($newPanel) {
-                      $newPanel.listView({
-                          $browser: $browser,
-                          context: metricsContext,
-                          listView: metricsListView
-                      });
-                      // Make metrics tables horizontally scrollable
-                      $newPanel.find('.list-view').css({'overflow-x': 'visible'});
-                      // Refresh metrics when refresh button is clicked
-                      $newPanel.find('.refreshMetrics').click(function() {
-                          var sortedTh = $newPanel.find('table thead tr:last th.sorted');
-                          var thIndex = sortedTh.index();
-                          var thClassName = null;
-                          var wasSorted = false;
-                          var sortClassName = 'asc';
-                          if (sortedTh && sortedTh.hasClass('sorted')) {
-                              wasSorted = true;
-                              var classes = sortedTh.attr('class').split(/\s+/);
-                              thClassName = classes[0];
-                              if (classes.indexOf('desc') > -1) {
-                                  sortClassName = 'desc';
-                              }
-                          }
-                          $browser.cloudBrowser('removeLastPanel', {});
-                          var refreshedPanel = cloudStack.uiCustom.metricsView(args)();
-                          if (wasSorted && thClassName) {
-                              refreshedPanel.find('th.' + thClassName).filter(function() {
-                                  return $(this).index() == thIndex;
-                              }).addClass('sorted').addClass(sortClassName);
-                          }
-                      });
-
-                      var filterMetricView = metricsListView.browseBy;
-                      if (filterMetricView) {
-                          $newPanel.bind('click', function(event) {
-                              event.stopPropagation();
-                              var $target = $(event.target);
-                              var id = $target.closest('tr').data('list-view-item-id');
-                              var jsonObj = $target.closest('tr').data('jsonObj');
-                              if (filterMetricView.filterKey && jsonObj) {
-                                  if (jsonObj.hasOwnProperty(filterMetricView.filterKey)) {
-                                  id = jsonObj[filterMetricView.filterKey];
-                                  } else {
-                                      return; // return if provided key is missing
-                                  }
-                              }
-                              if (id && ($target.hasClass('first') || $target.parent().hasClass('first')) && ($target.is('td') || $target.parent().is('td'))) {
-                                  filterMetricView.id = id;
-                                  cloudStack.uiCustom.metricsView(filterMetricView)();
-                              }
-                          });
-                      }
-                  }
-            });
-        };
-    };
-})(jQuery, cloudStack);

From 85bffef61755022a140266c5d95da203da6e0166 Mon Sep 17 00:00:00 2001
From: Milamber <milamber@apache.org>
Date: Sat, 21 Nov 2015 11:49:52 +0000
Subject: [PATCH 094/115] Update 4.5 branch with L10N resources files from
 Transifex 20151120

---
 .../resources/messages_de_DE.properties       | 616 +++++++++++++++++-
 .../classes/resources/messages_es.properties  |  30 +-
 .../resources/messages_it_IT.properties       | 191 ++++++
 .../resources/messages_ja_JP.properties       |   7 +
 .../resources/messages_nb_NO.properties       | 567 ++++++++++++++++
 .../resources/messages_nl_NL.properties       | 157 ++++-
 .../resources/messages_ru_RU.properties       |   1 +
 .../resources/messages_zh_CN.properties       |  23 +
 8 files changed, 1552 insertions(+), 40 deletions(-)

diff --git a/client/WEB-INF/classes/resources/messages_de_DE.properties b/client/WEB-INF/classes/resources/messages_de_DE.properties
index 11d11d14e6..63119456e7 100644
--- a/client/WEB-INF/classes/resources/messages_de_DE.properties
+++ b/client/WEB-INF/classes/resources/messages_de_DE.properties
@@ -16,12 +16,19 @@
 # under the License.
 
 changed.item.properties=Ge\u00e4nderte Eintragseigenschaften
+confirm.enable.s3=Bitte f\u00fcgen Sie die folgenden Informationen hinzu, um die Unterst\u00fctzung f\u00fcr "S3-backed Secondary Storage" hinzuzuf\u00fcgen
+confirm.enable.swift=Bitte f\u00fcgen Sie die folgenden Informationen hinzu, um die Unterst\u00fctzung f\u00fcr Swift zu erm\u00f6glichen.
+error.could.not.change.your.password.because.ldap.is.enabled=Fehler\! Ihr Passwort konnte nicht ge\u00e4ndert werden da LDAP aktiviert ist.
 error.could.not.enable.zone=Zone konnte nicht aktiviert werden
 error.installWizard.message=Ein Fehler ist aufgetreten; Sie k\u00f6nnen zur\u00fcckgehen und den Fehler korregieren
 error.invalid.username.password=Ung\u00fcltiger Benutzername oder ung\u00fcltiges Passwort
 error.login=Ihr Benutzername / Passwort stimmt nicht mit uneren unseren Aufzeichnungen \u00fcberein.
+error.menu.select=Es ist nich m\u00f6glich dies auszuf\u00fchren, weil nichts ausgew\u00e4hlt wurde.
+error.mgmt.server.inaccessible=Der Management Server ist nicht erreichbar. Bitte versuche Sie es sp\u00e4ter noch einmal.
 error.password.not.match=Die Passwortfelder stimmen nicht \u00fcberein
+error.please.specify.physical.network.tags=Netzwerk-Angebote sind nicht verf\u00fcgbar solange Sie keine Tags f\u00fcr dieses physische Netzwerk auff\u00fchren.
 error.session.expired=Ihre Sitzung ist abgelaufen.
+error.something.went.wrong.please.correct.the.following=Etwas ging schief; bitte korrigieren Sie folgende Angaben
 error.unable.to.reach.management.server=Verwaltungsserver kann nicht erreicht werden
 error.unresolved.internet.name=Ihr Internetname kann nicht aufgel\u00f6st werden.
 force.delete.domain.warning=Achtung\: Diese Auswahl f\u00fchrt zu einer L\u00f6schung aller untergeordneten Domains und aller angeschlossenen Konten sowie ihrer Quellen.
@@ -29,9 +36,11 @@ force.delete=Erzwinge L\u00f6schung
 force.remove=Erzwinge Entfernung
 force.remove.host.warning=Achtung\: Diese Auswahl wird CloudStack zum sofortigen Anhalten der virtuellen Maschine f\u00fchren, bevor der Host vom Cluster entfernt wurde.
 force.stop=Erzwinge Abbruch
+force.stop.instance.warning=Warnung\: Das erwzungene Stoppen dieser Instanz sollte Ihre letzte Option sein. Es kann zu Datenverlust und inkonsistentem Zustand der virtuellen Maschine f\u00fchren.
 ICMP.code=ICMP Code
 ICMP.type=ICMP-Typ
 image.directory=Bildverzeichnis
+inline=Inline
 instances.actions.reboot.label=Instanz neu starten
 label.about.app=\u00dcber CloudStack
 label.about=\u00dcber
@@ -59,6 +68,7 @@ label.action.cancel.maintenance.mode=Wartungsmodus abbrechen
 label.action.change.password=Passwort \u00e4ndern
 label.action.change.service=Dienst \u00e4ndern
 label.action.change.service.processing=Wechseln des Dienstes ....
+label.action.configure.samlauthorization=SAML SSO Autorisation konfigurieren
 label.action.copy.ISO=ISO kopieren
 label.action.copy.ISO.processing=ISO wird kopiert....
 label.action.copy.template.processing=Vorlage wird kopiert....
@@ -174,6 +184,8 @@ label.action.enable.user=Nutzer aktivieren
 label.action.enable.user.processing=Aktivierung des Nutzers...
 label.action.enable.zone=Aktivieren der Zone
 label.action.enable.zone.processing=Aktivierung der Zone....
+label.action.expunge.instance=Instanz unwiderbringlich l\u00f6schen
+label.action.expunge.instance.processing=L\u00f6sche die Instanz unwiderbringlich
 label.action.force.reconnect=Erzwinge wieder verbinden
 label.action.force.reconnect.processing=Wieder verbinden....
 label.action.generate.keys.processing=Genieren der Schl\u00fcssel
@@ -193,8 +205,9 @@ label.action.reboot.instance=Instanz neustarten
 label.action.reboot.instance.processing=Neustarten der Instanz...
 label.action.reboot.router.processing=Neustart vom Router ....
 label.action.reboot.router=Router neu starten
-label.action.reboot.systemvm.processing=Neustart-System VM ....
+label.action.reboot.systemvm.processing=Neustart System-VM....
 label.action.reboot.systemvm=System VM neu starten
+label.action.recurring.snapshot=Wiederkehrende Schnappsch\u00fcsse
 label.action.register.iso=ISO registrieren
 label.action.register.template=Vorlage registrieren
 label.action.release.ip=IP ver\u00f6ffentlichen
@@ -215,18 +228,18 @@ label.action.start.instance=Instanz beginnen
 label.action.start.instance.processing=Beginnen mit der Instanz....
 label.action.start.router.processing=Starten des Routers ....
 label.action.start.router=Router starten
-label.action.start.systemvm.processing=Starten von System VM ....
-label.action.start.systemvm=System VM starten
+label.action.start.systemvm.processing=Starten von System-VM ....
+label.action.start.systemvm=System-VM starten
 label.action.stop.instance=Instanz stoppen
 label.action.stop.instance.processing=Stoppen der Instanz....
 label.action.stop.router.processing=Stoppen des Routers ....
 label.action.stop.router=Router stoppen
-label.action.stop.systemvm.processing=Stoppen vom System VM ....
+label.action.stop.systemvm.processing=Stoppen vom System-VM ....
 label.action.stop.systemvm=System VM stoppen
 label.action.take.snapshot.processing=Schnappschuss erstellen...
 label.action.take.snapshot=Schnappschuss erstellen
-label.action.unmanage.cluster.processing=Vernachl\u00e4ssigung des Clusters ....
-label.action.unmanage.cluster=Vernachl\u00e4ssige Cluster
+label.action.unmanage.cluster=Cluster nichtverwalten
+label.action.unmanage.cluster.processing=Entfernen des Clusters aus Verwaltung....
 label.action.update.OS.preference=Betriebssystem Pr\u00e4verenz aktualisieren
 label.action.update.OS.preference.processing=Aktualisierung der Betriebssystem Pr\u00e4verenz....
 label.action.update.resource.count.processing=Ressourcenanzahl wird aktualisiert....
@@ -242,13 +255,23 @@ label.add.accounts.to=Konten hinzuf\u00fcgen zu
 label.add.account.to.project=Konto zu Projekt hinzuf\u00fcgen
 label.add.ACL=ACL hinzuf\u00fcgen
 label.add.acl.list=ACL-Liste hinzuf\u00fcgen
+label.add.affinity.group=Neue Affinity Gruppe hinzuf\u00fcgen
+label.add.baremetal.dhcp.device=Baremetal DHCP-Ger\u00e4t hinzuf\u00fcgen
+label.add.BigSwitchVns.device=BigSwitch Vns Controller hinzuf\u00fcgen
+label.add.BrocadeVcs.device=Brocade Vcs Switch hinzuf\u00fcgen
 label.add.by.cidr=Hinzuf\u00fcgen durch CIDR
 label.add.by.group=Hinzuf\u00fcgen durch Gruppe
+label.add.by=Hinzugef\u00fcgt von
 label.add.ciscoASA1000v=CiscoASA1000v-Ressource hinzuf\u00fcgen
 label.add.cluster=Cluster hinzuf\u00fcgen
-label.add.direct.iprange=Direkten Ip-Bereich hinzuf\u00fcgen
+label.add.compute.offering=Berechnungsangebot hinzuf\u00fcgen
+label.add.direct.iprange=Direkten IP-Bereich hinzuf\u00fcgen
 label.add.disk.offering=Festplatten-Angebot hinzuf\u00fcgen
 label.add.domain=Domain hinzuf\u00fcgen
+label.added.brocade.vcs.switch=Neuer Brocade Vcs Switch hinzugef\u00fcgt
+label.added.new.bigswitch.vns.controller=BigSwitch VNS Controller hinzugef\u00fcgt
+label.added.nicira.nvp.controller=Neuer Nicira NVP Controller hinzugef\u00fcgt
+label.add.egress.rule=Egress-Regel hinzuf\u00fcgen
 label.addes.new.f5=Neues F5 hinzugef\u00fcgt
 label.add.F5.device=F5-Ger\u00e4t hinzuf\u00fcgen
 label.add.firewall=Firewall-Regel hinzuf\u00fcgen
@@ -265,22 +288,32 @@ label.add.ingress.rule=Zutrittsregel hinzuf\u00fcgen
 label.adding.succeeded=Erfolgreich hinzugef\u00fcgt
 label.adding.user=Nutzer hinzuf\u00fcgen
 label.adding.zone=Hinzuf\u00fcgen der Zone
+label.add.intermediate.certificate=Intermediate-Zertifikat hinzuf\u00fcgen
 label.add.internal.lb=Interne LB hinzuf\u00fcgen
-label.add.ip.range=IP Bereich hinzuf\u00fcgen
+label.add.ip.range=IP-Bereich hinzuf\u00fcgen
 label.add.isolated.guest.network=Isoliertes Gastnetzwerk hinzuf\u00fcgen
 label.add.isolated.network=Isoliertes Netzwerk hinzuf\u00fcgen
-label.additional.networks=Zus\u00e4tzliche Networks
+label.additional.networks=Zus\u00e4tzliche Netzwerke
 label.add.LDAP.account=LDAP-Konto hinzuf\u00fcgen
 label.add.list.name=ACL-Listename
 label.add.load.balancer=Serverlastverteilung hinzuf\u00fcgen
 label.add.more=Mehr hinzuf\u00fcgen
+label.add.netScaler.device=Netscaler-Ger\u00e4t hinzuf\u00fcgen
 label.add.network.acl.list=Netzwerk-ACL-Liste hinzuf\u00fcgen
 label.add.network.ACL=Netzwerk-ACL hinzuf\u00fcgen
 label.add.network.device=Hinzuf\u00fcgen eines Netzwerkger\u00e4tes
 label.add.network=Netzwerk hinzuf\u00fcgen
+label.add.network.offering=Netzwerkangebot hinzuf\u00fcgen
 label.add.new.F5=Neues F5 hinzuf\u00fcgen
-label.add.new.gateway=Neues Gateway hinzuf\u00fcgen
+label.add.new.gateway=Neuer Gateway hinzuf\u00fcgen
+label.add.new.NetScaler=Neuer NetScaler hinzuf\u00fcgen
 label.add.new.PA=Neues Palo Alto hinzuf\u00fcgen
+label.add.new.SRX=Neuer SRX hinzuf\u00fcgen
+label.add.new.tier=Neue Ebene hinzuf\u00fcgen
+label.add.nfs.secondary.staging.store=NFS Sekund\u00e4r Staging Store hinzuf\u00fcgen
+label.add.NiciraNvp.device=Nvp Controller hinzuf\u00fcgen
+label.add.NuageVsp.device=Nuage Virtualized Services Directory (VSD) hinzuf\u00fcgen 
+label.add.OpenDaylight.device=OpenDaylight Controller hinzuf\u00fcgen
 label.add.PA.device=Palo Alto-Ger\u00e4t hinzuf\u00fcgen
 label.add.physical.network=Physikalisches Netzwerk hinzuf\u00fcgen
 label.add.pod=Pod hinzuf\u00fcgen
@@ -296,13 +329,16 @@ label.add.security.group=Sicherheitsgruppe hinzuf\u00fcgen
 label.add.service.offering=Service-Angebot hinzuf\u00fcgen
 label.add.SRX.device=SRX-Ger\u00e4t hinzuf\u00fcgen
 label.add.static.nat.rule=Statische NAT-Regel hinzuf\u00fcgen
+label.add.static.route=F\u00fcge eine statische Route hinzu
 label.add.system.service.offering=System-Service-Angebot hinzuf\u00fcgen
 label.add.template=Vorlage hinzuf\u00fcgen
 label.add.to.group=Zur Gruppe hinzuf\u00fcgen
+label.add.ucs.manager=UCS Manager hinzuf\u00fcgen
 label.add.user=Benutzer hinzuf\u00fcgen
 label.add.vlan=VLAN hinzuf\u00fcgen
 label.add.vms.to.lb=VM(s) zur Lastverteilerregel hinzuf\u00fcgen
 label.add.vms=VMs hinzuf\u00fcgen
+label.add.VM.to.tier=VM zur Ebene hinzuf\u00fcgen
 label.add.vm=VM hinzuf\u00fcgen
 label.add.vmware.datacenter=VMware-Rechenzentrum hinzuf\u00fcgen
 label.add.vnmc.device=VNMC-Ger\u00e4t hinzuf\u00fcgen
@@ -310,15 +346,21 @@ label.add.vnmc.provider=VNMC-Anbieter hinzuf\u00fcgen
 label.add.volume=Volume hinzuf\u00fcgen
 label.add.vpc.offering=VPC-Angebot hinzuf\u00fcgen
 label.add.vpc=VPC hinzuf\u00fcgen
+label.add.vpn.customer.gateway=VPN Customer Gateway hinzuf\u00fcgen
+label.add.VPN.gateway=VPN Gateway hinzuf\u00fcgen
 label.add.vpn.user=VPN-Benutzer hinzuf\u00fcgen
 label.add.vxlan=VXLAN hinzuf\u00fcgen
 label.add.zone=Zone hinzuf\u00fcgen
 label.admin.accounts=Administrator-Konten
 label.admin=Administrator
+label.advanced=Erweitert
 label.advanced.mode=Erweiterter Modus
 label.advanced.search=Erweiterte Suche
-label.advanced=Weitergehend
+label.affinity=Affinit\u00e4t
+label.affinity.group=Affinit\u00e4tsgruppe
+label.affinity.groups=Affinit\u00e4tsgruppen
 label.agent.password=Agent-Passwort
+label.agent.state=Agent-Status
 label.agent.username=Agent-Benutzername
 label.agree=Zustimmen
 label.alert.archived=Alarm archiviert
@@ -329,6 +371,9 @@ label.algorithm=Algorithmus
 label.allocated=Zugeteilt
 label.allocation.state=Belegungszustand
 label.allow=Erlauben
+label.anti.affinity=Anti-Affinit\u00e4t
+label.anti.affinity.group=Anti-Affinit\u00e4tsgruppe
+label.anti.affinity.groups=Anti-Affinit\u00e4tsgruppen
 label.api.key=API Schl\u00fcssel
 label.api.version=API-Version
 label.apply=Anwenden
@@ -336,11 +381,16 @@ label.app.name=CloudStack
 label.archive.alerts=Alarme archivieren
 label.archive=Archiv
 label.archive.events=Ereignisse archivieren
+label.assigned.vms=Zugewiesene VMs
+label.assign.instance.another=Instanz einem anderen Benutzerkonto zuweisen
 label.assign.to.load.balancer=Instanz zum Lastverteiler hinzuf\u00fcgen
 label.assign=Zuweisen
 label.associated.network.id=Assozierte Netzwerk ID
 label.associated.network=Zugeh\u00f6riges Netzwerk
+label.associated.profile=Zugeh\u00f6riges Profil
+label.associate.public.ip=\u00d6ffentliche IP assoziieren
 label.attached.iso=Angeh\u00e4ngte ISO
+label.author.email=Autor-Email
 label.author.name=Autorname
 label.autoscale=Automatische Skalierung
 label.availability=Verf\u00fcgbarkeit
@@ -349,10 +399,25 @@ label.available.public.ips=Verf\u00fcgbaren \u00f6ffentlichen IP-Adressen
 label.available=Verf\u00fcgbar
 label.back=Zur\u00fcck
 label.bandwidth=Bandbreite
+label.baremetal.dhcp.devices=Baremetal DHCP-Ger\u00e4te
+label.baremetal.dhcp.provider=Baremetal DHCP-Provider
+label.baremetal.pxe.device=Baremetal PXE-Ger\u00e4t hinzuf\u00fcgen
+label.baremetal.pxe.devices=Baremetal PXE-Ger\u00e4te
+label.baremetal.pxe.provider=Baremetal PXE-Provider
 label.basic=Basis
 label.basic.mode=Grundmodus
+label.bigswitch.controller.address=BigSwitch Vns Controller-Adresse
+label.bigswitch.vns.details=BigSwitch VNS Details
+label.blade.id=Blade ID
+label.blades=Blades
 label.bootable=Bootbar
+label.broadcast.domain.range=Broadcast-Domain Typ
 label.broadcast.domain.type=Benachrichtigung an alle Nutzer \u00fcber Domain Typ
+label.broadcast.uri=Broadcast URI
+label.broadcasturi=Broadcast-URI
+label.broadcat.uri=Broadcast URI
+label.brocade.vcs.address=Vcs Switch Adresse
+label.brocade.vcs.details=Brocade Vcs Switch Details
 label.by.account=Nach Benutzerkonto
 label.by.alert.type=Nach Alarmtyp
 label.by.availability=Nach Verf\u00fcgbarkeit
@@ -372,11 +437,17 @@ label.by.traffic.type=Nach Traffic-Typ
 label.by.type.id=Nach Typ ID
 label.by.type=Nach Typ
 label.by.zone=Nach Zone
+label.cache.mode=Schreib-Cache-Typ
 label.cancel=Abbrechen
+label.capacity.bytes=Kapazit\u00e4ts-Bytes
+label.capacity.iops=Kapazit\u00e4ts-IOPS
 label.capacity=Kapazit\u00e4t
 label.certificate=Zertifikat
+label.change.affinity=Affinit\u00e4t \u00e4ndern
+label.change.service.offering=Dienstangebot \u00e4ndern
 label.change.value=Wert \u00e4ndern
 label.character=Buchstabe
+label.chassis=Chassis
 label.cidr.account=CIDR oder Benutzerkonto/Sicherheitsgruppe
 label.cidr=CIDR
 label.CIDR.list=CIDR-Liste
@@ -398,6 +469,10 @@ label.cluster.type=Cluster-Typ
 label.clvm=CLVM
 label.code=Code
 label.community=Gemeinschaft
+label.compute.and.storage=Berechnen und Speicher
+label.compute=Berechnen
+label.compute.offering=Berechnungsangebot
+label.compute.offerings=Berechnungsangebote
 label.configuration=Konfiguration
 label.configure=Konfigurieren
 label.configure.ldap=LDAP konfigurieren
@@ -405,13 +480,16 @@ label.configure.network.ACLs=Netzwerk-ACLs konfigurieren
 label.configure.vpc=VPC konfigurieren
 label.confirmation=Best\u00e4tigung
 label.confirm.password=Passwort best\u00e4tigen
-label.congratulations=Herzlichen Gl\u00fcckwunsch
+label.congratulations=Herzlichen Gl\u00fcckwunsch\!
+label.conserve.mode=Konserven-Modus
 label.console.proxy=Konsolenproxy
 label.console.proxy.vm=Konsolenproxy-VM
+label.continue.basic.install=Weiterfahren mit Basisinstallation
 label.continue=Fortsetzen
 label.copying.iso=ISO wird kopiert
 label.corrections.saved=Korrekturen gespeichert
 label.counter=Z\u00e4hler
+label.cpu.allocated.for.VMs=CPU alloziert f\u00fcr VMs
 label.cpu.allocated=Zugeteilte CPU
 label.CPU.cap=CPU Obergrenze
 label.cpu=CPU
@@ -420,11 +498,14 @@ label.cpu.mhz=CPU (in MHz)
 label.cpu.utilized=genutzte CPU
 label.created.by.system=Vom System erstellt
 label.created=Erstellt
+label.create.nfs.secondary.staging.storage=NFS sekund\u00e4rer Staging Store erstellen
+label.create.nfs.secondary.staging.store=NFS sekund\u00e4rer Staging Store erstellen
 label.create.project=Projekt erstellen
 label.create.template=Vorlage erstellen
 label.create.VPN.connection=VPN-Verbindung erstellen
 label.cross.zones=\u00fcberschneidende Zonen
 label.custom=Benutzerdefiniert
+label.custom.disk.iops=Benutzerspezifische IOPS
 label.custom.disk.size=Benutzerdefinierte Festplattengr\u00f6sse
 label.daily=T\u00e4glich
 label.data.disk.offering=Daten-Speicherplatz-Angebot
@@ -432,31 +513,56 @@ label.date=Datum
 label.day.of.month=Tag des Monats
 label.day.of.week=Tag der Woche
 label.dc.name=DC-Name
+label.dead.peer.detection=Dead-Peer-Erkennung
+label.decline.invitation=Einladung ablehnen
+label.dedicate.cluster=Dediziere Cluster
+label.dedicated=Dediziert
+label.dedicate=Dedizieren
+label.dedicated.vlan.vni.ranges=Dedizierte VLAN/VNI Bereiche
+label.dedicate.host=Dediziere Host
+label.dedicate.pod=Dediziere Pod
+label.dedicate.vlan.vni.range=Dedizierter VLAN/VNI Bereich
+label.dedicate.zone=Zone dedizieren
+label.default.egress.policy=Standard Egress Richtlinie
 label.default=Standard
 label.default.use=Standardeinstellung nutzen
 label.default.view=Standardansicht
 label.delete.acl.list=ACL-Liste ersetzen
+label.delete.affinity.group=Affinit\u00e4tsgruppe l\u00f6schen
 label.delete.alerts=Alarme l\u00f6schen
+label.delete.BigSwitchVns=BigSwitch Vns Controller entfernen
+label.delete.BrocadeVcs=Brocade Vcs Switch l\u00f6schen
 label.delete.ciscoASA1000v=CiscoASA1000v l\u00f6schen
 label.delete.ciscovnmc.resource=CiscoVNMC-Ressource l\u00f6schen
 label.delete.events=Ereignisse l\u00f6schen
 label.delete.F5=F5 l\u00f6schen
+label.delete.gateway=L\u00f6sche Gateway
 label.delete.internal.lb=Interne LB l\u00f6schen
 label.delete=L\u00f6schen
+label.delete.NetScaler=L\u00f6sche NetScaler
+label.delete.NiciraNvp=Entferne Nvp Controller
+label.delete.NuageVsp=L\u00f6sche Nuage VSD
+label.delete.OpenDaylight.device=OpenDaylight Controller l\u00f6schen
 label.delete.PA=Palo Alto l\u00f6schen
 label.delete.portable.ip.range=Portablen IP-Bereich l\u00f6schen
 label.delete.profile=Profil l\u00f6schen
 label.delete.project=Projekt l\u00f6schen
+label.delete.secondary.staging.store=Sekund\u00e4rer Staging Store l\u00f6schen
 label.delete.SRX=SRX l\u00f6schen
+label.delete.ucs.manager=UCS Manager l\u00f6schen
 label.delete.VPN.connection=VPN-Verbindung l\u00f6schen
+label.delete.VPN.customer.gateway=VPN Customer Gateway l\u00f6schen
 label.delete.VPN.gateway=VPN-Gateway l\u00f6schen
 label.delete.vpn.user=VPN-Benutzer l\u00f6schen
 label.deleting.failed=L\u00f6schen fehlgeschlagen
-label.deleting.processing=L\u00f6schen ....
+label.deleting.processing=L\u00f6schen....
 label.deny=Verweigern
+label.deployment.planner=Deployment-Planer
 label.description=Beschreibung
+label.destination.physical.network.id=Physiche Netzwerk-ID des Zielorts
 label.destination.zone=Zielzone
 label.destroy.router=Router zerst\u00f6ren
+label.destroy.vm.graceperiod=Gnadenfrist bis zur Zerst\u00f6rung der VM
 label.destroy=Zerst\u00f6ren
 label.detaching.disk=Entfernen der Festplatte
 label.details=Details
@@ -464,6 +570,7 @@ label.device.id=Ger\u00e4te-ID
 label.devices=Ger\u00e4te
 label.dhcp=DHCP
 label.DHCP.server.type=DHCP Server Type
+label.direct.attached.public.ip=Direkt angeschlossene \u00f6ffentliche IP
 label.direct.ips=Gemeinsame Netzwerk-IPs
 label.disable.autoscale=Automatische Skalierung deaktivieren
 label.disabled=Deaktiviert
@@ -474,14 +581,18 @@ label.disable.vnmc.provider=VNMC-Anbieter deaktivieren
 label.disable.vpc.offering=VPC-Angebot deaktivieren
 label.disable.vpn=Fernzugriff-VPN deaktivieren
 label.disabling.vpn.access=Deaktivierung des VPN Zugangs
+label.disassociate.profile.blade=Verbindung vom Profil zum Blade entfernen
 label.disbale.vnmc.device=VNMC-Ger\u00e4t deaktivieren
 label.disk.allocated=Zugeordnete Festplatte
 label.disk.bytes.read.rate=Festplatten-Leserate (BPS)
 label.disk.bytes.write.rate=Festplatten-Schreibrate (BPS)
+label.disk.iops.max=Max IOPS
+label.disk.iops.min=Min IOPS
 label.disk.iops.read.rate=Festplatten-Leserate (IOPS)
 label.disk.iops.total=Gesamte IOPS
 label.disk.iops.write.rate=Festplatten-Schreibrate (IOPS)
 label.disk.offering=Festplatten-Angebot
+label.disk.provisioningtype=Provisionierungstyp
 label.disk.read.bytes=Festplatte Lesen (Bytes)
 label.disk.read.io=Festplatte Lesen (EA)
 label.disk.size=Festplattengr\u00f6\u00dfe
@@ -490,23 +601,28 @@ label.disk.total=Gesamtzahl der Festplatten
 label.disk.volume=Festplatten Volume
 label.disk.write.bytes=Festplatte Schreiben (Bytes)
 label.disk.write.io=Festplatte Schreiben (EA)
+label.display.name=Anzeigename
 label.display.text=Anzeigetext
 label.distributedrouter=Verteilter Router
 label.dns.1=DNS 1
 label.dns.2=DNS 2
 label.dns=DNS
+label.DNS.domain.for.guest.networks=DNS Domain f\u00fcr Gast-Netzwerke
 label.domain.admin=Domain Administrator
 label.domain=Domain
 label.domain.id=Domain ID
 label.domain.lower=Dom\u00e4ne
 label.domain.name=Domain Name
+label.domain.router=Domain Router
 label.domain.suffix=DNS Domainsuffix (z.B. xzy.com)
 label.done=Fertig
 label.double.quotes.are.not.allowed=Anf\u00fchrungszeichen sind nicht erlaubt
 label.download.progress=Download-Fortschritt
+label.drag.new.position=Ziehe zu neuer Position
 label.duration.in.sec=Dauer (in Sekunden)
 label.dynamically.scalable=Dynamisch skalierbar
 label.edit.acl.rule=ACL-Regel bearbeiten
+label.edit.affinity.group=Affinit\u00e4tsgruppe bearbeiten
 label.edit=Bearbeiten
 label.edit.lb.rule=LB-Regel bearbeiten
 label.edit.network.details=Netzwerkdetails bearbeiten
@@ -515,21 +631,34 @@ label.edit.region=Region bearbeiten
 label.edit.tags=Schlagw\u00f6rter bearbeiten
 label.edit.traffic.type=Datenverkehrstyp bearbeiten
 label.edit.vpc=VPC bearbeiten
+label.egress.default.policy=Egress Standard Policy
+label.egress.rule=Egress-Regel
+label.egress.rules=Egress-Regeln
+label.elastic=Elastisch
+label.elastic.IP=Elastische IP Adresse
+label.elastic.LB=Elastischer LB
 label.email=E-Mail
 label.email.lower=E-Mail-Adresse
 label.enable.autoscale=Automatische Skalierung aktivieren
 label.enable.host=Host aktivieren
 label.enable.network.offering=Netzwerkangebot aktivieren
 label.enable.provider=Anbieter aktivieren
+label.enable.s3=Fernzugriff-VPN einschalten
 label.enable.swift=Swift aktivieren
 label.enable.vnmc.device=VNMC-Ger\u00e4t aktivieren
 label.enable.vnmc.provider=VNMC-Anbieter aktivieren
 label.enable.vpc.offering=VPC-Angebot aktivieren
+label.enable.vpn=Fernzugriff-VPN einschalten
 label.enabling.vpn.access=Aktivieren des VPN-Zugriffs
 label.enabling.vpn=VPN aktivieren
+label.end.IP=End-IP
 label.endpoint=Endpunkt
 label.endpoint.or.operation=Endpunkt oder Bedienung
 label.end.port=Beende Port
+label.end.reserved.system.IP=Reservierte System-End-IP
+label.end.vlan=End-VLAN
+label.end.vxlan=End-VXLAN
+label.enter.token=Token eingeben
 label.error.code=Fehlercode
 label.error=Fehler
 label.error.upper=FEHLER
@@ -541,12 +670,14 @@ label.esx.host=ESX / ESXi-Host
 label.event.archived=Ereignis archiviert
 label.event.deleted=Ereignis gel\u00f6scht
 label.example=Beispiel
+label.expunge=Ausl\u00f6schen
 label.external.link=Externer Link
 label.extractable=Extrahierbar
 label.f5.details=F5-Details
 label.f5=F5
 label.failed=Fehlgeschlagen
 label.featured=Besonderheiten aufweisen
+label.fetch.latest=Neuste abrufen
 label.filterBy=Filtern nach
 label.firewall=Firewall
 label.firstname.lower=Vorname
@@ -566,9 +697,12 @@ label.go.step.5=Weiter mit Schritt 5
 label.gpu=GPU
 label.group.by.account=Nach Konto gruppieren
 label.group.by.cluster=Nach Cluster gruppieren
+label.group.by.pod=Gruppiert nach Pod
 label.group.by.zone=Nach Zone gruppieren
 label.group=Gruppe
 label.group.optional=Gruppe (optional)
+label.gslb.assigned.lb.more=Mehr Lastverteilung zuweisen
+label.gslb.assigned.lb=Zugewiesene Lastverteilung
 label.gslb.delete=GSLB l\u00f6schen
 label.gslb.details=GSLB-Details
 label.gslb.domain.name=GSLB-Dom\u00e4nenname
@@ -581,6 +715,7 @@ label.gslb.service.private.ip=GSLB-Dienst Private IP
 label.gslb.service.public.ip=GSLB-Dienst \u00d6ffentliche IP
 label.gslb.servicetype=Diensttyp
 label.guest.cidr=Gast CIDR
+label.guest.end.ip=Gast-End-IP
 label.guest=Gast
 label.guest.gateway=Gast-Schnittstelle
 label.guest.ip=Gast IP-Adresse
@@ -588,12 +723,19 @@ label.guest.ip.range=Gast IP Berecih
 label.guest.netmask=Gast Netzmaske
 label.guest.network.details=Gastnetzwerkdetails
 label.guest.networks=Gastnetzwerke
+label.guest.start.ip=Gast-Start-IP
 label.guest.traffic=Gast-Datenverkehr
+label.guest.traffic.vswitch.name=Gast Datenverkehr vSwitch Name
+label.guest.traffic.vswitch.type=Gast Datenverkehr vSwitch Typ
 label.guest.type=Gasttyp
 label.ha.enabled=HA aktiviert
+label.health.check=Heath-Check
+label.health.check.interval.in.sec=Health-Check-Interval (in Sek.)
+label.healthy.threshold=Schwellwert f\u00fcr Gesund
 label.help=Hilfe
 label.hide.ingress.rule=Verstecke Regeln, die den Zutritt steuern
 label.hints=Hinweise
+label.home=Start
 label.host.alerts=Host-Alarme
 label.host=Host
 label.host.MAC=Host-MAC
@@ -605,9 +747,12 @@ label.hvm=HVM
 label.hypervisor.capabilities=Hypervisorf\u00e4higkeiten
 label.hypervisor=Hypervisor
 label.hypervisors=Hypervisoren
+label.hypervisor.snapshot.reserve=Hypervisor Schnappschuss-Reserve
 label.hypervisor.type=Hypervisor Typ
 label.hypervisor.version=Hypervisor-Version
+label.hyperv.traffic.label=HyperV Datenverkehrs-Bezeichnung
 label.id=Identifikation
+label.IKE.DH=IKE DH
 label.IKE.encryption=IKE-Verschl\u00fcsselung
 label.IKE.hash=IKE-Pr\u00fcfsumme
 label.IKE.lifetime=IKE-Lebensdauer (Sekunde)
@@ -616,6 +761,7 @@ label.info=Info
 label.info.upper=INFO
 label.ingress.rule=Zutrittsregel
 label.initiated.by=Initiiert durch
+label.inside.port.profile=Inside Port Profil
 label.installWizard.addClusterIntro.subtitle=Was ist ein Cluster?
 label.installWizard.addClusterIntro.title=cluster hinzuf\u00fcgen
 label.installWizard.addHostIntro.subtitle=Was ist ein host?
@@ -627,16 +773,23 @@ label.installWizard.addPrimaryStorageIntro.title=primary storage hinzuf\u00fcgen
 label.installWizard.addSecondaryStorageIntro.subtitle=Was ist secondary storage?
 label.installWizard.addSecondaryStorageIntro.title=secondary storage
 label.installWizard.addZoneIntro.subtitle=Was ist eine Zone?
+label.installWizard.addZoneIntro.title=Zone hinzuf\u00fcgen
 label.installWizard.addZone.title=zone hinzuf\u00fcgen
-label.installWizard.click.launch=Bitte den Start Button dr\u00fccken
+label.installWizard.click.launch=Bitte den Startknopf dr\u00fccken
+label.installWizard.subtitle=Diese F\u00fchrung wird Ihnen beim Aufsetzen Ihrer CloudStack Installation behilflich sein.
 label.installWizard.title=Hallo und Willkommen bei CloudStack&\#8482
 label.instance=Instanz
 label.instance.limits=Instanz Grenzen
 label.instance.name=Name der Instanz
+label.instance.port=Instanz-Port
+label.instance.scaled.up=Instanz hochskaliert
 label.instances=Instanzen
+label.instanciate.template.associate.profile.blade=Vorlage instanzieren und Profil zu Blade assoziieren
+label.intermediate.certificate=Intermediate Zertifikat {0}
 label.internal.dns.1=Interne DNS 1
 label.internal.dns.2=Interne DNS 2
 label.internal.lb.details=Interne LB-Details
+label.internallbvm=Interne LB VM
 label.internal.name=Interner Name
 label.interval.type=Interval Typ
 label.introduction.to.cloudstack=Einf\u00fchrung in CloudStack&\#8482
@@ -654,6 +807,7 @@ label.ip.limits=\u00d6ffentliche IP-Begrenzungen
 label.ip.or.fqdn=IP oder FQDN
 label.ip.range=IP-Bereich
 label.ip.ranges=IP-Bereiche
+label.IPsec.preshared.key=IPsec Preshared-Schl\u00fcssel
 label.ips=IPs
 label.ipv4.cidr=IPv4 CIDR
 label.ipv4.dns1=IPv4 DNS1
@@ -676,6 +830,7 @@ label.iso=ISO
 label.isolated.networks=Isolierte Netzwerke
 label.isolation.method=Isolationsmethode
 label.isolation.mode=Isolationsmodus
+label.isolation.uri=Isolations-URI
 label.is.redundant.router=Redundant
 label.is.shared=Gemeinsam
 label.is.system=Ist System
@@ -683,23 +838,24 @@ label.item.listing=Eintragsauflistung
 label.keep=Behalten
 label.keyboard.type=Tastaturtyp
 label.key=Schl\u00fcssel
+label.kvm.traffic.label=KVM Datenverkehrs-Bezeichnung
 label.label=Bezeichnung
 label.lang.arabic=Arabisch
 label.lang.brportugese=Brasilianisches Portugiesisch
 label.lang.catalan=Katalanisch
 label.lang.chinese=chinesisch (vereinfacht)
 label.lang.dutch=Niederl\u00e4ndisch
-label.lang.english=englisch
+label.lang.english=Englisch
 label.lang.french=Franz\u00f6sisch
 label.lang.german=Deutsch
 label.lang.hungarian=Ungarisch
 label.lang.italian=Italienisch
-label.lang.japanese=japanisch
+label.lang.japanese=Japanisch
 label.lang.korean=Koreanisch
 label.lang.norwegian=Norwegisch
 label.lang.polish=Polnisch
 label.lang.russian=Russisch
-label.lang.spanish=spanisch
+label.lang.spanish=Spanisch
 label.last.disconnected=Zuletzt getrennt
 label.lastname.lower=Nachname
 label.last.name=Nachname
@@ -710,39 +866,50 @@ label.launch.zone=Zone starten
 label.lb.algorithm.leastconn=Mindestverbindungen
 label.lb.algorithm.roundrobin=Rundlauf-Verfahren
 label.lb.algorithm.source=Quelle
+label.LB.isolation=LB-Isolation
 label.ldap.configuration=LDAP-Konfiguration
 label.ldap.group.name=LDAP-Gruppe
 label.ldap.port=LDAP-Port
 label.level=Ebene
+label.linklocal.ip=Link-Local IP-Adresse
 label.load.balancer=Serverlastverteilung
 label.load.balancer.type=Lastverteilungstyp
 label.load.balancing=Lastverteilung
 label.load.balancing.policies=Verteilungsrichtlinien laden
 label.loading=Laden
 label.local=Lokal
+label.local.storage.enabled=Erm\u00f6gliche lokalen Speicher f\u00fcr Benutzer VMs
+label.local.storage.enabled.system.vms=Aktiviere lokaler Speicher f\u00fcr die System-VMs
 label.local.storage=Lokaler Speicher
 label.login=Login
 label.logout=Abmelden
 label.lun=LUN
 label.LUN.number=LUN \#
+label.lxc.traffic.label=LXC Datenverkehrs-Bezeichnung
+label.make.project.owner=Mache Benutzerkonto zum Projekteigent\u00fcmer
 label.managed=Verwaltet
+label.management.ips=Verwaltung IP-Adressen
 label.management.server=Verwaltungsserver
 label.management=Verwaltung
 label.manage.resources=Ressourcen verwalten
 label.manage=Verwalten
 label.max.cpus=Max. CPU-Kerne
+label.max.guest.limit=Maximales Limit f\u00fcr Anzahl der G\u00e4ste
 label.maximum=Maximum
+label.max.instances=Max Instanzen
 label.max.memory=Max. Speicher (MiB)
 label.max.networks=Max. Netzwerke
+label.max.primary.storage=Max. prim\u00e4rer (GiB)
 label.max.public.ips=Max. \u00f6ffentliche IPs
+label.max.secondary.storage=Max. sekund\u00e4rer (GiB)
 label.max.snapshots=Max. Schnappsch\u00fcsse
 label.max.templates=Max. Vorlagen
 label.max.vms=Max. Benutzer-VMs
 label.max.volumes=Max. Volumen
 label.max.vpcs=Max. VPCs
-label.may.continue=Sie k\u00f6nnen jetzt fortfahren
+label.may.continue=Sie k\u00f6nnen jetzt fortfahren.
 label.md5.checksum=MD5-Pr\u00fcfsumme
-label.memory.allocated=zugeordneter Speicher
+label.memory.allocated=Zugeordneter Speicher
 label.memory.limits=Speicherbegrenzungen (MiB)
 label.memory.mb=Speicher (in MB)
 label.memory=Speicher (in MB)
@@ -759,15 +926,16 @@ label.menu.dashboard=Dashboard
 label.menu.destroyed.instances=Zerst\u00f6rte Instanzen
 label.menu.disk.offerings=Festplatten-Angebote
 label.menu.domains=Domains
-label.menu.events=Events
+label.menu.events=Ereignisse
 label.menu.featured.isos=Besondere ISOs
+label.menu.featured.templates=Hervorgehobene Vorlagen
 label.menu.global.settings=Allgemeine Einstellungen
 label.menu.infrastructure=Infrastruktur
 label.menu.instances=Instanzen
 label.menu.ipaddresses=IP-Adressen
 label.menu.isos=ISOs
 label.menu.my.accounts=Meine Konten
-label.menu.my.instances=Meine F\u00e4lle
+label.menu.my.instances=Meine Instanzen
 label.menu.my.isos=Meine ISOs
 label.menu.my.templates=Meine Vorlagen
 label.menu.network=Netzwerk
@@ -780,9 +948,11 @@ label.menu.service.offerings=Service-Angebote
 label.menu.snapshots=Schnappsch\u00fcsse
 label.menu.stopped.instances=Beendete Instanzen
 label.menu.storage=Speicherung
+label.menu.system.service.offerings=Systemangebote
 label.menu.system=System
 label.menu.system.vms=System VMs
 label.menu.templates=Vorlagen
+label.menu.virtual.appliances=Virtuelle Appliances
 label.menu.virtual.resources=Virtuelle Ressourcen
 label.menu.volumes=Volumes
 label.menu.vpc.offerings=VPC-Angebote
@@ -793,8 +963,11 @@ label.migrate.lb.vm=LB-VM migrieren
 label.migrate.router.to=Router migrieren zu
 label.migrate.systemvm.to=System-VM migrieren zu
 label.migrate.to.host=Zu Host migrieren
+label.migrate.to.storage=Zu Speicher migrieren
+label.migrate.volume.to.primary.storage=Migriere ein Speichervolumen zu einem anderen prim\u00e4ren Speicher
 label.migrate.volume=Volumen migrieren
 label.minimum=Minimum
+label.min.instances=Min Instanzen
 label.minute.past.hour=Minute(n) seit der Stunde vergangen
 label.mode=Modus
 label.monday=Montag
@@ -817,23 +990,31 @@ label.netscaler.details=NetScaler-Details
 label.netScaler=NetScaler
 label.network.ACL=Netzwerk-ACL
 label.network.ACLs=Netzwerk-ACLs
+label.network.ACL.total=Netzwerk-ACL Total
 label.network.addVM=Netzwerk zur VM hinzuf\u00fcgen
 label.network.cidr=Netzwerk-CIDR
+label.network.desc=Netzwerkbeschreibung
 label.network.device=Netzwerkger\u00e4t
 label.network.device.type=Netzwerkger\u00e4tetyp
 label.network.domain=Netzwerk-Domain
 label.network.domain.text=Netzwerkdom\u00e4ne
 label.network.id=Netzwerk-ID
 label.networking.and.security=Netzwerkbetrieb und Sicherheit
+label.network.label.display.for.blank.value=Standard-Gateway verwenden
 label.network.limits=Netzwerkbegrenzungen
 label.network.name=Netzwerk Name
 label.network=Netzwerk
+label.network.offering.display.text=Netzwerkangebot-Anzeigetext
+label.network.offering.id=Netzwerkangebotskennung
+label.network.offering.name=Netzwerkangebotsname
 label.network.offering=Netzwerk-Angebot
 label.network.rate.megabytes=Netzwerkrate (MB/s)
 label.network.rate=Netzwerk-Rate
+label.network.read=Netzwerk-Lesen
 label.network.service.providers=Netzwerkdienstanbieter
 label.networks=Netzwerke
 label.network.type=Netzwerk-Typ
+label.network.write=Netzwerk Schreiben
 label.new=Neu
 label.new.password=Neues Passwort
 label.new.project=Neues Projekt
@@ -844,11 +1025,14 @@ label.nfs=NFS
 label.nfs.server=NFS Server
 label.nfs.storage=NFS-Speicher
 label.nic.adapter.type=NIC-Adaptertyp
+label.nicira.controller.address=Controller-Adresse
+label.nicira.l3gatewayserviceuuid=L3 Gateway Service Uuid
 label.nicira.nvp.details=Nicira NVP-Details
+label.nicira.transportzoneuuid=Transportzone Uuid
 label.nics=NICs
 label.no.actions=Nicht verf\u00fcgbare Aktionen
 label.no.alerts=Keine aktuellen Alarme
-label.no.data=Keine anzuzeigenden Daten
+label.no.data=Keine Daten zum Anzeigen
 label.no.errors=Keine neuen Fehler
 label.no.grouping=(keine Gruppierung)
 label.no.isos=Kein verf\u00fcgbaren ISOs
@@ -860,7 +1044,9 @@ label.not.found=Nicht gefunden
 label.no.thanks=Nein, danke
 label.notifications=Benachrichtigungen
 label.number.of.clusters=Anzahl der Cluster
+label.number.of.cpu.sockets=Die Anzahl der CPU-Sockeln
 label.number.of.hosts=Anzahl an Hosts
+label.number.of.pods=Anzahl Pods
 label.number.of.system.vms=Anzahl an System-VMs
 label.number.of.virtual.routers=Anzahl an virtuellen Routern
 label.number.of.zones=Anzahl an Zonen
@@ -869,6 +1055,9 @@ label.numretries=Anzahl von Wiederholungen
 label.ocfs2=OCFS2
 label.offer.ha=HA anbieten
 label.ok=OK
+label.opendaylight.controllerdetail=OpenDayight Controller Details
+label.opendaylight.controller=OpenDaylight Controller
+label.opendaylight.controllers=OpenDaylight Controllers
 label.openDaylight=OpenDaylight
 label.operator=Betreiber
 label.optional=optional
@@ -878,7 +1067,9 @@ label.os.type=OS Typ
 label.other=Andere
 label.override.guest.traffic=Gast-Datenverkehr \u00fcberschreiben
 label.override.public.traffic=\u00d6ffentlichen Datenverkehr \u00fcberschreiben
+label.ovm.traffic.label=OVM Datenverkehrs-Bezeichnung
 label.ovs=OVS
+label.owned.public.ips=Ihnen geh\u00f6rende \u00f6ffentliche IP-Adressen
 label.owner.account=Eigent\u00fcmerkonto
 label.owner.domain=Eigent\u00fcmerdom\u00e4ne
 label.palo.alto.details=Palo Alto-Details
@@ -891,6 +1082,8 @@ label.password.lower=Passwort
 label.password=Passwort
 label.password.reset.confirm=Passwort wurde zur\u00fcckgesetzt auf
 label.path=Pfad
+label.PA.threat.profile=Palo Alto Threat Profil
+label.perfect.forward.secrecy=Perfect Forward Secrecy
 label.persistent=Persistent
 label.physical.network.ID=Physikalisches Netzwerkkennung
 label.physical.network=Physikalisches Netzwerk
@@ -899,9 +1092,15 @@ label.PING.CIFS.username=PING CIFS Benutzername
 label.PING.dir=PING-Verzeichnis
 label.ping.path=Ping-Pfad
 label.PING.storage.IP=IP des externen Speichers anpingen
+label.planner.mode=Planungs Modus
+label.please.specify.netscaler.info=Bitte Netscaler Info definieren
 label.please.wait=Bitte warten
+label.plugin.details=Plugindetails
+label.plugins=Plugins
+label.pod.dedicated=Pod dediziert
+label.pod.name=Podname
 label.pod=Pod
-label.pods=Pod
+label.pods=Pods
 label.polling.interval.sec=Abfrageintervall (in Sekunden)
 label.portable.ip=Portable IP
 label.portable.ip.range.details=Details des portablen IP-Bereichs
@@ -916,10 +1115,12 @@ label.previous=Vorherige
 label.prev=Vor
 label.primary.allocated=Zugewiesener Hauptspeicher
 label.primary.network=Hauptnetzwerk
+label.primary.storage.count=Hauptspeicher Pools
 label.primary.storage=Hauptspeicher
+label.primary.storage.limits=Hauptspeicher-Limits (GiB)
 label.primary.used=Genutzter Hauptspeicher
 label.private.Gateway=Privater Gateway
-label.private.interface=Privates Interface
+label.private.interface=Private Schnittstelle
 label.private.ip=Private IP-Adresse
 label.private.ip.range=Privater IP-Bereich
 label.private.ips=Private IP-Adressen
@@ -939,33 +1140,52 @@ label.protocol.number=Protokollnummer
 label.protocol=Protokoll
 label.provider=Anbieter
 label.providers=Anbieter
-label.public.interface=\u00d6ffentliches Interface
+label.public.interface=\u00d6ffentliche Schnittstelle
 label.public.ips=\u00d6ffentliche IP-Adressen
 label.public.ip=\u00d6ffentliche IP-Adresse
 label.public.load.balancer.provider=\u00d6ffentlicher Lastverteileranbieter
 label.public.network=\u00d6ffentliches Netzwerk
 label.public.port=\u00d6ffentlicher Port
 label.public.traffic=\u00d6ffentlicher Datenverkehr
+label.public.traffic.vswitch.name=\u00d6ffentlicher Datenverkehr vSwitch Name
+label.public.traffic.vswitch.type=\u00d6ffentlicher Datenverkehr vSwitch Typ
 label.public=\u00d6ffentlich
 label.public.zone=\u00d6ffentliche Zone
 label.purpose=Zweck
 label.Pxe.server.type=PXE Server Type
+label.qos.type=QoS-Typ
 label.quickview=Schnellansicht
+label.quiesce.vm=VM stilllegen
 label.quiet.time.sec=Ruhezeit (in Sekunden)
 label.rbd.id=Cephx-Benutzer
+label.rbd.monitor=Ceph-\u00dcberwachung
+label.rbd.pool=Ceph-Pool
 label.rbd=RBD
 label.rbd.secret=Cephx-Geheimnis
 label.reboot=Neustart
 label.recent.errors=Aktuelle Fehler
 label.recover.vm=VM wiederherstellen
+label.redundant.router.capability=Redundanter Router Kapazit\u00e4t
 label.redundant.router=Redundanter Router
 label.redundant.state=Redundanter Status
 label.refresh=Aktualisieren
+label.refresh.blades=Blades aktualisieren
+label.regionlevelvpc=Region Level VPC
 label.region=Region
 label.reinstall.vm=VM neu installieren
 label.related=Verwandt
+label.release.account.lowercase=Vom Benutzerkonto losl\u00f6sen
+label.release.account=Vom Benutzerkonto losl\u00f6sen
+label.release.dedicated.cluster=Dedizierter Cluster freigeben
+label.release.dedicated.host=Dedizierter Host freigeben
+label.release.dedicated.pod=Dedizierter Pod freigeben
+label.release.dedicated.vlan.range=Dedizierter VLAN/VNI Bereich freigeben
+label.release.dedicated.zone=Dedizierte Zone freigeben
 label.remind.later=Sp\u00e4ter erinnern
 label.remove.ACL=ACL entfernen
+label.remove.egress.rule=Egress Regel entfernen
+label.remove.from.load.balancer=Instanz von Lastverteiler entfernen
+label.remove.ingress.rule=Ingress Regel entfernen
 label.remove.ip.range=IP-Bereich entfernen
 label.remove.ldap=LDAP entfernen
 label.remove.network.offering=Netzwerkangebot entfernen
@@ -975,10 +1195,13 @@ label.remove.region=Region entfernen
 label.remove.rule=Regel entfernen
 label.remove.static.nat.rule=Statische NAT-Regel entfernen
 label.remove.static.route=Statische Route entfernen
+label.remove.tier=Ebene entfernen
+label.remove.vm.from.lb=VM von Lastverteiler-Regel entfernen
 label.remove.vm.load.balancer=VM aus Lastverteiler entfernen
 label.remove.vmware.datacenter=VMware-Rechenzentrum entfernen
 label.remove.vpc.offering=VPC-Angebot entfernen
 label.remove.vpc=VPC entfernen
+label.removing=am Entfernen
 label.removing.user=Entfernen von Benutzern
 label.reource.id=Ressourcenkennung
 label.replace.acl=ACL ersetzen
@@ -986,42 +1209,64 @@ label.replace.acl.list=ACL-Liste ersetzen
 label.required=Erforderlich
 label.requires.upgrade=Erfordert Aktualisierung
 label.reserved.ip.range=Reservierter IP-Bereich
+label.reserved.system.gateway=Reservierter System-Gateway
 label.reserved.system.ip=Reservierte System-IP
+label.reserved.system.netmask=Reservierte System-Netzmaske
 label.resetVM=VM zur\u00fccksetzen
 label.reset.VPN.connection=VPN-Verbindung zur\u00fccksetzen
 label.resize.new.offering.id=Neues Angebot
 label.resize.new.size=Neue Gr\u00f6\u00dfe (GB)
+label.resize.shrink.ok=Verkleinern OK
+label.resource.limit.exceeded=Ressourcenbegrenzung erreicht
 label.resource.limits=Ressourcenbegrenzungen
 label.resource.name=Ressourcenname
 label.resource=Ressource
 label.resources=Ressourcen
 label.resource.state=Ressourcenstatus
+label.response.timeout.in.sec=Zeit\u00fcberschreitung der Antworkt (in Sek.)
 label.restart.network=Netzwerk neu starten
 label.restart.required=Neustart erforderlich
 label.restart.vpc=VPC neu starten
 label.restore=Wiederherstellen
+label.retry.interval=Wiederversuchs-Interval
+label.review=Nachpr\u00fcfung
+label.revoke.project.invite=Einladung zur\u00fcckziehen
 label.role=Rolle
 label.root.certificate=Root-Zertifikat
+label.root.disk.controller=Root-Festplatten-Controller
+label.root.disk.offering=Root-Festplattenangebot
 label.root.disk.size=Root-Festplattengr\u00f6\u00dfe
+label.router.vm.scaled.up=Router VM hochskaliert
+label.routing.host=Routing Host
+label.routing=Routing
 label.rule.number=Regelnummer
 label.rules=Regeln
 label.running.vms=Laufende VMs
 label.s3.access_key=Zugriffsschl\u00fcssel
+label.s3.bucket=Bucket
 label.s3.connection_timeout=Verbindungszeit\u00fcberschreitung
 label.s3.endpoint=Endpunkt
+label.s3.max_error_retry=Maximale Fehlerwiederholungen
 label.s3.nfs.path=S3 NFS-Pfad
 label.s3.nfs.server=S3 NFS-Server
 label.s3.secret_key=Secret Key
 label.s3.socket_timeout=Socket-Zeit\u00fcberschreitung
 label.s3.use_https=HTTPS verwenden
+label.saml.enable=Autorisiere SAML SSO
 label.saml.entity=Identit\u00e4tsanbieter
 label.saturday=Samstag
 label.save.and.continue=Speichern und fortsetzen
 label.save=Sichern
 label.saving.processing=Sichern ....
+label.scale.up.policy=HOCHSKALIERUNGSRICHTLINIE
 label.scope=Geltungsbereich
 label.search=Suche
+label.secondary.isolated.vlan.id=Sekund\u00e4re isolierte VLAN ID
+label.secondary.staging.store.details=Sekund\u00e4rer Staging Store Details
+label.secondary.staging.store=Sekund\u00e4rer Staging Store
+label.secondary.storage.count=Sekund\u00e4respeicher-Pools
 label.secondary.storage.details=Sekund\u00e4rspeicherdetails
+label.secondary.storage.limits=Sekund\u00e4rspeicherbegrenzungen (GiB)
 label.secondary.storage=Sekund\u00e4rspeicher
 label.secondary.storage.vm=Sekund\u00e4rspeicher-VM
 label.secondary.used=Genutzter Sekund\u00e4rspeicher
@@ -1034,12 +1279,15 @@ label.select.a.template=Vorlage ausw\u00e4hlen
 label.select=Ausw\u00e4hlen
 label.select.a.zone=Zone ausw\u00e4hlen
 label.select.instance=Instanz ausw\u00e4hlen
+label.select.instance.to.attach.volume.to=Instanz w\u00e4hlen an der das Volume angef\u00fcgt wird
 label.select.iso.or.template=ISO oder Vorlage ausw\u00e4hlen
 label.select.offering=Angebot ausw\u00e4hlen
 label.select.project=Projekt ausw\u00e4hlen
 label.select.region=Region ausw\u00e4hlen
 label.select.template=Vorlage ausw\u00e4hlen
+label.select.tier=Ebene ausw\u00e4hlen
 label.select-view=Ansicht ausw\u00e4hlen
+label.select.vm.for.static.nat=VM f\u00fcr statisches NAT ausw\u00e4hlen
 label.sent=Versendet
 label.server=Server
 label.service.capabilities=Dienstf\u00e4higkeiten
@@ -1057,29 +1305,43 @@ label.shared=Gemeinsame
 label.SharedMountPoint=Geteilter Einh\u00e4ngepunkt
 label.show.advanced.settings=Erweiterte Einstellungen anzeigen
 label.show.ingress.rule=Zeige Regeln, die den Zutritt steuern
+label.shutdown.provider=Herunterfahrungs-Anbieter
+label.site.to.site.VPN=Site-to-site VPN
 label.size=Gr\u00f6\u00dfe
+label.skip.guide=Ich habe CloudStack bereits vorher benutzt, diese Hilfe \u00fcberspringen
 label.smb.domain=SMB-Dom\u00e4ne
 label.smb.password=SMB-Passwort
 label.smb.username=SMB-Benutzername
 label.snapshot.limits=Schnappschuss Grenzen
 label.snapshot.name=Schnappschuss Name
+label.snapshot.schedule=Wiederkehrende Schnappsch\u00fcsse einrichten
 label.snapshot=Schnappschuss
 label.snapshots=Schnappsch\u00fcsse
 label.snapshot.s=Schnappschuss (Schnappsch\u00fcsse)
+label.SNMP.community=SNMP Community
 label.SNMP.port=SNMP-Port
 label.sockets=CPU-Sockets
+label.source.ip.address=Quell IP-Adresse
+label.source.nat=Source NAT
+label.source.nat.supported=SourceNAT unterst\u00fctzt
+label.source.port=Port der Quelle
 label.specify.IP.ranges=IP-Bereiche angeben
 label.specify.vlan=VLAN angeben
 label.specify.vxlan=VXLAN angeben
+label.SR.name=SR Name-Bezeichnung
 label.srx.details=SRX-Details
 label.srx=SRX
 label.start.IP=Start-IP
 label.start.lb.vm=LB-VM starten
 label.start.port=Startport
 label.start.reserved.system.IP=Reservierte System-IP starten
+label.start.vlan=Start VLAN
 label.start.vxlan=VXLAN starten
 label.state=Status
+label.static.nat.enabled=Statisches NAT eingeschaltet
 label.static.nat=Statische NAT
+label.static.nat.to=Statisches NAT nach
+label.static.nat.vm.details=Statisches NAT VM Details
 label.statistics=Statistiken
 label.status=Status
 label.step.1=Schritt 1
@@ -1087,34 +1349,51 @@ label.step.1.title=Schritt 1\: <strong>W\u00e4hlen Sie eine Vorlage aus</strong>
 label.step.2=Schritt 2
 label.step.2.title=Schritt 2\: <strong>Dienstangebot</strong>
 label.step.3=Schritt 3
+label.step.3.title=Schritt 3\: <strong id\="step3_label">W\u00e4hlen Sie ein Festplattenangebot aus</strong>
 label.step.4=Schritt 4
 label.step.4.title=Schritt 4\: <strong>Netzwerk</strong>
 label.step.5=Schritt 5
+label.step.5.title=Schritt 5\: <strong>\u00dcberpr\u00fcfung</strong>
+label.stickiness.method=Stickness-Methode
+label.stickiness=Stickiness
 label.sticky.cookie-name=Cookiename
 label.sticky.domain=Domain
 label.sticky.expire=L\u00e4uft ab
+label.sticky.holdtime=Haltezeit
 label.sticky.indirect=Indirekt
 label.sticky.length=L\u00e4nge
 label.sticky.mode=Modus
+label.sticky.name=Sticky-Name
 label.sticky.nocache=Kein Cache
+label.sticky.postonly=nur Post
 label.sticky.prefix=Pr\u00e4fix
+label.sticky.request-learn=Verlange zu lernen
 label.sticky.tablesize=Tabellengr\u00f6\u00dfe
 label.stop.lb.vm=LB-VM stoppen
 label.stopped.vms=Gestoppte VMs
 label.stop=Stopp
+label.storage.pool=Speicher-Pool
 label.storage=Speicherung
 label.storage.tags=Datenspeicher-Markierung
 label.storage.traffic=Datenspeicherverkehr
 label.storage.type=Speichertyp
+label.subdomain.access=Subdomain Zugriff
 label.submitted.by=[Eingereicht von\: <span id\="submitted_by"></span>]
 label.submit=\u00dcberreichen
 label.succeeded=Erfolgreich
 label.sunday=Sonntag
+label.super.cidr.for.guest.networks=Super CIDR f\u00fcr Gast-Netzwerke
 label.supported.services=Unterst\u00fctzte Dienste
+label.supported.source.NAT.type=Unterst\u00fctzter Source-NAT-Typ
+label.supportsstrechedl2subnet=Unters\u00fctzt Streched L2 Subnet
+label.suspend.project=Projekt suspendieren
+label.switch.type=Switch Typ
 label.system.capacity=Systemkapazit\u00e4t
+label.system.offering.for.router=Systemangebot f\u00fcr Router
 label.system.offering=Systemangebot
 label.system.service.offering=System-Service-Angebot
 label.system.vm.details=System-VM-Details
+label.system.vm.scaled.up=System-VM hochskaliert
 label.system.vms=System VMs
 label.system.vm=System-VM
 label.system.vm.type=System VM Typ
@@ -1128,11 +1407,14 @@ label.task.completed=Aufgabe fertiggestellt
 label.template.limits=Vorlagen Grenzen
 label.template=Vorlage
 label.TFTP.dir=TFTP-Verzeichnis
+label.tftp.root.directory=Tftp root-Verzeichnis
 label.theme.default=Motiv-Standardeinstellung
 label.theme.grey=personalisiertes - grau
 label.theme.lightblue=personalisiertes - hellblau
 label.threshold=Schwellenwert
 label.thursday=Donnerstag
+label.tier.details=Ebenendetails
+label.tier=Ebene
 label.timeout.in.second = Zeit\u00fcberschreitung (Sekunden)
 label.timeout=Zeit\u00fcberschreitung
 label.time=Zeit
@@ -1144,9 +1426,12 @@ label.total.CPU=Gesamtanzahl CPU
 label.total.hosts=Gesamtanzahl Hosts
 label.total.memory=Gesamter Speicher
 label.total.of.ip=Gesamtzahl der IP-Adressen
-label.total.of.vm=Insgesamte VMs
+label.total.of.vm=Gesamtanzahl VMs
 label.total.storage=Gesamter Speicher
-label.total.vms=Insgesamte VMs
+label.total.virtual.routers=Total an virtuellen Routern
+label.total.virtual.routers.upgrade=Total an virtuellen Routern, die Aktuallisierung ben\u00f6tigen
+label.total.vms=Gesamtanzahl VMs
+label.traffic.label=Datenverkehrsbezeichnung
 label.traffic.types=Datenverkehrstypen
 label.traffic.type=Traffic Typ
 label.tuesday=Dienstag
@@ -1155,6 +1440,7 @@ label.type.lower=Typ
 label.type=Typ
 label.ucs=UCS
 label.unavailable=nichtverf\u00fcgbar
+label.unhealthy.threshold=Schwellwert ungesund
 label.unlimited=uneingeschr\u00e4nkt
 label.untagged=Unmarkiert
 label.update.project.resources=Projektressourcen aktualisieren
@@ -1162,12 +1448,14 @@ label.update.ssl.cert= SSL-Zertifikat
 label.update.ssl= SSL-Zertifikat
 label.updating=Aktualisierung
 label.upgrade.required=Aktualisierung ist erforderlich
+label.upgrade.router.newer.template=Router upgraden um neuere Vorlage zu verwenden
 label.upload=Hochladen
 label.upload.volume=Volumen hochladen
 label.url=URL
 label.usage.interface=Auslastungsoberfl\u00e4che
+label.usage.sanity.result=Usage Sanity Resultat
 label.usage.server=Auslastungsserver
-label.used=Gebraucht
+label.used=Verwendet
 label.user=Benutzer
 label.user.data=Benutzerdaten
 label.username=Benutzername
@@ -1177,6 +1465,7 @@ label.user.vm=Benutzer-VM
 label.use.vm.ips=VM-IPs verwenden
 label.use.vm.ip=VM-IP verwenden\:
 label.value=Wert
+label.vcdcname=vCenter RZ-Name
 label.vcenter.cluster=vCenter Cluster
 label.vcenter.datacenter=vCenter Rechenzentrum
 label.vcenter.datastore=vCenter Datenspeicher
@@ -1195,9 +1484,19 @@ label.vgpu.video.ram=Video RAM
 label.view.all=Alle ansehen
 label.view=Ansicht
 label.view.console=Konsole ansehen
+label.viewing=Ansehen
 label.view.more=Ansichtsmodus
 label.view.secondary.ips=Sekund\u00e4re IPs ansehen
+label.virtual.appliance.details=Virtuelle Appliance Details
+label.virtual.appliances=Virtuelle Appliances
+label.virtual.appliance=Virtuelle Applicance
+label.virtual.machines=Virtuelle Maschinen
+label.virtual.networking=Virtuelle Netzwerkverbindung
 label.virtual.network=Virtuelles Netzwerk
+label.virtual.routers.group.account=Virtuelle Router gruppiert nach Benutzerkonto
+label.virtual.routers.group.cluster=Virtuelle Router gruppiert nach Cluster
+label.virtual.routers.group.pod=Virtuelle Router gruppiert nach Pod
+label.virtual.routers.group.zone=Virtuelle Router gruppiert nach Zone
 label.virtual.routers=Virtuelle Router
 label.virtual.router=Virtueller Router
 label.vlan.id=VLAN ID
@@ -1218,6 +1517,8 @@ label.vm.ip=VM IP-Adresse
 label.vm.name=VM-Name
 label.vm.password=Passwort der VM ist
 label.vm.reboot=Neustart
+label.VMs.in.tier=VMs in Ebene
+label.vmsnapshot.current=ist aktuell
 label.vmsnapshot.memory=Schnappschussspeicher
 label.vmsnapshot.parentname=\u00dcbergeordnet
 label.vmsnapshot.type=Typ
@@ -1228,10 +1529,13 @@ label.vm.stop=Stopp
 label.vms=VMs
 label.vmware.datacenter.id=VMware-Rechenzentrumskennung
 label.vmware.datacenter.name=VMware-Rechenzentrumsname
+label.vmware.datacenter.vcenter=VMware Rechenzentrum-vCenter
+label.vmware.traffic.label=VMware Datenverkehrs-Bezeichnung
 label.vnet.id=VLAN ID
 label.vnet=VLAN
 label.vnmc.devices=VNMC-Ger\u00e4te
 label.vnmc=VNMC
+label.volatile=Verg\u00e4nglich
 label.volgroup=Volumengruppe
 label.volume.details=Volumendetails
 label.volume.limits=Volume Grenzen
@@ -1245,14 +1549,18 @@ label.VPC.limits=VPC-Begrenzungen
 label.vpc.offering.details=Details des VPC-Angebots
 label.vpc.offering=VPC-Angebot
 label.VPC.router.details=VPC-Routerdetails
+label.vpc.supportsregionlevelvpc=Unterst\u00fctzt Reigion Level VPC
 label.vpc.virtual.router=VPC Virtueller Router
 label.vpc=VPC
 label.VPN.connection=VPN-Verbindung
+label.vpn.customer.gateway=VPN Customer Gateway
+label.VPN.customer.gateway=VPN Customer Gateway
 label.VPN.gateway=VPN-Gateway
 label.vpn=VPN
 label.vsmctrlvlanid=Steuerungs-VLAN-Kennung
 label.vsmpktvlanid=Paket-VLAN-Kennung
 label.vsmstoragevlanid=Speicher-VLAN-Kennung
+label.vsphere.managed=vSphere verwaltet
 label.vswitch.name=vSwitch-Name
 label.vSwitch.type=vSwitch-Typ
 label.vxlan.id=VXLAN ID
@@ -1268,19 +1576,29 @@ label.welcome=Willkommen
 label.what.is.cloudstack=Was ist CloudStack&\#8482?
 label.xenserver.tools.version.61.plus=Originale XS-Version ist 6.1\\+
 label.Xenserver.Tools.Version61plus=Originale XS-Version ist 6.1\\+
+label.xenserver.traffic.label=XenServer Datenverkehrs-Bezeichnung
 label.yes=Ja
+label.zone.dedicated=Zone dediziert
 label.zone.details=Zonendetails
 label.zone.id=Zone ID
 label.zone.lower=Zone
 label.zone.name=Zonenname
 label.zone.step.1.title=Schritt 1\: <strong>W\u00e4hlen Sie ein Netzwerk aus</strong>
 label.zone.step.2.title=Schritt 2\: <strong>F\u00fcgen Sie eine Zone hinzu</strong>
+label.zone.step.3.title=Schritt 3\: <strong>Pod hinzuf\u00fcgen</strong>
 label.zone.step.4.title=Schritt 4\: <strong>F\u00fcgen Sie einen IP-Bereich hinzu</strong>
 label.zones=Zone
 label.zone.type=Zonentyp
 label.zone.wide=Zonenweit
 label.zoneWizard.trafficType.guest=Gast\: Datenverkehr zwischen den virtuellen Maschinen der Endbenutzer
+label.zoneWizard.trafficType.management=Management\: Datenverkehr zwischen den CloudStack internen Ressourcen, inklusive aller Komponenten, die mit dem Management Server kommunizieren, wie Hosts und CloudStack System VMs
+label.zoneWizard.trafficType.public=\u00d6ffentlich\: Datenverkehr zwischen dem Internet und virtuellen Maschinen in der Cloud.
+label.zoneWizard.trafficType.storage=Speicherung\: Datenverkehr zwischen Haupt- und Sekund\u00e4rspeicherserver, wie VM-Vorlagen und Schnappsch\u00fcsse.
 label.zone=Zone
+managed.state=Verwalteter Status
+message.acquire.ip.nic=Bitte best\u00e4tigen Sie, dass Sie eine neue, zweite IP-Adresse f\u00fcr dieses Netzwerk-Interface ben\u00f6tigen.<br/>HINWEIS\: Sie m\u00fcssen diese neue zweite IP-Adresse manuell in der virtuellen Maschine hinzuf\u00fcgen.
+message.acquire.new.ip=Bitte best\u00e4tigen Sie, dass sie eine neue IP Adresse f\u00fcr dieses Netzwerk haben m\u00f6chten.
+message.acquire.new.ip.vpc=Bitte best\u00e4tigen Sie, dass sie eine neue IP Adresse f\u00fcr diesen VPC ben\u00f6tigen.
 message.acquire.public.ip=Bitte w\u00e4hlen Sie eine Zone, von der Sie Ihre neue IP erlangen m\u00f6chten.
 message.action.cancel.maintenance=Ihr Host ist erfolgreich f\u00fcr die Wartung abgebrochen. Dieser Prozess kann ein paar Minuten dauern.
 message.action.cancel.maintenance.mode=Bitte best\u00e4tigen Sie, dass Sie die Wartung abbrechen m\u00f6chten.
@@ -1289,10 +1607,14 @@ message.action.change.service.warning.for.router=Ihre Instanz muss zuerst unterb
 message.action.delete.cluster=Bitte best\u00e4tigen Sie, dass Sie dieses Cluster l\u00f6schen m\u00f6chten.
 message.action.delete.disk.offering=Bitte best\u00e4tigen Sie, dass Sie dieses Festplatten-Angebot l\u00f6schen m\u00f6chten.
 message.action.delete.domain=Bitte best\u00e4tigen Sie, dass Sie diese Domain l\u00f6schen m\u00f6chten.
+message.action.delete.external.firewall=Bitte best\u00e4tigen Sie, dass Sie die externe Firewall entfernen m\u00f6chten. Warnung\: Wenn Sie planen dieselbe exterene Firewall wieder hinzuzuf\u00fcgen, m\u00fcssen Sie s\u00e4mtliche Nutzungsdaten auf diesem Ger\u00e4t zur\u00fccksetzen
+message.action.delete.external.load.balancer=Bitte best\u00e4tigen Sie, dass Sie diesen externen Loadbalancer entfernen m\u00f6chten. Warnung\: Wenn Sie planen denselben exterenen Loadbalancer wieder hinzuzuf\u00fcgen, m\u00fcssen Sie s\u00e4mtliche Nutzungsdaten auf diesem Ger\u00e4t zur\u00fccksetzen
 message.action.delete.ingress.rule=Bitte best\u00e4tigen Sie, dass Sie diese Zutrittsregel l\u00f6schen wollen.
 message.action.delete.ISO=Bitte best\u00e4tigen Sie, dass Sie diese ISO l\u00f6schen m\u00f6chten.
 message.action.delete.ISO.for.all.zones=Die ISO gilt f\u00fcr alle Zonen. Bitte best\u00e4tigen Sie, dass Sie diese aus allen Zonen l\u00f6schen m\u00f6chten.
 message.action.delete.network=Bitte best\u00e4tigen Sie, dass Sie dieses Netzwerk l\u00f6schen m\u00f6chten.
+message.action.delete.nexusVswitch=Bitte best\u00e4tigen Sie, dass sie diesen nexus 1000v l\u00f6schen m\u00f6chten.
+message.action.delete.nic=Bitte best\u00e4tigen Sie die L\u00f6schung dieser NIC, da dies auch zur L\u00f6schung des zugeh\u00f6rigen Netzwerks von der VM f\u00fchrt.
 message.action.delete.physical.network=Bitte best\u00e4tigen Sie, dass Sie dieses physikalische Netzwerk l\u00f6schen m\u00f6chten
 message.action.delete.pod=Bitte best\u00e4tigen Sie, dass Sie dieses pod l\u00f6schen m\u00f6chten.
 message.action.delete.primary.storage=Bitte best\u00e4tigen Sie, dass Sie diese Hauptspeicher l\u00f6schen m\u00f6chten.
@@ -1300,6 +1622,7 @@ message.action.delete.secondary.storage=Bitte best\u00e4tigen Sie, dass Sie dies
 message.action.delete.security.group=Bitte best\u00e4tigen Sie, dass Sie diese Sicherheitsgruppe l\u00f6schen m\u00f6chten.
 message.action.delete.service.offering=Bitte best\u00e4tigen Sie, dass Sie diesen Service-Angebot l\u00f6schen m\u00f6chten.
 message.action.delete.snapshot=Bitte best\u00e4tigen Sie, dass Sie diesen Schnappschuss l\u00f6schen m\u00f6chten.
+message.action.delete.system.service.offering=Bitte best\u00e4tigen Sie, dass Sie dieses Dienstangebot des Systems l\u00f6schen m\u00f6chten
 message.action.delete.template=Bitte best\u00e4tigen Sie, dass Sie diese Vorlage l\u00f6schen m\u00f6chten.
 message.action.delete.template.for.all.zones=Die Vorlage wird f\u00fcr alle Zonen genutzt. Bitte best\u00e4tigen Sie, dass Sie diese f\u00fcr alle Zonen l\u00f6schen m\u00f6chten.
 message.action.delete.volume=Bitte best\u00e4tigen Sie, dass Sie dieses Volume l\u00f6schen m\u00f6chten.
@@ -1307,77 +1630,194 @@ message.action.delete.zone=Bitte best\u00e4tigen Sie, dass Sie diese Zone l\u00f
 message.action.destroy.instance=Bitte best\u00e4tigen Sie, dass Sie diese Instanz l\u00f6schen m\u00f6chten.
 message.action.destroy.systemvm=Bitte best\u00e4tigen Sie, dass Sie die System VM zerst\u00f6ren m\u00f6chten.
 message.action.disable.cluster=Bitte best\u00e4tigen Sie, dass Sie diesen Cluster deaktivieren m\u00f6chten.
+message.action.disable.nexusVswitch=Bitte best\u00e4tigen Sie, dass sie diesen nexus 1000v deaktivieren m\u00f6chten.
 message.action.disable.physical.network=Bitte best\u00e4tigen Sie, dass Sie dieses physikalische Netzwerk deaktivieren m\u00f6chten.
 message.action.disable.pod=Bitte best\u00e4tigen Sie, dass Sie diesen Pod deaktivieren m\u00f6chten.
 message.action.disable.static.NAT=Bitte best\u00e4tigen Sie, dass Sie die statische NAT deaktivieren m\u00f6chten.
 message.action.disable.zone=Bitte best\u00e4tigen Sie, dass Sie diese Zone deaktivieren m\u00f6chten.
 message.action.downloading.template=Vorlage wird heruntergeladen.
 message.action.download.iso=Bitte best\u00e4tigen Sie, dass Sie dieses ISO herunterladen m\u00f6chten.
+message.action.download.template=Bitte best\u00e4tigen Sie, dass Sie dieses Template herunterladen m\u00f6chten.
 message.action.enable.cluster=Bitte best\u00e4tigen Sie, dass Sie diesen Cluster aktivieren m\u00f6chten.
+message.action.enable.maintenance=Ihr Host wurde erfolgreich f\u00fcr die Wartung vorbereitet. Dieser Prozess kann einige Minuten, oder abh\u00e4nig von der jetzigen Anzahl VMs auf diesem Host auch l\u00e4nger, in Anspruch nehmen.
+message.action.enable.nexusVswitch=Bitte best\u00e4tigen Sie, dass sie diesen nexus 1000v aktivieren m\u00f6chten.
 message.action.enable.physical.network=Bitte best\u00e4tigen Sie, dass Sie dieses physikalische Netzwerk aktivieren m\u00f6chten.
 message.action.enable.pod=Bitte best\u00e4tigen Sie, dass Sie diesen Pod aktivieren m\u00f6chten.
 message.action.enable.zone=Bitte best\u00e4tigen Sie, dass Sie diese Zone aktivieren m\u00f6chten.
+message.action.expunge.instance=Bitte best\u00e4tigen Sie, dasss Sie diese Instanz unwiderbringlich l\u00f6schen m\u00f6chten.
+message.action.force.reconnect=Ihr Host wurde erfolgreich gewzungen wiederzuverbinden. Dieser Prozess kann einige Minuten beanspruchen.
+message.action.host.enable.maintenance.mode=Die Aktivierung des Wartungsmodus verursacht eine Livemigration aller laufenden Instanzen auf diesem Host zu einem anderen verf\u00fcgbaren Host.
 message.action.instance.reset.password=Bitte best\u00e4tigen Sie, dass Sie das ROOT Passwort f\u00fcr diese virtuelle Maschine \u00e4ndern m\u00f6chten.
 message.action.manage.cluster=Bitte best\u00e4tigen Sie, dass das Cluster bearbeitet werden soll.
+message.action.primarystorage.enable.maintenance.mode=Warnung\: den Hauptspeicher in den Wartungsmodus zu stellen, wird alle VMs stoppen, welche noch Volumen auf demjenigen haben. M\u00f6chten Sie fortfahren?
 message.action.reboot.instance=Bitte best\u00e4tigen Sie, dass Sie diese Instanz neustarten m\u00f6chten.
+message.action.reboot.router=Alle angebotenen Dienste dieses Routers werden unterbrochen. Bitte best\u00e4tigen Sie, dass Sie den Router neu starten m\u00f6chten.
 message.action.reboot.systemvm=Bitte best\u00e4tigen Sie, dass Sie diese System VM neustarten m\u00f6chten.
 message.action.release.ip=Bitte best\u00e4tigen Sie, dass Sie diese IP freigeben m\u00f6chten.
 message.action.remove.host=Bitte best\u00e4tigen Sie, dass Sie diesen Host entfernen m\u00f6chten.
 message.action.reset.password.off=Ihre Instanz untersch\u00fctzt derzeitig nicht dieses Feature.
 message.action.reset.password.warning=Ihre Instanz muss zuerst unterbrochen werden, bevor Sie Ihr derzeitiges Passwort \u00e4ndern k\u00f6nnen.
 message.action.restore.instance=Bitte best\u00e4tigen Sie, dass Sie diese Instanz wiederherstellen m\u00f6chten.
+message.action.revert.snapshot=Bitte best\u00e4tigen Sie, dass Sie das dazugeh\u00f6rige Volumen zu diesen Schnappschuss zur\u00fccksetzten m\u00f6chten.
 message.action.start.instance=Bitte best\u00e4tigen Sie, dass Sie diese Instanz starten m\u00f6chten.
 message.action.start.router=Bitte best\u00e4tigen Sie, dass Sie diesen Router starten m\u00f6chten.
 message.action.start.systemvm=Bitte best\u00e4tigen Sie, dass Sie diese System VM starten m\u00f6chten.
 message.action.stop.instance=Bitte best\u00e4tigen Sie, dass Sie diese Instanz anhalten m\u00f6chten.
+message.action.stop.router=Alle von diesem Router angebotenen Dienste werden unterbrochen. Bitte best\u00e4tigen Sie, dass Sie diesen Router stoppen m\u00f6chten.
 message.action.stop.systemvm=Bitte best\u00e4tigen Sie, dass Sie diese System VM anhalten m\u00f6chten.
+message.action.take.snapshot=Bitte best\u00e4tigen Sie, dass Sie einen Schnappschuss von diesem Volumen sichern m\u00f6chten.
 message.action.unmanage.cluster=Bitte best\u00e4tigen Sie, dass Sie das Cluster vernachl\u00e4ssigen m\u00f6chten.
+message.action.vmsnapshot.delete=Bitte best\u00e4tigen Sie, dass Sie diesen VM Schnappschuss l\u00f6schen wollen.
 message.action.vmsnapshot.revert=VM-Schnappschuss zur\u00fccksetzen
+message.activate.project=Sind Sie sicher, dass Sie dieses Projekt aktivieren wollen?
+message.add.cluster=Hinzuf\u00fcgen eines vom Hypervisor verwaltender Clusters f\u00fcr Zone <b><span id\="zone_name"></span></b>, Pod <b><span id\="pod_name"></span></b>
+message.add.cluster.zone=Ein Hypervisor verwalteter Cluster f\u00fcr Zone <b><span id\="zone_name"></span></b> hinzuf\u00fcgen
+message.add.disk.offering=Bitte spezifizieren Sie die folgenden Parameter, um ein neues Disk Angebot hinzuzuf\u00fcgen.
+message.add.domain=Bitte spezifizieren Sie die Subdomain, die Sie unter dieser Domain erstellen wollen.
 message.add.firewall=Eine Firewall zur Zone hinzuf\u00fcgen
+message.add.guest.network=Bitte best\u00e4tigen Sie, dass Sie ein Gast-Netzwerk hinzuf\u00fcgen m\u00f6chten.
 message.add.host=Bitte spezifizieren Sie die folgenden Parameter, um einen neuen Host hinzuzuf\u00fcgen.
 message.adding.host=Host wird hinzugef\u00fcgt
+message.adding.Netscaler.device=Hinzuf\u00fcgen eines Netscaler Ger\u00e4tes
+message.adding.Netscaler.provider=Hinzuf\u00fcgen eines Netscaler Provider
+message.add.ip.range.direct.network=Einen IP-Bereich zum direkten Netzwerk<b><span id\="directnetwork_name"></span></b> in Zone hinzuf\u00fcgen <b><span id\="zone_name"></span></b>
+message.add.ip.range=IP-Bereich zu \u00f6ffentlichem Netzwerk in Zone hinzuf\u00fcgen
+message.add.ip.range.to.pod=<p>Einen IP-Bereich zum Pod hinzuf\u00fcgen <b><span id\="pod_name_label"></span></b></p>
 message.additional.networks.desc=Bitte w\u00e4hlen Sie ein oder mehrere Netzwerke aus, an die Ihre virtuelle Instanz verbunden wird.
 message.add.load.balancer=Einen Lastverteiler zur Zone hinzuf\u00fcgen
+message.add.load.balancer.under.ip=Die Lasterverteiler-Regel wurde hinzugef\u00fcgt zu IP\:
+message.add.network=Eine neues Netzwerk f\u00fcr Zone hinzuf\u00fcgen\:  <b><span id\="zone_name"></span></b>
+message.add.new.gateway.to.vpc=Bitte spezifizieren Sie Informationen  um ein neues Gateway f\u00fcr dieses VPC hinzuzuf\u00fcgen.
+message.add.pod.during.zone.creation=Jede Zone muss einen oder mehrere Pods enthalten, und wir werden nun den ersten Pod hinzuf\u00fcgen. Ein Pod enth\u00e4lt Hosts und Hauptspeicher der Server, welche in einem sp\u00e4teren Schritt hinzugef\u00fcgt werden. Zuerst konfigurieren Sie den Bereich der reservierten IP-Adressen f\u00fcr CloudStacks internen Verwaltungsdatenverkehr. Der reservierte IP-Bereich muss f\u00fcr jede Zone in der Cloud eindeutig sein.
+message.add.pod=Ein neuer Pod f\u00fcr Zone <b><span id\="add_pod_zone_name"></span></b> hinzuf\u00fcgen
 message.add.primary=Bitte spezifizieren Sie die folgenden Parameter, um einen neuen Hauptspeicher hinzuzuf\u00fcgen
+message.add.primary.storage=Bitte f\u00fcgen Sie einen neuen prim\u00e4ren Speicher f\u00fcr Zone <b><span id\="zone_name"></span></b>, und Pod <b><span id\="pod_name"></span></b> hinzu.
+message.add.region=Bitte geben Sie die ben\u00f6tigten Informationen ein um eine neue Region hinzuzuf\u00fcgen
+message.add.secondary.storage=Bitte f\u00fcgen Sie einen neuen Speicher f\u00fcr die Zone <b><span id\="zone_name"></span></b> hinzu.
+message.add.service.offering=Bitte spezifizieren Sie die folgenden Parameter, um ein neues Compute Angebot hinzuzuf\u00fcgen.
+message.add.system.service.offering=Bitte geben Sie die folgenden Daten ein, um ein neues Dienst Angebot des Systems hinzuzuf\u00fcgen.
 message.add.template=Bitte geben Sie die folgende Daten ein, um Ihre neue Vorlage zu erstellen
 message.add.volume=Bitte geben Sie die folgende Daten ein, um ein neues Volume hinzuzuf\u00fcgen.
+message.add.VPN.gateway=Bitte best\u00e4tigen Sie, dass sie ein VPN Gateway hinzuf\u00fcgen wollen.
+message.admin.guide.read=F\u00fcr VMware basierte VMs, lesen Sie bitte den Abschnitt \u00fcber das dynamische Skalieren in dem Administrations-Leitfaden bevor Sie hochskalieren. M\u00f6chten Sie fortfahren?
+message.advanced.mode.desc=W\u00e4hlen Sie dieses Netzwerkmodell aus, wenn Sie VLAN-Unterst\u00fctzung aktivieren m\u00f6chten. Dieses Netzwerkmodell bietet die gr\u00f6\u00dfte Flexibilit\u00e4t um Administratoren kundenspezifische Netzwerkangebote zu erm\u00f6glichen, wie das Anbieten von Firewall, VPN oder Lastverteilerunterst\u00fctzung wie auch aktivieren direkten gegen virtuellen Netzwerkverkehr.
+message.advanced.security.group=W\u00e4hlen Sie dies, wenn Sie Sicherheits Gruppen verwenden wollen, um eine Isolation f\u00fcr Gast VMs anzubieten
+message.advanced.virtual=W\u00e4hlen Sie dies, wenn Sie Zonen-weite VLANs verwenden wollen, um eine Isolation f\u00fcr Gast VMs anzubieten.
+message.after.enable.s3=S3-gest\u00fctzter zweiter Speicher konfiguriert. Hinweis\: Wenn Sie dieses Seite verlassen, k\u00f6nnen Sie S3 nicht mehr umkonfigurieren. 
+message.after.enable.swift=Swift ist konfiguriert. Bemerkung\: Wenn Sie diese Seite verlassen, werden Sie nicht mehr in der Lage sein Swift um zu konfigurieren.
 message.alert.state.detected=Alarmstatus erkannt
 message.allow.vpn.access=Bitte geben Sie einen Benutzernamen und ein Kennwort f\u00fcr den Benutzer ein, f\u00fcr den Sie VPN-Zugang m\u00f6chten.
 message.apply.snapshot.policy=Sie haben Ihre derzeitige Schnappschuss Richtlinie erfolgreich aktualisiert.
 message.attach.iso.confirm=Bitte best\u00e4tigen Sie, dass sie die ISO zu Ihrer virtuellen Instanz hinzuf\u00fcgen m\u00f6chten.
+message.attach.volume=Bitte f\u00fcllen Sie die folgenden Daten aus um neue Volumen anzubinden. Falls Sie das Festplattenvolumen zu einer Windows-basierten virtuellen Maschine anbinden, m\u00fcssen Sie die Instanz neu starten um die angebundene Festplatte verwenden zu k\u00f6nnen.
+message.basic.mode.desc=W\u00e4hlen Sie dieses Netzwerk-Modell falls Sie <b>*<u>keine</u>*</b> VLAN-Unterst\u00fctzung aktivieren m\u00f6chten. Allen virtuellen Instanzen unter diesem Netzwerk-Modell erhalten eine IP direkt von Netzwerk, Sicherheitsgruppen werden verwendet um Sicherheit und Trennung zu gew\u00e4hrleisten.
 message.change.offering.confirm=Bitte best\u00e4tigen Sie, dass Sie das Service-Angebot dieser virtuellen Instanz \u00e4ndern m\u00f6chten.
 message.change.password=Bitte \u00e4ndern Sie Ihre Passwort.
+message.cluster.dedicated=Cluster dediziert
+message.cluster.dedication.released=Cluster-Dedizierung aufgehoben
+message.configure.all.traffic.types=Sie haben mehrere physikalische Netzwerke; bitte konfigurieren Sie f\u00fcr jeden Datenverkehrstyp Bezeichnungen indem Sie auf den Bearbeiten-Knopf klicken
+message.configure.ldap=Bitte best\u00e4tigen Sie, dass Sie LDAP konfigurieren m\u00f6chten.
 message.configuring.guest.traffic=Gast-Datenverkehr wird konfiguriert
 message.configuring.physical.networks=Physikalische Netzwerke werden konfiguriert
 message.configuring.public.traffic=\u00d6ffentlicher Datenverkehr wird konfiguriert
 message.configuring.storage.traffic=Speicherungsdatenverkehr wird konfiguriert
+message.confirm.action.force.reconnect=Bitte best\u00e4tigen Sie, dass Sie f\u00fcr diesen Host das Wiederverbinden erzwingen m\u00f6chten.
+message.confirm.add.vnmc.provider=Bitte best\u00e4tigen Sie, dass Sie den VNMC-Provider hinzuf\u00fcgen m\u00f6chten.
+message.confirm.archive.alert=Bitte best\u00e4tigen Sie, dass Sie diesen Alarm archivieren m\u00f6chten.
 message.confirm.archive.event=Bitte best\u00e4tigen Sie, dass Sie dieses Ereignis archivieren m\u00f6chten.
 message.confirm.archive.selected.alerts=Bitte best\u00e4tigen Sie, dass Sie die ausgew\u00e4hlten Alarme archivieren m\u00f6chten
+message.confirm.archive.selected.events=Bitte best\u00e4tigen Sie, dass Sie die ausgew\u00e4hlten Vorg\u00e4nge archivieren m\u00f6chten
+message.confirm.attach.disk=Sind Sie sicher, dass Sie eine Platte hinzuf\u00fcgen m\u00f6chten?
 message.confirm.create.volume=Sind Sie sicher, dass Sie ein Volumen erstellen m\u00f6chten?
+message.confirm.current.guest.CIDR.unchanged=M\u00f6chten Sie den aktuellen Gastnetzwerk CIDR unver\u00e4ndert lassen?
+message.confirm.dedicate.cluster.domain.account=M\u00f6chten Sie diesen Cluster wirklich f\u00fcr diese Domain / dieses Benutzerkonto dedizieren?
+message.confirm.dedicate.host.domain.account=M\u00f6chten Sie diesen Host wirklich f\u00fcr diese Domain / dieses Benutzerkonto dedizieren?
+message.confirm.dedicate.pod.domain.account=M\u00f6chten Sie diesen Pod wirklich f\u00fcr diese Domain / dieses Benutzerkonto dedizieren?
+message.confirm.dedicate.zone=M\u00f6chten Sie diese Zone wirklich f\u00fcr diese Domain / dieses Benutzerkonto dedizieren?
 message.confirm.delete.acl.list=Sind Sie sicher, dass Sie diese ACL-Liste l\u00f6schen m\u00f6chten?
 message.confirm.delete.alert=Sind Sie sicher, dass Sie diesen Alarm l\u00f6schen m\u00f6chten?
+message.confirm.delete.BrocadeVcs=Bitte best\u00e4tigen Sie, dass Sie Brocade Vcs Switch l\u00f6schen m\u00f6chten
 message.confirm.delete.ciscoASA1000v=Bitte best\u00e4tigen Sie, dass Sie CiscoASA1000v l\u00f6schen m\u00f6chten
+message.confirm.delete.ciscovnmc.resource=Bitte best\u00e4tigen Sie, dass Sie die CiscoVNMC Ressource l\u00f6schen m\u00f6chten
+message.confirm.delete.F5=Bitte best\u00e4tigen Sie, dass Sie F5 l\u00f6schen m\u00f6chten
+message.confirm.delete.internal.lb=Bitte best\u00e4tigen Sie, dass Sie den internen Loadbalancer l\u00f6schen m\u00f6chten
+message.confirm.delete.NetScaler=Bitte best\u00e4tigen Sie, dass Sie NetScaler l\u00f6schen m\u00f6chten
+message.confirm.delete.NuageVsp=Bitte best\u00e4tigen Sie, dass Sie das Nuage Virtulazierte Dienste Verzeichnis l\u00f6schen m\u00f6chten
+message.confirm.delete.PA=Bitte best\u00e4tigen Sie, dass Sie Palo Alto l\u00f6schen m\u00f6chten
+message.confirm.delete.secondary.staging.store=Bitte best\u00e4tigen Sie, dass Sie diesen Sekund\u00e4r-Staging-Store l\u00f6schen m\u00f6chten.
+message.confirm.delete.SRX=Bitte best\u00e4tigen Sie, dass Sie SRX l\u00f6schen m\u00f6chten
+message.confirm.delete.ucs.manager=Bitte best\u00e4tigen Sie, dass Sie UCS-Manager l\u00f6schen m\u00f6chten
 message.confirm.destroy.router=Bitte best\u00e4tigen Sie, dass Sie diesen Router zerst\u00f6ren m\u00f6chten
 message.confirm.disable.host=Bitte best\u00e4tigen Sie, dass Sie den Host deaktivieren m\u00f6chten
+message.confirm.disable.network.offering=Sind Sie sicher, dass Sie dieses Netzwerkangebot deaktivieren m\u00f6chten?
+message.confirm.disable.provider=Bitte best\u00e4tigen Sie, dass Sie diesen Anbieter l\u00f6schen m\u00f6chten
+message.confirm.disable.vnmc.provider=Bitte best\u00e4tigen Sie, dass Sie den VNMC-Provider deaktivieren m\u00f6chten.
+message.confirm.disable.vpc.offering=Sind Sie sicher, dass Sie dieses VPC-Angebot deaktivieren m\u00f6chten?
 message.confirm.enable.host=Bitte best\u00e4tigen Sie, dass Sie den Host aktivieren m\u00f6chten
+message.confirm.enable.network.offering=Sind Sie sicher, dass Sie dieses Netzwerkangebot aktivieren m\u00f6chten?
+message.confirm.enable.provider=Bitte best\u00e4tigen Sie, dass Sie diesen Anbieter hinzuf\u00fcgen m\u00f6chten
+message.confirm.enable.vnmc.provider=Bitte best\u00e4tigen Sie, dass Sie den VNMC-Provider aktivieren m\u00f6chten.
+message.confirm.enable.vpc.offering=Sind Sie sicher, dass Sie dieses VPC-Angebot aktivieren m\u00f6chten?
+message.confirm.join.project=Bitte best\u00e4tigen Sie, dass Sie diesem Projekt beitreten m\u00f6chten
 message.confirm.migrate.volume=M\u00f6chten Sie dieses Volumen migrieren?
+message.confirm.refresh.blades=Bitte best\u00e4tigen Sie, dass Sie die Blades aktuallisieren m\u00f6chten.
+message.confirm.release.dedicated.cluster=M\u00f6chten Sie diesen dedizierten Cluster freigeben?
+message.confirm.release.dedicated.host=M\u00f6chten Sie diesen dedizierten Host freigeben?
+message.confirm.release.dedicated.pod=M\u00f6chten Sie diesen dedizierten Pod freigeben?
+message.confirm.release.dedicated.zone=M\u00f6chten Sie diese dedizierte Zone freigeben?
+message.confirm.release.dedicate.vlan.range=Bitte best\u00e4tigen Sie, dass Sie ein dedizierten VLAN Bereich freigeben m\u00f6chten
 message.confirm.remove.event=Sind Sie sicher, dass Sie dieses Ereignis entfernen m\u00f6chten?
+message.confirm.remove.IP.range=Bitte best\u00e4tigen Sie, dass sie diesen IP Adressbereich l\u00f6schen m\u00f6chten
+message.confirm.remove.load.balancer=Bitte best\u00e4tigen Sie, dass Sie die VM vom Lastverteiler zur\u00fcckziehen m\u00f6chten
+message.confirm.remove.network.offering=Sind Sie sicher, dass Sie dieses Netzwerkangebot entfernen m\u00f6chten?
 message.confirm.remove.selected.alerts=Bitte best\u00e4tigen Sie, dass Sie die ausgew\u00e4hlten Alarme entfernen m\u00f6chten
 message.confirm.remove.selected.events=Bitte best\u00e4tigen Sie, dass Sie die ausgew\u00e4hlten Ereignisse entfernen m\u00f6chten
+message.confirm.remove.vmware.datacenter=Bitte best\u00e4tigen Sie, dass Sie das VMware Rechenzentrum entfernen m\u00f6chten
+message.confirm.remove.vpc.offering=Sind Sie sicher, dass Sie dieses VPC-Angebot entfernen m\u00f6chten?
 message.confirm.replace.acl.new.one=M\u00f6chten Sie die ACL durch die neue ersetzen?
+message.confirm.scale.up.router.vm=M\u00f6chten Sie die Router-VM wirklich hochskalieren?
+message.confirm.scale.up.system.vm=M\u00f6chten Sie die System-VM wirklich hochskalieren?
+message.confirm.shutdown.provider=Bitte best\u00e4tigen Sie, dass sie diesen Anbieter herunterfahren m\u00f6chten.
+message.confirm.start.lb.vm=Bitte best\u00e4tigen Sie, dass Sie die LB VM starten m\u00f6chten
+message.confirm.stop.lb.vm=Bitte best\u00e4tigen Sie, dass Sie die LB VM stoppen m\u00f6chten
+message.confirm.upgrade.router.newer.template=Bitte best\u00e4tigen Sie, dass Sie den Router aktuallisieren m\u00f6chten, so dass er die neue Vorlage verwendet.
+message.confirm.upgrade.routers.account.newtemplate=Bitte best\u00e4tigen Sie, dass Sie alle Router zu dieser Benutzerkonto aktuallisieren m\u00f6chten, so dass sie die neue Vorlage verwenden.
+message.confirm.upgrade.routers.cluster.newtemplate=Bitte best\u00e4tigen Sie, dass Sie alle Router in diesem Cluster aktuallisieren m\u00f6chten, so dass sie die neue Vorlage verwenden.
+message.confirm.upgrade.routers.newtemplate=Bitte best\u00e4tigen Sie, dass Sie alle Router in dieser Zone aktuallisieren m\u00f6chten, so dass sie die neue Vorlage verwenden.
+message.confirm.upgrade.routers.pod.newtemplate=Bitte best\u00e4tigen Sie, dass Sie alle Router in diesem Pod aktuallisieren m\u00f6chten, so dass sie die neue Vorlage verwenden.
 message.copy.iso.confirm=Bitte best\u00e4tigen Sie, dass Sie Ihre ISO kopieren m\u00f6chten und zwar nach
+message.copy.template.confirm=Sind Sie sicher, dass Sie die Vorlage kopieren m\u00f6chten?
+message.copy.template=Kopiere Vorlage <b id\="copy_template_name_text">XXX</b> von Zone <b id\="copy_template_source_zone_text"></b> nach
 message.create.template=Sind Sie sicher, dass Sie eine Vorlage erstellen m\u00f6chten?
 message.create.template.vm=VM aus Vorlage <b id\="p_name"></b> erstellen
+message.create.template.volume=Bitte definieren Sie die folgenden Informationen bevor Sie eine Vorlage f\u00fcr Ihr Festplattenvolumen erstellen\: <b><span id\="volume_name"></span></b>. Das Erstellen der Vorlage kann einige Minuten oder abh\u00e4ngig von der Volumengr\u00f6\u00dfe auch l\u00e4nger dauern.
 message.creating.cluster=Cluster wird erstellt
 message.creating.guest.network=Gastnetzwerk wird erstellt
 message.creating.physical.networks=Physikalische Netzwerke werden erstellt
+message.creating.pod=Erstelle einen Pod
 message.creating.primary.storage=Hauptspeicher wird erstellt
 message.creating.secondary.storage=Sekund\u00e4rspeicher wird erstellt
+message.creating.systemVM=Erstellung von System VMs (das kann eine Weile dauern)
 message.creating.zone=Zone wird erstellt
+message.decline.invitation=Sind Sie sicher, dass Sie diese Einladung zu dem Projekt ablehnen m\u00f6chten?
+message.dedicated.zone.released=Zonen-Dedizierung freigegeben
+message.dedicate.zone=Dediziere Zone
 message.delete.account=Bitte best\u00e4tigen Sie, dass Sie dieses Benutzerkonto l\u00f6schen m\u00f6chten.
+message.delete.affinity.group=Bitte best\u00e4tigen Sie, dass Sie diese Affinit\u00e4tsgruppe l\u00f6schen m\u00f6chten.
+message.delete.gateway=Bitte best\u00e4tigen Sie, dass Sie dieses Gateway l\u00f6schen m\u00f6chten
 message.delete.project=Sind Sie sicher, dass Sie dieses Projekt l\u00f6schen m\u00f6chten?
 message.delete.user=Bitte best\u00e4tigen Sie, dass Sie diesen Benutzer l\u00f6schen m\u00f6chten.
 message.delete.VPN.connection=Bitte best\u00e4tigen Sie, dass Sie die VPN-Verbindung l\u00f6schen m\u00f6chten
+message.delete.VPN.customer.gateway=Bitte best\u00e4tigen Sie, dass Sie dieses Kunden VPN Gateway l\u00f6schen m\u00f6chten
+message.delete.VPN.gateway=Bitte best\u00e4tigen Sie, dass Sie dieses VPN Gateway l\u00f6schen m\u00f6chten
+message.desc.advanced.zone=F\u00fcr anspruchvollere Netzwerk-Topologien. Dieses Netzwerkmodell bietet die h\u00f6chste Flexibilit\u00e4t beim Definieren der Gast-Netzwerke und beim Anbieten von ma\u00dfgeschneiderten Nerzwerk-Angeboten wie Firewall-, VPN- oder Lastverteilungsunterst\u00fctzung. 
+message.desc.basic.zone=Biete ein einzelnes Netzwerk an, in dem alle VM-Instanzen direkt mit IP vom Netzwerk verbunden sind. G\u00e4steisolation kann durch Layer-3 wie Sicherheitsgruppen angeboten werden (IP-Adressen Source Filtering)
+message.desc.cluster=Jeder Pod muss einen oder mehrere Clusters enthalten, und wir werden jetzt den ersten Cluster hinzuf\u00fcgen. Ein Cluster bietet die M\u00f6glichkeit Hosts zu gruppieren. Die Hosts in einem Cluster haben alle identische Hardware, betreiben den selben Hypervisor, sind im selben Subnetz und greifen auf den selben geteilten Speicher zu. Jeder Cluster besteht aus einem oder mehreren Hosts und einem oder mehreren Hauptspeicher-Servern.
+message.desc.host=Jeder Cluster muss mindestens ein Host (Computer) beinhalten damit Gast-VMs darauf laufen k\u00f6nnen und wir werden nun den ersten Host erstellen. Damit ein Host in CloudStack funktioniert, muss eine Hypervisor-Software darauf installiert, eine IP-Adressse zugewiesen sowie sichergestellt sein, dass sich der Host mit dem CloudStack Verwaltungs-Server verbinden kann .<br/><br/>Geben Sie bitte den DNS-Namen oder IP-Adresse, den Benutzernamen (f\u00fcr gew\u00f6hnlich root) und das Passwort sowie jegliche Labels ein, mit denen Sie den Host kategorisieren m\u00f6chten.
+message.desc.primary.storage=Jeder Cluster muss einen oder mehrere Hauptspeicher-Server enthalten, und wir werden nun den ersten erfassen. Hauptspeicher enth\u00e4lt die Festplatten-Volumen aller VMs, welche auf den Hosts in dem Cluster befinden. Benutzen Sie irgend ein standardkonformes Protokoll, welches vom darunterliegenden Hypervisor unterst\u00fctzt wird.
+message.desc.secondary.storage=Jede Zone muss mindestens ein NFS oder Sekund\u00e4rspeicher-Server haben und wir werden nun den ersten hinzuf\u00fcgen. Sekund\u00e4rspeicher speichert VM-Vorlagen, ISO-Abbilder und VM-Festplatten-Schnappsch\u00fcsse. Dieser Server muss f\u00fcr alle Host in der Zone erreichbar sein.<br/><br/>Geben Sie die IP und den exportierten Pfad an.
+message.desc.zone=Eine Zone ist die gr\u00f6\u00dfte organisatorische Einheit in CloudStack und entspricht typischerweise eines einzelnen Rechenzentrum. Zonen bieten physikalische Isolation und Redundanz. Eine Zone beinhaltet einen oder mehrere Pods (jeder von Ihnen beinhaltet Hosts und Hauptspeicher-Server) und ein Sekund\u00e4rspeicher-Server, welcher von allen Pods in der Zone geteilt wird.
+message.detach.disk=Sind Sie sicher, dass Sie diese Festplatte aush\u00e4ngen m\u00f6chten?
 message.detach.iso.confirm=Bitte best\u00e4tigen Sie, dass Sie die ISO von der virtuellen Instanz trennen m\u00f6chten.
 message.disable.account=Bitte best\u00e4tigen Sie, dass Sie Ihr Benutzerkonto deaktivieren m\u00f6chten. Kein Nutzer dieses Kontos wird mehr Zugriff auf die Cloud Ressourcen haben. Alle laufenden virtuellen Maschinen werden sofort abgestellt.
 message.disable.snapshot.policy=Sie haben Ihre derzeitige Schnappschuss Richtlinie erfolgreich deaktiviert.
@@ -1391,67 +1831,167 @@ message.download.ISO=Bitte klicken Sie auf <a href\="\#">00000</a>, um das ISO h
 message.download.template=Bitte klicken Sie auf <a href\="\#">00000</a>, um die Vorlage herunterzuladen
 message.download.volume=Bitte klicken Sie auf <a href\="\#">00000</a>, um das Volumen herunterzuladen
 message.download.volume.confirm=Bitte best\u00e4tigen Sie, dass Sie dieses Volumen herunterladen m\u00f6chten.
+message.edit.account=Bearbeiten ("-1" bedeutet keine Begrenzung der Anzahl Ressourcen) 
+message.edit.confirm=Bitte best\u00e4tigen Sie Ihre \u00c4nderungen, bevor Sie auf "Speichern" klicken.
+message.edit.limits=Bitte definieren Sie Begrenzungen f\u00fcr die folgenden Ressourcen. Ein "-1" bedeutet keine Begrenzung f\u00fcr die Ressourcen-Erstellung.
+message.edit.traffic.type=Bitte definieren Sie die Datenverkehrs-Bezeichnung, welche Sie mit diesem Datenverkehrs-Typ verbunden haben m\u00f6chten.
 message.enable.account=Bitte best\u00e4tigen Sie, dass Sie dieses Konto aktivieren m\u00f6chten.
 message.enabled.vpn=Ihr VPN Zugriff ist zurzeit aktiv und via IP k\u00f6nnen Sie darauf zugreifen
+message.enabled.vpn.ip.sec=Ihr IPSec Preshared-Schl\u00fcssel ist
+message.enable.user=Bitte best\u00e4tigen Sie, dass sie diesen Benutzer aktivieren m\u00f6chten.
 message.enable.vpn.access=VPN ist zurzeit nicht f\u00fcr diese IP Addresse aktiviert. M\u00f6chten Sie den VPN Zugriff aktivieren?
+message.enable.vpn=Bitte best\u00e4tigen Sie, dass Sie f\u00fcr diese IP-Adresse das Remote Access VPN aktivieren m\u00f6chten.
 message.enabling.network.offering=Netzwerkangebot wird aktiviert
 message.enabling.security.group.provider=Sicherheitsgruppenanbieter wird aktiviert
 message.enabling.vpc.offering=VPC-Angebot wird aktiviert
 message.enabling.zone.dots=Zone wird aktiviert...
 message.enabling.zone=Zone wird aktiviert
+message.enter.seperated.list.multiple.cidrs=Bitte geben Sie eine Komma separierte Liste von CIDRs ein, sofern es mehrere sind.
+message.enter.token=Bitte geben Sie dasjenige Merkmal ein, welches Ihnen in Ihrem Einladungsemail mitgeteilt wurde.
+message.generate.keys=Bitte best\u00e4tigen Sie, dass Sie f\u00fcr diesen Benutzer neue Schl\u00fcssel generieren m\u00f6chten.
+message.gslb.delete.confirm=Bitte best\u00e4tigen Sie, dass Sie diesen GSLB l\u00f6schen m\u00f6chten.
+message.gslb.lb.remove.confirm=Bitte best\u00e4tigen Sie, dass Sie die Lastverteilung vom GSLB entfernen m\u00f6chten
+message.guest.traffic.in.advanced.zone=Gastnetzwerk-Datenverkehr ist die kommunikation zwischen virtuellen Maschinen des Endbenutzers. Definieren Sie einen Bereich von VLAN IDs um den Gast-Datenverkehr jedes physikalischen Netzwerks zuzustellen.
+message.guest.traffic.in.basic.zone=Gastnetzwerk-Datenverkehr ist die kommunikation zwischen virtuellen Maschinen des Endbenutzers. Definieren Sie einen Bereich von IP-Adressen welche CloudStack Gast-VMs zuweisen kann. Stellen Sie sicher, dass dieser Bereich sich nicht mit dem reservierten IP-Bereich des Systems \u00fcberlappt.
+message.host.dedicated=Host dediziert
+message.host.dedication.released=Host-Dedizierung aufgehoben
 message.installWizard.click.retry=Bitte den Start Button f\u00fcr einen neuen Versuch dr\u00fccken
+message.installWizard.copy.whatIsACluster=Ein Cluster bietet die M\u00f6glichkeit Hosts zu gruppieren. Die Hosts in einem Cluster haben alle identische Hardware, laufen mit dem selben Hypervisor, sind im selben Subnetz und greifen auf den selben Speicher zu. Instanzen von virtuellen Maschinen (VMs) k\u00f6nnen von einem Host zum anderen innerhalb des Clusters live-migriert werden, ohne Unterbrechung des Dienstes f\u00fcr den Endbenutzer. Ein Cluster ist die drittgr\u00f6\u00dfte organisatorische Einheit innerhalb einer CloudStack&\#8482; Installation. Cluster sind geschlossen innerhalb Pods und Pods sind geschlossen innerhalb Zonen. <br/><br/>CloudStack&\#8482; erlaubt mehrere Cluster in einer Cloudinstallation, aber f\u00fcr eine Basisinstallation ben\u00f6tigen wir nur ein Cluster.
+message.installWizard.copy.whatIsAHost=Ein Host ist ein einzelner Computer. Hosts bieten Rechnungsressourcen f\u00fcr virtuelle Maschinen. Jeder Host hat Hypervisorsoftware installiert, welche die G\u00e4ste-VMs verwaltet (ausgenommen davon sind Bare-Metal-Hosts, welche im erweiterten Installationsanleitung als Spezialfall behandelt werden). Beispiele f\u00fcr Hosts sind ein KVM Linuxserver, ein Citrix XenServer-Server oder auch ein ESXi-Server. In der Basisinstallation verwenden wir einen einzelnen Host mit XenServer oder KVM.<br/><br/>Der Host ist die kleinste, organisatorische Einheit innerhalb einer CloudStack&\#8482; Installation. Hosts befinden sind innerhalb von Clustern, Cluster innerhalb Pods und Pods innerhalb von Zonen.
+message.installWizard.copy.whatIsAPod=Ein Pod steht h\u00e4ufig f\u00fcr ein einzelnes Rack. Host im selben Pod sind im selben Subnetz.<br/><br/>Ein Pod ist die zweitgr\u00f6\u00dfte Einheit innerhalb einer CloudStack&\#8482; Installation. Pods sind geschlossen innerhalb der Zonen. Jede Zone kann eine oder mehrere Pods enthalten; in der Basisinstallation werden Sie nur ein Pod in Ihrer Zone haben.
+message.installWizard.copy.whatIsAZone=Eine Zone ist die gr\u00f6\u00dfte organisatorische Einheit innerhalb einer CloudStack&\#8482; Installation. Eine Zone steht typischerweise f\u00fcr ein einzelnes Rechenzentrum, obwohl es nat\u00fcrlich erlaubt ist, mehrere Zonen in einem Rechenzentrum zu haben. Der Vorteil einer Unterteilung der Infrastruktur in Zonen besteht im Anbieten einer physikalischen Isolierung und Redundanz. Zum Beispiel kann jede Zone ihre eigene Stromversorgung und ihr eigener Netzwerk-Uplink haben und geographisch weit auseinanderliegen (obschon dies nicht zwingend ist).
+message.installWizard.copy.whatIsCloudStack=CloudStack&\#8482; ist eine Software-Plattform welche Rechenressourcen zusammenfasst, um \u00f6ffentliche, private oder hybride "Infrastructure as a Service" (IaaS) Clouds zu bauen. CloudStack&\#8482; verwaltet das Netzwerk-, Speicher- und Computingknoten was eine Cloud-Infrastruktur ausmacht. Benutzen Sie CloudStack&\#8482; um Computing-Umgebungen zu erstellen, verwalten und zu konfigurieren.<br/><br/>Neben dem Erweitern von individuellen virtuellen Maschinenabbilder auf auf Standardhardware bietet CloudStack&\#8482; einen schl\u00fcsselfertigen Cloud Infrastruktur-Software-Stack f\u00fcr die Bereitstellung von virtueller Rechenzentren as a Service \u2013 Liefert alle wesentlichen Komponenten f\u00fcr das Bauen, Bereitstellen und Verwalten von multi-tier- und mandantenf\u00e4higen Cloud-Anwendungen. Open-Source sowie Premium-Versionen sind verf\u00fcgbar, mit nahezu identischen Features.
+message.installWizard.copy.whatIsPrimaryStorage=Eine CloudStack&\#8482; Cloud-Infrastruktur verwendet zwei Arten von Speicher\: Hauptspeicher und Sekund\u00e4rspeicher. Beide k\u00f6nnen iSCSI- oder NFS-Server, aber auch lokale Festplatten sein.<br/><br/><strong>Hauptspeicher</strong> ist mit einem Cluster verbunden und speichert Festplattenvolumen aller diejenigen G\u00e4ste-VMs, welche auf Hosts in diesem Cluster laufen. Der Hauptspeicher-Server ist typischerweise nahe am Host gelegen.
+message.installWizard.copy.whatIsSecondaryStorage=Sekund\u00e4rspeicher wird mit einer Zone verbunden und speichert alles Folgende\:<ul><li>Vorlagen - Betriebssystemabbilder, welche f\u00fcr das Booten der VMs verwendet werden und zus\u00e4tzliche Konfigurationsinformationen wie installierte Applikationen beinhalten k\u00f6nnen</li><li>ISO-Abbilder - Betriebssystemabbilder, welche bootbar oder nicht bootbar sein k\u00f6nnen</li><li>Festplattenvolumen-Schnappsch\u00fcsse - gesicherte Kopien von VM-Daten, welche f\u00fcr die Datenwiederherstellung oder f\u00fcr neue Vorlagen verwenden werden k\u00f6nnen</li></ul>
+message.installWizard.now.building=Ihre Cloud wird erstellt...
 message.installWizard.tooltip.addCluster.name=Der Name des Clusters. Der Name kann frei gew\u00e4hlt werden und wird von Cloudstack nicht genutzt.
 message.installWizard.tooltip.addHost.hostname=Der DNS-Name oder die IP-Adresse des hosts
 message.installWizard.tooltip.addHost.password=Dies ist das Passwort des o.a. Users (von der XenServer Installation)
 message.installWizard.tooltip.addHost.username=\u00fcberlicherweise root
 message.installWizard.tooltip.addPod.name=Der Name f\u00fcr den pod
+message.installWizard.tooltip.addPod.reservedSystemEndIp=Dies ist der IP-Bereich im privaten Netzwerk, welches CloudStack verwendet um Sekund\u00e4rspeicher-VMs und Konsolen-Proxies zu verwalten. Diese IP-Adressen werden vom selben Subnetz genommen wie Computing-Server.
 message.installWizard.tooltip.addPod.reservedSystemGateway=Das Gateways f\u00fcr die Hosts des pod
 message.installWizard.tooltip.addPod.reservedSystemNetmask=Die Subnetzmaske des Gast-Netzwerks
+message.installWizard.tooltip.addPod.reservedSystemStartIp=Dies ist der IP-Bereich im privaten Netzwerk, welches CloudStack verwendet um Sekund\u00e4rspeicher-VMs und Konsolen-Proxies zu verwalten. Diese IP-Adressen werden vom selben Subnetz genommen wie Computing-Server.
 message.installWizard.tooltip.addPrimaryStorage.name=Der Name der Storage Devices
 message.installWizard.tooltip.addPrimaryStorage.path=(f\u00fcr NFS) Bei NFS wird hier der exportierte Pfad (Shared Mount Point) angegeben. F\u00fcr KVM wird hier der Pfad angegeben, wo auf jedem Host das primary storage gemountet wurde. Z.B. "/mnt/primary"
 message.installWizard.tooltip.addPrimaryStorage.server=(f\u00fcr NFS, iSCSI oder PreSetup) Die IP-Adresse oder der DNS-Name des storage devices.
 message.installWizard.tooltip.addSecondaryStorage.nfsServer=Die IP-Adresse des NFS-Servers, der den Secondary Storage bereitstellt.
 message.installWizard.tooltip.addSecondaryStorage.path=Der exportierte Pfad, der auf dem o.a. Server liegt.
+message.installWizard.tooltip.addZone.dns1=Dies sind die DNS Server f\u00fcr die G\u00e4ste VMs in dieser Zone. Diese DNS Server werden \u00fcber das Interface f\u00fcr das private Netzwerk der System VMs erreicht. Die private IP Adresse, die Sie angeben muss eine Route zu dem hier benannten DNS Server haben.
+message.installWizard.tooltip.addZone.dns2=Dies sind die DNS Server f\u00fcr die G\u00e4ste VMs in dieser Zone. Diese DNS Server werden \u00fcber das Interface f\u00fcr das private Netzwerk der System VMs erreicht. Die private IP Adresse, die Sie angeben muss eine Route zu dem hier benannten DNS Server haben.
+message.installWizard.tooltip.addZone.internaldns1=Dies sind die DNS Server f\u00fcr die System VMs in dieser Zone. Diese DNS Server werden \u00fcber das Interface f\u00fcr das private Netzwerk der System VMs erreicht. Die private IP Adresse, die Sie angeben muss eine Route zu dem hier benannten DNS Server haben.
+message.installWizard.tooltip.addZone.internaldns2=Dies sind die DNS Server f\u00fcr die System VMs in dieser Zone. Diese DNS Server werden \u00fcber das Interface f\u00fcr das private Netzwerk der System VMs erreicht. Die private IP Adresse, die Sie angeben muss eine Route zu dem hier benannten DNS Server haben.
 message.installWizard.tooltip.addZone.name=Der Name f\u00fcr die zone
 message.installWizard.tooltip.configureGuestTraffic.description=Eine Beschreibung des Netzwerkes.
+message.installWizard.tooltip.configureGuestTraffic.guestEndIp=Der Bereich der IP Adressen die f\u00fcr die Verwendung durch G\u00e4ster in dieser Zone verf\u00fcgbar sind. Wenn nur ein NIC verwendet wird, sollten die IP Adressen in demselben CIDR seind wie der CIDR des Pods.
 message.installWizard.tooltip.configureGuestTraffic.guestGateway=Das gateway, welches der Gast benutzen soll.
 message.installWizard.tooltip.configureGuestTraffic.guestNetmask=Die Subnetzmaske des Gast-Netzwerks
+message.installWizard.tooltip.configureGuestTraffic.guestStartIp=Der Bereich der IP Adressen die f\u00fcr die Verwendung durch G\u00e4ster in dieser Zone verf\u00fcgbar sind. Wenn nur ein NIC verwendet wird, sollten die IP Adressen in demselben CIDR seind wie der CIDR des Pods.
 message.installWizard.tooltip.configureGuestTraffic.name=Der Name f\u00fcr das Netzwerk
+message.instance.scaled.up.confirm=M\u00f6chten Sie Ihre Instanz wirklich hochskalieren?
+message.instanceWizard.noTemplates=Sie haben keine Vorlagen verf\u00fcgbar; bitte f\u00fcgen Sie kompatible Vorlagen hinzu, und starten Sie den Instanz-Installationsassistent neu.
+message.ip.address.changed=Ihre IP Adresse kann sich ge\u00e4ndert haben; m\u00f6chten Sie die Liste aktualisieren lassen? Bitte beachten Sie, dass sich in diesem Fall die Ansicht der Details schlie\u00dfen wird.
+message.iso.desc=Dieses Disk Image enth\u00e4lt Daten oder ein bootf\u00e4higes Medium f\u00fcr das Betriebssystem.
+message.join.project=Sie sind jetzt einem Projekt beigetreten. Bitte wechseln Sie in die Ansicht \u00fcber die Projekte um das Projekt zu sehen.
+message.launch.vm.on.private.network=W\u00fcnschen Sie Ihre Instanze in Ihren eigenen privaten dedizierten Netzwerk zu starten?
+message.launch.zone=Die Zone kann gestartet werden; bitte fahren sie mit dem n\u00e4chsten Schritt fort.
 message.listView.subselect.multi=(Strg/Cmd-Klick)
+message.lock.account=Bitte best\u00e4tigen Sie, dass Sie dieses Benutzerkonto sperren m\u00f6chten. Nach dem Sperren ist es Benutzer dieses Benutzerkontos nicht mehr m\u00f6glich, ihre Cloud Ressourcen zu verwalten. Auf bestehende Ressourcen kann aber weiterhin zugegriffen werden.
+message.migrate.instance.confirm=Bitte best\u00e4tigen Sie den Host auf den Sie die virtuelle Instanz migrieren wollen.
 message.migrate.instance.to.host=Bitte best\u00e4tigen sie, dass die Instanz auf einen anderen Host migriert werden soll
 message.migrate.instance.to.ps=Bitte best\u00e4tigen sie, dass sie die Instanz auf einen anderen prim\u00e4ren Speicher migrieren wollen.
+message.migrate.router.confirm=Bitte best\u00e4tigen Sie den Host, auf welchen Sie den Router migrieren m\u00f6chten\:
+message.migrate.systemvm.confirm=Bitte best\u00e4tigen Sie den Host, auf welchen Sie die System-VM migrieren m\u00f6chten\:
+message.migrate.volume=Bitte best\u00e4tigen sie, dass sie dieses Volume auf einen anderen prim\u00e4ren Speicher migrieren wollen.
+message.network.addVM.desc=Bitte definieren Sie das Netzwerk, zu welchen Sie die VM hinzuf\u00fcgen m\u00f6chten. Eine neue NIC wird zu diesem Netzwerk hinzugef\u00fcgt.
+message.network.addVMNIC=Bitte best\u00e4tigen Sie, dass sie eine neue VM NIC zu dieses Netzwerk hinzuf\u00fcgen m\u00f6chten.
 message.new.user=Spezifieren Sie das folgende um einen neuen Nutzer dem Benutzerkonto hinzuzuf\u00fcgen
+message.no.affinity.groups=Sie haben keine Affinity Groups. Bitte fahren Sie fort zum n\u00e4chsten Schritt.
+message.no.host.available=Es ist kein Host f\u00fcr eine Migration verf\u00fcgbar
+message.no.network.support.configuration.not.true=Sie haben keine Zone die eine aktivierte Sicherheitsgruppe hat. Deswegen gibt es keine zus\u00e4tzlichen Netzwerk Merkmale. Bitte fahren Sie mit Schritt 5 fort.
+message.no.network.support=Ihr ausgew\u00e4hlter Hypervisor vSphere hat keine zus\u00e4tzlichen Netzwerk Merkmale. Bitte fahren Sie mit Schritt 5 fort.
+message.no.projects.adminOnly=Sie haben keine Projekt.<br/>Bitte fragen Sie Ihren Administrator damit er ein neues Projekt anlegt.
+message.no.projects=Sie haben keine Projekte.<br/>Bitte erzeugen Sie ein neues aus dem Projekt Bereich.
 message.number.clusters=<h2><span> \# of </span> Cluster</h2>
 message.number.hosts=<h2><span> \# of </span> Hosts</h2>
+message.number.pods=<h2><span>Anzahl der</span>Pods</h2>
 message.number.storage=<h2><span> \# von </span> Hauptspeichervolumina</h2>
 message.number.zones=<h2><span> \# of </span> Zonen</h2>
 message.pending.projects.1=Sie haben ausstehende Projekteinladungen\:
+message.pending.projects.2=F\u00fcr die Ansicht wechseln Sie bitte in den Projekt Bereich und w\u00e4hlen die Einladungen aus dem Drop-down-Men\u00fc
+message.please.add.at.lease.one.traffic.range=Bitte f\u00fcgen Sie mindestens einen Verkehrsbereich hinzu.
+message.please.proceed=Bitte fahren Sie mit dem n\u00e4chsten Schritt fort.
 message.please.select.a.configuration.for.your.zone=Bitte w\u00e4hlen Sie eine Konfiguration f\u00fcr Ihre Zone aus.
+message.please.select.a.different.public.and.management.network.before.removing=Bitte w\u00e4hlen Sie ein anderes \u00f6ffentliches und Management Netzwerk bevor Sie es l\u00f6schen
 message.please.select.networks=Bitte w\u00e4hlen Sie Netzwerke f\u00fcr Ihre virtuelle Maschine aus.
+message.please.wait.while.zone.is.being.created=Bitte warten Sie solange Ihre Zone erstellt wird; dies kann einige Zeit in Anspruch nehmen...
+message.pod.dedication.released=Pod-Dedizierung freigegeben
+message.portable.ip.delete.confirm=Bitte best\u00e4tigen Sie, dass Sie ein portablen IP-Bereich l\u00f6schen m\u00f6chten
+message.project.invite.sent=Einladung an Benutzer verschickt; sie werden zum Projekt hinzugef\u00fcgt sobald sie Einladung akzeptiert haben
+message.public.traffic.in.advanced.zone=\u00d6ffentlicher Datenverkehr wird verursacht, wenn VMs in der Cloud auf das Internet zugreifen. \u00d6ffentlich zugreifbare IPs m\u00fcssen f\u00fcr diesen Zweck bezogen werden. Endbenutzer k\u00f6nnen das CloudStack UI verwenden um NAT zwischen dem Gast-Netzwerk und Ihrem \u00f6ffentlichen Netzwerk einzurichten.  <br/><br/>Bitte geben Sie mindestens einen Bereich von IP-Adressen f\u00fcr den Internet-Datenverkehr an.
+message.public.traffic.in.basic.zone=\u00d6ffentlicher Datenverkehr wird generiert, sobald VMs in der Cloud auf das Internet zugreifen oder Dienste an Kunden \u00fcber das Internet anbieten. Hierf\u00fcr m\u00fcssen \u00f6ffentliche IPs zugewiesen werden. Wenn eine Instanz erstellt wird, wird eine \u00f6ffentliche IP von diesem Satz zus\u00e4tzlich zu der G\u00e4ste- IP-Adresse zugewiesen. Statisches 1-1-Nat wird automatisch zwischen der \u00f6ffentlichen IP und der G\u00e4ste-IP einrichtet. Endbenutzer k\u00f6nnen zudem das CloudStack UI verwenden um zus\u00e4tzliche IPs zu beziehen um statisches NAT zwischen ihren Instanzen und der \u00f6ffentlichen IP zu implementieren.
+message.read.admin.guide.scaling.up=Bitte lesen Sie den Abschnitt \u00fcber das dynamische Skalieren in dem Administrations-Leitfaden bevor Sie hochskalieren.
 message.recover.vm=Bitte best\u00e4tigen Sie, dass Sie diese VM wiederherstellen m\u00f6chten.
 message.redirecting.region=Weiterleitung zu Region...
+message.reinstall.vm=Hinweis\: Mit Vorsicht verwenden. Dies wird dazu f\u00fchren, dass die VM von der Vorlage neu installiert wird; Daten auf der Root-Ferstplatte werden dadruch gel\u00f6scht. Extra Daten-Volumen, falls vorhanden, bleiben jedoch unber\u00fchrt.
+message.remove.ldap=Sind Sie sicher, dass Sie die LDAP-Konfiguration l\u00f6schen m\u00f6chten?
+message.remove.region=Sind Sie sicher, dass Sie diese Region vom Verwaltungsserver entfernen m\u00f6chten?
+message.remove.vpc=Bitte best\u00e4tigen Sie, dass Sie das VPC l\u00f6schen m\u00f6chten
 message.remove.vpn.access=Bitte best\u00e4tigen Sie, dass Sie den VPN-Zugriff vom folgenden Benutzer entfernen m\u00f6chten.
+message.reset.password.warning.notPasswordEnabled=Die Vorlage dieser Instanz wurde ohne Passwortunterst\u00fctzung erstellt.
+message.reset.password.warning.notStopped=Ihre Instanz muss gestoppt werden bevor Sie versuchen k\u00f6nnen das Passwort zu \u00e4ndern
 message.reset.VPN.connection=Bitte best\u00e4tigen Sie, dass Sie die VPN-Verbindung zur\u00fccksetzen m\u00f6chten
+message.restart.mgmt.server=Bitte starten Sie Ihre(n) Management Server durch, damit Ihre neuen Einstellungen aktiviert werden.
+message.restart.mgmt.usage.server=Bitte starten Sie Ihre(n) Management- und Usage Server durch, damit Ihre neuen Einstellungen aktiviert werden.
+message.restart.network=Alle angebotenen Dienste in diesem Netzwerk werden unterbrochen. Bitte best\u00e4tigen Sie, dass Sie dieses Netzwerk neu starten m\u00f6chten.
 message.restart.vpc=Bitte best\u00e4tigen Sie, dass Sie den VPC neu starten m\u00f6chten
 message.restoreVM=M\u00f6chten Sie die VM wiederherstellen?
+message.security.group.usage=(Verwenden Sie <strong>Ctrl-click</strong> um alle passenden Sicherheits Gruppen auszuw\u00e4hlen)
+message.select.affinity.groups=Bitte w\u00e4hlen Sie beliebige Affinit\u00e4tsgruppen, zu denen diese VM geh\u00f6ren soll\:
+message.select.a.zone=Eine Zone steht typischerweise f\u00fcr ein einzelnes Rechenzentrum. Mehrere Zonen helfen dabei, die Cloud zuverl\u00e4ssiger zu machen durch physikalische Isolation und Redundanz. 
 message.select.instance=Bitte w\u00e4hlen Sie eine Instanz aus.
 message.select.iso=Bitte w\u00e4hlen Sie ein ISO f\u00fcr Ihre neue virtuelle Instanz aus.
 message.select.item=Bitte w\u00e4hlen Sie ein Element aus.
 message.select.security.groups=Bitte w\u00e4hlen Sie (eine) Sicherheitsgruppe(n) f\u00fcr Ihre neue VM aus
 message.select.template=Bitte w\u00e4hlen Sie eine Vorlage f\u00fcr Ihre neue virtuelle Instanz aus.
+message.select.tier=Bitte Ebene ausw\u00e4hlen
+message.set.default.NIC=Bitte best\u00e4tigen Sie, dass Sie f\u00fcr die VM diese NIC zur Standard-NIC m\u00f6chten.
+message.set.default.NIC.manual=Bitte aktuallisieren Sie die Standard-NIC auf der VM jetzt manuell.
+message.setup.physical.network.during.zone.creation.basic=Wenn Sie eine Basiszone hinzuf\u00fcgen, k\u00f6nnen Sie ein einzelnes physikalisches Netzwerk einrichten, welches einer NIC auf dem Hypervisor entspricht. Das Netzwerk behandelt mehrere Arten von Datenverkehr.<br/><br/>Sie k\u00f6nnen auch andere Datenverkehrs-Arten zum pysikalische Netzwerk hinzuf\u00fcgen, durch <strong>Ziehen und Loslassen</strong>.
+message.setup.physical.network.during.zone.creation=Wenn Sie eine erweiterte Zone hinzuf\u00fcgen, m\u00fcssen Sie ein oder mehrere physikalische Netzweke einrichten. Jedes Netzwerk entspricht einer NIC auf dem Hypervisor. Jedes physikalische Netzwerk kann eine oder mehere Arten von Datenverkehr behandeln, mit gewissen Beschr\u00e4nkungen wie diese kombiniert werden k\u00f6nnen. <br/><br/><strong>Durch Ziehen und Loslassen eines oder mehreren Datenverkehrsarten auf jedes einzelne physikalische Netzwerk.
 message.setup.successful=Cloud setup erfolgreich
+message.snapshot.schedule=Sie k\u00f6nnen wiederkehrende Schnapschuss-Zeitpl\u00e4ne einrichten in dem Sie die untenstehenden verf\u00fcgbaren Optionen ausw\u00e4hlen und Ihren Regeleinstellungen anwenden
+message.specifiy.tag.key.value=Bitte geben Sie einen Ettikettnamen und -wert an
 message.specify.url=Bitte geben Sie eine URL an
 message.step.1.continue=Bitte w\u00e4hlen Sie eine Vorlage oder ISO, um fortzufahren
+message.step.1.desc=Bitte w\u00e4hlen Sie eine Vorlage f\u00fcr Ihre neue virtuelle Instanz aus. Sie k\u00f6nnen auch ein leeres Template ausw\u00e4hlen, von welchen aus dann ein ISO-Abbild instaliert werden kann.
 message.step.2.continue=Bitte w\u00e4hlen Sie ein Service-Angebot, um fortzufahren
 message.step.2.desc=
 message.step.3.continue=Bitte w\u00e4hlen Sie ein Festplatten-Angebot, um fortzufahren
 message.step.3.desc=
 message.step.4.continue=Bitte w\u00e4hlen Sie mindestens ein Netzwerk, um fortzufahren
 message.step.4.desc=Bitte w\u00e4hlen Sie Ihr Hauptnetzwerk zu dem Ihre virtuelle Instanz verbunden sein wird.
+message.storage.traffic=Datenverkehr zwischen den CloudStack internen Ressourcen, inklusive aller Komponenten, die mit dem Verwaltugns-Server kommunizieren, wie Hosts und CloudStack System VMs. Bitte konfigurieren Sie Speicherdatenverkehr hier.
+message.suspend.project=Sind Sie sicher, dass sie die Ausf\u00fchrung dieses Projektes unterbrechen m\u00f6chten?
 message.systems.vms.ready=System-VMs bereit.
 message.template.copying=Vorlage wird kopiert.
+message.template.desc=Betriebssystem Abbild das zum starten von VMs verwendet werden kann
+message.tier.required=Ebene ist zwingend
+message.tooltip.dns.1=Name eines DNS Servers zur Verwendung von VMs in der Zone. Die \u00f6ffentlichen IP Adressen m\u00fcssen eine Route zu diesem Server haben. 
+message.tooltip.dns.2=Ein zweiter Name eines DNS Servers zur Verwendung von VMs in der Zone. Die \u00f6ffentlichen IP Adressen m\u00fcssen eine Route zu diesem Server haben. 
+message.tooltip.internal.dns.1=Ein Name eines DNS Servers zur Verwendung von CloudStack internen System VMs in der Zone. Die \u00f6ffentlichen IP Adressen m\u00fcssen eine Route zu diesem Server haben. 
+message.tooltip.internal.dns.2=Ein Name eines DNS Servers zur Verwendung von CloudStack internen System VMs in der Zone. Die \u00f6ffentlichen IP Adressen m\u00fcssen eine Route zu diesem Server haben. 
+message.tooltip.network.domain=Ein DNS Suffix zur Erstellung eines Kunden Domain Namens f\u00fcr das Netzwerk das von Gast VMs verwendet wird.
+message.tooltip.pod.name=Ein Name f\u00fcr diesen Pod.
+message.tooltip.reserved.system.gateway=Das Gateway f\u00fcr die Hosts des pods.
+message.tooltip.reserved.system.netmask=Das Netzwerk Prefix welches das Pod Subnetz definiert. Es verwendet CIDR Notation.
 message.tooltip.zone.name=Einen Namen f\u00fcr die Zone.
+message.update.os.preference=Bitte geben Sie eine Betriebssystem-Pr\u00e4ferenz f\u00fcr diesen Host an, Alle virtuellen Instanzen mit gleichen Pr\u00e4ferenzen werden zuerst zu diesem Host zugewiesen bevor andere gew\u00e4hlt werden.
+message.update.resource.count=Bitte best\u00e4tigen Sie, dass Sie die Anzahl der Ressourcen f\u00fcr dieses Benutzerkonto aktualisieren m\u00f6chten.
+message.update.ssl=Bitte eine neue X.509 kompatible SSL Zertifikatskette einreichen, diese wird auf jedem Konsolenproxy und der Sekund\u00e4rspeicher-VM aktuallisiert\:  
 message.update.ssl.failed=Fehler beim Aktualisieren des SSL-Zertifikats.
+message.update.ssl.succeeded=Aktualisierung der SSL Zertifikate erfolgreich durchgef\u00fchrt
 message.validate.accept=Bitte geben Sie einen Wert mit einer g\u00fcltigen Erweiterung ein.
 message.validate.creditcard=Bitte geben Sie eine g\u00fcltige Kreditkartennummer ein.
 message.validate.date=Bitte geben Sie ein g\u00fcltiges Datum ein.
@@ -1461,37 +2001,55 @@ message.validate.email.address=Bitte geben Sie eine g\u00fcltige E-Mail-Adresse
 message.validate.equalto=Bitte geben Sie den gleichen Wert erneut ein.
 message.validate.fieldrequired=Dieses Feld wird ben\u00f6tigt
 message.validate.fixfield=Bitte korrigieren Sie dieses Feld.
+message.validate.instance.name=Der Name der Instanz kann nicht l\u00e4nger als 63 Zeichen sein. Nur ASCII Zeichen wie a~z, A~Z, Zahlen 0~9 und Bindestriche sind erlaubt. Er mu\u00df mit einem Buchstaben starten und mit einem Buchstaben oder einer Zahl enden.
 message.validate.invalid.characters=Ung\u00fcltige Zeichen gefunden; bitte korrigieren.
+message.validate.max=Bitte geben sie einen Wert kleiner oder gleich {0} ein.
 message.validate.maxlength=Bitte geben Sie nicht mehr als {0} Zeichen ein.
 message.validate.minlength=Bitte geben Sie mindestens {0} Zeichen ein.
 message.validate.number=Bitte geben Sie eine g\u00fcltige Nummer ein.
 message.validate.range=Bitte geben Sie einen Wert zwischen {0} und {1} ein.
+message.validate.range.length=Bitte geben Sie einen Wert zwischen {0}  und {1} Zeichen land ein.
 message.validate.URL=Bitte geben Sie eine g\u00fcltige URL ein.
+message.virtual.network.desc=Ein dediziert virtualisiertes Netzwerk f\u00fcr Ihr Benutzerkonto. Die Broadcast-Domain ist innerhalb  eines VLANs und jeglicher \u00f6ffentliche Netzwerkzugriff wird von einem virtuellen Router geroutet.
 message.vm.create.template.confirm=Das Erstellen einer Vorlage f\u00fchrt automatisch zu einem Neustart der VM.
+message.vm.review.launch=Bitte \u00fcberpr\u00fcfen Sie die folgenden Informationen und best\u00e4tigen Sie, dass Ihre virtuelle Instanz korrekt ist, bevor Sie sie starten.
+message.vnmc.available.list=VNMC ist nicht verf\u00fcgbar aus der Providerliste.
+message.vnmc.not.available.list=VNMC ist nicht verf\u00fcgbar aus der Providerliste.
+message.volume.create.template.confirm=Bitte best\u00e4tigen Sie, dass Sie eine Vorlage aus diesem Festplatten-Volumen erstellen m\u00f6chten. Das Erstellen der Vorlage kann wenige Minuten oder auch l\u00e4nger dauern abh\u00e4ngig von der Gr\u00f6\u00dfe des Volumen.
+message.waiting.for.builtin.templates.to.load=Warten bis die mitgelieferten Vorlagen geladen sind...
+message.XSTools61plus.update.failed=Die Aktuallisierung des Original XS Version ist 6.1\\+ Feldes ist fehlgeschlagen. Fehlermeldung\: 
 message.you.must.have.at.least.one.physical.network=Sie m\u00fcssen mindestens ein physikalisches Netzwerk haben
 message.your.cloudstack.is.ready=Ihr CloudStack ist bereit\!
+message.zone.creation.complete.would.you.like.to.enable.this.zone=Die Erstellung der Zone ist komplett. M\u00f6chten Sie diese Zone aktivieren?
 message.Zone.creation.complete=Zonenerstellung abgeschlossen
+message.zone.no.network.selection=Die von Ihnen gew\u00e4hlte Zone bietet keine Alternativen f\u00fcr die Auswahl eines Netzwerks.
 message.zone.step.1.desc=Bitte w\u00e4hlen Sie ein Netzwerk-Modell f\u00fcr Ihre Zone.
 message.zone.step.2.desc=Bitte geben Sie die folgende Information ein, um eine neue Zone hinzuzuf\u00fcgen
 message.zone.step.3.desc=Bitte geben Sie die folgende Information ein, um einen neuen pod hinzuzuf\u00fcgen
+message.zoneWizard.enable.local.storage=WARNUNG\: Wenn Sie den lokalen Speicher f\u00fcr diese Zone aktivieren m\u00f6chten, m\u00fcssen Sie, abh\u00e4ngig davon wo Sie Ihre System-VMs starten m\u00f6chten, wie folgt vorgehen\: <br/><br/>1. Wenn die System-VMs im geteilten Hauptspeicher gestartet werden sollen, muss der geteilte Hauptspeicher nach dem Erstellen zur Zone hinzugef\u00fcgt werden. Zudem muss die Zone im deaktivierten Zustand gestartet werden.<br/><br/>2. Wenn die System-VMs im lokalen Hauptspeicher gestartet werden sollen, muss, "system.vm.use.local.storage" auf "true" gesetzt werden bevor Sie die Zone aktivieren.<br/><br/><br/>M\u00f6chten Sie weiterfahren?
+messgae.validate.min=Bitte geben sie einen Wert gr\u00f6\u00dfer oder gleich {0} ein.
 mode=Modus
 network.rate=Netzwerk-Rate
 notification.reboot.instance=Instanz neu starten
 notification.start.instance=Instanz starten
 notification.stop.instance=Instanz stoppen
 side.by.side=Nebeneinander
+state.Accepted=Angenommen
 state.Active=Aktiv
 state.Allocated=Zugeteilt
+state.Allocating=Zugeteilt
 state.BackedUp=Daten gesichert
 state.BackingUp=Daten werden gesichert
 state.Completed=Fertiggestellt
 state.Creating=Erstellung
 state.Declined=Abgelehnt
 state.Destroyed=Zerst\u00f6rt
+state.detached=Losgel\u00f6st
 state.Disabled=Deaktiviert
 state.enabled=Aktiviert
 state.Enabled=Aktiviert
 state.Error=Fehler
+state.Expunging=Unwiederbringlich gel\u00f6scht
 state.Migrating=Migration
 state.Pending=Ausstehend
 state.ready=Bereit
@@ -1500,4 +2058,6 @@ state.Running=L\u00e4uft
 state.Starting=Startet
 state.Stopped=Gestoppt
 state.Stopping=Stoppt
+state.Suspended=Suspendiert
 ui.listView.filters.all=Alle
+ui.listView.filters.mine=Meine
diff --git a/client/WEB-INF/classes/resources/messages_es.properties b/client/WEB-INF/classes/resources/messages_es.properties
index 3e4ad0f06e..d4e3f33982 100644
--- a/client/WEB-INF/classes/resources/messages_es.properties
+++ b/client/WEB-INF/classes/resources/messages_es.properties
@@ -32,6 +32,7 @@ ICMP.code=C\u00f3digo ICMP
 ICMP.type=Tipo ICMP
 image.directory=Directorio de im\u00e1genes
 inline=alineado
+instances.actions.reboot.label=Reiniciar Instancia
 label.about=Acerca de
 label.about.app=Acerca de CloudStack
 label.accept.project.invitation=Aceptar invitaci\u00f3n al proyecto
@@ -404,6 +405,7 @@ label.disk.size.gb=tama\u00c3\u00b1o de disco (en GB)
 label.disk.size=tama\u00c3\u00b1o de disco
 label.disk.total=disco Total
 label.disk.volume=volumen de disco
+label.display.name=Nombre para mostrar
 label.display.text=visualizaci\u00c3\u00b3n de texto
 label.dns.1=DNS 1
 label.dns.2=DNS 2
@@ -445,6 +447,7 @@ label.extractable=extra\u00c3\u00adble
 label.f5=F5
 label.failed=Error
 label.featured=destacados
+label.filterBy=Filtrar por
 label.firewall=Servidor de seguridad
 label.first.name=Nombre
 label.format=Formato
@@ -491,6 +494,8 @@ label.IKE.policy=Pol\u00edtica IKE
 label.info=Informaci\u00c3\u00b3n
 label.ingress.rule=ingreso Regla
 label.initiated.by=Iniciado por
+label.installWizard.addPodIntro.subtitle=\u00bfQu\u00e9 es un Pod?
+label.installWizard.addPodIntro.title=Agreguemos un Pod
 label.installWizard.addSecondaryStorageIntro.subtitle=Que es almacenamiento secundario?
 label.installWizard.addSecondaryStorageIntro.title=A\u00f1adir almacenamiento secundario
 label.installWizard.addZone.title=Agregar zona
@@ -524,6 +529,7 @@ label.iscsi=iSCSI
 label.is.default=Es por defecto
 label.iso.boot=ISO de arranque
 label.iso=ISO
+label.isolated.networks=Redes Aisladas
 label.isolation.method=M\u00e9todo de aislamiento
 label.isolation.mode=modo de aislamiento
 label.is.redundant.router=redundante
@@ -535,8 +541,16 @@ label.keyboard.type=Tipo de teclado
 label.key=Llave
 label.label=Etiqueta
 label.lang.chinese=Chino (simplificado)
+label.lang.dutch=Holand\u00e9s
 label.lang.english=Ingl\u00c3\u00a9s
+label.lang.french=Franc\u00e9s
+label.lang.german=Alem\u00e1n
+label.lang.italian=Italiano
 label.lang.japanese=japon\u00c3\u00a9s
+label.lang.korean=Coreano
+label.lang.norwegian=Noruego
+label.lang.polish=Polaco
+label.lang.russian=Ruso
 label.lang.spanish=Espa\u00c3\u00b1ol
 label.last.disconnected=\u00c3\u009altima Desconectado
 label.last.name=Apellido
@@ -670,6 +684,7 @@ label.no=No
 label.no.security.groups=No hay grupos disponibles de Seguridad
 label.not.found=No se ha encontrado
 label.no.thanks=No, gracias
+label.notifications=Notificaciones
 label.number.of.clusters=N\u00famero de Clusters
 label.number.of.hosts=N\u00famero de Hosts
 label.number.of.pods=N\u00famero de Pods
@@ -680,6 +695,7 @@ label.num.cpu.cores=n\u00c3\u00bamero de n\u00c3\u00bacleos de CPU
 label.numretries=N\u00c3\u00bamero de reintentos
 label.ocfs2=OCFS2
 label.offer.ha=Oferta HA
+label.ok=Aceptar
 label.optional=Opcional
 label.order=Ordenar
 label.os.preference=OS Preferencia
@@ -695,6 +711,7 @@ label.PING.CIFS.username=PING CIFS nombre de usuario
 label.PING.dir=PING Directorio
 label.PING.storage.IP=PING almacenamiento IP
 label.please.wait=Por favor espere
+label.pod.name=Nombre del Pod
 label.pod=Pod
 label.pods=Pod
 label.port.forwarding.policies=Pol\u00edticas de Port forwarding
@@ -963,6 +980,7 @@ label.yes=S\u00c3\u00ad
 label.zone.details=Detalles de Zona
 label.zone.id=Zona de identificaci\u00c3\u00b3n
 label.zone.lower=Zona
+label.zone.name=Nombre de Zona
 label.zone.step.1.title=Paso 1\: <strong> Seleccione una red </strong>
 label.zone.step.2.title=Paso 2\: <strong>A\u00c3\u00b1adir una zona </strong>
 label.zone.step.3.title=Paso 3\: <strong>A\u00c3\u00b1adir una vaina </strong>
@@ -1097,10 +1115,10 @@ message.installWizard.tooltip.addHost.hostname=El nombre DNS o direcci\u00f3n IP
 message.installWizard.tooltip.addHost.password=Este es el password para el nombre de usuario mencionado anteriormente (Desde su Instalaci\u00f3n XenServer)
 message.installWizard.tooltip.addHost.username=Generalmente root
 message.installWizard.tooltip.addPod.name=Nombre del POD
-message.installWizard.tooltip.addPod.reservedSystemEndIp=Este es el rango de direcciones IP en la red privada que la CloudStack utiliza para administrar las VMs del Almacenamiento Secundario y consola Proxy.\nEstas direcciones IP se han tomado de la misma subred que los servidores inform\u00e1ticos.
+message.installWizard.tooltip.addPod.reservedSystemEndIp=Este es el rango de direcciones IP en la red privada que la CloudStack utiliza para administrar las VMs del Almacenamiento Secundario y consola Proxy. Estas direcciones IP se han tomado de la misma subred que los servidores inform\u00e1ticos.
 message.installWizard.tooltip.addPod.reservedSystemGateway=El gateway ,puerta de enlace, para los host en ese pod.
 message.installWizard.tooltip.addPod.reservedSystemNetmask=La m\u00e1scara de red en uso en la subred de los hu\u00e9spedes ser\u00e1.
-message.installWizard.tooltip.addPod.reservedSystemStartIp=Este es el rango de direcciones IP en la red privada que la CloudStack utiliza para administrar las VMs del Almacenamiento Secundario y consola Proxy.\nEstas direcciones IP se han tomado de la misma subred que los servidores inform\u00e1ticos.
+message.installWizard.tooltip.addPod.reservedSystemStartIp=Este es el rango de direcciones IP en la red privada que la CloudStack utiliza para administrar las VMs del Almacenamiento Secundario y consola Proxy. Estas direcciones IP se han tomado de la misma subred que los servidores inform\u00e1ticos.
 message.installWizard.tooltip.addPrimaryStorage.name=\ Nombre para el storage
 message.installWizard.tooltip.addPrimaryStorage.path=(para NFS) En NFS este es el directorio exportado desde el servidor. Directorio (por SharedMountPoint). Con KVM este es el directorio de cada host en donde se monta el almacenamiento primario. Por ejemplo, "/mnt/primary".
 message.installWizard.tooltip.addPrimaryStorage.server=(para NFS, iSCSI, o PreSetup) La direcci\u00f3n IP o el nombre DNS del dispositivo de almacenamiento.
@@ -1160,6 +1178,9 @@ message.volume.create.template.confirm=Por favor, confirme que desea crear una p
 message.zone.step.1.desc=Por favor seleccione un modelo de red para su zona.
 mode=modo
 network.rate=Tasa de Red
+notification.reboot.instance=Reiniciar Instancia
+notification.start.instance=Iniciar Instancia
+notification.stop.instance=Detener Instancia
 side.by.side=Juntos
 state.Accepted=Aceptado
 state.Active=Activo
@@ -1169,6 +1190,7 @@ state.BackingUp=Realizando Backup
 state.Completed=Completado
 state.Creating=Creando
 state.Declined=Declinado
+state.Destroyed=Destruidas
 state.Disabled=personas de movilidad reducida
 state.enabled=Habilitado
 state.Enabled=Habilitado
@@ -1177,6 +1199,10 @@ state.Migrating=Migrando
 state.Pending=pendiente
 state.ready=Listo
 state.Ready=Listo
+state.Running=Ejecutando
 state.Starting=Iniciando
+state.Stopped=Detenidas
 state.Stopping=Parando
 state.Suspended=Suspendido
+ui.listView.filters.all=Todas
+ui.listView.filters.mine=Mias
diff --git a/client/WEB-INF/classes/resources/messages_it_IT.properties b/client/WEB-INF/classes/resources/messages_it_IT.properties
index eecccb708a..1af518d02e 100644
--- a/client/WEB-INF/classes/resources/messages_it_IT.properties
+++ b/client/WEB-INF/classes/resources/messages_it_IT.properties
@@ -18,6 +18,7 @@
 changed.item.properties=Elementi delle propriet\u00e0 modificati
 confirm.enable.s3=Si prega di inserire i valori richiesti per abilitare il supporto per il Secondary Storage di tipo S3
 confirm.enable.swift=Si prega di inserire i valori richiesti per abilitare il supporto per Swift
+error.could.not.change.your.password.because.ldap.is.enabled=Errore non \u00e8 possibile cambiare la tua password perch\u00e8 LDAP \u00e8 abilitato.
 error.could.not.enable.zone=Impossibile abilitare la zona
 error.installWizard.message=E\\' stato rilevato un errore\: tornare agli step precedenti e correggere gli errori
 error.invalid.username.password=Username o Password non valida
@@ -31,12 +32,18 @@ error.something.went.wrong.please.correct.the.following=E\\' stato rilevato un e
 error.unable.to.reach.management.server=Impossibile raggiungere il Management Server
 error.unresolved.internet.name=Il tuo nome internet non pu\u00f2 essere risolto.
 force.delete.domain.warning=Attenzione\: La scelta di questa opzione provocher\u00e0 la rimozione di tutti i sotto domini e agli account associati e alle loro risorse.
+force.delete=Forza la cancellazione
+force.remove=Forza la rimozione
 force.remove.host.warning=Attenzione\: La scelta di questa opzione provocher\u00e0 l\\'arresto forzato di tutte le virtual machine da parte di CloudStack prima di rimuovere questo host dal cluster.
+force.stop=Forza l\\'Arresto
 force.stop.instance.warning=Attenzione\: Forzare un arresto su questa instanza dovrebbe essere l\\'ultima opzione. C\\'\u00e8 il rischio di perdita di dati e di un comportamento inconsistente dello stato della virtual machine.
 ICMP.code=Codice ICMP
 ICMP.type=Tipo ICMP
 image.directory=Directory Immagine
+inline=Inline
 instances.actions.reboot.label=Riavviare una instanza
+label.about=About
+label.about.app=About CloudStack
 label.accept.project.invitation=Accettare un invito ad un progetto
 label.account=Account
 label.account.and.security.group=Account, Security group
@@ -45,6 +52,7 @@ label.account.name=Nome Account
 label.account.specific=Specifico dell\\'Account
 label.accounts=Utenti
 label.acquire.new.ip=Acquisizione nuovo indirizzo IP
+label.acquire.new.secondary.ip=Acquisizione nuovo IP secondario
 label.action.attach.disk=Collegamento di un Disco
 label.action.attach.disk.processing=Collegamento Disco in corso...
 label.action.attach.iso=Collegamento di una immagine ISO
@@ -55,7 +63,9 @@ label.action.change.password=Modifica della Password
 label.action.change.service=Modificare Servizio
 label.action.change.service.processing=Modifica del Servizio in corso...
 label.action.copy.ISO=Copia della immagine ISO
+label.action.copy.ISO.processing=Copia immagine ISO in corso...
 label.action.copy.template=Copia di un Template
+label.action.copy.template.processing=Copia di un Template in corso...
 label.action.create.template=Creazione Template
 label.action.create.template.from.vm=Creazione Template da una VM
 label.action.create.template.from.volume=Creazione Template da un Volume
@@ -74,6 +84,8 @@ label.action.delete.domain=Cancellazione Dominio
 label.action.delete.domain.processing=Cancellazione Dominio in corso....
 label.action.delete.firewall=Cancellazione regola firewall
 label.action.delete.firewall.processing=Cancellazione Firewall in corso....
+label.action.delete.ingress.rule=Cancellazione della Regola in Ingresso
+label.action.delete.ingress.rule.processing=Cancellazione della Regola in Ingresso in corso...
 label.action.delete.IP.range=Cancellazione intervallo indirizzi IP
 label.action.delete.IP.range.processing=Cancellazione intervallo indirizzi IP in corso....
 label.action.delete.ISO=Cancellazione immagine ISO
@@ -83,6 +95,7 @@ label.action.delete.load.balancer.processing=Cancellazione Load Balancer in cors
 label.action.delete.network=Cancellazione Rete
 label.action.delete.network.processing=Cancellazione Rete in corso....
 label.action.delete.nexusVswitch=Cancellare Nexus 1000v
+label.action.delete.nic=Rimuovi NIC
 label.action.delete.physical.network=Cancellazione di una rete fisica
 label.action.delete.pod=Cancellazione Pod
 label.action.delete.pod.processing=Cancellazione Pod in corso....
@@ -164,6 +177,9 @@ label.action.enable.user=Abilitazione Utente
 label.action.enable.user.processing=Abilitazione Utente in corso....
 label.action.enable.zone=Abilitazione Zona
 label.action.enable.zone.processing=Abilitazione Zona in corso....
+label.action.expunge.instance=Cancellare l\\'Istanza
+label.action.expunge.instance.processing=Cancellazione dell\\'Istanza in corso...
+label.action.force.reconnect=Forza la Riconnessione
 label.action.force.reconnect.processing=Riconnessione in corso....
 label.action.generate.keys=Generazione Chiavi
 label.action.generate.keys.processing=Generazione Chiavi in corso....
@@ -184,6 +200,7 @@ label.action.reboot.router.processing=Riavvio Router in corso....
 label.action.reboot.router=Riavvio Router
 label.action.reboot.systemvm.processing=Riavvio VM di Sistema in corso....
 label.action.reboot.systemvm=Riavvio VM di Sistema
+label.action.recurring.snapshot=Snapshot Ricorrenti
 label.action.register.iso=Registrare una ISO
 label.action.register.template=Registrare un template
 label.action.release.ip.processing=Rilascio indirizzo IP in corso....
@@ -194,8 +211,11 @@ label.action.reset.password.processing=Reset della Password in corso....
 label.action.reset.password=Reset Password
 label.action.resize.volume.processing=Ridimensionamento Volume in corso....
 label.action.resize.volume=Ridimensionamento Volume
+label.action.resource.limits=Limiti delle Risorse
 label.action.restore.instance.processing=Restore dell\\'Instanza in corso....
 label.action.restore.instance=Restore Instanza
+label.action.revert.snapshot.processing=Ripristino dello Snapshot in corso...
+label.action.revert.snapshot=Ripristinare lo Snapshot
 label.actions=Azioni
 label.action.start.instance=Avvio Instanza
 label.action.start.instance.processing=Avvio Instanza in corso....
@@ -209,70 +229,139 @@ label.action.stop.router=Arresto Router
 label.action.stop.router.processing=Arresto Router in corso....
 label.action.stop.systemvm=Arresto VM di Sistema
 label.action.stop.systemvm.processing=Arresto VM di Sistema in corso....
+label.action.take.snapshot=Cattura uno Snapshot
 label.action.take.snapshot.processing=Esecuzione di Snapshot in corso....
 label.action.update.OS.preference=Aggiornamento Preferenze OS
 label.action.update.OS.preference.processing=Aggiornamento preferenze OS in corso....
+label.action.update.resource.count=Aggiornare il conteggio delle Risorse
+label.action.update.resource.count.processing=Aggiornamento del conteggio delle Risorse in corso...
+label.action.vmsnapshot.create=Cattura uno Snapshot della VM
+label.action.vmsnapshot.delete=Cancella lo Snapshot della VM
+label.action.vmsnapshot.revert=Ripristinare lo snapshot della VM
 label.activate.project=Attivare il Progetto
 label.active.sessions=Sessioni Attive
+label.add.account=Aggiungi un Account
 label.add.accounts=Aggiungere utenti
 label.add.accounts.to=Aggiungere utenti a
 label.add.account.to.project=Aggiungere account al progetto
 label.add.ACL=Aggiungere ACL
+label.add.affinity.group=Aggiungere un nuovo gruppo di affinit\u00e0
+label.add.BrocadeVcs.device=Aggiungere Switch Brocade Vcs
+label.add.by.cidr=Aggiungere da CIDR
 label.add.cluster=Aggiunta Cluster
 label.add.compute.offering=Aggiungere una offerta computazionale
+label.add.disk.offering=Aggiungere Offerta Disco
 label.add.domain=Aggiunta Dominio
 label.add.egress.rule=Aggiungere una regola d\\'uscita
 label.add.F5.device=Aggiungere device F5
 label.add.firewall=Aggiunta regola firewall
 label.add.guest.network=Aggiungere una rete guest
 label.add.host=Aggiunta Host
+label.adding=Aggiunta
+label.adding.cluster=Aggiungere un Cluster
+label.adding.failed=Aggiunta Fallita
+label.adding.pod=Aggiungere un Pod
+label.adding.processing=Aggiunta in corso...
+label.adding.succeeded=Aggiunta avvenuta
+label.adding.user=Aggiungere un Utente
+label.adding.zone=Aggiunta della Zona
+label.add.intermediate.certificate=Aggiungere un certificato intermedio
+label.add.ip.range=Aggiungere un IP Range
 label.additional.networks=Network Aggiuntivi
+label.add.load.balancer=Aggiungere un Load Balancer
 label.add.netScaler.device=Aggiungere device Netscaler
 label.add.network.ACL=Aggiungere le ACL di rete
+label.add.network=Aggiungere una Rete
+label.add.network.device=Aggiungere un Dispositivo di Rete
 label.add.network.offering=Aggiungere offerta di rete
 label.add.new.F5=Aggiungere nuovo F5
 label.add.new.gateway=Aggiungere un nuovo gateway
 label.add.new.NetScaler=Aggiungere nuovo NetScaler
+label.add.new.PA=Aggiungere un nuovo Palo Alto
 label.add.new.SRX=Aggiungere nuovo SRX
 label.add.new.tier=Aggiungere un nuovo livello
+label.add.NiciraNvp.device=Aggiungere Controller Nvp
+label.add.PA.device=Aggiungere un device Palo Alto
 label.add.physical.network=Aggiungere rete fisica
+label.add.pod=Aggiungere un Pod
 label.add.port.forwarding.rule=Aggiungere una regola di port forwarding
+label.add.primary.storage=Aggiungere uno Storage Primario
+label.add.region=Aggiungere una Regione
 label.add.resources=Aggiungere Risorse
 label.add.route=Aggiungere una rotta
 label.add.rule=Aggiungere regola
+label.add.secondary.storage=Aggiungere uno Storage Secondario
+label.add.security.group=Aggiungere un Gruppo di Sicurezza
+label.add.service.offering=Aggiungere un\\'Offerta di Servizio
 label.add.SRX.device=Aggiungere device SRX
 label.add.static.nat.rule=Aggiungere regola di NAT statico
 label.add.static.route=Aggiungere una rotta statica
 label.add.system.service.offering=Aggiungere Offerte di Servizio di Sistema
+label.add.template=Aggiungere un Template
 label.add.to.group=Aggiungere al gruppo
+label.add.user=Aggiungere un Utente
+label.add.vlan=Aggiungere una VLAN
 label.add.vm=Aggiungere VM
 label.add.vms=Aggiunvere VM
 label.add.vms.to.lb=Aggiungere VM a regola di bilanciamento di carico
 label.add.VM.to.tier=Aggiungere una VM al livello
+label.add.volume=Aggiungere un Volume
 label.add.vpc=Aggiungere VPC
 label.add.vpn.customer.gateway=Aggiungere Gateway VPN del Cliente
 label.add.VPN.gateway=Aggiungere un Gateway VPN
 label.add.vpn.user=Aggiungere utente VPN
+label.add.vxlan=Aggiungere una VXLAN
+label.add.zone=Aggiungere una Zona
+label.admin.accounts=Account Amministrativi
+label.admin=Amministratore
 label.advanced=Avanzato
+label.advanced.mode=Avanzato
 label.advanced.search=Ricerca Avanzata
+label.affinity=Affinit\u00e0
+label.affinity.group=Gruppo di Affinit\u00e0
+label.affinity.groups=Gruppi di Affinit\u00e0
 label.agent.password=Password per l\\'Agent
 label.agent.username=Username per l\\'Agent
+label.alert=Allarme
+label.algorithm=Algoritmo
 label.allocated=Allocato
+label.anti.affinity=Anti-affinit\u00e0
+label.api.key=Chiave API
+label.api.version=Versione API
 label.apply=Applicare
+label.app.name=CloudStack
+label.archive.alerts=Archivia allarmi
+label.archive.events=Archivia eventi
 label.associated.network=Rete Associata
+label.attached.iso=ISO Collegata
+label.available=Disponibile
 label.available.public.ips=Indirizzi IP Pubblici Disponibili
+label.back=Indietro
 label.bandwidth=Capacit\u00e0 della banda (Bandwidth)
 label.basic=Basic
+label.basic.mode=Modalit\u00e0 Base
+label.bootable=Avviabile
 label.broadcast.uri=URI di Broadcast
 label.broadcat.uri=URI di Broadcast
+label.by.alert.type=Per tipo di allarme
+label.by.date.end=Per data (fino a)
+label.by.date.start=Per data (da)
+label.by.event.type=Per tipo di evento
+label.bytes.received=Byte Ricevuti
+label.bytes.sent=Byte Inviati
 label.cancel=Annulla
+label.capacity.bytes=Capacit\u00e0 Byte
+label.capacity=Capacit\u00e0
+label.capacity.iops=Capacit\u00e0 IOPS
 label.certificate=Certificato
 label.change.service.offering=Modificare offerta di servizio
+label.change.value=Cambia il valore
 label.character=Carattere
 label.cidr=CIDR
 label.CIDR.list=Lista CIDR
 label.CIDR.of.destination.network=Valore CIDR della rete di destinazione
 label.clear.list=Pulizia dell\\'elenco
+label.close=Chiudi
 label.cloud.console=Console di Gestione Cloud
 label.cluster=Cluster
 label.cluster.name=Nome del Cluster
@@ -286,61 +375,107 @@ label.compute=Compute
 label.compute.offering=Offerta computazionale
 label.configuration=Configurazione
 label.configure=Configurare
+label.configure.ldap=Configura LDAP
 label.configure.network.ACLs=Configurare le ACL di rete
 label.configure.vpc=Configurare VPC
+label.confirmation=Conferma
 label.confirm.password=Confermare la password
 label.congratulations=Congratulazioni\!
 label.console.proxy=Proxy di Console
 label.continue.basic.install=Proseguire con l\\'installazione di base
 label.continue=Continuare
 label.corrections.saved=Salvataggio correzioni effettuato
+label.cpu.allocated=CPU Allocate
+label.cpu.allocated.for.VMs=CPU Allocate per VM
+label.CPU.cap=Limite CPU
 label.cpu=CPU
+label.cpu.limits=Limiti CPU
 label.cpu.mhz=CPU (in MHz)
+label.cpu.utilized=CPU Utilizzata
 label.created.by.system=Creato dal sistema
+label.created=Creato
 label.create.project=Creare un progetto
 label.create.template=Creare un template
 label.create.VPN.connection=Creare una Connessione VPN
+label.custom.disk.size=Dimensione Disco Personalizzata
+label.daily=Quotidiano
+label.date=Data
+label.day.of.month=Giorno del Mese
+label.day.of.week=Giorno della Settimana
 label.decline.invitation=Declinare un invito
 label.dedicated=Dedicato
 label.default=Default
 label.default.view=Vista di default
+label.delete.affinity.group=Cancella Gruppo di Affinit\u00e0
+label.delete.alerts=Cancella allarmi
+label.delete=Cancellare
+label.delete.events=Cancella eventi
 label.delete.F5=Rimozione F5
 label.delete.gateway=rimuovere il gateway
 label.delete.NetScaler=Rimozione NetScaler
+label.delete.NiciraNvp=Rimuovere Controller Nvp
+label.delete.PA=Cancellare Palo Alto
 label.delete.project=Cancellare progetto
 label.delete.SRX=Rimozione SRX
 label.delete.VPN.connection=cancellare la connessione VPN
 label.delete.VPN.customer.gateway=cancellare il Gateway VPN del Cliente
 label.delete.VPN.gateway=cancellare un Gateway VPN
 label.delete.vpn.user=Cancellare utente VPN
+label.deleting.failed=Cancellazione Fallita
+label.deleting.processing=Cancellazione in corso...
+label.description=Descrizione
 label.destination.physical.network.id=ID della rete fisica di destinazione
 label.destination.zone=Zona di destinazione
 label.destroy=Destroy
+label.destroy.router=Distruggere il router
+label.detaching.disk=Scollegamento Disco
+label.details=Dettagli
+label.device.id=ID Dispositivo
 label.devices=Device
 label.dhcp=DHCP
+label.DHCP.server.type=Tipo di DHCP Server
 label.direct.ips=Indirizzi IP di Rete condivisi
 label.disabled=Disabilitato
 label.disable.provider=Disabilitare il provider
 label.disable.vpn=Disabilitare VPN
+label.disabling.vpn.access=Disabilitare VPN
+label.disk.iops.max=Max IOPS
+label.disk.iops.min=Min IOPS
+label.disk.iops.total=IOPS Totali
+label.disk.offering=Offerta Disco
+label.disk.provisioningtype=Tipo di Provisioning
 label.display.name=Nome visualizzato
+label.dns.1=DNS 1
+label.dns.2=DNS 2
 label.dns=DNS
 label.DNS.domain.for.guest.networks=Dominio DNS per Reti Guest
+label.domain.admin=Amministratore di Dominio
 label.domain=Dominio
+label.domain.id=ID del Dominio
+label.domain.name=Nome del Dominio
 label.domain.router=Router di Dominio
+label.domain.suffix=Suffisso DNS (es. xyz.com)
 label.done=Fatto
+label.double.quotes.are.not.allowed=Doppi apici non consentiti
+label.download.progress=Avanzamento del Download
 label.drag.new.position=Trascina nella nuova posizione
 label.edit.lb.rule=Modifica regola LB
+label.edit=Modifica
 label.edit.network.details=Modificare le impostazioni di rete
 label.edit.project.details=Modificare i dettagli del progetto
 label.edit.tags=Modifica dei tag
 label.edit.traffic.type=Modifica del tipo di traffico
 label.edit.vpc=Modificare VPC
+label.egress.default.policy=Egress Default Policy
 label.egress.rule=Regola d\\'uscita
 label.egress.rules=Regole d\\'uscita
+label.email=Email
 label.enable.provider=Abilitare il provider
 label.enable.s3=Abilitare il Secondary Storage di tipo S3
 label.enable.swift=Abilitare Swift
 label.enable.vpn=Abilitare VPN
+label.enabling.vpn=Abilitazione della VPN
+label.enabling.vpn.access=Abilitazione dell\\'accesso VPN
 label.end.IP=Indirizzo IP finale
 label.endpoint=Dispositivo
 label.end.reserved.system.IP=Indirizzo IP finale riservato di sistema
@@ -349,9 +484,16 @@ label.error=Errore
 label.ESP.encryption=Encryption di ESP
 label.ESP.hash=Hash di ESP
 label.ESP.policy=Policy di ESP
+label.example=Esempio
+label.external.link=Link Esterno
 label.extractable=Estraibile
 label.f5=F5
 label.failed=Errore
+label.firewall=Firewall
+label.first.name=Nome
+label.format=Formato
+label.friday=Venerd\u00ec
+label.full=Completo
 label.full.path=Path completo
 label.gpu=CPU
 label.guest.end.ip=Indirizzo IP guest finale
@@ -361,10 +503,14 @@ label.guest.start.ip=Indirizzo IP guest iniziale
 label.guest.traffic=Traffico della rete Guest
 label.guest.type=Tipo di Guest
 label.hints=Suggerimenti
+label.home=Home
 label.host.MAC=MAC del sistema host
+label.hvm=HVM
 label.hypervisor.capabilities=Funzionalit\u00e0 del Hypervisor
 label.hypervisor=Hypervisor
+label.hypervisors=Hypervisor
 label.hypervisor.version=Versione hypervisor
+label.id=ID
 label.IKE.DH=DH di IKE
 label.IKE.encryption=Encryption di IKE
 label.IKE.hash=Hash di IKE
@@ -385,6 +531,12 @@ label.installWizard.addZone.title=Aggiungere una zona
 label.installWizard.click.launch=Fare click sul pulsante di avvio.
 label.installWizard.subtitle=Questa guida fornisce supporto nelle attivit\u00e0 di configurazione di una installazione CloudStack&\#8482
 label.installWizard.title=Ciao e Benvenuti nel mondo di CloudStack&\#8482
+label.instance=Istanza
+label.instance.limits=Limiti dell\\'Istanza
+label.instance.name=Nome dell\\'Istanza
+label.instances=Istanze
+label.internal.dns.1=DNS 1 Interno
+label.internal.dns.2=DNS2 Interno
 label.internal.name=Nome Interno
 label.introduction.to.cloudstack=Introduzione a CloudStack&\#8482
 label.invitations=Inviti
@@ -393,21 +545,32 @@ label.invite=Invito
 label.invite.to=Invito a
 label.ip.address=Indirizzo IP
 label.ipaddress=Indirizzo IP
+label.ip=Indirizzo IP
+label.ip.or.fqdn=IP o FQDN
 label.ip.ranges=Intervalli di indirizzi IP
 label.IPsec.preshared.key=Preshared-Key di IPsec
+label.ips=Indirizzi IP
+label.is.default=E\\' Default
 label.isolated.networks=Reti isolate
 label.isolation.method=Metodo di isolamento
+label.isolation.mode=Modalit\u00e0 di Isolamento
 label.isolation.uri=URI di isolamento
+label.is.shared=E\\' Condiviso
 label.keyboard.type=Tipo di tastiera
 label.key=Key
 label.kvm.traffic.label=Etichetta del traffico via KVM
 label.label=Label
+label.lang.arabic=Arabo
+label.lang.english=Inglese
 label.latest.events=Ultimi eventi
 label.launch=Avvio
 label.launch.vm=Avviare una VM
 label.lb.algorithm.roundrobin=Round-robin
 label.lb.algorithm.source=Sorgente
 label.LB.isolation=Isolamento di LB
+label.ldap.configuration=Configurazione LDAP
+label.ldap.port=Porta LDAP
+label.level=Livello
 label.load.balancing=Bilanciamento di Carico
 label.load.balancing.policies=Politiche di Bilanciamento di Carico
 label.local.storage=Storage locale
@@ -429,6 +592,7 @@ label.memory.mb=Memoria (in MB)
 label.menu.accounts=Utenti
 label.menu.configuration=Configurazione
 label.menu.infrastructure=Infrastruttura
+label.menu.instances=Istanze
 label.menu.system.service.offerings=Offerte di Sistema
 label.menu.templates=Template
 label.migrate.instance.to.host=Migrare instance verso un altro host
@@ -477,6 +641,7 @@ label.please.specify.netscaler.info=Si prega di specificare le informazioni per
 label.pod.name=Nome del Pod
 label.pods=Pod
 label.port.forwarding.policies=Politiche di Port Forwarding
+label.port=Porta
 label.previous=Precedente
 label.primary.storage.count=Pool del Primary Storage
 label.primary.storage=Storage Primario
@@ -493,12 +658,18 @@ label.providers=Fornitori
 label.public.network=Rete pubblica
 label.purpose=Scopo
 label.quickview=Panoramica rapida
+label.rbd.monitor=Ceph monitor
+label.rbd.pool=Ceph pool
+label.rbd=RBD
 label.reboot=Reboot
+label.recover.vm=Recupera la VM
 label.redundant.router.capability=Capacit\u00e0 di ridondanza del router
+label.reinstall.vm=Reinstalla la VM
 label.remind.later=Ricordami in seguito
 label.remove.ACL=Rimuovere ACL
 label.remove.egress.rule=Rimuovere una regola d\\'uscita
 label.remove.ip.range=Rimuovere intervallo di indirizzi IP
+label.remove.ldap=Rimuovi LDAP
 label.remove.pf=Rimuovere regola di port forwarding
 label.remove.rule=Rimuovere regola
 label.remove.static.nat.rule=Rimuovere regola di NAT statico
@@ -518,11 +689,15 @@ label.restore=Restore
 label.review=Riesaminare
 label.revoke.project.invite=Revocare un invit
 label.root.disk.controller=Controller del disco root
+label.root.disk.size=Dimensione disco Root
+label.routing=Routing
 label.rules=Regole
 label.s3.access_key=Access Key
 label.s3.connection_timeout=Tempo di scadenza connessione
 label.s3.endpoint=Dispositivo
 label.s3.max_error_retry=Numero massimo di tentativi a seguito di errore
+label.s3.nfs.path=Percorso S3 NFS
+label.s3.nfs.server=S3 NFS Server
 label.s3.secret_key=Secret Key
 label.s3.socket_timeout=Tempo di scadenza del Socket
 label.s3.use_https=Utilizzare HTTPS
@@ -543,6 +718,7 @@ label.select.tier=Selezionare il Livello
 label.select-view=Selezionare la vista
 label.select.vm.for.static.nat=Selezionare una VM per il NAT statico
 label.service.capabilities=Capacit\u00e0 di Servizio
+label.service.state=Stato del Servizio
 label.setup=Installazione
 label.setup.network=Configurazione Rete
 label.setup.zone=Configurazione Zona
@@ -550,6 +726,10 @@ label.set.up.zone.type=Configurazione del tipo di Zona
 label.shutdown.provider=Arresto del provider
 label.site.to.site.VPN=Site-to-site VPN
 label.skip.guide=Se si ha familiarit\u00e0 con CloudStack per utilizzi precedenti, si pu\u00f2 saltare questa guida
+label.smb.domain=Dominio SMB
+label.smb.password=Password SMB
+label.smb.username=Username SMB
+label.sockets=CPU Socket
 label.specify.IP.ranges=Specificare intervallo di indirizzi IP
 label.srx=SRX
 label.start.IP=Indirizzo IP iniziale
@@ -587,9 +767,11 @@ label.traffic.types=Tipi di Traffico
 label.update.project.resources=Aggiornare le risorse di progetto
 label.upload=Upload
 label.upload.volume=Volume di upload
+label.use.vm.ips=Usa Indirizzo IP della VM
 label.vcdcname=Nome DC del vCenter
 label.vcipaddress=Indirizzo IP del vCenter
 label.viewing=Visualizzazione
+label.view.secondary.ips=Vedi IP Secondari
 label.view=Vista
 label.virtual.machines=Virtual machine
 label.virtual.routers=Router Virtuali
@@ -598,6 +780,7 @@ label.vlan.only=VLAN
 label.vlan=VLAN
 label.vm.destroy=Destroy
 label.vm.display.name=Nome visualizzato della VM
+label.vm.ip=Indirizzo IP della VM
 label.vm.name=Nome VM
 label.vm.reboot=Reboot
 label.VMs.in.tier=VM nei livelli
@@ -627,9 +810,11 @@ label.zoneWizard.trafficType.guest=Guest\: Traffico di rete tra le virtual machi
 label.zoneWizard.trafficType.management=Management\: Traffico di rete tra le risorse interne di CloudStack, incluso qualsiasi componente che comunichi con il Management Server, come ad esempio gli host e le VM di Sistema di CloudStack
 label.zoneWizard.trafficType.public=Public\: Traffico di rete tra la rete internet e le virtual machine nell\\'infrastruttura cloud.
 label.zoneWizard.trafficType.storage=Storage\: Traffico di rete tra i server di primary e secondary storage, come ad esempio i template delle VM e le operazioni di snapshot
+message.acquire.ip.nic=Prego confermare che si vuole acquisire un nuovo IP secondario per questa NIC.<br/>NOTA\: Deve essere configurato manualmente il nuovo IP secondario acquisito all\\'interno della virtual machine.
 message.acquire.new.ip=Si prega di confermare di voler acquisire un nuovo indirizzo IP per questa rete.
 message.acquire.new.ip.vpc=Si prega di confermare di voler acquisire un nuovo indirizzo IP per questo VPC.
 message.action.delete.nexusVswitch=Si prega di confermare di voler cancellare questo nexus 1000v
+message.action.delete.nic=Prego conferma che si vuole rimuovere questa NIC, questo rimuover\u00e0 anche le reti associate dalla VM.
 message.action.delete.physical.network=Si prega di confermare di voler cancellare questa rete fisica
 message.action.delete.system.service.offering=Si prega di confermare di voler cancellare questa offerta di servizio di sistema.
 message.action.disable.nexusVswitch=Si prega di confermare di voler disabilitare questo nexus 1000v
@@ -732,10 +917,12 @@ message.ip.address.changed=Il tuo indirizzo IP potrebbe essere cambiato; si desi
 message.iso.desc=Immagine disco contenente dati o supporto avviabile di boot per il SO
 message.join.project=Ora appartieni al progetto. Si prega di passare alla vista Progetto per accedere.
 message.launch.zone=La Zona \u00e8 pronta per l\\'avvio; si prega di procedere al passo successivo.
+message.listView.subselect.multi=(Ctrl/Cmd-click)
 message.migrate.instance.to.host=Si prega di confermare di voler migrare instance verso un altro host.
 message.migrate.instance.to.ps=Si prega di confermare di voler migrare instance verso un altro primary storage.
 message.migrate.router.confirm=Si prega di confermare l\\'host a cui si intende migrare il router\:
 message.migrate.volume=Si prega di confermare di voler migrare il volume verso un altro primary storage.
+message.no.affinity.groups=Non \u00e8 presente alcun gruppo di affinit\u00e0. Prego proseguire al prossimo passaggio.
 message.no.projects.adminOnly=Non si dispone di alcun progetto.<br/>Si prega di chiedere la creazione di un nuovo progetto al proprio amministratore.
 message.no.projects=Non si possiedono progetti.<br/>Si prega di creare un nuovo progetto dalla sezione progetti.
 message.pending.projects.1=Ci sono inviti a progetti in attesa di risposta\:
@@ -746,12 +933,15 @@ message.please.select.a.different.public.and.management.network.before.removing=
 message.please.select.networks=Si prega di selezionare le reti per la virtual machine.
 message.please.wait.while.zone.is.being.created=Si prega di attendere la creazione della zona; pu\u00f2 richiedere tempo...
 message.project.invite.sent=L\\'invito \u00e8 stato spedito all\\'utente; l\\'utente sar\u00e0 aggiunto al progetto solo dopo aver accettato l\\'invito
+message.recover.vm=Prego confermare che si vuole recuperare questa VM.
+message.reinstall.vm=NOTA\: Attenzione. Questo causer\u00e0 la reinstallazione della VM partendo dal template; i dati nel disco principale verranno persi. I dati nei volumi aggiuntivi, se esistenti, non verranno toccati.
 message.remove.vpc=Si prega di confermare di voler rimuovere VPC
 message.reset.password.warning.notPasswordEnabled=L\\'immagine template di questa instanza \u00e8 stata creata senza l\\'abilitazione della password
 message.reset.password.warning.notStopped=L\\'instanza deve essere arrestata prima di poter modificare la password
 message.reset.VPN.connection=Si prega di confermare di voler effettuare il reset della connessione VPN
 message.restart.network=Tutti i servizi forniti da questa rete saranno interrotti. Si prega di confermare di voler riavviare questa rete.
 message.restart.vpc=Si prega di confermare di voler riavviare VPC
+message.select.affinity.groups=Prego selezionare un gruppo di affinit\u00e0 a cui si vuole far appartenere questa VM\:
 message.select.a.zone=Una zona corrisponde tipicamente ad un singolo datacenter. Zone multiple consentono di aumentare l\\'affidabilit\u00e0 creando isolamento fisico e ridondanza.
 message.select.instance=Si prega di selezionare una instanza.
 message.select.iso=Si prega di selezionare una immagine ISO per la nuova instanza virtuale.
@@ -776,6 +966,7 @@ message.tooltip.reserved.system.netmask=Il prefisso di rete che definisce la sub
 message.tooltip.zone.name=Un nome per la zona.
 message.update.resource.count=Si prega di confermare di voler aggiornare il valore delle risorse per questo account.
 message.validate.instance.name=Il nome dell\\'instanza non pu\u00f2 avere lunghezza superiore a 63 caratteri. Sono consentite solo lettere ASCII a-z, A-Z, numeri 0-9, segni \\'-\\'. Il primo carattere deve essere una lettera, e l\\'ultimo una lettera o un numero.
+message.validate.invalid.characters=RIlevati caratteri non validi; prego correggere
 message.vm.review.launch=Si prega di riesaminare le informazioni e confermare l\\'instance virtuale scelta sia corretta prima di avviarla.
 message.you.must.have.at.least.one.physical.network=E\\' necessario disporre di almeno una rete fisica
 message.Zone.creation.complete=Creazione zona completata
diff --git a/client/WEB-INF/classes/resources/messages_ja_JP.properties b/client/WEB-INF/classes/resources/messages_ja_JP.properties
index d069a1107e..cacdc21910 100644
--- a/client/WEB-INF/classes/resources/messages_ja_JP.properties
+++ b/client/WEB-INF/classes/resources/messages_ja_JP.properties
@@ -67,6 +67,7 @@ label.action.cancel.maintenance.mode=\u4fdd\u5b88\u30e2\u30fc\u30c9\u306e\u30ad\
 label.action.change.password=\u30d1\u30b9\u30ef\u30fc\u30c9\u306e\u5909\u66f4
 label.action.change.service.processing=\u30b5\u30fc\u30d3\u30b9\u3092\u5909\u66f4\u3057\u3066\u3044\u307e\u3059...
 label.action.change.service=\u30b5\u30fc\u30d3\u30b9\u306e\u5909\u66f4
+label.action.configure.samlauthorization=SAML SSO \u8a8d\u8a3c\u3092\u8a2d\u5b9a\u3059\u308b
 label.action.copy.ISO=ISO \u306e\u30b3\u30d4\u30fc
 label.action.copy.ISO.processing=ISO \u3092\u30b3\u30d4\u30fc\u3057\u3066\u3044\u307e\u3059....
 label.action.copy.template.processing=\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u3092\u30b3\u30d4\u30fc\u3057\u3066\u3044\u307e\u3059....
@@ -292,6 +293,7 @@ label.add.ip.range=IP \u30a2\u30c9\u30ec\u30b9\u306e\u7bc4\u56f2\u306e\u8ffd\u52
 label.add.isolated.guest.network=\u5206\u96e2\u30b2\u30b9\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306e\u8ffd\u52a0
 label.add.isolated.network=\u5206\u96e2\u3055\u308c\u305f\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306e\u8ffd\u52a0
 label.additional.networks=\u8ffd\u52a0\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af
+label.add.LDAP.account=LDAP \u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u8ffd\u52a0
 label.add.list.name=ACL \u4e00\u89a7\u540d
 label.add.load.balancer=\u30ed\u30fc\u30c9 \u30d0\u30e9\u30f3\u30b5\u30fc\u306e\u8ffd\u52a0
 label.add.more=\u305d\u306e\u307b\u304b\u306e\u9805\u76ee\u306e\u8ffd\u52a0
@@ -846,6 +848,7 @@ label.lang.dutch=\u30aa\u30e9\u30f3\u30c0\u8a9e (\u30aa\u30e9\u30f3\u30c0)
 label.lang.english=\u82f1\u8a9e
 label.lang.french=\u30d5\u30e9\u30f3\u30b9\u8a9e
 label.lang.german=\u30c9\u30a4\u30c4\u8a9e
+label.lang.hungarian=\u30cf\u30f3\u30ac\u30ea\u30fc\u8a9e
 label.lang.italian=\u30a4\u30bf\u30ea\u30a2\u8a9e
 label.lang.japanese=\u65e5\u672c\u8a9e
 label.lang.korean=\u97d3\u56fd\u8a9e
@@ -874,6 +877,8 @@ label.load.balancer=\u30ed\u30fc\u30c9 \u30d0\u30e9\u30f3\u30b5\u30fc
 label.load.balancing.policies=\u8ca0\u8377\u5206\u6563\u30dd\u30ea\u30b7\u30fc
 label.load.balancing=\u8ca0\u8377\u5206\u6563
 label.loading=\u30ed\u30fc\u30c9\u3057\u3066\u3044\u307e\u3059
+label.local.storage.enabled.system.vms=\u30b7\u30b9\u30c6\u30e0 VM \u306b\u5bfe\u3057\u30ed\u30fc\u30ab\u30eb\u30b9\u30c8\u30ec\u30fc\u30b8\u3092\u6709\u52b9\u5316\u3059\u308b
+label.local.storage.enabled=\u30e6\u30fc\u30b6\u30fc VM \u306b\u5bfe\u3057\u30ed\u30fc\u30ab\u30eb\u30b9\u30c8\u30ec\u30fc\u30b8\u3092\u6709\u52b9\u5316\u3059\u308b
 label.local.storage=\u30ed\u30fc\u30ab\u30eb \u30b9\u30c8\u30ec\u30fc\u30b8
 label.local=\u30ed\u30fc\u30ab\u30eb
 label.login=\u30ed\u30b0\u30aa\u30f3
@@ -1247,6 +1252,8 @@ label.s3.nfs.server=S3 NFS \u30b5\u30fc\u30d0\u30fc
 label.s3.secret_key=\u79d8\u5bc6\u30ad\u30fc
 label.s3.socket_timeout=\u30bd\u30b1\u30c3\u30c8 \u30bf\u30a4\u30e0\u30a2\u30a6\u30c8
 label.s3.use_https=HTTPS \u3092\u4f7f\u7528\u3059\u308b
+label.saml.enable=SAML SSO \u8a8d\u8a3c
+label.saml.entity=\u8a8d\u8a3c\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc
 label.saturday=\u571f\u66dc\u65e5
 label.save.and.continue=\u4fdd\u5b58\u3057\u3066\u7d9a\u884c
 label.save=\u4fdd\u5b58
diff --git a/client/WEB-INF/classes/resources/messages_nb_NO.properties b/client/WEB-INF/classes/resources/messages_nb_NO.properties
index 42482b9065..397baf5b3f 100644
--- a/client/WEB-INF/classes/resources/messages_nb_NO.properties
+++ b/client/WEB-INF/classes/resources/messages_nb_NO.properties
@@ -16,24 +16,31 @@
 # under the License.
 
 changed.item.properties=Endrede egenskaper
+confirm.enable.s3=Vennligst fyll inn f\u00f8lgende informasjon for \u00e5 aktivere st\u00f8tte for S3-st\u00f8ttet sekund\u00e6rlagring
 confirm.enable.swift=Vennligst fyll inn f\u00f8lgende informasjon for \u00e5 aktivere st\u00f8tte for Swift
 error.could.not.change.your.password.because.ldap.is.enabled=Feil kunne ikke bytte ditt passord fordi LDAP er aktivert.
 error.could.not.enable.zone=Kunne ikke aktivere sonen
 error.installWizard.message=Noe gikk galt. G\u00e5 tilbake og korriger feilene.
 error.invalid.username.password=Ugyldig brukernavn eller passord
 error.login=Ditt brukernavn/passord stemmer ikke overens med v\u00e5re opplysninger.
+error.menu.select=Kan ikke utf\u00f8re handlingen grunnet ingen valgte elementer.
 error.mgmt.server.inaccessible=Administrasjonsserver er utilgjengelig. Vennligst pr\u00f8v igjen senere.
 error.password.not.match=Passordfeltene sammensvarer ikke
+error.please.specify.physical.network.tags=Nettverkstilbud er ikke tilgjengelig f\u00f8r du spesifiserer knagger for dette fysiske nettverket.
 error.session.expired=Din sesjon har utl\u00f8pt.
 error.something.went.wrong.please.correct.the.following=Noe gikk galt. Vennligst korrig\u00e9r f\u00f8lgende
 error.unable.to.reach.management.server=Kan ikke oppn\u00e5 kontakt med administrasjonsserveren
 error.unresolved.internet.name=Ditt internettnavn kan ikke l\u00f8ses.
+force.delete.domain.warning=Advarsel\: dette alternativet vil medf\u00f8re at alle underdomener og alle assosierte kontoer og dere resurser blir slettet.
 force.delete=Tving sletting
+force.remove.host.warning=Advarsel\: ved valg av dette alternativet vil CloudStack stoppe alle kj\u00f8rende virtuelle maskiner, f\u00f8r hypervisoren blir fjernet fra klyngen.
 force.remove=Tving fjerning
+force.stop.instance.warning=Advarsel\: \u00c5 tvinge en stopp av denne instansen b\u00f8r v\u00e6re siste utvei. Det kan f\u00f8re til tap av data og ukonsistent oppf\u00f8rsel av virtuell maskinstatus.
 force.stop=Tving stopp
 ICMP.code=ICMP-kode
 ICMP.type=ICMP-type
 image.directory=Bilde-katalog
+inline=I Rekke
 instances.actions.reboot.label=Omstart av instans
 label.about.app=Om CloudStack
 label.about=Om
@@ -44,11 +51,13 @@ label.account=Konto
 label.account.lower=konto
 label.account.name=Kontonavn
 label.accounts=Kontoer
+label.account.specific=Kontospesifikk
 label.acl=ACL
 label.acl.id=ACL ID
 label.acl.name=ACL Navn
 label.acl.replaced=ACL erstattet
 label.acquire.new.ip=Tilegne ny IP
+label.acquire.new.secondary.ip=Tilegne ny sekund\u00e6r IP
 label.action.attach.disk.processing=Tilknytter Disk....
 label.action.attach.disk=Tilknytt Disk
 label.action.attach.iso.processing=Tilknytter ISO....
@@ -58,6 +67,7 @@ label.action.cancel.maintenance.mode.processing=Avbryter vedlikeholdsmodus....
 label.action.change.password=Endre passord
 label.action.change.service=Endre Tjeneste
 label.action.change.service.processing=Endrer Tjeneste....
+label.action.configure.samlauthorization=Konfigurer SAML SSO-autorisering
 label.action.copy.ISO=Kopier ISO
 label.action.copy.ISO.processing=Kopierer ISO....
 label.action.copy.template=Kopier mal
@@ -119,6 +129,7 @@ label.action.destroy.instance=\u00d8delegg Instans
 label.action.destroy.systemvm.processing=Sletter system VM....
 label.action.destroy.systemvm=Slett system VM
 label.action.detach.disk=Frakoble disk
+label.action.detach.disk.processing=Kobler fra disk....
 label.action.detach.iso=Frakoble ISO
 label.action.detach.iso.processing=Frakobler ISO....
 label.action.disable.account=Deaktiver konto
@@ -151,6 +162,7 @@ label.action.edit.network.offering=Editer nettverkstilbud
 label.action.edit.network.processing=Editerer Nettverk....
 label.action.edit.pod=Editer Pod
 label.action.edit.primary.storage=Editer Prim\u00e6rlagring
+label.action.edit.resource.limits=Rediger ressursbegrensninger
 label.action.edit.service.offering=Editer tjenestetilbud
 label.action.edit.template=Editer mal
 label.action.edit.user=Rediger bruker
@@ -171,6 +183,10 @@ label.action.enable.user=Aktiver Bruker
 label.action.enable.user.processing=Aktiverer Bruker....
 label.action.enable.zone=Aktiver sone
 label.action.enable.zone.processing=Aktiverer sone...
+label.action.expunge.instance.processing=Sletter instans....
+label.action.expunge.instance=Slett instans
+label.action.force.reconnect.processing=Kobler til p\u00e5 nytt....
+label.action.force.reconnect=Tving ny tilkobling
 label.action.generate.keys=Generer n\u00f8kler
 label.action.generate.keys.processing=Genererer n\u00f8kler....
 label.action=Handling
@@ -191,8 +207,11 @@ label.action.reboot.router=Omstart Ruter
 label.action.reboot.router.processing=Omstaer Instans....
 label.action.reboot.systemvm=Omstart System VM
 label.action.reboot.systemvm.processing=Omstarter System VM
+label.action.recurring.snapshot=Gjentagende \u00f8yeblikksbilder
 label.action.register.iso=Registrer ISO
 label.action.register.template=Registrer mal
+label.action.release.ip=Frigj\u00f8r IP
+label.action.release.ip.processing=Frigj\u00f8r IP-adresse....
 label.action.remove.host=Fjern Vert
 label.action.remove.host.processing=Fjerner Vest....
 label.action.reset.password.processing=Tilbakestiller passord....
@@ -202,6 +221,8 @@ label.action.resize.volume.processing=Endrer st\u00f8rrelse p\u00e5 volum....
 label.action.resource.limits=Ressursbegrensninger
 label.action.restore.instance=Gjenopprett Instans
 label.action.restore.instance.processing=Gjenoppretter Instans....
+label.action.revert.snapshot.processing=Tilbakestiller til \u00f8yeblikksbilde....
+label.action.revert.snapshot=Tilbakestill til \u00f8yeblikksbilde
 label.actions=Handlinger
 label.action.start.instance.processing=Starter instans....
 label.action.start.instance=Start instans
@@ -217,9 +238,15 @@ label.action.stop.systemvm.processing=Stopper System VM....
 label.action.stop.systemvm=Stopp System VM
 label.action.take.snapshot.processing=Tar \u00f8yeblikksbilde....
 label.action.take.snapshot=Ta \u00f8yeblikksbilde
+label.action.unmanage.cluster=Fjern administrasjon av klynge
 label.action.unmanage.cluster.processing=Fjerner administrasjon av klynge...
+label.action.update.OS.preference=Oppdater OS-preferanser
+label.action.update.OS.preference.processing=Oppdaterer OS-preferanser.....
+label.action.update.resource.count=Oppdater resurs oversikt
+label.action.update.resource.count.processing=Oppdaterer resurs oversikt
 label.action.vmsnapshot.create=Ta VM \u00f8yeblikksbilde
 label.action.vmsnapshot.delete=Slett VM \u00f8yeblikksbilde
+label.action.vmsnapshot.revert=Tilbakestill til maskin\u00f8yeblikksbilde
 label.activate.project=Aktiver prosjekt
 label.active.sessions=Aktive sesjoner
 label.add.account=Legg til konto
@@ -228,12 +255,22 @@ label.add.accounts.to=Legg kontoer til
 label.add.account.to.project=Legg kontoen til prosjektet
 label.add.ACL=Legg til ACL
 label.add.acl.list=Legg til ACL liste
+label.add.affinity.group=Legg til affinitetsgruppe
+label.add.baremetal.dhcp.device=Legg Til Barmetall DHCP Enhet
 label.add.BigSwitchVns.device=Legg til BigSwitch Vnc kontroller
+label.add.BrocadeVcs.device=Legg til Brocade VCS Svitsj
+label.add.by.cidr=Legg til med CIDR
+label.add.by.group=Legg til med gruppe
 label.add.by=Legg til ved
+label.add.ciscoASA1000v=Legg til CiscoASA1000v Resurs
 label.add.cluster=Legg til klynge
 label.add.compute.offering=Legg til systemtilbud
+label.add.direct.iprange=Legg til direkte IP-rekke
+label.add.disk.offering=Legg til disktilbud
 label.add.domain=Legg til domene
+label.added.brocade.vcs.switch=Ny Brocade Vcs switch lagt til
 label.added.new.bigswitch.vns.controller=Legg til ny BigSwitch VNS kontroller
+label.added.nicira.nvp.controller=La til ny Nicira NVP-kontroller
 label.add.egress.rule=Legg til egress regel
 label.addes.new.f5=La til ny F5
 label.add.F5.device=Legg til F5 enhet
@@ -253,6 +290,10 @@ label.adding.zone=Legger til sone
 label.add.intermediate.certificate=Legg til intermediate sertifikat
 label.add.internal.lb=Legg til intern LB
 label.add.ip.range=Legg til IP-rekke
+label.add.isolated.guest.network=Legg til Isolert gjestenettverk
+label.add.isolated.network=Legg Til Isolert Nettverk
+label.additional.networks=Ekstra nettverk
+label.add.LDAP.account=Legg til LDAP-konto
 label.add=Legg til
 label.add.list.name=ACL listenavn
 label.add.load.balancer=Legg til lastbalanserer
@@ -268,11 +309,15 @@ label.add.new.gateway=Legg til ny gateway
 label.add.new.NetScaler=Legg til ny NetScaler
 label.add.new.PA=Legg til ny Palo Alto
 label.add.new.SRX=Legg til ny SRX
+label.add.new.tier=Legg til ny gren
+label.add.nfs.secondary.staging.store=Legg Til NFS sekund\u00e6rmellomlagringsomr\u00e5de
 label.add.NiciraNvp.device=Legg til Nvp kontroller
+label.add.NuageVsp.device=Legg til Nuage Virtualized Services Directory (VSD)
 label.add.OpenDaylight.device=Legg til OpenDayLight kontroller
 label.add.PA.device=Legg til Palo Alto enhet
 label.add.physical.network=Legg til fysisk nettverk
 label.add.pod=Legg til pod
+label.add.portable.ip.range=Legg til portabel IP-rekke
 label.add.port.forwarding.rule=Legg til portvideresendingsregel
 label.add.primary.storage=Legg til prim\u00e6rlagring
 label.add.region=Legg til region
@@ -288,17 +333,20 @@ label.add.static.route=Legg til statisk rute
 label.add.system.service.offering=Legg til et systemtilbud
 label.add.template=Legg til mal
 label.add.to.group=Legg til gruppe
+label.add.ucs.manager=Legg Til UCS Manager
 label.add.user=Legg til bruker
 label.add.vlan=Legg til VLAN
 label.add.vm=Legg til VM
 label.add.vms=Legg til VMer
 label.add.vms.to.lb=Legg til VM(er) til lastbalanseringsregel
+label.add.VM.to.tier=Legg VM til VPC-gren
 label.add.vmware.datacenter=Legg til VMware datasenter
 label.add.vnmc.device=Legg til VNMC enhet
 label.add.vnmc.provider=Legg til VNMC tilbyder
 label.add.volume=Legg til volum
 label.add.vpc=Legg til VPC
 label.add.vpc.offering=Legg til VPC tilbud
+label.add.vpn.customer.gateway=Legg til VPN Kundegateway
 label.add.VPN.gateway=Legg til VPN Gateway
 label.add.vpn.user=Legg til VPN-bruker
 label.add.vxlan=Legg til VXLAN
@@ -308,6 +356,9 @@ label.admin=Admin
 label.advanced=Avansert
 label.advanced.mode=Avansermodus
 label.advanced.search=Avansert s\u00f8k
+label.affinity=Affinitet
+label.affinity.group=Affinitetsgruppe
+label.affinity.groups=Affinitetsgrupper
 label.agent.password=Agentpassord
 label.agent.state=Agentstatus
 label.agent.username=Agentbrukernavn
@@ -320,6 +371,9 @@ label.algorithm=Algoritme
 label.allocated=Allokert
 label.allocation.state=Allokeringsstatus
 label.allow=Tillat
+label.anti.affinity=Anti-affinitet
+label.anti.affinity.group=Anti-affinitetsgruppe
+label.anti.affinity.groups=Anti-affinitetsgrupper
 label.api.key=API-n\u00f8kkel
 label.api.version=API Versjon
 label.apply=Bruk
@@ -327,8 +381,14 @@ label.app.name=CloudStack
 label.archive.alerts=Arkiver varsler
 label.archive=Arkiv
 label.archive.events=Arkiver hendelser
+label.assigned.vms=Tildelte VMer
 label.assign.instance.another=Tildel instans til en annen konto
 label.assign=Tildel
+label.assign.to.load.balancer=Legg instans til lastbalanserer
+label.associated.network=Assosiert nettverk
+label.associated.network.id=Assosiert nettverksid
+label.associated.profile=Assosiert Profil
+label.associate.public.ip=Assosiert Offentlig IP-adresse
 label.attached.iso=Tilknyttet ISO
 label.author.email=Forfatter e-post
 label.author.name=Forfatternavn
@@ -339,40 +399,60 @@ label.available.public.ips=Tilgjengelig offentlige IP-adresser
 label.available=Tilgjengelig
 label.back=Tilbake
 label.bandwidth=B\u00e5ndbredde
+label.baremetal.dhcp.devices=Barmetall DHCP Enheter
+label.baremetal.dhcp.provider=Barmetall DHCP Tilbyder
+label.baremetal.pxe.device=Legg Til Barmetall PXE Enhet
+label.baremetal.pxe.devices=Barmetall PXE Enheter
+label.baremetal.pxe.provider=Barmetall PXE Tilbyder
 label.basic=Basis
 label.basic.mode=Basismodus
+label.bigswitch.controller.address=BigSwitch Vns kontroller-adresse
 label.bigswitch.vns.details=BigSwitch VNC detaljer
 label.blade.id=Blad-ID
 label.blades=Blad
 label.bootable=Botbar
+label.broadcast.domain.range=Kringkastings domene rekke
+label.broadcast.domain.type=Kringkastings Domene Type
+label.broadcast.uri=Kringkastings URI
+label.broadcasturi=kringkastinguri
+label.broadcat.uri=Kringkastings URI
+label.brocade.vcs.address=Vcs Switch Addresse
+label.brocade.vcs.details=Brocade Vcs svitsj detaljer
 label.by.account=Etter Konto
 label.by.alert.type=Etter varseltype
 label.by.availability=Etter Tilgjengelighet
 label.by.date.end=Etter dato (slutt)
 label.by.date.start=Etter dato (start)
 label.by.domain=Etter Domene
+label.by.end.date=Etter sluttdato
 label.by.event.type=Etter hendelsestype
+label.by.level=Etter niv\u00e5
 label.by.pod=Etter Pod
 label.by.role=Etter Rolle
 label.by.start.date=Etter Startdato
+label.by.state=Etter tilstand
 label.bytes.received=Bytes Mottatt
 label.bytes.sent=Bytes sendt
 label.by.traffic.type=Etter Trafikktype
 label.by.type=Etter Type
 label.by.type.id=Etter Type ID
 label.by.zone=Etter Sone
+label.cache.mode=Write-cache Type
 label.cancel=Avbryt
 label.capacity.bytes=Kapasitet Bytes
 label.capacity.iops=Kapasitet IOPS
 label.capacity=Kapasitet
 label.certificate=Sertifikat
+label.change.affinity=Endre affinitet
 label.change.service.offering=Endre tjenestetilbud
 label.change.value=Endre verdi
 label.character=Karakter
 label.chassis=Kasse
+label.cidr.account=CIDR eller konto/sikkerhetsgruppe
 label.cidr=CIDR
 label.CIDR.list=CIDR liste
 label.cidr.list=Kilde-CIDR
+label.CIDR.of.destination.network=CIDR for destinasjonsnettverk
 label.cisco.nexus1000v.ip.address=Nexus 1000v IP Addresse
 label.cisco.nexus1000v.password=Nexus 1000v Passord
 label.cisco.nexus1000v.username=Nexus 1000v Brukernavn
@@ -381,6 +461,7 @@ label.clean.up=Rydd opp
 label.clear.list=T\u00f8m liste
 label.close=Lukk
 label.cloud.console=Cloud
+label.cloud.managed=Forvaltet Av Cloud.com
 label.cluster=Klynge
 label.cluster.name=Klyngenavn
 label.clusters=Klynger
@@ -407,6 +488,7 @@ label.continue.basic.install=Fortsett med enkelt oppsett
 label.continue=Fortsett
 label.copying.iso=Kopierer ISO
 label.corrections.saved=Endringer lagret
+label.counter=Teller
 label.cpu.allocated=CPU allokert
 label.cpu.allocated.for.VMs=CPU Allokert for VMer
 label.CPU.cap=CPU begrensning
@@ -416,26 +498,40 @@ label.cpu.mhz=CPU (i MHz)
 label.cpu.utilized=CPU-utnyttelse
 label.created.by.system=Opprettet av systemet
 label.created=Opprettet
+label.create.nfs.secondary.staging.storage=Legg Til NFS sekund\u00e6rmellomlagringsomr\u00e5de
+label.create.nfs.secondary.staging.store=Opprett NFS sekund\u00e6rmellomlagringsomr\u00e5de
 label.create.project=Opprett prosjekt
 label.create.template=Opprett mal
 label.create.VPN.connection=Opprett VPN-tilkobling
 label.cross.zones=Kryssoner
+label.custom.disk.iops=Tilpasset IOPS
 label.custom.disk.size=Tilpasset Diskst\u00f8rrelse
+label.custom=Tilpasset
 label.daily=Daglig
 label.data.disk.offering=Datadisktilbud
 label.date=Dato
+label.day.of.month=Dag i m\u00e5ned
+label.day.of.week=Dag i uke
+label.dc.name=Datasenter Navn
+label.dead.peer.detection=D\u00f8d ende-deteksjon
 label.decline.invitation=Avvis invitasjon
 label.dedicate.cluster=Dediker kluster
 label.dedicated=Dedikert
 label.dedicate=Dediker
+label.dedicated.vlan.vni.ranges=Dedikerte VLAN/VNI Rekker
 label.dedicate.host=Dediker host
+label.dedicate.pod=Dedikert pod
+label.dedicate.vlan.vni.range=Dedikert VLAN/VNI Rekke
 label.dedicate.zone=Dediker sone
+label.default.egress.policy=Egress standard policy
 label.default=Standardverdi
 label.default.use=Standard bruk
 label.default.view=Standardvisning
 label.delete.acl.list=Slett ACL liste
+label.delete.affinity.group=Slett affinitetsgruppe
 label.delete.alerts=Slette varsler
 label.delete.BigSwitchVns=Fjern BigSwitch Vns kontroller
+label.delete.BrocadeVcs=Fjern Brocade VCS-svitsj
 label.delete.ciscoASA1000v=Slett CiscoASA1000v
 label.delete.ciscovnmc.resource=Slett CiscoVNMC ressurs
 label.delete.events=Slett hendelser
@@ -443,41 +539,58 @@ label.delete.F5=Slett F5
 label.delete.gateway=slett gateway
 label.delete.internal.lb=Slett intern LB
 label.delete.NetScaler=Slett Netscaler
+label.delete.NiciraNvp=Fjern Nvp-kontroller
+label.delete.NuageVsp=Fjern Nuage VSD
 label.delete.OpenDaylight.device=Fjern OpenDaylight kontroller
 label.delete.PA=Slett Palo Alto
+label.delete.portable.ip.range=Slett portabel IP-rekke
 label.delete.profile=Slett Profil
 label.delete.project=Slett prosjekt
+label.delete.secondary.staging.store=Slett NFS sekund\u00e6rmellomlagringsomr\u00e5de
 label.delete=Slett
 label.delete.SRX=Slett SRX
+label.delete.ucs.manager=Slett UCS Manager
 label.delete.VPN.connection=Slett VPN-tilkobling
+label.delete.VPN.customer.gateway=Slett VPN-kundegateway
 label.delete.VPN.gateway=Slett VPN-gateway
 label.delete.vpn.user=Slett VPN-bruker
 label.deleting.failed=Sletting feilet
 label.deleting.processing=Sletter....
 label.deny=Nekt
+label.deployment.planner=utbyggings planlegger
 label.description=Beskrivelse
 label.destination.physical.network.id=Fysisk nettverksid-destinasjon
 label.destination.zone=Destinasjonssone
 label.destroy=Destruer
 label.destroy.router=Slett ruter
+label.destroy.vm.graceperiod=\u00d8delegge VM ventetid
+label.detaching.disk=Kobler fra disk
 label.details=Detaljer
 label.device.id=Enhets ID
 label.devices=Enheter
 label.dhcp=DHCP
 label.DHCP.server.type=DHCP servertype
+label.direct.attached.public.ip=Direkte Tilknyttet Offentlig IP-adresse
+label.direct.ips=Deltnettverk-IPadresser
 label.disable.autoscale=Deaktiver autoskalering
 label.disabled=Inaktiv
+label.disable.host=Deaktiver host
 label.disable.network.offering=Deaktiver nettverkstilbud
 label.disable.provider=Deaktiver tilbyder
 label.disable.vnmc.provider=Deatkiver VNMC tilbyder
 label.disable.vpc.offering=Deaktivert VPC tilbud
 label.disable.vpn=Dekativer VPN
 label.disabling.vpn.access=Deaktiverer VPN Tilgang
+label.disassociate.profile.blade=Deassosier profil fra Blade
 label.disbale.vnmc.device=Deaktiver VNMC enhet
 label.disk.allocated=Disk allokert
+label.disk.bytes.read.rate=Disklesehastighet(BPS)
+label.disk.bytes.write.rate=Diskskrivehastighet  (BPS)
 label.disk.iops.max=Maks IOPS
 label.disk.iops.min=Min IOPS
+label.disk.iops.read.rate=Disklesehastighet (IOPS)
 label.disk.iops.total=IOPS Totalt
+label.disk.iops.write.rate=Diskskrivehastighet (IOPS)
 label.disk.offering=Disktilbud
 label.disk.provisioningtype=Provisjoneringstype
 label.disk.read.bytes=Disk lese (Bytes)
@@ -501,16 +614,21 @@ label.domain.id=Domene ID
 label.domain.lower=domene
 label.domain.name=Domenenavn
 label.domain.router=Domeneruter
+label.domain.suffix=DNS domenesuffiks (f.eks, xyz.com)
 label.done=Utf\u00f8rt
+label.double.quotes.are.not.allowed=Doble anf\u00f8rselstegn er ikke tillatt
+label.download.progress=Nedlastningsprogresjon
 label.drag.new.position=Dra til ny posisjon
 label.duration.in.sec=Varighet (i sek.)
 label.dynamically.scalable=Dynamisk skalerbar
 label.edit.acl.rule=Endre ACL regel
+label.edit.affinity.group=Rediger affinitetsgruppe
 label.edit=Editer
 label.edit.lb.rule=Endre LB-regel
 label.edit.network.details=Edit\u00e9r nettverksdetaljer
 label.edit.project.details=Editer prosjektdetaljer
 label.edit.region=Editer region
+label.edit.tags=Rediger tagger
 label.edit.traffic.type=Endre trafikktype
 label.edit.vpc=Rediger VPC
 label.egress.default.policy=Egress standard policy
@@ -522,6 +640,7 @@ label.elastic.LB=Elastisk LB
 label.email=E-post
 label.email.lower=epost
 label.enable.autoscale=Aktiver autoskalering
+label.enable.host=Aktiver host
 label.enable.network.offering=Aktiver nettverkstilbud
 label.enable.provider=Aktiver tilbyder
 label.enable.s3=Aktiver S3-st\u00f8ttet sekund\u00e6rlagring
@@ -533,19 +652,31 @@ label.enable.vpn=Aktiver VPN
 label.enabling.vpn.access=Aktiverer VPN-tilgang
 label.enabling.vpn=Aktiverer VPN
 label.end.IP=Slutt-IP
+label.endpoint=Endepunkt
+label.endpoint.or.operation=Endepunkt eller operasjon
 label.end.port=Sluttport
+label.end.reserved.system.IP=Siste reserverte system IP
 label.end.vlan=Slutt VLAN
 label.end.vxlan=Slutt VXLAN
 label.enter.token=Skriv inn koden
 label.error.code=Feilkode
 label.error=Feil
 label.error.upper=ERROR
+label.ESP.encryption=ESP kryptering
+label.ESP.hash=ESP hash
+label.ESP.lifetime=ESP levetid
+label.ESP.policy=ESP policy
 label.esx.host=ESX/ESXi vert
+label.event.archived=Hendelser Arkivert
+label.event.deleted=Hendelse slettet
 label.example=Eksempel
+label.expunge=Slett
+label.external.link=Ekstern kobling
 label.extractable=Utpakkbar
 label.f5.details=F5 detaljer
 label.f5=F5
 label.failed=Feilet
+label.featured=Fremhevet
 label.fetch.latest=Hent siste
 label.filterBy=Filtrer etter
 label.firewall=Brannmur
@@ -555,7 +686,9 @@ label.format=Format
 label.friday=Fredag
 label.full=Full
 label.full.path=Full sti
+label.gateway=Gateway
 label.general.alerts=Generelle varsler
+label.generating.url=Genererer URL
 label.gluster.volume=Volum
 label.go.step.2=G\u00e5 til steg 2
 label.go.step.3=G\u00e5 til steg 3
@@ -578,18 +711,27 @@ label.gslb.lb.details=Lastbalanseringsdetaljer
 label.gslb.lb.remove=Fjern lastbalansering fra denne GSLB
 label.gslb.lb.rule=Lastbalanseringsregel
 label.gslb.service=GSLB tjeneste
+label.gslb.service.private.ip=GSLB tjeneste privat IP-adresse
+label.gslb.service.public.ip=GSLB tjeneste offentlig IP-adresse
+label.gslb.servicetype=Tjeneste Type
 label.guest.cidr=Gjest CIDR
 label.guest.end.ip=Gjest slutt-IP
+label.guest.gateway=Gjestegateway
 label.guest=Gjest
 label.guest.ip=Gjest IP-adresse
 label.guest.ip.range=Gjest IP-rekke
 label.guest.netmask=Gjest nettmaske
+label.guest.network.details=Gjestenettverksdetaljer
 label.guest.networks=Gjestenettverk
 label.guest.start.ip=Gjest start-IP
 label.guest.traffic=Gjestetrafikk
+label.guest.traffic.vswitch.name=Gjestetrafikk vSwitch Navn
+label.guest.traffic.vswitch.type=Gjestetrafikk vSwitch Type
 label.guest.type=Gjestetype
 label.ha.enabled=HA Aktivert
 label.health.check=Helsesjekk
+label.health.check.interval.in.sec=Helsesjekk Intervall (i sekunder)
+label.healthy.threshold=Sunn Terskel
 label.help=Hjelp
 label.hide.ingress.rule=Skjul ingressregel
 label.hints=Hint
@@ -602,14 +744,24 @@ label.host.tags=Vertsknagger
 label.host=Vert
 label.hourly=Hver time
 label.hvm=HVM
+label.hypervisor.capabilities=Hypervisor evner
 label.hypervisor=Hypervisor
 label.hypervisors=Hypervisors
+label.hypervisor.snapshot.reserve=Hypervisor \u00d8yeblikks Kapasitet
 label.hypervisor.type=Hypervisor type
 label.hypervisor.version=Hypervisor versjon
+label.hyperv.traffic.label=HyperV Trafikk Etikett
 label.id=ID
+label.IKE.DH=IKE DH
+label.IKE.encryption=IKE kryptering
+label.IKE.hash=IKE Hash
+label.IKE.lifetime=IKE livstid (sekunder)
+label.IKE.policy=IKE policy
 label.info=Info
 label.info.upper=INFO
 label.ingress.rule=Ingressregel
+label.initiated.by=Initiert av
+label.inside.port.profile=Intern Port Profil
 label.installWizard.addClusterIntro.subtitle=Hva er en klynge?
 label.installWizard.addClusterIntro.title=La oss legge til en klynge
 label.installWizard.addHostIntro.subtitle=Hva er en vert?
@@ -632,11 +784,17 @@ label.instance.name=Instans Navn
 label.instance.port=Instansport
 label.instance.scaled.up=Instans skalert opp
 label.instances=Instanser
+label.instanciate.template.associate.profile.blade=Instansier mal og assosier malen med Blade
+label.intermediate.certificate=Intermediate sertifikat {0}
 label.internal.dns.1=Intern DNS 1
 label.internal.dns.2=Intern DNS 2
 label.internal.lb.details=Intern LB detaljer
+label.internallbvm=InternalLbVm
 label.internal.name=Internt navn
+label.interval.type=Intervalltype
 label.introduction.to.cloudstack=Introduksjon til CloudStack&\#8482
+label.invalid.integer=Ugyldig integer
+label.invalid.number=Ugyldig tall
 label.invitations=Invitasjoner
 label.invited.accounts=Inviterte kontoer
 label.invite=Inviter
@@ -645,14 +803,17 @@ label.ip.address=IP-adresse
 label.ipaddress=IP-adresse
 label.ip.allocations=IP Allokeringer
 label.ip=IP
+label.ip.limits=Offentlig IP-addresse Grenser
 label.ip.or.fqdn=IP eller FQDN
 label.ip.range=IP-rekke
 label.ip.ranges=IP-rekker
+label.IPsec.preshared.key=IPSec Delt N\u00f8kkel
 label.ips=IPer
 label.ipv4.cidr=IPv4 CIDR
 label.ipv4.dns1=IPv4 DNS1
 label.ipv4.dns2=IPv4 DNS2
 label.ipv4.end.ip=IPv4 Slutt IP
+label.ipv4.gateway=IPv4 Gateway
 label.ipv4.netmask=IPv4 nettmaske
 label.ipv4.start.ip=IPv4 Start IP
 label.ipv6.address=IPv6 IP Adresse
@@ -669,6 +830,7 @@ label.iso=ISO
 label.isolated.networks=Isolerte nettverk
 label.isolation.method=Isolasjonsmetode
 label.isolation.mode=Isolasjonsmetode
+label.isolation.uri=Isolasjons URI
 label.is.redundant.router=Redundant
 label.is.shared=Er delt
 label.is.system=Er system
@@ -694,11 +856,13 @@ label.lang.norwegian=Norsk
 label.lang.polish=Polsk
 label.lang.russian=Russisk
 label.lang.spanish=Spansk
+label.last.disconnected=Siste Frakobling
 label.last.name=Etternavn
 label.lastname.lower=etternavn
 label.latest.events=Siste hendelser
 label.launch=Start
 label.launch.vm=Start VM
+label.launch.zone=Start sone
 label.lb.algorithm.leastconn=F\u00e6rrest tilkoblinger
 label.lb.algorithm.roundrobin=Ringdistribusjon
 label.lb.algorithm.source=Kilde
@@ -706,23 +870,31 @@ label.LB.isolation=LB-isolering
 label.ldap.configuration=LDAP Konfigurering
 label.ldap.group.name=LDAP Gruppe
 label.ldap.port=LDAP port
+label.level=Niv\u00e5
+label.linklocal.ip=Link-lokal IP-adresse
 label.load.balancer=Lastbalanserer
 label.load.balancer.type=Lastbalanseringstype
 label.load.balancing=Lastbalansering
 label.load.balancing.policies=Regler for lastbalansering
 label.loading=Laster
 label.local=Lokal
+label.local.storage.enabled=Aktiver lokal lagring for bruker VMer
+label.local.storage.enabled.system.vms=Aktiver lokal lagring for SystemVMer
 label.local.storage=Lokal lagring
 label.login=Logg inn
 label.logout=Logg ut
 label.lun=LUN
 label.LUN.number=LUN \#
+label.lxc.traffic.label=LXC trafikk etikett
 label.make.project.owner=Gj\u00f8r konto prosjekteier
 label.manage=Administrer
+label.managed=Administrert
 label.management=Administrasjon
 label.management.ips=Administrasjons IP-adresser
+label.management.server=Administrasjonsserver
 label.manage.resources=Behandle ressurser
 label.max.cpus=Maks CPU kjerner
+label.max.guest.limit=Maks antall gjester
 label.maximum=Maksimum
 label.max.instances=Maks Instanser
 label.max.memory=Maks minne (MiB)
@@ -747,9 +919,16 @@ label.menu.accounts=Kontoer
 label.menu.alerts=Varsler
 label.menu.all.accounts=Alle kontoer
 label.menu.all.instances=Alle instanser
+label.menu.community.isos=Fellesskap ISO medier
+label.menu.community.templates=Felleskap Maler
 label.menu.configuration=Konfigurering
+label.menu.dashboard=Dashbord
+label.menu.destroyed.instances=\u00d8delagte instanser
+label.menu.disk.offerings=Disktilbud
 label.menu.domains=Domener
 label.menu.events=Hendelser
+label.menu.featured.isos=Fremhevede ISOer
+label.menu.featured.templates=Fremhevde maler
 label.menu.global.settings=Globale innstillinger
 label.menu.infrastructure=Infrastruktur
 label.menu.instances=Instanser
@@ -773,6 +952,7 @@ label.menu.system.service.offerings=Systemtilbud
 label.menu.system=System
 label.menu.system.vms=System VMer
 label.menu.templates=Maler
+label.menu.virtual.appliances=Virtuelle Apparater
 label.menu.virtual.resources=Virtuelle ressurser
 label.menu.volumes=Volumer
 label.menu.vpc.offerings=VPC tilbud
@@ -788,6 +968,7 @@ label.migrate.volume=Migrer volum
 label.migrate.volume.to.primary.storage=Migrer volumet til en annen prim\u00e6rlagring.
 label.minimum=Minimum
 label.min.instances=Min Instanser
+label.minute.past.hour=minutter etter hel time
 label.mode=Modus
 label.monday=Mandag
 label.monthly=M\u00e5nedlig
@@ -809,6 +990,7 @@ label.netscaler.details=NetScaler detaljer
 label.netScaler=NetScaler
 label.network.ACL=Nettverk ACL
 label.network.ACLs=Nettverk ACLer
+label.network.ACL.total=Nettverk ACL Total
 label.network.addVM=Legg nettverk til VM
 label.network.cidr=Nettverk CIDR
 label.network.desc=Nettverksbeskrivelse
@@ -822,9 +1004,17 @@ label.network.label.display.for.blank.value=Bruk standard gateway
 label.network.limits=Nettverksbegrensninger
 label.network.name=Nettverksdame
 label.network=Nettverk
+label.network.offering.display.text=Nettverkstilbud Forklaring
+label.network.offering.id=Nettverkstilbud ID
+label.network.offering.name=Nettverkstilbud Navn
 label.network.offering=Nettverkstilbud
+label.network.rate.megabytes=Nettverks fart (MB/s)
+label.network.rate=Nettverks fart (MB/s)
 label.network.read=Nettverk les
+label.network.service.providers=Nettverktjenestetilbydere
 label.networks=Nettverk
+label.network.type=Nettverkstype
+label.network.write=Nettverk skriveoperasjoner
 label.new=Ny
 label.new.password=Nytt passord
 label.new.project=Nytt prosjekt
@@ -835,9 +1025,15 @@ label.nfs=NFS
 label.nfs.server=NFS Server
 label.nfs.storage=NFS Lagring
 label.nic.adapter.type=NIC adaptertype
+label.nicira.controller.address=Kontrolleradresse
+label.nicira.l3gatewayserviceuuid=L3 Gateway Tjeneste Uuid
 label.nicira.nvp.details=Nicira NVP detaljer
+label.nicira.transportzoneuuid=Transport sone Uuid
 label.nics=NICer
+label.no.actions=Ingen tilgjengelige handlinger
+label.no.alerts=Ingen nylige alarmer
 label.no.data=Ingen data \u00e5 vise
+label.no.errors=Ingen nylige feil
 label.no.grouping=(ingen gruppering)
 label.no.isos=Ingen tilgjengelige ISOer
 label.no.items=Ingen tilgjengelige elementer
@@ -855,6 +1051,7 @@ label.number.of.system.vms=Antall System VMer
 label.number.of.virtual.routers=Antall virtuelle rutere
 label.number.of.zones=Antall soner
 label.num.cpu.cores=\# av CPU-kjerner
+label.numretries=Antall fors\u00f8k
 label.ocfs2=OCFS2
 label.offer.ha=Tilby HA
 label.ok=OK
@@ -862,45 +1059,72 @@ label.opendaylight.controllerdetail=OpenDaylight kontrollerdetaljer
 label.opendaylight.controller=OpenDaylight kontroller
 label.opendaylight.controllers=OpenDaylight kontrollere
 label.openDaylight=OpenDaylight
+label.operator=Operat\u00f8r
 label.optional=Valgfritt
 label.order=Rekkef\u00f8lge
+label.os.preference=OS-preferanse
 label.os.type=OS-type
 label.other=Andre
+label.override.guest.traffic=Overstyr Gjeste Trafikk
+label.override.public.traffic=Overstyr Offentlig Trafikk
+label.ovm.traffic.label=OVM trafikk etikett
 label.ovs=OVS
+label.owned.public.ips=Offentlige IP-addresser i bruk
 label.owner.account=Eierkonto
 label.owner.domain=Eierdomene
 label.palo.alto.details=Palo Alto detaljer
+label.PA.log.profile=Palo Alto logg profil
 label.PA=Palo Alto
+label.parent.domain=Foreldre domene
 label.passive=Passiv
+label.password.enabled=Passord Aktivert
 label.password.lower=passord
 label.password=Passord
 label.password.reset.confirm=Passordet har blitt resatt til
+label.PA.threat.profile=Palo Alto trussel profil
 label.path=Sti
+label.perfect.forward.secrecy=Perfect Forward Secrecy
+label.persistent=Vedvarende
 label.physical.network=Fysisk nettverk
 label.physical.network.ID=Fysisk nettverksid
 label.PING.CIFS.password=PING CIFS passord
 label.PING.CIFS.username=PING CIFS brukernavn
 label.PING.dir=PING-mappe
+label.ping.path=Ping Sti
 label.PING.storage.IP=PING lagrings-IP
+label.planner.mode=Planleggingsmodus
 label.please.specify.netscaler.info=Vennligst spesifiser NetScaler-info
 label.please.wait=Vennligst vent
+label.plugin.details=Plugin detaljer
+label.plugins=Plugins
+label.pod.dedicated=Pod Dedikert
 label.pod.name=Pod navn
 label.pod=Pod
 label.pods=Pods
+label.polling.interval.sec=Sjekkintervall (i sekunder)
+label.portable.ip=Flyttbar IP
+label.portable.ip.range.details=Portabel IP-rekke detaljer
+label.portable.ip.ranges=Transportable IP-rekker
+label.portable.ips=Portabel IP-rekke
 label.port.forwarding.policies=Regler for portvideresending
 label.port.forwarding=Portvideresending
 label.port=Port
 label.port.range=Portrekke
+label.PreSetup=Forberedt Konfigurasjon
 label.prev=Forrige
 label.previous=Forrige
 label.primary.allocated=Prim\u00e6rlagring allokert
 label.primary.network=Prim\u00e6rnettverk
+label.primary.storage.count=Prim\u00e6rlagrings Pool
+label.primary.storage.limits=Prim\u00e6rlagring Maxgrense (GiB)
 label.primary.storage=Prim\u00e6rlagring
 label.primary.used=Prim\u00e6rlagring brukt
 label.private.Gateway=Privat Gateway
+label.private.interface=Privat Grensesnitt
 label.private.ip=Privat IP-adresse
 label.private.ip.range=Privat IP-rekke
 label.private.ips=Private IP-adresser
+label.privatekey=PKCS\#8 Privat N\u00f8kkel
 label.private.network=Privat nettverk
 label.private.port=Privat port
 label.private.zone=Privat sone
@@ -912,35 +1136,50 @@ label.project.name=Prosjektnavn
 label.project=Prosjekt
 label.projects=Prosjekter
 label.project.view=Prosjektvisning
+label.protocol.number=Protokollnummer
 label.protocol=Protokoll
 label.providers=Tilbydere
 label.provider=Tilbyder
+label.public.interface=Offentlig Grensesnitt
 label.public.ip=Offentlig IP-adresse
 label.public.ips=Offentlig IP-adresser
+label.public.load.balancer.provider=Offentlig Lastbalanserer Tilbyder
 label.public.network=Offentlig nettverk
 label.public=Offentlig
 label.public.port=Offentlig port
 label.public.traffic=Offentlig trafikk
+label.public.traffic.vswitch.name=Offentlig Trafikk vSwitch Navn
+label.public.traffic.vswitch.type=Offentlig Trafikk vSwitch Type
 label.public.zone=Offentlig sone
 label.purpose=Form\u00e5l
 label.Pxe.server.type=PXE Servertype
 label.qos.type=QoS Type
+label.quickview=Hurtigvisning
+label.quiesce.vm=Quiesce VM
+label.quiet.time.sec=Quiet Tid (sekunder)
 label.rbd.id=Cephx user
 label.rbd.monitor=Ceph monitor
 label.rbd.pool=Ceph pool
 label.rbd=RBD
+label.rbd.secret=Cephx hemmelig
 label.reboot=Restart
+label.recent.errors=Nylige feil
 label.recover.vm=Gjenopprett VM
 label.redundant.router.capability=Redundant ruter
 label.redundant.router=Redundant ruter
 label.redundant.state=Redundant tilstand
 label.refresh.blades=Oppdater blad(er)
 label.refresh=Oppfrisk
+label.regionlevelvpc=Region Niv\u00e5 VPC
 label.region=Region
 label.reinstall.vm=Reinstaller VM
 label.related=Relaterte
+label.release.account=Frigi fra Konto
+label.release.account.lowercase=Frigi fra konto
 label.release.dedicated.cluster=Frigj\u00f8r dedikert kluster
 label.release.dedicated.host=Frigj\u00f8r dedikert host
+label.release.dedicated.pod=Frigj\u00f8r Dedikert Pod
+label.release.dedicated.vlan.range=Frigj\u00f8r dedikerte VLAN rekke
 label.release.dedicated.zone=Frigj\u00f8r dedikert sone
 label.remind.later=P\u00e5minn meg senere
 label.remove.ACL=Fjern ACL
@@ -956,7 +1195,9 @@ label.remove.region=Fjern region
 label.remove.rule=Fjern regel
 label.remove.static.nat.rule=Fjern statisk NAT-regel
 label.remove.static.route=Fjern statisk rute
+label.remove.tier=Fjern gren
 label.remove.vm.from.lb=Fjern VM fra lastbalanseringsregel
+label.remove.vm.load.balancer=Fjern VM fra lastbalanserer
 label.remove.vmware.datacenter=Fjern VMware datasenter
 label.remove.vpc=fjern VPC
 label.remove.vpc.offering=Fjern VPC tilbud
@@ -964,21 +1205,30 @@ label.removing=Fjerner
 label.removing.user=Fjerner Bruker
 label.reource.id=Ressurs ID
 label.replace.acl=Erstatt ACL
+label.replace.acl.list=Erstatt ACL Liste
 label.required=P\u00e5krevd
 label.requires.upgrade=Krever oppgradering
+label.reserved.ip.range=Reservert IP-rekke
+label.reserved.system.gateway=Reservert System Gateway
 label.reserved.system.ip=Reservert System IP
+label.reserved.system.netmask=Reservert system nettmaske
+label.resetVM=Resett VM
 label.reset.VPN.connection=Resett VPN-tilkobling
 label.resize.new.offering.id=Nytt tilbud
 label.resize.new.size=Ny st\u00f8rrelse (GB)
 label.resize.shrink.ok=Krympe OK
+label.resource.limit.exceeded=Ressursbegrensning Overskridet
 label.resource.limits=Ressursbegrensninger
 label.resource.name=Ressursnavn
 label.resource=Ressurs
 label.resources=Ressurser
+label.resource.state=Ressurs Status
+label.response.timeout.in.sec=Respons Tidsavbrudd (sekunder)
 label.restart.network=Nettverksomstart
 label.restart.required=Omstart p\u00e5krevd
 label.restart.vpc=Omstart VPC
 label.restore=Gjenopprett
+label.retry.interval=Nyfors\u00f8k Intervall 
 label.review=Gjennomg\u00e5
 label.revoke.project.invite=Tilbakekall invitasjonen
 label.role=Rolle
@@ -987,24 +1237,42 @@ label.root.disk.controller=Root diskkontroller
 label.root.disk.offering=Root disktilbud
 label.root.disk.size=Rotdiskst\u00f8rrelse
 label.router.vm.scaled.up=RuterVM skalert opp
+label.routing.host=Ruter Vert
 label.routing=Ruting
 label.rule.number=Regelnummer
 label.rules=Regler
 label.running.vms=Kj\u00f8rende VMer
 label.s3.access_key=Aksessn\u00f8kkel
+label.s3.bucket=B\u00f8tte
+label.s3.connection_timeout=Tilkoblingsavbrudd
+label.s3.endpoint=Endepunkt
+label.s3.max_error_retry=Max Feil Nyfors\u00f8k
 label.s3.nfs.path=S3 NFS Sti
 label.s3.nfs.server=S3 NFS Server
 label.s3.secret_key=Hemmelig n\u00f8kkel
+label.s3.socket_timeout=Socket Timeout
 label.s3.use_https=Bruk HTTPS
+label.saml.enable=Autoriser SAML SSO
+label.saml.entity=Identitets Tilbydere
 label.saturday=L\u00f8rdag
 label.save.and.continue=Lagre og fortsett
 label.save=Lagre
 label.saving.processing=Lagrer....
+label.scale.up.policy=Oppskalerings policy
+label.scope=Omfang
 label.search=S\u00f8k
+label.secondary.isolated.vlan.id=Sekund\u00e6r Isolert VLAN ID
+label.secondary.staging.store.details=Sekund\u00e6rmellomlagringsomr\u00e5de detaljer
+label.secondary.staging.store=Sekund\u00e6rmellomlagringsomr\u00e5de
+label.secondary.storage.count=Sekund\u00e6rlagrings Pool
+label.secondary.storage.details=Sekund\u00e6rlagringsdetaljer
+label.secondary.storage.limits=Sekund\u00e6rlagringsbregrensninger (GiB)
 label.secondary.storage=Sekund\u00e6rlagring
 label.secondary.storage.vm=Sekund\u00e6rlagring VM
+label.secondary.used=Sekund\u00e6rlagringsplass brukt
 label.secret.key=Hemmelig n\u00f8kkel
 label.security.group.name=Sikkerhetsgruppenavn
+label.security.groups.enabled=Sikkerhetsgrupper Aktivert
 label.security.group=Sikkerhetsgruppe
 label.security.groups=Sikkerhetsgrupper
 label.select.a.template=Velg en mal
@@ -1016,11 +1284,13 @@ label.select.offering=Velg tilbud
 label.select.project=Velg prosjekt
 label.select.region=Velg region
 label.select.template=Velg Mal
+label.select.tier=Velg gren
 label.select=Velg
 label.select-view=Velg visning
 label.select.vm.for.static.nat=Velg instans for statisk NAT
 label.sent=Sendt
 label.server=Tjener
+label.service.capabilities=Tjeneste Evner
 label.service.offering=Tjenestetilbud
 label.service.state=Tjeneste Status
 label.services=Tjenester
@@ -1032,6 +1302,7 @@ label.setup=Oppsett
 label.setup.zone=Soneoppsett
 label.set.up.zone.type=Oppsett av sonetype
 label.shared=Delt
+label.SharedMountPoint=SharedMountPoint
 label.show.advanced.settings=VIs avanserte instillinger
 label.show.ingress.rule=Vis ingressregel
 label.shutdown.provider=Steng tilbyder
@@ -1041,9 +1312,13 @@ label.skip.guide=Jeg har brukt CloudStack tidligere. Hopp over denne veiviseren
 label.smb.domain=SMB Domene
 label.smb.password=SMB Passord
 label.smb.username=SMB Brukernavn
+label.snapshot.limits=\u00d8yeblikksbildebegrensning
+label.snapshot.name=\u00d8yeblikksbildenavn
+label.snapshot.schedule=Sett Opp Gjentagende \u00f8yeblikksbilder
 label.snapshot.s=\u00d8yeblikksbilde(r)
 label.snapshots=\u00d8yeblikksbilder
 label.snapshot=\u00d8yeblikksbilde
+label.SNMP.community=SNMP Community
 label.SNMP.port=SNM Port
 label.sockets=CPU Sokkel
 label.source.ip.address=Kilde IP-adresse
@@ -1059,11 +1334,13 @@ label.srx=SRX
 label.start.IP=Start-IP
 label.start.lb.vm=Start LB VM
 label.start.port=Start port
+label.start.reserved.system.IP=F\u00f8rste reserverte system IP
 label.start.vlan=Start VLAN
 label.start.vxlan=Start VXLAN
 label.state=Status
 label.static.nat.enabled=Statisk NAT aktivert
 label.static.nat=Statistk NAT
+label.static.nat.to=Statisk NAT til
 label.static.nat.vm.details=Statisk NAT VM Detaljer
 label.statistics=Statistikk
 label.status=Status
@@ -1078,37 +1355,67 @@ label.step.4.title=Steg 4\: <strong>Nettverk</strong>
 label.step.5=Steg 5
 label.step.5.title=Steg 5\: <strong>Repetere</strong>
 label.stickiness=Klebrighet
+label.stickiness.method=Klebrighetmetode
+label.sticky.cookie-name=Cookie navn
 label.sticky.domain=Domene
 label.sticky.expire=Utl\u00f8per
+label.sticky.holdtime=Oppholds tid
+label.sticky.indirect=Indirekte
 label.sticky.length=Lengde
 label.sticky.mode=Modus
+label.sticky.name=Sticky navn
+label.sticky.nocache=Ingen cache
+label.sticky.postonly=Send bare
+label.sticky.prefix=Prefiks
+label.sticky.request-learn=L\u00e6r Foresp\u00f8rsel
 label.sticky.tablesize=Tabellst\u00f8rrelse
 label.stop.lb.vm=Stop LB VM
 label.stopped.vms=Stoppede VMer
 label.stop=Stopp
 label.storage=Lagring
+label.storage.pool=Lagringspool
 label.storage.tags=Merkelapper for lagring
 label.storage.traffic=Lagringstrafikk
 label.storage.type=Lagringstype
 label.subdomain.access=Tilgang for underdomene
+label.submit=Send
+label.submitted.by=[Innsendt av\: <span id\="submitted_by"></span>]
 label.succeeded=Vellykket
 label.sunday=S\u00f8ndag
+label.super.cidr.for.guest.networks=Super CIDR for gjestenettverk
 label.supported.services=St\u00f8ttede Tjenester
 label.supported.source.NAT.type=Supporterte kilde-NAT typer
+label.supportsstrechedl2subnet=St\u00f8tter strekket L2 subnet
 label.suspend.project=Suspender prosjekt
 label.switch.type=Svitsjtype
 label.system.capacity=Systemkapasistet
+label.system.offering.for.router=Systemtilbud for Rutere
 label.system.offering=Systemtilbud
+label.system.service.offering=Systemtjenestetilbud
 label.system.vm.details=SystemVM-detaljer
 label.system.vm.scaled.up=SystemVM skalert opp
 label.system.vms=System VMer
 label.system.vm=System VM
+label.system.vm.type=SystemVM-type
+label.system.wide.capacity=Systemomfattende kapasistet
 label.tagged=Tagget
+label.tag.key=Merkelapp Key
 label.tags=Tagger
+label.tag.value=Tag Verdi
+label.target.iqn=M\u00e5l IQN
 label.task.completed=Oppgave utf\u00f8rt
+label.template.limits=Malbegrensninger
 label.template=Mal
 label.TFTP.dir=TFTP-mappe
+label.tftp.root.directory=TFTP rot-mappe
+label.theme.default=Standardtema
+label.theme.grey=Tilpasset - Gr\u00e5
+label.theme.lightblue=Tilpasset - Lys Gr\u00e5
+label.threshold=Terskel
 label.thursday=Torsdag
+label.tier.details=VPC-gren detaljer
+label.tier=Gren
+label.timeout.in.second = Tidsavrbudd (sekunder)
 label.timeout=Tidsavbrudd
 label.time=Tid
 label.time.zone=Tidssone
@@ -1118,8 +1425,12 @@ label.total.cpu=Totalt CPU
 label.total.CPU=Totalt CPU
 label.total.hosts=Totalt Verter
 label.total.memory=Totalt minne
+label.total.of.ip=Totalt IP-adresser
+label.total.of.vm=Totalt av VM
 label.total.storage=Totalt lagring
+label.total.virtual.routers=Total antall virtuelle rutere
 label.total.virtual.routers.upgrade=Totalt antall virtuelle routere som trenger oppgradering
+label.total.vms=Totalt VMs
 label.traffic.label=Trafikketikett
 label.traffic.types=Trafikktyper
 label.traffic.type=Trafikktype
@@ -1129,7 +1440,9 @@ label.type.lower=type
 label.type=Type
 label.ucs=UCS
 label.unavailable=Utilgjengelig
+label.unhealthy.threshold=Usunn Terskel
 label.unlimited=Ubegrenset
+label.untagged=Utagget
 label.update.project.resources=Oppdater prosjektressurser
 label.update.ssl.cert= SSL-sertifikat
 label.update.ssl= SSL-sertifikat
@@ -1139,12 +1452,16 @@ label.upgrade.router.newer.template=Oppgrader ruter til nyere mal
 label.upload=Last opp
 label.upload.volume=Last opp volum
 label.url=URL
+label.usage.interface=Bruker Grensesnitt
+label.usage.sanity.result=Forbruks Tilregnelighet Resultat
+label.usage.server=Forbruks Tjener
 label.used=Brukt
 label.user=Bruker
 label.user.data=Brukerdata
 label.username=Brukernavn
 label.username.lower=brukernavn
 label.users=Brukere
+label.user.vm=Bruker VM
 label.use.vm.ip=Bruk VM IP\:
 label.use.vm.ips=Bruk VM IPer
 label.value=Verdi
@@ -1160,6 +1477,7 @@ label.vcipaddress=vCenter IP-adresse
 label.version=Versjon
 label.vgpu.max.resolution=Maks oppl\u00f8sning
 label.vgpu.max.vgpu.per.gpu=VGPUs per GPU
+label.vgpu.remaining.capacity=Gjenst\u00e5ende kapasitet
 label.vgpu.type=vGPU type
 label.vgpu=VGPU
 label.vgpu.video.ram=Video RAM
@@ -1169,7 +1487,11 @@ label.viewing=Viser
 label.view.more=Vis mer
 label.view.secondary.ips=Se sekund\u00e6re IPer
 label.view=Vis
+label.virtual.appliance.details=Virtuelt apparat detaljer
+label.virtual.appliances=Virtuelle Apparater
+label.virtual.appliance=Virtuellt Apparat
 label.virtual.machines=Virtuelle maskiner
+label.virtual.networking=Virtuelt Nettverk
 label.virtual.network=Virtuelt-nettverk
 label.virtual.routers.group.account=Virtuelle rutere gruppert p\u00e5 konto
 label.virtual.routers.group.cluster=Virtuelle rutere gruppert p\u00e5 kluster
@@ -1179,7 +1501,12 @@ label.virtual.routers=Virtuelle rutere
 label.virtual.router=Virtuell ruter
 label.vlan.id=VLAN/VNI ID
 label.vlan.only=VLAN
+label.vlan.range.details=VLAN-rekke detaljer
+label.vlan.ranges=VLAN-rekke(r)
+label.vlan.range=VLAN/VNI Rekke
 label.vlan=VLAN/VNI
+label.vlan.vni.ranges=VLAN/VNI Rekke(r)
+label.vlan.vni.range=VLAN/VNI Rekke
 label.vm.add=Legg til Instans
 label.vm.destroy=Destruer
 label.vm.display.name=Visningsnavn for VM
@@ -1190,6 +1517,9 @@ label.vm.ip=VM IP Adresse
 label.vm.name=VM-navn
 label.vm.password=Passord til VM er
 label.vm.reboot=Restart
+label.VMs.in.tier=VMer i VPC-gren
+label.vmsnapshot.current=isCurrent
+label.vmsnapshot.memory=\u00d8yeblikksbilde av minne
 label.vmsnapshot.parentname=Forelder
 label.vmsnapshot.type=Type
 label.vmsnapshot=VM \u00d8yeblikksbilder
@@ -1205,6 +1535,7 @@ label.vnet.id=VLAN/VNI ID
 label.vnet=VLAN/VNI
 label.vnmc.devices=VNMC enheter
 label.vnmc=VNMC
+label.volatile=volatil
 label.volgroup=Volumgruppe
 label.volume.details=Volumdetaljer
 label.volume.limits=Volumbegrensninger
@@ -1218,10 +1549,18 @@ label.VPC.limits=VPC begrensninger
 label.vpc.offering.details=VPC tilbudsdetaljer
 label.vpc.offering=VPC tilbud
 label.VPC.router.details=VPC ruterdetaljer
+label.vpc.supportsregionlevelvpc=St\u00f8tter Region Niv\u00e5 VPC
+label.vpc.virtual.router=VPC virtuell ruter
 label.vpc=VPC
 label.VPN.connection=VPN-tilkobling
+label.vpn.customer.gateway=VPN Kundegateway
+label.VPN.customer.gateway=VPN Kundegateway
 label.VPN.gateway=VPN Gateway
 label.vpn=VPN
+label.vsmctrlvlanid=Kontroll VLAN ID
+label.vsmpktvlanid=Pakke VLAN ID
+label.vsmstoragevlanid=Lagrings VLAN ID
+label.vsphere.managed=Administrert Av vSphere
 label.vswitch.name=vSwitch navn
 label.vSwitch.type=vSwitch type
 label.vxlan.id=VXLAN ID
@@ -1251,86 +1590,207 @@ label.zone.step.2.title=Steg 2\: <strong>Legg til en sone</strong>
 label.zone.step.3.title=Steg 3\: <strong>Legg til en pod</strong>
 label.zone.step.4.title=Steg 4\: <strong>Legg til en IP-rekke</strong>
 label.zone.type=Sonetype
+label.zone.wide=Sone omfattende
+label.zoneWizard.trafficType.guest=Gjest\: Trafikk mellom brukeres virtuelle maskiner
+label.zoneWizard.trafficType.management=Administrasjon\: Trafikk mellom CloudStacks interne ressurser, inkludert eventuelle komponenter som kommuniserer med administrasjonsservere, som verter og CloudStack systemVMer
+label.zoneWizard.trafficType.public=Offentlig\: nettverkstrafikk mellom internet og VMs i CloudStack.
+label.zoneWizard.trafficType.storage=Lagring\: Trafikk mellom prim\u00e6r og sekund\u00e6rlagringsservere, slik som VM-maler og \u00f8yeblikksbilder.
+managed.state=Administrert Status
 message.acquire.ip.nic=Vennligst bekreft at du vil allokere en ny sekund\u00e6r IP for dette nettverkskortet. <br />NB\: Du m\u00e5 manuelt konfigurere den nye sekund\u00e6r-IPen i den virtuelle maskinen.
 message.acquire.new.ip=Vennligst bekreft at du \u00f8nsker \u00e5 anskaffe en ny IP for dette nettverket
+message.acquire.new.ip.vpc=Vennligst bekreft at du \u00f8nsker \u00e5 hente en ny IP for denne VPC.
+message.acquire.public.ip=Vennligst velg en sone som du vil hente ny IP fra.
+message.action.cancel.maintenance=Din vert har vellykket blitt kansellert for vedlikehold. Denne prosessen kan ta opptil flere minutter.
+message.action.cancel.maintenance.mode=Vennligst bekreft at du \u00f8nsker \u00e5 kansellere dette vedlikeholdet.
+message.action.change.service.warning.for.instance=Din instans m\u00e5 v\u00e6re stopped f\u00f8r du fors\u00f8ker \u00e5 endret n\u00e5v\u00e6rende tjenestetilbud.
 message.action.change.service.warning.for.router=Din ruter m\u00e5 v\u00e6re stoppet f\u00f8r du kan fors\u00f8ke \u00e5 endre n\u00e5v\u00e6rende servicetilbud.
 message.action.delete.cluster=Vennligst bekreft at du vil slette denne klyngen.
 message.action.delete.disk.offering=Vennligst bekreft at du \u00f8nsker \u00e5 slette dette disktilbudet.
 message.action.delete.domain=Vennligst bekreft at du vil slette dette domenet.
+message.action.delete.external.firewall=Vennligst bekreft at du vil fjerne denne eksterne brannmuren. Advarsel\: hvis du planlegger \u00e5 legge tilbake den samme eksterne brannmuren, m\u00e5 du resette bruksdataene p\u00e5 enheten.
+message.action.delete.external.load.balancer=Vennligst bekreft at du \u00f8nsker \u00e5 fjerne denne eksterne lastbalansereren. Advarsel\: hvis du planlegger \u00e5 legge til den samme eksterne lastbalansereren senere, m\u00e5 du resette bruksdataene p\u00e5 enheten.
 message.action.delete.ingress.rule=Vennligst bekreft at du \u00f8nsker \u00e5 slette denne inng\u00e5ende regel.
 message.action.delete.ISO.for.all.zones=Denne ISO er brukt av alle soner. Vennligst bekreft at du \u00f8nsker \u00e5 slette den fra alle soner.
 message.action.delete.ISO=Vennligst bekreft at du vil slette denne ISO.
 message.action.delete.network=Vennligst bekreft at du vil slette dette nettverket.
 message.action.delete.nexusVswitch=Vennligst bekreft at du \u00f8nsker \u00e5 slette denne nexus 1000v
+message.action.delete.nic=Vennligst bekreft at du vil fjerne dette NIC, noe som ogs\u00e5 vil fjerne det assosierte nettverket fra VMen.
 message.action.delete.physical.network=Vennligst bekreft at du \u00f8nsker \u00e5 slette dette fysiske nettverk
 message.action.delete.pod=Vennligst bekreft at du vil slette denne pod.
 message.action.delete.primary.storage=Vennligst bekreft at du \u00f8nsker \u00e5 slette denne prim\u00e6rlagring.
 message.action.delete.secondary.storage=Vennligst bekreft at du \u00f8nsker \u00e5 slette denne sekund\u00e6rlagring.
 message.action.delete.security.group=Vennligst bekreft at du \u00f8nsker \u00e5 slette denne sikkerhetsgruppe.
 message.action.delete.service.offering=Vennligst bekreft at du \u00f8nsker \u00e5 slette dette servicetilbud.
+message.action.delete.snapshot=Vennligst bekreft at du \u00f8nsker \u00e5 slette dette \u00f8yeblikksbildet.
 message.action.delete.system.service.offering=Vennligst bekreft at du \u00f8nsker \u00e5 slette dette system-servicetilbud.
 message.action.delete.template.for.all.zones=Denne mal er brukt av alle soner. Vennligst bekreft at du \u00f8nsker \u00e5 slette den fra alle soner.
 message.action.delete.template=Vennligst bekreft at du vil slette denne mal.
 message.action.delete.volume=Vennligst bekreft at du vil slette dette volumet.
 message.action.delete.zone=Vennligst bekreft at du \u00f8nsker \u00e5 slette denne sone.
 message.action.destroy.instance=Vennligst bekreft at du \u00f8nsker \u00e5 fjerne denne instansen.
+message.action.destroy.systemvm=Vennligst bekreft at du \u00f8nsker \u00e5 \u00f8delegge denne System VM.
+message.action.disable.cluster=Vennligst bekreft at du \u00f8nsker \u00e5 detaktivere denne klyngen.
 message.action.disable.nexusVswitch=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere denne nexus 1000v
 message.action.disable.physical.network=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere dette fysiske nettverket.
 message.action.disable.pod=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne poden
+message.action.disable.static.NAT=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere statisk NAT.
 message.action.disable.zone=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere denne sonen.
 message.action.downloading.template=Laster ned mal.
 message.action.download.iso=Vennligst bekreft at du \u00f8nsker \u00e5 laste ned denne ISO.
 message.action.download.template=Vennligst bekreft at du \u00f8nsker \u00e5 laste ned denne malen.
 message.action.enable.cluster=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne klyngen.
+message.action.enable.maintenance=Din vert har vellykket blitt forberedt for vedlikehold. Denne prosessen kan ta opptil flere minutter.
 message.action.enable.nexusVswitch=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne nexus 1000v
 message.action.enable.physical.network=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere dette fysiske nettverket.
 message.action.enable.pod=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne poden.
 message.action.enable.zone=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne sonen.
+message.action.expunge.instance=Vennligst bekreft at du vil permanent slette denne instansen.
+message.action.force.reconnect=Din vert har vellykket blitt tvunget til \u00e5 koble til p\u00e5 nytt. Denne prosessen kan ta noen minutter.
+message.action.host.enable.maintenance.mode=Aktivering av vedlikeholdsmodus vil for\u00e5rsake migrering av alle kj\u00f8rende instanser p\u00e5 denne vert til hvilken som helst annen tilgjengelig vert.
+message.action.instance.reset.password=Vennligst bekreft ay du \u00f8nsker \u00e5 endre ROOT-passordet for denne virtuelle maskin.
+message.action.manage.cluster=Vennligst bekreft at du \u00f8nsker \u00e5 administrere denne klyngen.
+message.action.primarystorage.enable.maintenance.mode=Advarsel\: setting av prim\u00e6rlagring i vedlikeholdsmodus vil for\u00e5rsake at alle VMer som benytter volum fra det vil bli stoppet. \u00d8nsker du \u00e5 fortsette?
 message.action.reboot.instance=Vennligst bekreft at du vill restarte denne instansen.
+message.action.reboot.router=Alle tjenester levert fra denne virtuelle ruter vil bli avbrutt. Vennligst bekreft at du \u00f8nsker \u00e5 restarte denne ruteren.
 message.action.reboot.systemvm=Vennligst bekreft at du vil restarte denne system VM
+message.action.release.ip=Vennligst bekreft at du \u00f8nsker \u00e5 frigi denne IP.
 message.action.remove.host=Vennligst bekreft at du vil gjerne denne tjeneren.
+message.action.reset.password.off=Din instans st\u00f8tter forel\u00f8pig ikke denne funksjonen.
+message.action.reset.password.warning=Din instans m\u00e5 v\u00e6re stoppet f\u00f8r man fors\u00f8ker \u00e5 bytte n\u00e5v\u00e6rende passord.
+message.action.restore.instance=Vennligst bekreft at du \u00f8nsker \u00e5 gjenopprette denne instansen.
+message.action.revert.snapshot=Vennligst bekreft at du \u00f8nsker \u00e5 gjenopprette volumet til dette \u00f8yeblikksbildet.
 message.action.start.instance=Vennligst bekreft at du \u00f8nsker \u00e5 starte denne instansen.
 message.action.start.router=Vennligst bekreft at du vil starte denne ruter.
 message.action.start.systemvm=Vennligst bekreft at du vil starte denne system VM.
 message.action.stop.instance=Vennligst bekreft at du vil stoppe denne instansen.
+message.action.stop.router=Alle tjenester levert fra denne virtuelle ruter vil bli avbrutt. Vennligst bekreft at du \u00f8nsker \u00e5 stoppe denne ruteren.
 message.action.stop.systemvm=Vennligst bekreft at du vil stoppe denne system VM.
 message.action.take.snapshot=Vennligst bekreft at du vil ta et \u00f8yeblikksbilde av dette volumet.
+message.action.unmanage.cluster=Vennligst bekreft at du ikke \u00f8nsker \u00e5 administere klyngen.
+message.action.vmsnapshot.delete=Vennligst bekreft at du \u00f8nsker \u00e5 slette dette VM \u00f8yeblikksbilde.
+message.action.vmsnapshot.revert=Tilbakestill VM \u00f8yeblikksbilde
 message.activate.project=Er du sikker p\u00e5 du \u00f8nsker \u00e5 aktivere dette prosjektet?
+message.add.cluster=Legg til en hypervisor-administrert klynge for sone <b><span id\="zone_name"></span></b>, pod <b><span id\="pod_name"></span></b>
+message.add.cluster.zone=Legg til en hypervisor-administrert klynge for sone <b><span id\="zone_name"></span></b>
+message.add.disk.offering=Vennligst spesifiser f\u00f8lgende parametere for \u00e5 legge til et nytt disktjenestetilbud
 message.add.domain=Vennligst bekreft underdomenet du \u00f8nsker \u00e5 opprette under dette domenet
 message.add.firewall=Legg en brannmur til sonen
 message.add.guest.network=Vennligst bekreft at du \u00f8nsker \u00e5 legge til gjestenettverk
+message.add.host=Vennligst spesifiser f\u00f8lgende parametere for \u00e5 legge til en ny vert
 message.adding.host=Legger til vert
 message.adding.Netscaler.device=Legg til NetScaler-enhet
+message.adding.Netscaler.provider=Legger til Netscaler leverand\u00f8r
+message.add.ip.range.direct.network=Legg til en IP-rekke til et direkte-nettverk <b><span id\="directnetwork_name"></span></b> i sone <b><span id\="zone_name"></span></b>
+message.add.ip.range=Legg til en IP-rekke til offentlige nettverk i sonen
+message.add.ip.range.to.pod=<p>Legg til IP-addresser til pod\: <b><span id\="pod_name_label"></span></b></p>
+message.additional.networks.desc=Vennligst velg tilleggsnettverk som din virtuelle instans vil v\u00e6re tilkoblet.
+message.add.load.balancer=Legg til lastbalanserer i sone
 message.add.load.balancer.under.ip=Lastbalanseringsregelen har blitt lagt til under IP\:
+message.add.network=Legg til nytt nettverk for sone\: <b><span id\="zone_name"></span></b>
+message.add.new.gateway.to.vpc=Vennligst spesifiser f\u00f8lgende p\u00e5krevd informasjon for \u00e5 legge til en ny gateway i dette VPC nettverket.
+message.add.pod.during.zone.creation=Hver sone m\u00e5 inneholde en eller flere pods, og vi legger til den f\u00f8rste poden n\u00e5. En pod inneholder verter og prim\u00e6rlagring, som du legger til i et senere steg. F\u00f8rst, konfigurer en rekke med reserverte IP-adresser for CloudStacks interne administrasjonstrafikk. Den reserverte IP-rekken m\u00e5 v\u00e6re unik for hver sone i en sky.
+message.add.pod=Legg til ny pod for sone <b><span id\="add_pod_zone_name"></span></b>
+message.add.primary.storage=Legg til ny prim\u00e6rlagring for sone <b><span id\="zone_name"></span></b>, pod <b><span id\="pod_name"></span></b>
+message.add.primary=Vennligst spesifiser f\u00f8lgende paramtere for \u00e5 legge til ny hovedlagring.
+message.add.region=Vennligst spesifiser f\u00f8lgende p\u00e5krevd informasjon for \u00e5 legge til en ny region.
+message.add.secondary.storage=Legg til ny lagring for sone <b><span id\="zone_name"></span></b>
+message.add.service.offering=Vennligst skriv inn f\u00f8lgende data for \u00e5 legge til et nytt datakraftstilbud.
+message.add.system.service.offering=Vennligst skriv inn f\u00f8lgende data for \u00e5 legge til et nytt systemtjenestetilbud.
+message.add.template=Vennligst skriv inn f\u00f8lgende data for \u00e5 opprette din nye mal
+message.add.volume=Vennligst skriv inn f\u00f8lgende data for \u00e5 legge til et nytt volum.
 message.add.VPN.gateway=Vennligst bekreft at du \u00f8nsker \u00e5 legge til en VPN Gateway
+message.admin.guide.read=For VMware-baserte VMer, vennligst les avsnittet om dynamisk skalering i administrasjonsdokumentasjonen f\u00f8r skalering. \u00d8nsker du \u00e5 fortsette?\\,
+message.advanced.mode.desc=Velg denne nettverksmodellen hvis du \u00f8nsker \u00e5 aktivere VLAN-st\u00f8tte. Denne nettverksmodellen gir den st\u00f8rste fleksibiliteten ved \u00e5 tillate administatorer \u00e5 lage egne nettverkstilbud som \u00e5 tilby brannmur, vpn og lastbalanserings-st\u00f8tte s\u00e5 vel som \u00e5 tillate direkte mot virtuelt nettverk.
+message.advanced.security.group=Velg dette hvis du \u00f8nsker \u00e5 bruke sikkerhetsgrupper for \u00e5 tilby gjeste-VM isolering.
+message.advanced.virtual=Velg dette hvis du \u00f8nsker \u00e5 bruke soneomfattende VLAN for \u00e5 tilby gjeste-VM isolering.
+message.after.enable.s3=S3-st\u00f8ttet sekund\u00e6rlagring konfigurert. Merk\: N\u00e5r du forlater denne siden s\u00e5 vil det ikke v\u00e6re mulig \u00e5 konfigurere S3 p\u00e5 nytt.
+message.after.enable.swift=Swift konfigurert. Merk\: N\u00e5r du forlater denne siden s\u00e5 vil det ikke v\u00e6re mulig konfigurere Swift p\u00e5 nytt.
 message.alert.state.detected=Alarm oppdaget
+message.allow.vpn.access=Vennligst skriv inn et brukernavn og passord for brukeren du til gi VPN-tilgang.
+message.apply.snapshot.policy=Du har oppdatert den n\u00e5v\u00e6rende \u00f8yeblikksbilde policyen.
+message.attach.iso.confirm=Vennligst bekreft at du vil tildele ISOen til denne virtuelle instans.
+message.attach.volume=Vennligst fyll inn f\u00f8lgende data for \u00e5 tilknytte et nytt volum. Hvis du tilknytter et diskvolum til en Windows-basert virtuell maskin s\u00e5 er du n\u00f8dt til \u00e5 restarte instansen for \u00e5 se den tilknyttede disken.
+message.basic.mode.desc=Velg denne nettverksmodellen hvis du <b>*<u>ikke</u>*</b> vil aktivere VLAN st\u00f8tte. Alle virtuelle instnanser opprettet under denne nettverksmodellen vil bli tildelt en IP direkte fra nettverket og sikkerhetsgrupper blir benyttet for \u00e5 tilby sikkerhet og segregering.
+message.change.offering.confirm=Vennligst bekreft at du vil forandre servicetilbudet for denne virtuelle maskinen.
 message.change.password=Vennligst endre ditt passord
+message.cluster.dedicated=Dedikert Til Klynge
+message.cluster.dedication.released=Klynge dedikering frigjort
+message.configure.all.traffic.types=Du har flere fysiske nett; vennligst konfigurer etiketter for hver trafikktype ved \u00e5 klikke p\u00e5 Rediger-knappen.
 message.configure.ldap=Bekreft at du \u00f8nsker \u00e5 konfigurere LDAP.
 message.configuring.guest.traffic=Konfigurerer gjestetrafikk
 message.configuring.physical.networks=Konfigurer fysisk nettverk
 message.configuring.public.traffic=Konfigurerer offentlig trafikk
 message.configuring.storage.traffic=Konfigurerer lagringstrafikk
+message.confirm.action.force.reconnect=Vennligst bekreft at du \u00f8nsker \u00e5 tvinge et nytt tilkoblingsfors\u00f8k for denne vert.
+message.confirm.add.vnmc.provider=Vennligst bekreft at du \u00f8nsker \u00e5 installere denne VNMC tilbyderen.
+message.confirm.archive.alert=Vennlgist bekreft at du vil arkivere denne varslingen.
+message.confirm.archive.event=Vennligst bekreft at du \u00f8nsker \u00e5 arkivere denne hendelsen.
+message.confirm.archive.selected.alerts=Vennligst bekreft at du \u00f8nsker \u00e5 arkivere valgte varsler
+message.confirm.archive.selected.events=Er du sikker p\u00e5 at du vil arkivere valgte hendelser
+message.confirm.attach.disk=Er du sikker p\u00e5 at du vil tildele disk?
+message.confirm.create.volume=Er du sikker p\u00e5 at du vil opprette volum?
+message.confirm.current.guest.CIDR.unchanged=\u00d8nsker du \u00e5 beholde n\u00e5v\u00e6rende gjestenettverks CIDR uendret?
+message.confirm.dedicate.cluster.domain.account=Bekreft at du vil dedikere denne klyngen til et domene / en konto?
+message.confirm.dedicate.host.domain.account=\u00d8nsker du virkelig \u00e5 dedikere denne verten til et domene/konto?
+message.confirm.dedicate.pod.domain.account=\u00d8nsker du virkelig \u00e5 dedikere denne pod til et domene/konto?
+message.confirm.dedicate.zone=\u00d8nsker du virkelig \u00e5 dedikere denne sonen til et domene/konto?
+message.confirm.delete.acl.list=Er du sikker p\u00e5 at du \u00f8nsker \u00e5 slette denne ACL listen?
+message.confirm.delete.alert=Er du sikker p\u00e5 at du vil slette denne varslingen ?
+message.confirm.delete.BrocadeVcs=Vennligst bekreft at du vil slette denne Brocade Vcs svitsjen
 message.confirm.delete.ciscoASA1000v=Vennligst bekreft at du vil slette CiscoASA1000v
+message.confirm.delete.ciscovnmc.resource=Vennligst bekreft at du vil slette CiscoVNMC
 message.confirm.delete.F5=Vennligst bekreft at du \u00f8nsker \u00e5 slette F5
+message.confirm.delete.internal.lb=Vennligst bekreft at du \u00f8nsker \u00e5 slette Intern LB
 message.confirm.delete.NetScaler=Vennligst bekreft at du \u00f8nsker \u00e5 slette Netscaler
+message.confirm.delete.NuageVsp=Vennligst bekreft at du \u00f8nsker \u00e5 slette Nuage Virtualized Service Directory
 message.confirm.delete.PA=Vennligst bekreft at du vil slette Palo Alto
+message.confirm.delete.secondary.staging.store=Vennligst bekreft at du vil slette dette sekund\u00e6rmellomlagringsomr\u00e5de.
 message.confirm.delete.SRX=Vennligst bekreft at du \u00f8nsker \u00e5 slette SRX
+message.confirm.delete.ucs.manager=Vennligst bekreft at du \u00f8nsker \u00e5 slette UCS Manager
 message.confirm.destroy.router=Vennligst bekreft at du \u00f8nsker \u00e5 fjerne denne ruteren
+message.confirm.disable.host=Vennligst bekreft at du vil detaktivere denne vert
 message.confirm.disable.network.offering=Er du sikker p\u00e5 at du vil deaktivere dette nettverkstilbudet?
 message.confirm.disable.provider=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere denne tilbyderen
+message.confirm.disable.vnmc.provider=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere denne VNMC tilbyderen.
 message.confirm.disable.vpc.offering=Er du sikker p\u00e5 at du vil deaktivere dette VPC tilbudet?
+message.confirm.enable.host=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere verten
 message.confirm.enable.network.offering=Vil du aktivere dette nettverkstilbudet?
 message.confirm.enable.provider=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne tilbyderen
+message.confirm.enable.vnmc.provider=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne VNMC tilbyderen.
+message.confirm.enable.vpc.offering=Er du sikker p\u00e5 at du vil aktivere dette VPC nettverkstilbudet?
 message.confirm.join.project=Vennligst bekreft at du \u00f8nsker \u00e5 delta i dette prosjektet.
+message.confirm.migrate.volume=\u00d8nsker du \u00e5 migrere dette volumet?
+message.confirm.refresh.blades=Vennligst bekreft at du vil oppdatere blade status.
+message.confirm.release.dedicated.cluster=Vil du aktivere denne dedikerte klyngen?
+message.confirm.release.dedicated.host=\u00d8nsker du \u00e5 frigi denne dedikerte verten ?
+message.confirm.release.dedicated.pod=\u00d8nsker du \u00e5 frigi denne dedikerte poden ?
+message.confirm.release.dedicated.zone=\u00d8nsker du \u00e5 frigi denne dedikerte sonen ?
+message.confirm.release.dedicate.vlan.range=Vennligst bekreft at du vil frigi denne dedierte VLAN-rekken
+message.confirm.remove.event=Er du sikker p\u00e5 at du vil fjerne denne hendelsen?
+message.confirm.remove.IP.range=Vennligst bekreft du til fjerne denne IP-rangen.
+message.confirm.remove.load.balancer=Vennligst bekreft at du vil fjerne VM fra lastbalanserer
 message.confirm.remove.network.offering=Er du sikker p\u00e5 at du vil fjerne dette nettverkstilbudet?
+message.confirm.remove.selected.alerts=Vennligst bekreft at du \u00f8nsker \u00e5 fjerne valgte alarmer
+message.confirm.remove.selected.events=Vennligst bekreft at du vil fjerne valgte hendelser
+message.confirm.remove.vmware.datacenter=Vennligst bekreft at du vil fjerne dette VMWare data senteret
 message.confirm.remove.vpc.offering=Er du sikker p\u00e5 at du vil fjerne dette VPC tilbudet?
+message.confirm.replace.acl.new.one=Vil du erstatte ACL med en ny?
 message.confirm.scale.up.router.vm=\u00d8nsker du \u00e5 skalere opp denne Ruter-VMen?
 message.confirm.scale.up.system.vm=\u00d8nsker du \u00e5 skalere opp denne system VM?
 message.confirm.shutdown.provider=Vennligst bekreft at du \u00f8nsker \u00e5 stenge denne tilbyderen
 message.confirm.start.lb.vm=Vennligst bekreft at du vil starte LB VM
 message.confirm.stop.lb.vm=Vennligst bekreft at du vil stoppe LB VM
+message.confirm.upgrade.router.newer.template=Vennligst bekreft at du vil oppgradere ruter til \u00e5 bruke nyere mal
+message.confirm.upgrade.routers.account.newtemplate=Vennligst bekreft at du vil oppgradere alle rutere i denne kontoen til \u00e5 bruke en nyere mal
+message.confirm.upgrade.routers.cluster.newtemplate=Vennligst bekreft at du vil oppgradere alle rutere i denne klyngen til \u00e5 bruke en nyere mal
+message.confirm.upgrade.routers.newtemplate=Vennligst bekreft at du vil oppgradere alle rutere i denne sonen til \u00e5 bruke en nyere mal
+message.confirm.upgrade.routers.pod.newtemplate=Vennligst bekreft at du vil oppgradere alle rutere i denne pod til \u00e5 bruke en nyere mal
+message.copy.iso.confirm=Vennligst bekreft at du vil kopiere din ISO til
 message.copy.template.confirm=\u00d8nsker du \u00e5 kopiere malen?
+message.copy.template=Kopier template <b id\="copy_template_name_text">XXX</b> fra sone <b id\="copy_template_source_zone_text"></b> til
 message.create.template=Er du sikker p\u00e5 at du \u00f8nsker \u00e5 lage malen?
+message.create.template.vm=Lage VM fra template <b id\="p_name"></b>
+message.create.template.volume=Vennligst spesifiser f\u00f8lgende informasjon f\u00f8r opprettelse av en mal for ditt diskvolum\: <b><span id\="volume_name"></span></b>. Opprettelse av malen kan ta flere minutter og lenger avhengig av st\u00f8rrelsen p\u00e5 volumet.
 message.creating.cluster=Oppretter klynge
 message.creating.guest.network=Oppretter gjestenettverk
 message.creating.physical.networks=Oppretter fysiske nettverk
@@ -1340,21 +1800,49 @@ message.creating.secondary.storage=Oppretter sekund\u00e6rlagring
 message.creating.systemVM=Oppretter system-VMer (dette kan ta litt tid)
 message.creating.zone=Oppretter sone
 message.decline.invitation=Er du sikker p\u00e5 du \u00f8nsker \u00e5 avvise denne prosjektinvitasjonen?
+message.dedicated.zone.released=Sone dedikering frigitt
+message.dedicate.zone=Dedikerer sone
+message.delete.account=Vennligst bekreft at du vil slette denne kontoen.
+message.delete.affinity.group=Vennligst bekreft du til fjerne denne affinitetsgruppen.
 message.delete.gateway=Vennligst bekreft at du \u00f8nsker \u00e5 slette gateway
 message.delete.project=Er du sikker p\u00e5 du \u00f8nsker \u00e5 slette dette prosjektet?
 message.delete.user=Vennligst bekreft at du \u00f8nsker \u00e5 slette denne bruker.
 message.delete.VPN.connection=Vennligst bekreft at du \u00f8nsker \u00e5 slette VPN-tilkobling
+message.delete.VPN.customer.gateway=Vennligst bekreft at du \u00f8nsker \u00e5 slette denne VPN gatewayen
+message.delete.VPN.gateway=Vennligst bekreft at du \u00f8nsker \u00e5 slette denne VPN gatewayen
+message.desc.advanced.zone=For mer avanserte nettverks topologier. Denne nettverks modellen gir flest egenskaper rundt definisjon av gjestenettverk og gir alternativer for tilpassede netverkstilbud, slik for brannmurer, VPN og lastbalanserere.
+message.desc.basic.zone=Gir et enkelt nettverk hvor alle virtuelle instanser blir tildelt en IP-adresse direkte fra nettverket. Isolering av gjester kan tilbys p\u00e5 lag-3 ved hjelp av sikkerhetsgrupper (IP-adresse kilde-filtrering).
+message.desc.cluster=Hver pod m\u00e5 inneholde en eller flere pods, og vi vil installere den f\u00f8rste klyngen n\u00e5. En klynge har til form\u00e5l \u00e5 samle en gruppe hypervisor verter. All vertene i en klynge m\u00e5 ha identisk marskinvare, kj\u00f8re samme hypervisor, v\u00e6re p\u00e5 samme nettverk, og ha tilgang til den samme prim\u00e6rlagringsenheten. Hver klynge best\u00e5r av en eller flere verter og en eller flere prim\u00e6rlagrings verter.
+message.desc.host=Hver klynge m\u00e5 inneholde minst en vert (datamaskin) for gjester \u00e5 kj\u00f8re p\u00e5, og vi legger til den f\u00f8rste n\u00e5. For at en vert skal fungere i CloudStack m\u00e5 du installere hypervisor-programvare p\u00e5 den, tildele en IP-adresse og s\u00f8rge for at den er tilkoblet CloudStacks administrasjonsserver.<br/><br/>Oppgi vertens DNS- eller IP-adresse, brukernavnet (vanligvis root) og passord, og eventuelle etiketter du \u00f8nsker \u00e5 kategorisere den med.
+message.desc.primary.storage=Hver klynge m\u00e5 inneholde en eller flere prim\u00e6rlagringer, og vi skal legge til den f\u00f8rste n\u00e5. Prim\u00e6rlagring inneholder diskvolumer for alle maskiner som kj\u00f8rer p\u00e5 verter i klyngen. Bruk hvilken som helst standard-protokoll den underliggende hypervisoren st\u00f8tter.
+message.desc.secondary.storage=Hver sone m\u00e5 ha minst en NFS eller sekund\u00e6rlagringsserver og vi vil legge til den f\u00f8rste n\u00e5. Sekund\u00e6rlingsserveren lagrer VM-maler, ISO-bilder og VM-disk \u00f8yeblikksbilder. Denne serveren m\u00e5 v\u00e6re tilgjengelig for alle verter i denne sonen. <br/><br/>Oppgi IP-adresseng og eksportert sti.
+message.desc.zone=En sone er den st\u00f8rste gruppe enheten i en CloudStack installasjon. En sone er typisk sett p\u00e5 som et datasenter. En sone best\u00e5r av en eller flere pods (hver pod inneholder hypervisor verter og prim\u00e6rlagringsenheter) og en sekund\u00e6rlagringsenhet som er delt mellom alle pods i sonen.
 message.detach.disk=Er du sikker p\u00e5 at du \u00f8nsker \u00e5 frakoble denne disken?
+message.detach.iso.confirm=Vennligst bekreft at du \u00f8nsker \u00e5 frakoble ISOen fra denne virtuelle instansen.
+message.disable.account=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere denne kontoen. Ved \u00e5 deaktivere kontoen s\u00e5 vil alle brukere av denne kontoen ikke lenger ha tilgang til sine skyressurser. Alle virtuelle maskiner vil bli skrudd av umiddelbart.
+message.disable.snapshot.policy=Du har deaktivert den n\u00e5v\u00e6rende \u00f8yeblikksbilde policyen.
 message.disable.user=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere denne bruker.
+message.disable.vpn.access=Vennligst bekreft at du \u00f8nsker \u00e5 deaktivere VPN-tilgang.
 message.disable.vpn=Er du sikker p\u00e5 at du vil deaktivere VPN?
 message.disabling.network.offering=Deaktiverer nettverkstilbud
 message.disabling.vpc.offering=Deaktiverer VPC tilbud
 message.disallowed.characters=Ikke tillatte tegn\: \\<\\,\\>
+message.download.ISO=Vennligst klikk <a href\="\#">00000</a> for \u00e5 laste ned ISO
+message.download.template=Vennligst klikk <a href\="\#">00000</a> for \u00e5 laste ned mal
+message.download.volume.confirm=Vennligst bekreft at du \u00f8nsker \u00e5 laste ned dette volumet.
+message.download.volume=Vennligst klikk <a href\="\#">00000</a> for \u00e5 laste ned volumet
+message.edit.account=Oppdater ("-1" indikerer at det ikke er satt \u00f8vre grense for resursbruk)
+message.edit.confirm=Vennligst bekreft dine endringer f\u00f8r du klikker "Lagre".
+message.edit.limits=Oppdater \u00f8vre grense for resursbruk. "-1" indikerer at det ikke er satt \u00f8vre grense.
+message.edit.traffic.type=Vennligst oppgi trafikk-etiketten du \u00f8nsker knyttet til denne trafikktypen.
 message.enable.account=Bekreft at du \u00f8nsker \u00e5 aktivere denne kontoen.
+message.enabled.vpn=Din fjerntilkoblings-VPN er aktivert og kan n\u00e5s via IPen
 message.enabled.vpn.ip.sec=Din IPSec delte n\u00f8kkel (psk) er
 message.enable.user=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere denne bruker.
+message.enable.vpn.access=VPN er deaktivert for denne IP-adressen. \u00d8nsker du \u00e5 aktivere VPN-tilgang?
 message.enable.vpn=Vennligst bekreft at du \u00f8nsker \u00e5 aktivere VPN-tilgang for denne IP-adressen
 message.enabling.network.offering=Aktiver nettverkstilbud
+message.enabling.security.group.provider=Aktiverer sikkerhetsgruppetilbyder
 message.enabling.vpc.offering=Aktiverer VPC tilbud
 message.enabling.zone=Aktiverer sonen
 message.enabling.zone.dots=Aktiverer sone...
@@ -1362,14 +1850,29 @@ message.enter.seperated.list.multiple.cidrs=Skriv inn en kommaseparert liste ove
 message.enter.token=Vennligst skriv inn koden du fikk i invitasjonsmailen.
 message.generate.keys=Vennligst bekreft at du \u00f8nsker \u00e5 generere nye n\u00f8kler for denne bruker.
 message.gslb.delete.confirm=Vennligst bekreft at du vil slette denne GSLB
+message.gslb.lb.remove.confirm=Vennligst bekreft at du vil slette lastbalansering fra GSLB
+message.guest.traffic.in.advanced.zone=Gjestetrafikk er kommunikasjon mellom sluttbrukers virtuelle maskiner. Spesifiser en rekke med VLAN-ider som kan inneholde gjestetrafikk for hvert fysiske nettverk.
+message.guest.traffic.in.basic.zone=Gjestetrafikk er kommunikasjon mellom sluttbrukers virtuelle gjester. Spesifiser en rekke med IP-adresser som CloudStack kan tildele virtuelle gjester. S\u00f8rg for at denne rekken ikke overlapper IP-rekken(e) som er reservert systemmaskiner.
+message.host.dedicated=Dedikert Vert
+message.host.dedication.released=Vert dedikering frigitt
 message.installWizard.click.retry=Klikk p\u00e5 knappen for \u00e5 pr\u00f8ve oppstart p\u00e5 nytt.
+message.installWizard.copy.whatIsACluster=En klynge har til form\u00e5l \u00e5 samle en gruppe hypervisor verter. All vertene i en klynge m\u00e5 ha identisk marskinvare, kj\u00f8re samme hypervisor, v\u00e6re p\u00e5 samme subnett, og ha tilgang til den samme prim\u00e6rlagringsenheten.   Kj\u00f8rende virtuelle maskiner (VM) kan migreres fra en vert i klyngen til en annen uten avbrudd for brukeren. En klynge er den tredje st\u00f8rste enheten i CloudStack. En pod inneholder en eller flere klynger, og en sone inneholder en eller flere pods. <br/><br/>CloudStack can inneholde en eller flere klynger, men for en basic installasjon trengs bare en.
+message.installWizard.copy.whatIsAHost=En vert er en enkelt datamaskin. Verter tilbyr ressurser som kan gj\u00f8re virtuelle gjester. Hver vert har hypervisor-programvare installert for \u00e5 administrere gjestene (bortsett fra r\u00e5jern-verter, som er et spesialtilfelle diskutert i den avanserte installasjonsguiden). For eksempel, en Linux KVM-aktivert server, en Citrix XenServer server og en ESXi server er verter. I en enkel installasjon bruker vi en enkelt vert som kj\u00f8rer XenServer eller KVM.<br/><br/>Verten er den minste organisasjonsenheten i en CloudStack-installasjon. Verter er del av klynger, klynger er del av poder og poder er del av soner.
+message.installWizard.copy.whatIsAPod=En pod representerer ofte et enkelt rack. Verter i samme pod er i samme subnett.<br/><br/>En pod er den nest st\u00f8rste enheten i en CloudStack-installasjon. Poder er en del av soner. Hver sone kan inneholde en eller flere poder; i en enkel installasjon vil du kun ha en pod i sonen.
+message.installWizard.copy.whatIsAZone=En sone er den st\u00f8rste gruppe enheten i en CloudStack installasjon. En sone er typisk sett p\u00e5 som et datasenter, selv om man kan ha flere datasenter i en sone. CloudStack infrastrukturen kan deles inn i soner for \u00e5 isolere og \u00e5 gi redundans. Hver sone kan for eksempel ha sin egen data senter str\u00f8mtilf\u00f8rsel og nettverkslink, og soner kan v\u00e6re spredd over st\u00f8rre distanser.
+message.installWizard.copy.whatIsCloudStack=CloudStack&\#8482 er en programvare-plattform som grupperer dataressurser for \u00e5 bygge offentlige, private og hybride infrastruktur som en tjeneste (IaaS) skyer. CloudStack&\#8482 administrerer nettverk, lagring og regnekraft-verter som til sammen blir en sky-infrastruktur. Bruk CloudStack&\#8482 til \u00e5 distribuere, administrerre og konfigurere dine skyressurser og milj\u00f8er.<br/><br/>Utvid forbi individuelle virtuelle gjester som kj\u00f8rer p\u00e5 typisk maskinvare, CloudStack&\#8482 gir en skybasert infrastruktur-programvare for levering av virtuelle datasentre som en tjeneste - lever alle de essensielle komponenente for \u00e5 bygge, distribuere og administrere multi-tier og multi-tenant sky-applikasjoner. B\u00e5de fri kildekode- og premium-versjoner er tilgjengelig, hvor den fri kildekode-basert gir tiln\u00e6rmet samme funksjonalitet.
+message.installWizard.copy.whatIsPrimaryStorage=En CloudStack&\#8482 sky-infrastruktur tar i bruk to typer lagring\: prim\u00e6rlagring og sekund\u00e6rlagring. <br/><br/><strong>Prim\u00e6rlagring</strong> er assosiert med en klynge, og lagrer datadisker for hver gjest som kj\u00f8rer i den klyngen. Prim\u00e6rlagring er typisk plassert n\u00e6rt den faktiske verten.
+message.installWizard.copy.whatIsSecondaryStorage=Sekund\u00e6rlagring er assosiert med en sone, og lagrer f\u00f8lgende\: <ul><li>Maler - OS-bilder som kan brukes til \u00e5 starte opp virtuelle gjester og kan inkludere ekstra konfigurasjon, som installerte applikasjoner</li><li>ISO-bilder - Bilder som kan v\u00e6re bootbare eller ikke-bootbare.</li><li>Diskvolum \u00f8yeblikksbilder - Lagrede kopier av virtuelle gjester som kan benyttes til rekonstruksjon eller for \u00e5 lage nye maler</li></ul>
+message.installWizard.now.building=Bygger n\u00e5 din nettsky...
 message.installWizard.tooltip.addCluster.name=Klyngenavnet. Dette kan v\u00e6re hva som helst og er ikke benyttet av CloudStack.
 message.installWizard.tooltip.addHost.hostname=DNS-navnet eller IP-adressen til verten.
 message.installWizard.tooltip.addHost.password=Dette er passordet for brukeren gjengitt ovenfor (fra din XenServer-installasjon).
 message.installWizard.tooltip.addHost.username=Vanligvis root.
 message.installWizard.tooltip.addPod.name=Et navn for poden
+message.installWizard.tooltip.addPod.reservedSystemEndIp=Dette er IP-rekken i det private nettverket som CloudStack bruker for \u00e5 administrere Sekund\u00e6rlagrins-servere og Konsollproxy-servere. Disse IP-adressene tas fra samme subnett som regnekraft-serverne.
 message.installWizard.tooltip.addPod.reservedSystemGateway=Gatewayen til vertene i poden.
 message.installWizard.tooltip.addPod.reservedSystemNetmask=Nettmasken benyttet p\u00e5 subnettet gjestene vil bruke.
+message.installWizard.tooltip.addPod.reservedSystemStartIp=Dette er IP-rekken i det private nettverket som CloudStack bruker for \u00e5 administrere Sekund\u00e6rlagrins-servere og Konsollproxy-servere. Disse IP-adressene tas fra samme subnett som regnekraft-serverne.
 message.installWizard.tooltip.addPrimaryStorage.name=Navnet p\u00e5 lagringsenheten.
 message.installWizard.tooltip.addPrimaryStorage.path=(for NFS) I NFS er dette den eksporterte filbanen fra serveren. Banen (for SharedMountPoint).  Med KVM er dette banen p\u00e5 hver vert hvor denne prim\u00e6re lagringen er tilkoblet.  For eksempel\: "mnt/primary".
 message.installWizard.tooltip.addPrimaryStorage.server=(for NFS, iSCSI eller PreSetup) IP-adressen eller DNS-navnet til lagringsenheten.
@@ -1377,17 +1880,25 @@ message.installWizard.tooltip.addSecondaryStorage.nfsServer=IP-adressen til NFS-
 message.installWizard.tooltip.addSecondaryStorage.path=Den eksporterte filbanen, fra serveren du spesifiserte ovenfor
 message.installWizard.tooltip.addZone.dns1=Dette er DNS-serveren som benyttes av gjeste-VMer i sonen. Disse DNS-serverene vil bli aksessert via det offentlige nettverket du vil legge til senere. De offentlige IP-adressene for en sone m\u00e5 ha en rute til DNS-serveren navngitt her.
 message.installWizard.tooltip.addZone.dns2=Dette er DNS-serveren som benyttes av gjeste-VMer i sonen. Disse DNS-serverene vil bli aksessert via det offentlige nettverket du vil legge til senere. De offentlige IP-adressene for en sone m\u00e5 ha en rute til DNS-serveren navngitt her.
+message.installWizard.tooltip.addZone.internaldns1=Dette er DNS-servere som benyttes av systemmaskiner i sonen. Disse DNS-serverne vil bli aksessert via det private nettverksgrensesnittet til systemmaskinene. De private IP-adressene du oppgir for podene m\u00e5 ha en rute til DNS-serverne nevnt her.
+message.installWizard.tooltip.addZone.internaldns2=Dette er DNS-servere som benyttes av systemmaskiner i sonen. Disse DNS-serverne vil bli aksessert via det private nettverksgrensesnittet til systemmaskinene. De private IP-adressene du oppgir for podene m\u00e5 ha en rute til DNS-serverne nevnt her.
 message.installWizard.tooltip.addZone.name=Et navn for sonen
 message.installWizard.tooltip.configureGuestTraffic.description=En beskrivelse av nettverket
+message.installWizard.tooltip.configureGuestTraffic.guestEndIp=Rekken av IP-adresser som vil v\u00e6re tilgjengelig for allokering til gjester i denne sonen. Hvis ett grensesnitt er brukt, b\u00f8r disse IPene v\u00e6re i samme CIDR som podens CIDR.
 message.installWizard.tooltip.configureGuestTraffic.guestGateway=Gatewayen gjestene skal bruke
 message.installWizard.tooltip.configureGuestTraffic.guestNetmask=Nettmasken benyttet p\u00e5 subnettet gjestene skal bruke
+message.installWizard.tooltip.configureGuestTraffic.guestStartIp=Rekken av IP-adresser som vil v\u00e6re tilgjengelig for allokering til gjester i denne sonen. Hvis ett grensesnitt er brukt, b\u00f8r disse IPene v\u00e6re i samme CIDR som podens CIDR.
 message.installWizard.tooltip.configureGuestTraffic.name=Et navn for nettverket
 message.instance.scaled.up.confirm=\u00d8nsker du \u00e5 skalere opp denne instancen?
 message.instanceWizard.noTemplates=Du har ingen maler tilgjengelig. Vennligst legg til en kompatibel mal og kj\u00f8r instansveiviseren.
 message.ip.address.changed=Din IP-adresse kan ha endret seg. \u00d8nsker du \u00e5 oppdatere visningen? Merk at detaljvisningen vil i s\u00e5fall lukkes.
 message.iso.desc=Diskimage som inneholder data etter oppstartsbar media for OS
 message.join.project=Du har n\u00e5 deltatt i et prosjekt. Vennligst bytt til prosjektvisning for \u00e5 se prosjektet.
+message.launch.vm.on.private.network=\u00d8nsker du \u00e5 starte instancen din p\u00e5 ditt dedikerte nettverk?
+message.launch.zone=Sonen er klar for aktivering; vennligst fortsett til neste steg.
 message.listView.subselect.multi=(Ctrl/Cmd-klikk)
+message.lock.account=Vennligst bekreft at du \u00f8nsker \u00e5 l\u00e5se denne kontoen. Ved \u00e5 l\u00e5se kontoen s\u00e5 vil ingen brukere av denne kontoen kunne administere sine skyressurser. Eksisterende ressurser kan fortsatt bli aksessert.
+message.migrate.instance.confirm=Vennligst bekreft verten du \u00f8nsker \u00e5 migrere den virtuelle instansen til.
 message.migrate.instance.to.host=Vennligst bekreft at du \u00f8nsker \u00e5 migrere instansen til en annen vert.
 message.migrate.instance.to.ps=Vennligst bekreft at du \u00f8nsker \u00e5 migrere instansen til en annen sekund\u00e6r lagring.
 message.migrate.router.confirm=Vennligst bekreft verten du \u00f8nsker \u00e5 migrere ruteren til\:
@@ -1395,9 +1906,18 @@ message.migrate.systemvm.confirm=Vennligst bekreft verten du \u00f8nsker \u00e5
 message.migrate.volume=Vennligst bekreft at du \u00f8nsker \u00e5 migrere volumet til en annen prim\u00e6rlagring.
 message.network.addVM.desc=Vennligst spesifiser nettverket du vil legge til denne VMen. Et nytt NIC vil bli lagt til for dette nettverket.
 message.network.addVMNIC=Vennligst bekreft at du vil legge til ett nytt NIC for dette nettverket.
+message.new.user=Spesifiser f\u00f8lgende informasjon for \u00e5 legge til en ny bruker til denne kontoen
+message.no.affinity.groups=Du har ingen affinitetsgrupper. Fortsett til neste steg.
 message.no.host.available=Ingen hoster tilgjengelig for migrering
+message.no.network.support.configuration.not.true=Du har ingen soner med sikkerhetsgrupper aktivert. Derfor ingen ekstra nettverksfunksjoner. Fortsett til steg 5.
+message.no.network.support=Din valgte hypervisor, vSphere, har ikke flere nettverks evner. Forsett til punkt 5.
 message.no.projects.adminOnly=Du har ingen prosjekter.<br/>Vennligst be din administrator om \u00e5 opprette et nytt prosjekt.
 message.no.projects=Du har ingen prosjekter.<br/>Vennligst opprett et nytt fra prosjektseksjonen.
+message.number.clusters=<h2><span> \# av </span> Klynger</h2>
+message.number.hosts=<h2><span> \# av </span> Verter</h2>
+message.number.pods=<h2><span> \# av </span> Pods</h2>
+message.number.storage=<h2><span> \# av </span> Prim\u00e6rlagringsvolumer</h2>
+message.number.zones=<h2><span> \# av </span> Soner</h2>
 message.pending.projects.1=Du har f\u00f8lgende prosjektinvitasjoner\:
 message.pending.projects.2=For \u00e5 se, vennligst g\u00e5 til prosjektseksjonen og velg invitasjoner fra nedtrekksmenyen.
 message.please.add.at.lease.one.traffic.range=Vennligst legg til minst \u00e9tt trafikkniv\u00e5
@@ -1406,35 +1926,73 @@ message.please.select.a.configuration.for.your.zone=Vennligst velg en konfiguras
 message.please.select.a.different.public.and.management.network.before.removing=Vennligst velg et annet offentlig- og administrasjonsnettverk f\u00f8r du fjerner
 message.please.select.networks=Vennligst velg nettverk for din VM
 message.please.wait.while.zone.is.being.created=Vennlist vent mens din sone opprettes. Dette kan ta noe tid...
+message.pod.dedication.released=Pod dedikering frigitt
+message.portable.ip.delete.confirm=Vennligst bekreft at du vil slette denne portable IP-rekken
 message.project.invite.sent=Invitasjon sendt til bruker. De vil bli lagt til prosjektet s\u00e5 snart de har akseptert invitasjonen
+message.public.traffic.in.advanced.zone=Offentlig trafikk blir generert av verter i skyen som aksesserer internett. Offentlige IP-adresser m\u00e5 allokerers for dette form\u00e5et. Sluttbrukere kan bruke CloudStack brukergrensesnittet til \u00e5 foresp\u00f8rre om disse IP-adressene til \u00e5 implentere NAT mellom deres gjestenettverk og det offentlige nettverket.<br/><br/>Oppgi minst en rekke med IP-adresser for internettrafikk.
+message.public.traffic.in.basic.zone=Offentlig trafikk blir generert n\u00e5r virtuelle gjester i skyen aksesserer internett eller kan tilby tjenester til klienter over internett. Offentlig tilgjengelige IP-adresser m\u00e5 allokerers for dette form\u00e5let. N\u00e5r en instans opprettes vil en IP fra dette settet med Offentlige IP-adresser bli tildelt i tillegg til en gjeste-IP-adresse. Statisk 1-1 NAT vil ogs\u00e5 bli satt opp automatisk mellom the offentlige og den private IP-adressen. Sluttbrukere kan ogs\u00e5 bruke CloudStack brukergrensesnittet til \u00e5 tilegne ekstra IP-adresser for \u00e5 implementere statisk NAT mellom deres instans og den offentlige IP-adressen.
+message.read.admin.guide.scaling.up=Vennligst les avsnittet om dynamisk skalering i administrasjondokumentasjonen f\u00f8r du oppskalerer.
 message.recover.vm=Vennligst bekreft at du \u00f8nsker \u00e5 gjenopprette denne VMen.
+message.redirecting.region=Omdirigerer til region...
 message.reinstall.vm=Advarsel\: Fortsett med forsiktighet. Dette vil reinstallere VMen fra malen; data p\u00e5 rot-disken vil forsvinne. Ekstra datavolumer; hvis noen, vil ikke bli r\u00f8rt.
 message.remove.ldap=Er du sikker p\u00e5 at du vil slette LDAP-konfigurasjonen?
 message.remove.region=Er du sikker p\u00e5 at du vil fjerne denne regionen fra denne administrasjonsserveren?
 message.remove.vpc=Vennligst bekreft at du \u00f8nsker \u00e5 fjerne VPC
+message.remove.vpn.access=Vennligst bekreft at du \u00f8nsker \u00e5 fjerne VPN-tillgang fra f\u00f8lgende bruker.
 message.reset.password.warning.notPasswordEnabled=Denne malen vil bli opprettet uten passord
 message.reset.password.warning.notStopped=Din instans m\u00e5 stoppes f\u00f8r man fors\u00f8ker \u00e5 bytte n\u00e5v\u00e6rende passord
 message.reset.VPN.connection=Vennligst bekreft at du \u00f8nsker \u00e5 resette VPN-tilkobling
 message.restart.mgmt.server=Vennlist restart administrajonsserveren(e) din(e) for at de nye innstillingene skal tr\u00e5 i kraft.
+message.restart.mgmt.usage.server=Vennligst restart administrasjonsserveren(e) din(e) og bruksserver(e) for at de nye innstillingene skal tr\u00e5 i kraft
+message.restart.network=Alle tjenester fra dette nettverket vil bli avbrutt. Vennligst bekreft at du \u00f8nsker \u00e5 restarte dette nettverket.
 message.restart.vpc=Vennligst bekreft at du \u00f8nsker \u00e5 restarte VPC
 message.restoreVM=Vil du gjenopprette denne VMen?
+message.security.group.usage=(Bruk <strong>Ctrl-klikk</strong> for \u00e5 velge alle aktuelle sikkerhetsgrupper)
+message.select.affinity.groups=Vennligst velg en affinitetsgruppe denne VMen skal tilh\u00f8re\:
+message.select.a.zone=En sone er typisk sett p\u00e5 som et datasenter. Multiple soner gir  CloudStack bedre p\u00e5litelighet gjennom isolasjon og redundans.
 message.select.instance=Vennligst velg en instans.
 message.select.iso=Vennligst velg en ISO for din nye virtuelle instans.
 message.select.item=Vennligst velg et element
 message.select.security.groups=Vennligst velg sikkerhetsgruppe(r) for din nye VM
 message.select.template=Vennligst velg en mal for din nye virtuelle instans.
+message.select.tier=Vennligst velg en VPC-gren
 message.set.default.NIC.manual=Vennligst oppdater standard-NIC manuelt p\u00e5 VMen n\u00e5.
 message.set.default.NIC=Vennligst bekreft at du vil gj\u00f8re dette NIC til standard for denne VM.
+message.setup.physical.network.during.zone.creation.basic=N\u00e5r du legger til en enkel sone s\u00e5 kan du sette opp ett fysisk nettverk som korrensponderer til et NIC p\u00e5 hypervisor. Nettverket transporterer flere typer trafikk.<br/><br/> Du kan ogs\u00e5 <strong>drag og slippe</strong> andre trafikktyper over til det fysiske nettverket.
+message.setup.physical.network.during.zone.creation=N\u00e5r du legger til en avansert sone, m\u00e5 du konfigurere en eller flere fysiske nettverk. Hvert nettverk representerer et NIC p\u00e5 verten. Hvert fysiske nettverk kan inneholde en eller flere typer trafikk, med noen restriksjoner for hvordan de kan kombineres.<br/><br/><strong>Dra og slipp en eller flere nettverkstyper</strong> til hvert fysiske nettverk.
 message.setup.successful=Oppsettet av nettskyen er vellykket\!
+message.snapshot.schedule=Du kan sette opp gjentakende \u00f8yeblikksbilder ved \u00e5 velge fra tilgjengelige opsjoner nedenfor og aktivere dine preferanser.
+message.specifiy.tag.key.value=Vennligst bekreft tag n\u00f8kkel og verdi
 message.specify.url=Vennligst spesifiser URL
+message.step.1.continue=Vennligst velg en mal eller ISO for \u00e5 fortsette.
+message.step.1.desc=Vennligst velg en mal for din nye virtuelle instans. Du kan ogs\u00e5 velge en blank mal som du kan installere fra en ISO p\u00e5.
+message.step.2.continue=Velg et resurstilbud for \u00e5 fortsette
 message.step.2.desc=
+message.step.3.continue=Vennligst velg et disktilbud for \u00e5 fortsette
 message.step.3.desc=
+message.step.4.continue=Vennligst velg minst ett nettverk for \u00e5 fortsette
+message.step.4.desc=Vennligst velg prim\u00e6rnettverket som din virtuelle instans vil bli tilkoblet til.
+message.storage.traffic=Trafikk mellom CloudStacks interne ressurser, inkludert alle komponenter som kommuniserer med administrassjonsserver, som verter og CloudStack systemmaskiner. Vennligst konfigurer lagringstrafikk her.
 message.suspend.project=Er du sikker du \u00f8nsker \u00e5 pause dette prosjektet?
 message.systems.vms.ready=System-VMer klare.
 message.template.copying=Malen blir kopiert.
 message.template.desc=OS-image som kan brukes til \u00e5 starte VMer
+message.tier.required=VPC-gren er p\u00e5krevd.
+message.tooltip.dns.1=Oppgi en DNS server for bruk av VMer i denne sonen. De offentlige IP-adressene for denne sonen m\u00e5 ha en rute til denne serveren.
+message.tooltip.dns.2=En sekund\u00e6r DNS server for bruk av VMer i denne sonen. De offentlige IP-adressene for denne sonen m\u00e5 ha en rute til denne serveren.
+message.tooltip.internal.dns.1=Navn p\u00e5 en DNS-server for bruk av CloudStack interne systemVMer i sonen. Den private IP-adressen i podden m\u00e5 ha en rute til serveren.
+message.tooltip.internal.dns.2=Navn p\u00e5 en DNS-server for bruk av CloudStack interne systemVMer i sonen. Den private IP-adressen i podden m\u00e5 ha en rute til serveren.
+message.tooltip.network.domain=Et DNS suffiks som vil opprette et tilpasset domenenavn for nettverket som aksesseres av gjeste VMer.
 message.tooltip.pod.name=Et navn for denne pod.
+message.tooltip.reserved.system.gateway=Gatewayen til vertene i poden.
+message.tooltip.reserved.system.netmask=Nettverksprefiks som definerer podens subnett. Bruker CIDR-notasjon.
 message.tooltip.zone.name=Et navn for denne sonen.
+message.update.os.preference=Vennligst velg preferert OS for denne verten. Alle virtuelle instanser med lignende OS vil f\u00f8rst bli allokert til denne verten f\u00f8r andre velges.
+message.update.resource.count=Vennligst bekreft at du \u00f8nsker \u00e5 oppdatere ressurstellere for denne kontoen.
+message.update.ssl.failed=Oppdatering av SSL-sertifikat feilet.
+message.update.ssl.succeeded=Oppdatering av SSL-sertifikat vellykket
+message.update.ssl=Vennligst send inn en ny X.509 kompatibel SSL-sertifikatkjede for \u00e5 oppdatere hver konsollproxy og virtuell instans for sekund\u00e6rlagring\:
+message.validate.accept=Vennligst skriv inn en verdi med et gyldig prefiks.
 message.validate.creditcard=Vennligst oppgi et gyldig kredittkortnummer.
 message.validate.date.ISO=Vennligst skriv inn en gyldig dato (ISO).
 message.validate.date=Vennligst skriv inn en gyldig dato.
@@ -1443,6 +2001,7 @@ message.validate.email.address=Vennligst skriv inn en gyldig e-postadresse.
 message.validate.equalto=Vennligst skriv inn den samme verdien igjen.
 message.validate.fieldrequired=Dette feltet er p\u00e5krevd.
 message.validate.fixfield=Vennligst fiks dette feltet.
+message.validate.instance.name=Instansnavn kan ikke v\u00e6re lenger enn 63 tegn. Kun ACSCII bokstaver a~z, A~Z, tall 0~9, bindestrek er tillatt. M\u00e5 starte med en bokstav og slutte med en bokstav eller et tall.
 message.validate.invalid.characters=Ugyldige tegn funnet; vennligst korriger.
 message.validate.maxlength=Vennligst ikke skriv inn mer enn {0} tegn.
 message.validate.max=Skriv en verdi mindre enn eller lik {0}.
@@ -1451,8 +2010,14 @@ message.validate.number=Vennligst skriv inn et gyldig nummer.
 message.validate.range.length=Vennligst skriv inn en verdi som er mellom {0} og {1} tegn langt.
 message.validate.range=Skriv en verdi mellom {0} og {1}.
 message.validate.URL=Vennligst skriv inn en gyldig URL.
+message.virtual.network.desc=Et dedikert virtualisert nettverk for din konto. Kringkastingsdomenet er isolert inne i et VLAN og offentlig nettverkstrafikk er rutet ut av en virtuell ruter.
 message.vm.create.template.confirm=Oppretting av Mal vil restarte VM automatisk.
 message.vm.review.launch=Vennligst vurder f\u00f8lgende informasjon og bekreft at din virtuelle instans er korrekt f\u00f8r kj\u00f8ring
+message.vnmc.available.list=VNMC er ikke tilgjengelig fra tilbyder listen.
+message.vnmc.not.available.list=VNMC er ikke tilgjengelig fra tilbyder listen.
+message.volume.create.template.confirm=Vennligst bekreft at du \u00f8nsker \u00e5 lage en mal for dette diskvolumet. Opprettelse av male kan ta opptil flere minutter eller lenger, avhengig av st\u00f8rrelsen p\u00e5 volumet.
+message.waiting.for.builtin.templates.to.load=Venter p\u00e5 at innebygde maler skal lastes...
+message.XSTools61plus.update.failed=Feilet \u00e5 oppdatere original XS versjon er 6.1\\+ feltet. Feil\:
 message.you.must.have.at.least.one.physical.network=Du trenger minst ett fysisk nettverk
 message.your.cloudstack.is.ready=Din CloudStack er klar\!
 message.Zone.creation.complete=Opprettelsen av sonen utf\u00f8rt
@@ -1460,6 +2025,8 @@ message.zone.creation.complete.would.you.like.to.enable.this.zone=Soneopprettels
 message.zone.no.network.selection=Sonen du har valgt har ingen mulighet for valg av nettverk.
 message.zone.step.1.desc=Vennligst en nettverksmodell for din sone.
 message.zone.step.2.desc=Vennligst skriv inn f\u00f8lgende informasjon for \u00e5 legge til en ny sone
+message.zone.step.3.desc=Vennligst skriv inn f\u00f8lgende informasjon for \u00e5 legge til en ny pod
+message.zoneWizard.enable.local.storage=ADVARSEL\: Hvis du aktiverer lokal lagring for denne sonen m\u00e5 du gj\u00f8re f\u00f8lgende, avhengig av hvor du \u00f8nsker at systemmaskiner skal starte\:<br/><br/>1. Hvis systemmaskiner trenger \u00e5 starte fra delt lagring, m\u00e5 det legges til delt lagring etter at sonen er opprettet. Sonen m\u00e5 ogs\u00e5 startes som deaktivert.<br/><br/>2. Hvis systemmaskiner trenger \u00e5 starte fra lokal lagring, m\u00e5 system.vm.use.local.storage settes til true f\u00f8r du aktiverer sonen.<br/><br/><br/>Vil du fortsette?
 messgae.validate.min=Skriv en verdig st\u00f8rre enn eller lik {0}.
 mode=Modus
 network.rate=Nettverksrate
diff --git a/client/WEB-INF/classes/resources/messages_nl_NL.properties b/client/WEB-INF/classes/resources/messages_nl_NL.properties
index 848e20370f..1df4a627a1 100644
--- a/client/WEB-INF/classes/resources/messages_nl_NL.properties
+++ b/client/WEB-INF/classes/resources/messages_nl_NL.properties
@@ -53,6 +53,9 @@ label.account.name=Account Naam
 label.accounts=Accounts
 label.account.specific=Account-specifiek
 label.acl=ACL
+label.acl.id=ACL ID
+label.acl.name=ACL naam
+label.acl.replaced=ACL vervangen
 label.acquire.new.ip=Bemachtig nieuw IP
 label.acquire.new.secondary.ip=Verkrijg nieuw secundair IP
 label.action=Actie
@@ -65,8 +68,11 @@ label.action.cancel.maintenance.mode.processing=Onderhoudsmodus wordt geannuleer
 label.action.change.password=Wijzig Wachtwoord
 label.action.change.service.processing=Service wordt gewijzigd....
 label.action.change.service=Wijzig Service
+label.action.configure.samlauthorization=configureer SAML SSO authorisatie
 label.action.copy.ISO=Kopieer ISO
+label.action.copy.ISO.processing=Bezig een ISO te kopi\u00ebren...
 label.action.copy.template=Kopieer Template
+label.action.copy.template.processing=Bezig een template te kopi\u00ebren...
 label.action.create.template=Cre\u00eber Template
 label.action.create.template.from.vm=Cre\u00eber Template vanaf VM
 label.action.create.template.from.volume=Cre\u00eber Template van Volume
@@ -247,18 +253,22 @@ label.add.accounts.to=Voeg accounts toe aan
 label.add.accounts=Voeg accounts toe
 label.add.account.to.project=Voeg account aan project toe
 label.add.account=Voeg Account toe
+label.add.acl.list=voeg een ACL lijst toe
 label.add.ACL=Voeg ACL toe
 label.add.affinity.group=Nieuwe affinity groep toevoegen
 label.add.baremetal.dhcp.device=Voeg Baremetal DHCP Apparaat toe
 label.add.BigSwitchVns.device=Voeg BigSwitch Vns Controller toe
+label.add.BrocadeVcs.device=Voeg een Brocade Vcs switch toe
 label.add.by.cidr=Voeg toe door middel van CIDR
 label.add.by.group=Voeg toe door middel van Groep
 label.add.by=Voeg toe door middel van
+label.add.ciscoASA1000v=voeg CiscoASA1000v toe
 label.add.cluster=Voeg Cluster toe
 label.add.compute.offering=Voeg Compute aanbieding toe
 label.add.direct.iprange=Voeg Direct IP Range toe
 label.add.disk.offering=Voeg Schijf Aanbieding toe
 label.add.domain=Voeg Domein toe
+label.added.brocade.vcs.switch=een nieuwe Brocade Vcs switch is toegevoegd
 label.added.new.bigswitch.vns.controller=Nieuwe BigSwitch VNS Controller toegevoegd
 label.added.nicira.nvp.controller=Nieuwe Nicira NVP Controller toegevoegd
 label.add.egress.rule=Voeg uitgaande regel toe
@@ -277,12 +287,18 @@ label.adding.succeeded=Toevoegen geslaagd
 label.adding=Toevoegen
 label.adding.user=Bezig met toevoegen van Gebruiker
 label.adding.zone=Bezig met toevoegen van Zone
+label.add.intermediate.certificate=Voeg een intermediair certificaat toe
+label.add.internal.lb=voeg interne LB toe
 label.add.ip.range=Voeg IP range toe
+label.add.isolated.guest.network=Voeg een ge\u00efsoleerd netwerk toe
 label.add.isolated.network=Geisoleerd Netwerk Toevoegen
 label.additional.networks=Additioneele Netwerken
+label.add.LDAP.account=voeg LDAP rekening toe
+label.add.list.name=ACL lijst naam
 label.add.load.balancer=Voeg Load Balancer toe
 label.add.more=Voeg meer toe
 label.add.netScaler.device=Voeg Netscaler apparaat toe
+label.add.network.acl.list=voeg netwerk ACL lijst toe
 label.add.network.ACL=Voeg netwerk ACL toe
 label.add.network.device=Voeg Netwerk Apparaat toe
 label.add.network.offering=Voeg netwerk aanbieding toe
@@ -295,6 +311,7 @@ label.add.new.SRX=Voeg nieuwe SRX toe
 label.add.new.tier=Voeg nieuwe Tier toe
 label.add.nfs.secondary.staging.store=Secundaire Staging Opslag toevoegen
 label.add.NiciraNvp.device=Voeg NVP Controller toe
+label.add.NuageVsp.device=Voeg Nuage Virtualized Services Directory (VSD) toe
 label.add.OpenDaylight.device=OpenDaylight Controller toevoegen
 label.add.PA.device=Nieuw Palo Alto apparaat toevoegen
 label.add.physical.network=Voeg fysiek netwerk toe
@@ -343,9 +360,13 @@ label.affinity=Affinity
 label.affinity.group=Affinity Groep
 label.affinity.groups=Affinity Groepen
 label.agent.password=Agent wachtwoord
+label.agent.state=agent status
 label.agent.username=Agent Gebruikersnaam
 label.agree=Accepteren
 label.alert=Alarm
+label.alert.archived=waarschuwing gearchiveerd
+label.alert.deleted=waarschuwing verwijderd
+label.alert.details=waarschuwing gegevens
 label.algorithm=Algoritme
 label.allocated=Gebruikt
 label.allocation.state=Verbruik Staat
@@ -354,10 +375,13 @@ label.anti.affinity=Anti-affinity
 label.anti.affinity.group=Anti-affinity Groep
 label.anti.affinity.groups=Anti-affinity Groepen
 label.api.key=API Sleutel
+label.api.version=API versie
 label.apply=Uitvoeren
 label.app.name=CloudStack
 label.archive.alerts=Archiveer waarschuwingen
+label.archive=archief
 label.archive.events=Archiveer evenementen
+label.assigned.vms=toegewezen VMs
 label.assign.instance.another=Wijs instantie toe aan een andere Account
 label.assign=Toevoegen
 label.assign.to.load.balancer=Voeg instantie toe aan load balancer
@@ -392,6 +416,8 @@ label.broadcast.domain.type=Broadcast Domain Type
 label.broadcast.uri=Broadcast URI
 label.broadcasturi=broadcasturi
 label.broadcat.uri=broadcast URI
+label.brocade.vcs.address=Vcs switch adres
+label.brocade.vcs.details=Brocade Vcs switch gegevens
 label.by.account=Op Account
 label.by.alert.type=Op alarm type
 label.by.availability=Op Beschikbaarheid
@@ -413,7 +439,9 @@ label.by.type=Op Type
 label.by.zone=Op Zone
 label.cache.mode=Schrijf cache Type
 label.cancel=Annuleer
+label.capacity.bytes=Capaciteit in bytes
 label.capacity=Capaciteit
+label.capacity.iops=Capaciteit in IOPS
 label.certificate=Certificaat
 label.change.affinity=Wijzig Affinity
 label.change.service.offering=Wijzig service aanbieding
@@ -447,7 +475,7 @@ label.compute.offering=Compute aanbieding
 label.compute.offerings=Compute aanbiedingen
 label.configuration=Configuratie
 label.configure=Configureer
-label.configure.ldap=Configureer LDAP
+label.configure.ldap=configureer LDAP
 label.configure.network.ACLs=Configureer Netwerk ACLs
 label.configure.vpc=Configureer VPC
 label.confirmation=Bevestiging
@@ -458,7 +486,9 @@ label.console.proxy=Console proxy
 label.console.proxy.vm=Console Proxy VM
 label.continue.basic.install=Ga door met basis installatie
 label.continue=Ga door
+label.copying.iso=bezig ISO te kopi\u00ebren
 label.corrections.saved=Correcties opgeslagen
+label.counter=teller
 label.cpu.allocated=CPU gebruik
 label.cpu.allocated.for.VMs=CPU gebruikt voor VMs
 label.CPU.cap=CPU Cap
@@ -497,15 +527,20 @@ label.default.egress.policy=Standaard Uitgaande policy
 label.default=Standaard
 label.default.use=Standaard Gebruik
 label.default.view=Standaard Weergave
+label.delete.acl.list=verwijder ACL list
 label.delete.affinity.group=Verwijder Affinity Groep
 label.delete.alerts=Verwijder waarschuwingen
 label.delete.BigSwitchVns=Verwijder BigSwitch Vns Controller
+label.delete.BrocadeVcs=Verwijder Brocade Vcs Switch
+label.delete.ciscoASA1000v=verwijder CiscoASA1000v
 label.delete.ciscovnmc.resource=CiscoVNMC resource verwijderen
 label.delete.events=Verwijder gebeurtenissen
 label.delete.F5=Verwijder F5
 label.delete.gateway=Verwijder gateway
+label.delete.internal.lb=verwijder interne LB
 label.delete.NetScaler=Verwijder NetScaler
 label.delete.NiciraNvp=Verwijder Nvp Controller
+label.delete.NuageVsp=Verwijder Nuage VSD
 label.delete.OpenDaylight.device=OpenDaylight Controller verwijderen
 label.delete.PA=Verwijder Palo Alto
 label.delete.portable.ip.range=Porteerbare IP Range verwijderen
@@ -535,9 +570,11 @@ label.device.id=Apparaat ID
 label.devices=Apparaten
 label.dhcp=DHCP
 label.DHCP.server.type=DHCP Server Type
+label.direct.attached.public.ip=direct verbonden publieke IP
 label.direct.ips=Shared Netwerk IPs
 label.disable.autoscale=Autoscale uitschakelen
 label.disabled=Uitgeschakeld
+label.disable.host=schakel host uit
 label.disable.network.offering=Netwerk Aanbieding Uitschakelen
 label.disable.provider=Provider uitschakelen
 label.disable.vnmc.provider=VNMC provider uitschakelen
@@ -555,6 +592,7 @@ label.disk.iops.read.rate=Lees Snelheid Schijf (IOPS)
 label.disk.iops.total=IOPS Totaal
 label.disk.iops.write.rate=Schrijf snelheid Schijf (IOPS)
 label.disk.offering=Schijf Aanbieding
+label.disk.provisioningtype=Provisioning type
 label.disk.read.bytes=Schijf lezen (Bytes)
 label.disk.read.io=Schijf Lezen (IO)
 label.disk.size.gb=Schijf Grootte (in GB)
@@ -565,6 +603,7 @@ label.disk.write.bytes=Schijf Schrijven (Bytes)
 label.disk.write.io=Schijf Schrijven (IO)
 label.display.name=Weergavenaam
 label.display.text=Weergavetekst
+label.distributedrouter=gedistribueerde router
 label.dns.1=DNS 1
 label.dns.2=DNS 2
 label.dns=DNS
@@ -580,7 +619,9 @@ label.done=Klaar
 label.double.quotes.are.not.allowed=Aanhalingstekens zijn hier niet toegestaan
 label.download.progress=Download Voortgang
 label.drag.new.position=Sleep naar nieuwe positie
+label.duration.in.sec=duur (in sec)
 label.dynamically.scalable=Dynamisch Schaalbaar
+label.edit.acl.rule=wijzig ACL regel
 label.edit.affinity.group=Wijzig Affinity Groep
 label.edit.lb.rule=Wijzig LB regel
 label.edit.network.details=Wijzig netwerk details
@@ -599,6 +640,7 @@ label.elastic.LB=Elastisch LB
 label.email=Email
 label.email.lower=email
 label.enable.autoscale=Autoscale inschakelen
+label.enable.host=schakel host in
 label.enable.network.offering=Netwerk Aanbieding Inschakelen
 label.enable.provider=Provider inschakelen
 label.enable.s3=S3-gebaseerde Secondary Storage inschakelen
@@ -614,14 +656,19 @@ label.endpoint=Endpoint
 label.endpoint.or.operation=Endpoint or Operation
 label.end.port=Eind Poort
 label.end.reserved.system.IP=Einde gereserveerde systeem IP
+label.end.vlan=Laatste VLAN
+label.end.vxlan=Laatste VXLAN
 label.enter.token=Voer token in
 label.error.code=Fout code
 label.error=Fout
+label.error.upper=FOUT
 label.ESP.encryption=ESP Encryptie
 label.ESP.hash=ESP Hash
 label.ESP.lifetime=ESP Lifetime (secondes)
 label.ESP.policy=ESP policy
 label.esx.host=ESX/ESXi Host
+label.event.archived=gebeurtenis gearchiveerd
+label.event.deleted=Event verwijderd
 label.example=Voorbeeld
 label.expunge=Ruim op
 label.external.link=Externe link
@@ -659,6 +706,7 @@ label.gslb.assigned.lb=toegewezen load balancing
 label.gslb.delete=GSLB verwijderen
 label.gslb.details=GSLB details
 label.gslb.domain.name=GSLB Domein Naam
+label.gslb=GSLB
 label.gslb.lb.details=load balancing details
 label.gslb.lb.remove=verwijder load balancing van deze GSLB
 label.gslb.lb.rule=load balancing regel
@@ -682,6 +730,8 @@ label.guest.traffic.vswitch.type=vSwitch Gast Verkeer Type
 label.guest.type=Gast Type
 label.ha.enabled=HA ingeschakeld
 label.health.check=Health Check
+label.health.check.interval.in.sec=gezondheid check interval (in sec)
+label.healthy.threshold=gezonde marge
 label.help=Help
 label.hide.ingress.rule=Verberg Inkomende Regel
 label.hints=Tips
@@ -693,6 +743,7 @@ label.host.name=Hostnaam
 label.hosts=Hosts
 label.host.tags=Host Tags
 label.hourly=Uurlijks
+label.hvm=HVM
 label.hypervisor.capabilities=Hypervisor mogelijkheden
 label.hypervisor=Hypervisor
 label.hypervisors=Hypervisors
@@ -707,8 +758,10 @@ label.IKE.hash=IKE Hash
 label.IKE.lifetime=IKE lifetime (secondes)
 label.IKE.policy=IKE policy
 label.info=Info
+label.info.upper=INFO
 label.ingress.rule=Inkomende Regel
 label.initiated.by=Ge\u00efnitieerd door
+label.inside.port.profile=binnen poort profiel
 label.installWizard.addClusterIntro.subtitle=Wat is een cluster?
 label.installWizard.addClusterIntro.title=Nu\: Cluster toevoegen
 label.installWizard.addHostIntro.subtitle=Wat is een host?
@@ -728,11 +781,15 @@ label.installWizard.title=Hallo en welkom bij CloudStack&\#8482
 label.instance=Instantie
 label.instance.limits=Instantie Limieten
 label.instance.name=Instantie Naam
+label.instance.port=instantie poort
 label.instance.scaled.up=Instantie Omhoog Geschaald
 label.instances=Instanties
 label.instanciate.template.associate.profile.blade=Initieer Template en verbind Profiel met Blade
+label.intermediate.certificate=Intermediair certificaat {0}
 label.internal.dns.1=Interne DNS 1
 label.internal.dns.2=Interne DNS 2
+label.internal.lb.details=interne LB gegevens
+label.internallbvm=interne LBVM
 label.internal.name=Interne naam
 label.interval.type=Interval Type
 label.introduction.to.cloudstack=CloudStack&\#8482 Introductie
@@ -753,6 +810,8 @@ label.ip.ranges=IP Ranges
 label.IPsec.preshared.key=IPsec Preshared-Key
 label.ips=IPs
 label.ipv4.cidr=IPv4 CIDR
+label.ipv4.dns1=IPv4 DNS1
+label.ipv4.dns2=IPv4 DNS2
 label.ipv4.end.ip=IPv4 Eind IP
 label.ipv4.gateway=IPv4 Gateway
 label.ipv4.netmask=IPv4 Netmask
@@ -789,6 +848,7 @@ label.lang.dutch=Nederlands (Nederlands)
 label.lang.english=Engels
 label.lang.french=Frans
 label.lang.german=Duits
+label.lang.hungarian=Hongaars
 label.lang.italian=Italiaans
 label.lang.japanese=Japans
 label.lang.korean=Koreans
@@ -807,16 +867,19 @@ label.lb.algorithm.leastconn=Minste connecties
 label.lb.algorithm.roundrobin=Round-robin
 label.lb.algorithm.source=Bron
 label.LB.isolation=LB isolatie
-label.ldap.configuration=LDAP Configuratie
+label.ldap.configuration=LDAP configuratie
 label.ldap.group.name=LDAP Groep
 label.ldap.port=LDAP poort
 label.level=Level
 label.linklocal.ip=Link Local IP Adres
 label.load.balancer=Load Balancer
+label.load.balancer.type=loadbalancer type
 label.load.balancing=Load Balancing
 label.load.balancing.policies=Load balancing policies
 label.loading=Laden
 label.local=Lokaal
+label.local.storage.enabled=Schakel locale opslag voor gebruiker VMs in
+label.local.storage.enabled.system.vms=zet lokale opslag voor systeem VMs aan
 label.local.storage=Lokale Opslag
 label.login=Login
 label.logout=Log uit
@@ -825,8 +888,10 @@ label.LUN.number=LUN \#
 label.lxc.traffic.label=LXC verkeerslabel
 label.make.project.owner=Maak account project eigenaar
 label.manage=Beheer
+label.managed=beheerd(e)
 label.management=Beheer
 label.management.ips=Beheers IP Adressen
+label.management.server=Beheers Machine
 label.manage.resources=Beheer Resources
 label.max.cpus=Max. CPU cores
 label.max.guest.limit=Max. Instanties
@@ -899,9 +964,11 @@ label.migrate.router.to=Migreer Router naar
 label.migrate.systemvm.to=Migreer Systeem VM naar
 label.migrate.to.host=Migreer naar host
 label.migrate.to.storage=Migreer naar opslag
+label.migrate.volume=Migreer volume
 label.migrate.volume.to.primary.storage=Migreer volume naar andere primaire opslag
 label.minimum=Minimum
 label.min.instances=Min Instances
+label.minute.past.hour=Minuten na het uur
 label.mode=Modus
 label.monday=Maandag
 label.monthly=Maandelijks
@@ -916,6 +983,7 @@ label.my.templates=Mijn templates
 label.name.lower=naam
 label.name=Naam
 label.name.optional=Naam (Optioneel)
+label.na=N/A
 label.nat.port.range=NAT Poort Range
 label.netmask=Netmask
 label.netscaler.details=NetScaler details
@@ -991,10 +1059,12 @@ label.opendaylight.controllerdetail=OpenDaylight Controller Details
 label.opendaylight.controller=OpenDaylight Controller
 label.opendaylight.controllers=OpenDaylight Controllers
 label.openDaylight=OpenDaylight
+label.operator=operator
 label.optional=Optioneel
 label.order=Volgorde
 label.os.preference=OS Voorkeur
 label.os.type=OS Type
+label.other=anders
 label.override.guest.traffic=Overschrijf Gast Verkeer
 label.override.public.traffic=Overschrijf Publiek Verkeer
 label.ovm.traffic.label=OVM verkeerslabel
@@ -1006,6 +1076,7 @@ label.palo.alto.details=Palo Alto details
 label.PA.log.profile=Palo Alto Log Profiel
 label.PA=Palo Alto
 label.parent.domain=Bovenliggend Domein
+label.passive=passief
 label.password.enabled=Wachtwoord Ingeschakeld
 label.password.lower=wachtwoord
 label.password.reset.confirm=Het wachtwoord is gereset naar
@@ -1019,6 +1090,7 @@ label.physical.network.ID=Fysiek netwerk ID
 label.PING.CIFS.password=PING CIFS wachtwoord
 label.PING.CIFS.username=PING CIFS gebruikersnaam
 label.PING.dir=PING Directory
+label.ping.path=ping pad
 label.PING.storage.IP=PING opslag IP
 label.planner.mode=Planner modus
 label.please.specify.netscaler.info=Geef hier informatie van de Netscaler op
@@ -1033,9 +1105,10 @@ label.polling.interval.sec=Polling Interval (in sec)
 label.portable.ip.range.details=Porteerbare IP Range details
 label.portable.ip.ranges=Porteerbare IP Ranges
 label.portable.ips=Porteerbare IPs
+label.portable.ip=verplaatsbaar IP
 label.port.forwarding.policies=Port forwarding policies
 label.port.forwarding=Port Forwarding
-label.port=Poort
+label.port=poort
 label.port.range=Port Range
 label.PreSetup=PreSetup
 label.previous=Vorige
@@ -1063,6 +1136,7 @@ label.project.name=Project naam
 label.project=Project
 label.projects=Projecten
 label.project.view=Project Weergave
+label.protocol.number=protocol nummer
 label.protocol=Protocol
 label.provider=Provider
 label.providers=Providers
@@ -1090,7 +1164,7 @@ label.rbd=RBD
 label.rbd.secret=Cephx secret
 label.reboot=Reboot
 label.recent.errors=Recente Fouten
-label.recover.vm=Herstel VM
+label.recover.vm=herstel VM
 label.redundant.router.capability=Redundante router mogelijkheden
 label.redundant.router=Redundante Router
 label.redundant.state=Redundante staat
@@ -1098,7 +1172,7 @@ label.refresh.blades=Ververs Blades
 label.refresh=Ververs
 label.regionlevelvpc=Region Level VPC
 label.region=Regio
-label.reinstall.vm=Herinstalleer VM
+label.reinstall.vm=herinstalleer VM
 label.related=Samenhangend
 label.release.account.lowercase=ontkoppel van account
 label.release.account=Ontkoppel van Account
@@ -1113,7 +1187,7 @@ label.remove.egress.rule=Verwijder uitgaande regel
 label.remove.from.load.balancer=Verwijder Instantie van load balancer
 label.remove.ingress.rule=Verwijder inkomende regel
 label.remove.ip.range=Verwijder IP range
-label.remove.ldap=Verwijder LDAP
+label.remove.ldap=verwijder LDAP
 label.remove.network.offering=Netwerk Aanbieding Verwijderen
 label.remove.pf=Verwijder port forwarding regel
 label.remove.project.account=Verwijder account van project
@@ -1123,12 +1197,15 @@ label.remove.static.nat.rule=Verwijder static NAT regel
 label.remove.static.route=Verwijder statische route
 label.remove.tier=Verwijder tier
 label.remove.vm.from.lb=Verwijder VM van load balancer regel
+label.remove.vm.load.balancer=verwijder VM uit de load balancer
 label.remove.vmware.datacenter=VMware datacenter verwijderen
 label.remove.vpc.offering=VPC aanbieding verwijderen
 label.remove.vpc=verwijder VPC
 label.removing.user=Verwijderen Gebruiker
 label.removing=Verwijderen
 label.reource.id=Verbruik ID
+label.replace.acl.list=vervang ACL lijst
+label.replace.acl=vervang ACL
 label.required=Vereist
 label.requires.upgrade=Upgrade Benodigd
 label.reserved.ip.range=Gereserveerde IP Range
@@ -1138,23 +1215,29 @@ label.reserved.system.netmask=Gereserveerd systeem netmask
 label.resetVM=Reset VM
 label.reset.VPN.connection=Reset VPN verbinding
 label.resize.new.offering.id=Nieuwe Aanbieding
+label.resize.new.size=Nieuwe grootte (GB)
 label.resize.shrink.ok=Verklein OK
+label.resource.limit.exceeded=resource limiet overschreden
 label.resource.limits=Verbruikslimieten
 label.resource.name=Verbruik Naam
 label.resource.state=Verbruik staat
 label.resources=Verbruiken
 label.resource=Verbruik
+label.response.timeout.in.sec=antwoord wachttijd (in sec)
 label.restart.network=Herstart netwerk
 label.restart.required=Herstart benodigd
 label.restart.vpc=herstart VPC
 label.restore=Herstel
+label.retry.interval=Wachttijd voor nieuwe poging
 label.review=Beoordeel
 label.revoke.project.invite=Trek uitnodiging in
 label.role=Rol
+label.root.certificate=root certificaat
 label.root.disk.controller=Root schijf controller
 label.root.disk.offering=Root Schijf Aanbieding
 label.root.disk.size=Grootte root volume
 label.router.vm.scaled.up=Router VM Omhoog  Geschaald
+label.routing.host=routeer machine
 label.routing=Routing
 label.rule.number=Regel Nummer
 label.rules=Regels
@@ -1169,10 +1252,13 @@ label.s3.nfs.server=S3 NFS Server
 label.s3.secret_key=Geheime sleutel
 label.s3.socket_timeout=Socket Timeout
 label.s3.use_https=Gebruik HTTPS
+label.saml.enable=authoriseer SAML SSO
+label.saml.entity=identificeer leverancier
 label.saturday=Zaterdag
 label.save.and.continue=Opslaan en verder gaan
 label.save=Opslaan
 label.saving.processing=Opslaan....
+label.scale.up.policy=schaal op beleid
 label.scope=Scope
 label.search=Zoeken
 label.secondary.isolated.vlan.id=Secundair Geisoleerd VLAN ID
@@ -1196,6 +1282,7 @@ label.select.instance.to.attach.volume.to=Selecteer een instance om het volume a
 label.select.iso.or.template=Selecteer een ISO of template
 label.select.offering=Selecteer Aanbieding
 label.select.project=Selecteer Project
+label.select.region=Select regio
 label.select=Selecteer
 label.select.template=Selecteer Template
 label.select.tier=Selecteer Tier
@@ -1228,12 +1315,16 @@ label.smb.username=SMB Gebruikersnaam
 label.snapshot.limits=Snapshot Limieten
 label.snapshot.name=Snapshot Naam
 label.snapshot.schedule=Stel herhalende Snapshot in
+label.snapshot.s=momentopname(s)
 label.snapshot=Snapshot
 label.snapshots=Snapshots
 label.SNMP.community=SNMP Community
 label.SNMP.port=SNMP Poort
 label.sockets=CPU Sockets
+label.source.ip.address=bron IP adres
 label.source.nat=Source NAT
+label.source.nat.supported=SourceNAT ondersteund
+label.source.port=bron poort
 label.specify.IP.ranges=Specificeer IP ranges
 label.specify.vlan=Specificeer VLAN
 label.specify.vxlan=Specificeer VXLAN
@@ -1244,6 +1335,8 @@ label.start.IP=Start IP
 label.start.lb.vm=Start LB VM
 label.start.port=Start Poort
 label.start.reserved.system.IP=Start gereseveerd systeem IP
+label.start.vlan=start VLAN
+label.start.vxlan=start VXLAN
 label.state=Staat
 label.static.nat.enabled=Static NAT Ingeschakeld
 label.static.nat=Static NAT
@@ -1261,6 +1354,7 @@ label.step.4=Stap 4
 label.step.4.title=Stap 4\: <strong>Netwerk</strong>
 label.step.5=Stap 5
 label.step.5.title=Stap 5\: <strong>Beoordeel</strong>
+label.stickiness.method=kleef methode
 label.stickiness=Stickiness
 label.sticky.cookie-name=Cookie naam
 label.sticky.domain=Domein
@@ -1269,6 +1363,7 @@ label.sticky.holdtime=Wacht tijd
 label.sticky.indirect=Indirect
 label.sticky.length=Lengte
 label.sticky.mode=Modus
+label.sticky.name=klevende naam
 label.sticky.nocache=Geen cache
 label.sticky.postonly=Alleen Post
 label.sticky.prefix=Prefix
@@ -1278,6 +1373,7 @@ label.stop.lb.vm=Stop LB VM
 label.stopped.vms=Uitgeschakelde VMs
 label.stop=Stop
 label.storage=Opslag
+label.storage.pool=opslag poel
 label.storage.tags=Opslag Tags
 label.storage.traffic=Opslag Verkeer
 label.storage.type=Opslag Type
@@ -1315,9 +1411,11 @@ label.tftp.root.directory=TFTP root directory
 label.theme.default=Standaard Thema
 label.theme.grey=Aangepast - Grijs
 label.theme.lightblue=Aangepast - Licht Blauw
+label.threshold=marge
 label.thursday=Donderdag
 label.tier.details=Tier details
 label.tier=Tier
+label.timeout.in.second = timeout (seconden)
 label.timeout=Timeout
 label.time=Tijd
 label.time.zone=Tijdzone
@@ -1327,6 +1425,7 @@ label.total.cpu=Totaal CPU
 label.total.CPU=Totaal CPU
 label.total.hosts=Totaal Hosts
 label.total.memory=Totaal Geheugen
+label.total.of.ip=totaal aantal IP adressen
 label.total.of.vm=Totaal VMs
 label.total.storage=Totaal Opslag
 label.total.virtual.routers=Totaal Virtual Routers
@@ -1341,6 +1440,7 @@ label.type.lower=type
 label.type=Type
 label.ucs=UCS
 label.unavailable=Niet beschikbaar
+label.unhealthy.threshold=ongezonde marge
 label.unlimited=Ongelimiteerd
 label.untagged=Untagged
 label.update.project.resources=Update project verbruik
@@ -1353,14 +1453,17 @@ label.upload=Upload
 label.upload.volume=Upload Volume
 label.url=URL
 label.usage.interface=Verbruik Interface
+label.usage.sanity.result=gebruiks zingevings resultaat
+label.usage.server=gebruik server
 label.used=Gebruikt
 label.user.data=Gebruiker Data
 label.user=Gebruiker
 label.username=Gebruikersnaam
 label.username.lower=gebruikersnaam
 label.users=Gebruikers
+label.user.vm=gebruiker VM
 label.use.vm.ip=Gebruik VM IP\:
-label.use.vm.ips=Gebruik VM IPs
+label.use.vm.ips=gebruik VM IPs
 label.value=Waarde
 label.vcdcname=vCenter DC naam
 label.vcenter.cluster=vCenter Cluster
@@ -1376,6 +1479,7 @@ label.vgpu.max.resolution=Maximale resolutie
 label.vgpu.max.vgpu.per.gpu=vGPUs per GPU
 label.vgpu.remaining.capacity=Overgebleven capaciteit
 label.vgpu.type=vCPU type
+label.vgpu=VGPU
 label.vgpu.video.ram=Video RAM
 label.view.all=Toon alle
 label.view.console=Toon console
@@ -1408,6 +1512,8 @@ label.vm.destroy=Verwijder
 label.vm.display.name=VM weergave naam
 label.VMFS.datastore=VMFS datastore
 label.vmfs=VMFS
+label.vm.id=VM ID
+label.vm.ip=VM IP adres
 label.vm.name=VM naam
 label.vm.password=Het wachtwoord van de VM is
 label.vm.reboot=Reboot
@@ -1428,9 +1534,12 @@ label.vmware.traffic.label=VMware verkeerslabel
 label.vnet.id=VLAN/VNI ID
 label.vnet=VLAN/VNI
 label.vnmc.devices=VNMC apparaten
+label.vnmc=VNMC
 label.volatile=Volatile
 label.volgroup=Volume Groep
+label.volume.details=volume gegevens
 label.volume.limits=Volume Limieten
+label.volume.migrated=volume gemigreerd
 label.volume.name=Volume Naam
 label.volumes=Volumes
 label.volume=Volume
@@ -1452,10 +1561,13 @@ label.vsmctrlvlanid=Controle VLAN ID
 label.vsmpktvlanid=Pakket VLAN ID
 label.vsmstoragevlanid=Opslag VLAN ID
 label.vsphere.managed=vSphere beheerd
+label.vswitch.name=vSwitch naam
+label.vSwitch.type=vSwitch type
 label.vxlan.id=VXLAN ID
 label.vxlan.range=VXLAN Reeks
 label.vxlan=VXLAN
 label.waiting=Wachten
+label.warn.upper=WARN
 label.warn=Waarschuwing
 label.wednesday=Woensdag
 label.weekly=Wekelijks
@@ -1611,37 +1723,58 @@ message.configuring.public.traffic=Bezig met configureren publiek verkeer
 message.configuring.storage.traffic=Bezig met configureren opslag verkeer
 message.confirm.action.force.reconnect=Bevestig dat u deze host geforceerd opnieuw wilt laten verbinden.
 message.confirm.add.vnmc.provider=Bevestig dat u de VNMC provider wilt toevoegen.
+message.confirm.archive.alert=Bevestig dat u deze melding wilt archiveren, alstublieft.
+message.confirm.archive.event=bevestig dat u deze gebeurtenis wilt archiveren, alstublieft
+message.confirm.archive.selected.alerts=bevestig dat u de geselecteerde meldingen wilt archiveren, alstublieft
+message.confirm.archive.selected.events=bevestig dat u de geselecteerde gebeurtenissen wilt archiveren, alstublieft
+message.confirm.attach.disk=Weet u zeker dat u een disk wilt koppelen?
+message.confirm.create.volume=Weet u zeker dat u een volume wilt cre\u00ebren?
+message.confirm.current.guest.CIDR.unchanged=Wilt u het huidige gastnetwerk-CIDR ongewijzigd laten?
 message.confirm.dedicate.cluster.domain.account=Weet u zeker dat u dit cluster wilt toewijden aan een domein/account?
 message.confirm.dedicate.host.domain.account=Weet u zeker dat u deze host  wilt toewijden aan een domein/account?
 message.confirm.dedicate.pod.domain.account=Weet u zeker dat u deze pod wilt toewijden aan een domein/account?
 message.confirm.dedicate.zone=Weet u zeker dat u deze zone wilt toewijden aan een domein/account?
+message.confirm.delete.acl.list=Weet U zeker dat U dit ACL wilt verwijderen?
+message.confirm.delete.alert=Weet u zeker dat u deze melding wilt verwijderen?
+message.confirm.delete.BrocadeVcs=bevestigd dat Brocade Vcs Switch wilt verwijderen, alstublieft
+message.confirm.delete.ciscoASA1000v=bevestig dat u CiscoASA1000v wilt verwijderen, alstublieft
 message.confirm.delete.ciscovnmc.resource=Bevestig dat u de CiscoVNMC resource wilt verwijderen.
 message.confirm.delete.F5=Bevestig dat u deze F5 wilt verwijderen
+message.confirm.delete.internal.lb=bevestigd dat u interne LB wilt verwijderen, alstublieft
 message.confirm.delete.NetScaler=Bevestig dat u deze NetScaler wilt verwijderen
+message.confirm.delete.NuageVsp=bevestig dat u Nuage Virtualized Services Directory wilt verwijderen, alstublieft
 message.confirm.delete.PA=Bevestig dat u Palo Alto wilt verwijderen
 message.confirm.delete.secondary.staging.store=Bevestig dat u de secudaire staging opslag wilt verwijderen.
 message.confirm.delete.SRX=Bevestig dat u deze SRX wilt verwijderen
 message.confirm.delete.ucs.manager=Bevestig dat u de UCS Manager wilt verwijderen
 message.confirm.destroy.router=Bevestig dat u deze router wilt verwijderen
+message.confirm.disable.host=bevestigd dat de machine wilt afkoppelen, alstublieft
 message.confirm.disable.network.offering=Weet u zeker dat u deze netwerk aanbieding wilt uitschakelen?
 message.confirm.disable.provider=Bevestig dat u deze provider wilt uitschakelen
 message.confirm.disable.vnmc.provider=Bevestig dat u de VNMC provider wilt uitschakelen.
 message.confirm.disable.vpc.offering=Weet u zeker dat u deze VPC aanbieding wilt uitschakelen?
+message.confirm.enable.host=bevestigd dat u de machine wilt aankoppelen, alsublieft
 message.confirm.enable.network.offering=Weet u het zeker dat u deze netwerk aanbieding wilt inschakelen?
 message.confirm.enable.provider=Bevestig dat u deze provider wilt inschakelen
 message.confirm.enable.vnmc.provider=Bevestig dat u de VNMC provider wilt inschakelen.
 message.confirm.enable.vpc.offering=Weet u zeker dat u deze VPC aanbieding wilt inschakelen?
 message.confirm.join.project=Bevestig dat u aan dit project wilt bijdragen
+message.confirm.migrate.volume=Wilt u dit volume migreren?
 message.confirm.refresh.blades=Bevestig dat u de blades wilt verversen.
 message.confirm.release.dedicated.cluster=Weet u zeker dat u dit toegewijde cluster wilt loskoppelen?
 message.confirm.release.dedicated.host=Weet u zeker dat u deze toegewijde host wilt loskoppelen?
 message.confirm.release.dedicated.pod=Weet u zeker dat u deze toegewijde pod wilt loskoppelen?
 message.confirm.release.dedicated.zone=Weet u zeker dat u deze toegewijde zone wilt loskoppelen?
 message.confirm.release.dedicate.vlan.range=Bevestig dat u de toegewijde VLAN range wilt loskoppelen
+message.confirm.remove.event=Weet u zeker dat u deze gebeurtenis wilt verwijderen?
 message.confirm.remove.IP.range=Bevestig dat u deze IP range wilt verwijderen.
+message.confirm.remove.load.balancer=bevestigd dat U deze VM uit de load balancer wilt halen, alstublieft
 message.confirm.remove.network.offering=Weet u zeker dat u deze netwerk aanbieding wilt verwijderen?
+message.confirm.remove.selected.alerts=bevestig dat u de geselecteerde meldingen wilt verwijderen, alstublieft
+message.confirm.remove.selected.events=bevestig dat u de geselcteerde gebeurtenissen wilt verwijderen, alstublieft
 message.confirm.remove.vmware.datacenter=Bevestig dat u VM datacenter wilt verwijderen
 message.confirm.remove.vpc.offering=Weet u zeker dat u deze VPC aanbieding wilt verwijderen?
+message.confirm.replace.acl.new.one=Wilt U de ACL vervangen door een nieuwe?
 message.confirm.scale.up.router.vm=Weet u zeker dat u de Router VM wilt opschalen?
 message.confirm.scale.up.system.vm=Weet u zeker dat u de Systeem VM wilt opschalen?
 message.confirm.shutdown.provider=Bevestig dat u deze provider wilt afsluiten
@@ -1696,6 +1829,7 @@ message.disabling.vpc.offering=VPC offering uitschakelen
 message.disallowed.characters=Niet toegestane karakters\: \\<\\,\\>
 message.download.ISO=Klik op <a href\="\#">00000</a> om de ISO te downloaden
 message.download.template=Klik op <a href\="\#">00000</a> om de template te downloaden
+message.download.volume.confirm=bevestigd at U dit volume wilt ophalen, alstublieft
 message.download.volume=Klik op <a href\="\#">00000</a> om het volume te downloaden
 message.edit.account=Wijzig ("-1" geeft aan dat er geen limiet is ingesteld)
 message.edit.confirm=Controleer uw wijzigen voordat u op "Opslaan" klikt.
@@ -1762,7 +1896,7 @@ message.iso.desc=Image bestand met data of bootable media voor besturingsysteem
 message.join.project=U neemt nu deel aan een project. Klik op het project overzicht om het project te zien.
 message.launch.vm.on.private.network=Wilt u de instantie starten op uw eigen private dedicated netwerk?
 message.launch.zone=De zone is klaar om geactiveerd te worden, ga door naar de volgende stap.
-message.listView.subselect.multi=(Ctrl/Cmd-click)
+message.listView.subselect.multi=(Ctrl/Cmd-klik)
 message.lock.account=Bevestig dat u deze account wilt vergrendelen. Wanneer u de account vergrendeld zullen alle gebruikers van deze account hun cloud resources niet meer kunnen beheren. Toegang tot bestaande producten blijft bestaan.
 message.migrate.instance.confirm=Bevestig de host naar waar u de instantie toe wilt migreren.
 message.migrate.instance.to.host=Bevestig dat u de instantie naar een andere host toe wilt migreren.
@@ -1798,9 +1932,9 @@ message.project.invite.sent=Uitnodiging is verstuurd aan gebruiker. De gebruiker
 message.public.traffic.in.advanced.zone=Publiek verkeer wordt gegenereerd wanneer VMs in de cloud het internet bezoeken. Publiek toegankelijke IPs moeten om deze reden toegevoegd worden. Eindgebruikers kunnen deze IP adressen via de Cloudstack UI aanvragen om zo verkeer tussen het gast netwerk en publieke netwerk te realiseren. <br/><br/> Geef minimaal \u00e9\u00e9n IP range op voor internet verkeer.
 message.public.traffic.in.basic.zone=Publiek verkeer wordt gegenereerd wanneer VMs in de cloud het internet bezoeken of diensten serveren aan het internet. Publiek toegankelijke IPs moeten om deze reden toegevoegd worden. Wanneer een instantie wordt aangemaakt, krijgt deze automatisch een van deze IP adressen toegewezen naast het gast IP adres. Static 1-1 NAT wordt automatisch geconfigureerd tussen het publieke IP en gast IP adres. Eindgebruikers kunnen via de CloudStack UI meerdere IP adressen aanvragen om static NAT tussen hun instanties en het publieke IP te realiseren.
 message.read.admin.guide.scaling.up=Gelieve de dynamic scaling sectie te lezen in admin guide voordat u gaat opschalen.
-message.recover.vm=Bevestig dat u deze VM wilt herstellen.
+message.recover.vm=bevestig dat u deze VM wilt herstellen, alstublieft.
 message.redirecting.region=U wordt doorverbonden met de regio...
-message.reinstall.vm=LET OP\: Als u doorgaat zal de VM opnieuw geinstalleerd worden vanaf de template. Alle data op de root disk zal verwijderd worden. Eventuele data volumes blijven onaangeraakt.
+message.reinstall.vm=LET OP\: Als u doorgaat zal de VM opnieuw ge\u00efnstalleerd worden vanaf de template. Alle data op de root disk zal verwijderd worden. Eventuele data volumes blijven in tact.
 message.remove.ldap=Weet u zeker dat u de LDAP configuratie wilt verwijderen?
 message.remove.region=Weet u zeker dat u deze regio wilt verwijderen van deze management server?
 message.remove.vpc=Bevestigd dat u de VPC wilt verwijderen
@@ -1855,7 +1989,9 @@ message.tooltip.reserved.system.netmask=De netwerk prefix dat het pod subnet def
 message.tooltip.zone.name=Een naam voor de zone.
 message.update.os.preference=Selecteer een OS voorkeur voor deze host. Alle virtueel instanties van gelijke voorkeur zullen eerst op deze machine gealloceerd worden voordat er gekeken wordt naar andere hosts.
 message.update.resource.count=Bevestig dat u de verbruiksstatistieken voor deze account wilt bijwerken.
+message.update.ssl.failed=update SSL certificaat is mislukt
 message.update.ssl=Geef een nieuw X.509 compliant SSL certificaat in waarmee elke console proxy en secundaire opslag instantie mee geupdate kunnen worden\:
+message.update.ssl.succeeded=update SSL certificaat is geslaagd
 message.validate.accept=Gelieve een waarde in te geven met een geldidge extensie.
 message.validate.creditcard=Gelieve een geldig credit card nummer in te geven.
 message.validate.date=Gelieve een geldige datum in te geven.
@@ -1908,6 +2044,7 @@ state.Completed=Uitgevoerd
 state.Creating=Aanmaken
 state.Declined=Geweigerd
 state.Destroyed=Verwijderd
+state.detached=ontkoppeld
 state.Disabled=Uitgeschakeld
 state.enabled=Geactiveerd
 state.Enabled=Geactiveerd
diff --git a/client/WEB-INF/classes/resources/messages_ru_RU.properties b/client/WEB-INF/classes/resources/messages_ru_RU.properties
index 270e5af40f..0aadea0e0b 100644
--- a/client/WEB-INF/classes/resources/messages_ru_RU.properties
+++ b/client/WEB-INF/classes/resources/messages_ru_RU.properties
@@ -1516,6 +1516,7 @@ message.iso.desc=\u041e\u0431\u0440\u0430\u0437 \u0434\u0438\u0441\u043a\u0430,
 message.join.project=\u0422\u0435\u043f\u0435\u0440\u044c \u0432\u044b \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u043a \u043f\u0440\u043e\u0435\u043a\u0442\u0443. \u0412\u044b\u0431\u0435\u0440\u0438\u0442\u0435 "\u041f\u0440\u043e\u0435\u043a\u0442\u043d\u044b\u0439 \u0432\u0438\u0434" \u0434\u043b\u044f \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043f\u0440\u043e\u0435\u043a\u0442\u0430.
 message.launch.vm.on.private.network=\u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0432 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0412\u0430\u043c \u0447\u0430\u0441\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u0438? 
 message.launch.zone=\u0417\u043e\u043d\u0430 \u0433\u043e\u0442\u043e\u0432\u0430 \u043a \u0437\u0430\u043f\u0443\u0441\u043a\u0443, \u043f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u0435\u0440\u0435\u0439\u0434\u0438\u0442\u0435 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c\u0443 \u0448\u0430\u0433\u0443.
+message.listView.subselect.multi=(Ctrl/Cmd-click)
 message.lock.account=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0412\u044b \u0445\u043e\u0442\u0438\u0442\u0435 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u043a\u044e \u0437\u0430\u043f\u0438\u0441\u044c. \u041f\u043e\u0441\u043b\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432\u0441\u0435 \u0435\u0451 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u0435 \u0441\u043c\u043e\u0433\u0443\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u0432\u043e\u0438\u043c\u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438. \u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u043e\u0441\u0442\u0430\u043d\u0443\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438.
 message.migrate.instance.confirm=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435 \u0436\u0435\u043b\u0430\u043d\u0438\u0435 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443.
 message.migrate.instance.to.host=\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u0435, \u0447\u0442\u043e \u0432\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u043c\u0430\u0448\u0438\u043d\u0443 \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u0437\u0435\u043b.
diff --git a/client/WEB-INF/classes/resources/messages_zh_CN.properties b/client/WEB-INF/classes/resources/messages_zh_CN.properties
index b0c31bb43e..9e48ce744a 100644
--- a/client/WEB-INF/classes/resources/messages_zh_CN.properties
+++ b/client/WEB-INF/classes/resources/messages_zh_CN.properties
@@ -67,7 +67,10 @@ label.action.cancel.maintenance.mode=\u53d6\u6d88\u7ef4\u62a4\u6a21\u5f0f
 label.action.change.password=\u66f4\u6539\u5bc6\u7801
 label.action.change.service.processing=\u6b63\u5728\u66f4\u6539\u670d\u52a1...
 label.action.change.service=\u66f4\u6539\u670d\u52a1
+label.action.configure.samlauthorization=\u914d\u7f6e SAML SSO \u8ba4\u8bc1
+label.action.copy.ISO.processing=\u590d\u5236\u955c\u50cf
 label.action.copy.ISO=\u590d\u5236 ISO
+label.action.copy.template.processing=\u6b63\u5728\u590d\u5236\u6a21\u677f
 label.action.copy.template=\u590d\u5236\u6a21\u677f
 label.action.create.template.from.vm=\u57fa\u4e8e VM \u521b\u5efa\u6a21\u677f
 label.action.create.template.from.volume=\u57fa\u4e8e\u5377\u521b\u5efa\u6a21\u677f
@@ -287,8 +290,10 @@ label.adding.zone=\u6b63\u5728\u6dfb\u52a0\u8d44\u6e90\u57df
 label.add.intermediate.certificate=\u6dfb\u52a0\u4e2d\u95f4\u8bc1\u4e66
 label.add.internal.lb=\u6dfb\u52a0\u5185\u90e8\u8d1f\u8f7d\u5e73\u8861\u5668
 label.add.ip.range=\u6dfb\u52a0 IP \u8303\u56f4
+label.add.isolated.guest.network=\u6dfb\u52a0\u9694\u79bb\u7684\u6765\u5bbe\u7f51\u7edc
 label.add.isolated.network=\u6dfb\u52a0\u9694\u79bb\u7f51\u7edc
 label.additional.networks=\u5176\u4ed6\u7f51\u7edc
+label.add.LDAP.account=\u6dfb\u52a0LDAP\u8d26\u6237
 label.add.list.name=ACL \u5217\u8868\u540d\u79f0
 label.add.load.balancer=\u6dfb\u52a0\u8d1f\u8f7d\u5e73\u8861\u5668
 label.add.more=\u6dfb\u52a0\u66f4\u591a
@@ -598,6 +603,7 @@ label.disk.write.bytes=\u78c1\u76d8\u5199\u5165(\u5b57\u8282)
 label.disk.write.io=\u78c1\u76d8\u5199\u5165(IO)
 label.display.name=\u663e\u793a\u540d\u79f0
 label.display.text=\u663e\u793a\u6587\u672c
+label.distributedrouter=\u5206\u5e03\u5f0f\u8def\u7531\u5668
 label.dns.1=DNS 1
 label.dns.2=DNS 2
 label.dns=DNS
@@ -613,6 +619,7 @@ label.done=\u5b8c\u6210
 label.double.quotes.are.not.allowed=\u4e0d\u5141\u8bb8\u4f7f\u7528\u53cc\u5f15\u53f7
 label.download.progress=\u4e0b\u8f7d\u8fdb\u5ea6
 label.drag.new.position=\u62d6\u52a8\u5230\u65b0\u4f4d\u7f6e
+label.duration.in.sec=\u6301\u7eed\u65f6\u95f4 (\u79d2)
 label.dynamically.scalable=\u53ef\u52a8\u6001\u6269\u5c55
 label.edit.acl.rule=\u7f16\u8f91 ACL \u89c4\u5219
 label.edit.affinity.group=\u7f16\u8f91\u5173\u8054\u6027\u7ec4
@@ -649,6 +656,8 @@ label.endpoint.or.operation=\u7aef\u70b9\u6216\u64cd\u4f5c
 label.endpoint=\u7aef\u70b9
 label.end.port=\u7ed3\u675f\u7aef\u53e3
 label.end.reserved.system.IP=\u7ed3\u675f\u9884\u7559\u7cfb\u7edf IP
+label.end.vlan=\u7ed3\u5c3eXVLAN
+label.end.vxlan=\u7ed3\u5c3eVLAN
 label.enter.token=\u8f93\u5165\u4ee4\u724c
 label.error.code=\u9519\u8bef\u4ee3\u7801
 label.error=\u9519\u8bef
@@ -839,6 +848,7 @@ label.lang.dutch=\u8377\u5170\u8bed(\u8377\u5170)
 label.lang.english=\u82f1\u8bed
 label.lang.french=\u6cd5\u8bed
 label.lang.german=\u5fb7\u8bed
+label.lang.hungarian=\u5308\u7259\u5229
 label.lang.italian=\u610f\u5927\u5229\u8bed
 label.lang.japanese=\u65e5\u8bed
 label.lang.korean=\u97e9\u8bed
@@ -867,6 +877,8 @@ label.load.balancer=\u8d1f\u8f7d\u5e73\u8861\u5668
 label.load.balancing.policies=\u8d1f\u8f7d\u5e73\u8861\u7b56\u7565
 label.load.balancing=\u8d1f\u8f7d\u5e73\u8861
 label.loading=\u6b63\u5728\u52a0\u8f7d
+label.local.storage.enabled.system.vms=\u4e3a\u7cfb\u7edf\u5b9e\u4f8b\u5f00\u542f\u672c\u5730\u5b58\u50a8
+label.local.storage.enabled=\u4e3a\u7528\u6237\u5b9e\u4f8b\u5f00\u542f\u672c\u5730\u5b58\u50a8
 label.local.storage=\u672c\u5730\u5b58\u50a8
 label.local=\u672c\u5730
 label.login=\u767b\u5f55
@@ -953,8 +965,10 @@ label.migrate.systemvm.to=\u8fc1\u79fb\u7cfb\u7edf VM \u81f3
 label.migrate.to.host=\u8fc1\u79fb\u5230\u4e3b\u673a
 label.migrate.to.storage=\u8fc1\u79fb\u5230\u5b58\u50a8
 label.migrate.volume.to.primary.storage=\u5c06\u5377\u8fc1\u79fb\u5230\u5176\u4ed6\u4e3b\u5b58\u50a8
+label.migrate.volume=\u8fc1\u79fb\u5377
 label.minimum=\u6700\u5c0f\u503c
 label.min.instances=\u6700\u5c0f\u5b9e\u4f8b\u6570
+label.minute.past.hour=\u5206\u949f\u65f6
 label.mode=\u6a21\u5f0f
 label.monday=\u661f\u671f\u4e00
 label.monthly=\u6bcf\u6708
@@ -1201,6 +1215,7 @@ label.reserved.system.netmask=\u9884\u7559\u7684\u7cfb\u7edf\u7f51\u7edc\u63a9\u
 label.resetVM=\u91cd\u7f6e VM
 label.reset.VPN.connection=\u91cd\u7f6e VPN \u8fde\u63a5
 label.resize.new.offering.id=\u65b0\u65b9\u6848
+label.resize.new.size=\u65b0\u5efa\u5927\u5c0f(GB)
 label.resize.shrink.ok=\u662f\u5426\u786e\u5b9e\u8981\u7f29\u5c0f\u5377\u5927\u5c0f
 label.resource.limit.exceeded=\u5df2\u8d85\u51fa\u8d44\u6e90\u9650\u5236
 label.resource.limits=\u8d44\u6e90\u9650\u5236
@@ -1237,6 +1252,8 @@ label.s3.nfs.server=S3 NFS \u670d\u52a1\u5668
 label.s3.secret_key=\u5bc6\u94a5
 label.s3.socket_timeout=\u5957\u63a5\u5b57\u8d85\u65f6
 label.s3.use_https=\u4f7f\u7528 HTTPS
+label.saml.enable=\u6279\u51c6 SAML SSO
+label.saml.entity=\u8ba4\u8bc1\u65b9\u5f0f
 label.saturday=\u661f\u671f\u516d
 label.save.and.continue=\u4fdd\u5b58\u5e76\u7ee7\u7eed
 label.save=\u4fdd\u5b58
@@ -1298,6 +1315,7 @@ label.smb.username=SMB \u7528\u6237\u540d
 label.snapshot.limits=\u5feb\u7167\u9650\u5236
 label.snapshot.name=\u5feb\u7167\u540d\u79f0
 label.snapshot.schedule=\u8bbe\u7f6e\u91cd\u73b0\u5feb\u7167
+label.snapshot.s=\u5168\u90e8\u5feb\u7167
 label.snapshots=\u5feb\u7167
 label.snapshot=\u5feb\u7167
 label.SNMP.community=SNMP \u793e\u533a
@@ -1317,6 +1335,8 @@ label.start.IP=\u8d77\u59cb IP
 label.start.lb.vm=\u542f\u52a8 LB VM
 label.start.port=\u8d77\u59cb\u7aef\u53e3
 label.start.reserved.system.IP=\u8d77\u59cb\u9884\u7559\u7cfb\u7edf IP
+label.start.vlan=\u8d77\u59cb VLAN
+label.start.vxlan=\u8d77\u59cb VXLAN
 label.state=\u72b6\u6001
 label.static.nat.enabled=\u5df2\u542f\u7528\u9759\u6001 NAT
 label.static.nat.to=\u9759\u6001 NAT \u76ee\u6807
@@ -1395,6 +1415,7 @@ label.threshold=\u9608\u503c
 label.thursday=\u661f\u671f\u56db
 label.tier.details=\u5c42\u8be6\u7ec6\u4fe1\u606f
 label.tier=\u5c42
+label.timeout.in.second = \u8d85\u65f6(\u79d2)
 label.timeout=\u8d85\u65f6
 label.time=\u65f6\u95f4
 label.time.zone=\u65f6\u533a
@@ -1404,6 +1425,7 @@ label.total.cpu=CPU \u603b\u91cf
 label.total.CPU=CPU \u603b\u91cf
 label.total.hosts=\u603b\u4e3b\u673a\u6570
 label.total.memory=\u5185\u5b58\u603b\u91cf
+label.total.of.ip=IP\u5730\u5740\u603b\u6570
 label.total.of.vm=\u603b VM \u6570
 label.total.storage=\u5b58\u50a8\u603b\u91cf
 label.total.virtual.routers=\u865a\u62df\u8def\u7531\u5668\u603b\u6570
@@ -1807,6 +1829,7 @@ message.disabling.vpc.offering=\u6b63\u5728\u7981\u7528 VPC \u65b9\u6848
 message.disallowed.characters=\u7981\u7528\u5b57\u7b26\: <,>
 message.download.ISO=\u8bf7\u5355\u51fb <a href\="\#">00000</a> \u4e0b\u8f7d ISO
 message.download.template=\u8bf7\u5355\u51fb <a href\="\#">00000</a> \u4e0b\u8f7d\u6a21\u677f
+message.download.volume.confirm=\u8bf7\u786e\u8ba4\u60a8\u786e\u5b9e\u8981\u4e0b\u8f7d\u6b64\u5377
 message.download.volume=\u8bf7\u5355\u51fb <a href\="\#">00000</a> \u4e0b\u8f7d\u5377
 message.edit.account=\u7f16\u8f91(\u201c-1\u201d\u8868\u793a\u5bf9\u8981\u521b\u5efa\u7684\u8d44\u6e90\u6570\u91cf\u6ca1\u6709\u4efb\u4f55\u9650\u5236)
 message.edit.confirm=\u8bf7\u5148\u786e\u8ba4\u60a8\u6240\u505a\u7684\u66f4\u6539\uff0c\u7136\u540e\u5355\u51fb\u201c\u4fdd\u5b58\u201d\u3002

From 8259c9ba3c1dbe058eed56cc0b3c8dc5c116e7e0 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 23 Nov 2015 11:45:58 +0530
Subject: [PATCH 095/115] ui: remove viewMetrics from instances/storage/system

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/instances.js | 13 -----------
 ui/scripts/storage.js   | 14 -----------
 ui/scripts/system.js    | 52 -----------------------------------------
 3 files changed, 79 deletions(-)

diff --git a/ui/scripts/instances.js b/ui/scripts/instances.js
index 094957af4b..42f08158a1 100644
--- a/ui/scripts/instances.js
+++ b/ui/scripts/instances.js
@@ -292,19 +292,6 @@
                     }
                 },
                 snapshot: vmSnapshotAction({ listView: true }),
-                viewMetrics: {
-                    label: 'label.metrics',
-                    isHeader: true,
-                    addRow: false,
-                    action: {
-                        custom: cloudStack.uiCustom.metricsView({resource: 'vms'})
-                    },
-                    messages: {
-                        notification: function (args) {
-                            return 'label.metrics';
-                        }
-                    }
-                },
             },
 
             dataProvider: function(args) {
diff --git a/ui/scripts/storage.js b/ui/scripts/storage.js
index 78826a3602..d56835cd7e 100644
--- a/ui/scripts/storage.js
+++ b/ui/scripts/storage.js
@@ -253,20 +253,6 @@
                             }
                         },
 
-                        viewMetrics: {
-                            label: 'label.metrics',
-                            isHeader: true,
-                            addRow: false,
-                            action: {
-                                custom: cloudStack.uiCustom.metricsView({resource: 'volumes'})
-                            },
-                            messages: {
-                                notification: function (args) {
-                                    return 'label.metrics';
-                                }
-                            }
-                        },
-
                         uploadVolume: {
                             isHeader: true,
                             label: 'label.upload.volume',
diff --git a/ui/scripts/system.js b/ui/scripts/system.js
index 3aafd8d812..6cd6450957 100644
--- a/ui/scripts/system.js
+++ b/ui/scripts/system.js
@@ -7706,19 +7706,6 @@
                                         }
                                     }
                                 },
-                                viewMetrics: {
-                                    label: 'label.metrics',
-                                    isHeader: true,
-                                    addRow: false,
-                                    action: {
-                                        custom: cloudStack.uiCustom.metricsView({resource: 'zones'})
-                                    },
-                                    messages: {
-                                        notification: function (args) {
-                                            return 'label.metrics';
-                                        }
-                                    }
-                                },
                             },
                             
                             detailView: {
@@ -14385,19 +14372,6 @@
                                 });
                             }
                         },
-                        viewMetrics: {
-                            label: 'label.metrics',
-                            isHeader: true,
-                            addRow: false,
-                            action: {
-                                custom: cloudStack.uiCustom.metricsView({resource: 'clusters'})
-                            },
-                            messages: {
-                                notification: function (args) {
-                                    return 'label.metrics';
-                                }
-                            }
-                        }
                     },
                     
                     detailView: {
@@ -15636,19 +15610,6 @@
                                 }
                             }
                         },
-                        viewMetrics: {
-                            label: 'label.metrics',
-                            isHeader: true,
-                            addRow: false,
-                            action: {
-                                custom: cloudStack.uiCustom.metricsView({resource: 'hosts'})
-                            },
-                            messages: {
-                                notification: function (args) {
-                                    return 'label.metrics';
-                                }
-                            }
-                        }
                     },
                     detailView: {
                         name: "Host details",
@@ -17455,19 +17416,6 @@
                                 }
                             }
                         },
-                        viewMetrics: {
-                            label: 'label.metrics',
-                            isHeader: true,
-                            addRow: false,
-                            action: {
-                                custom: cloudStack.uiCustom.metricsView({resource: 'storagepool'})
-                            },
-                            messages: {
-                                notification: function (args) {
-                                    return 'label.metrics';
-                                }
-                            }
-                        }
                     },
                     
                     detailView: {

From e65446cb94f477f5cdad7c87a4cb20311d288685 Mon Sep 17 00:00:00 2001
From: nnesic <nera@greenqloud.com>
Date: Tue, 10 Nov 2015 17:22:31 +0000
Subject: [PATCH 096/115] CLOUDSTACK-9052 Shuffling the password to avoid
 having a subset of characters in fixed positions.

(cherry picked from commit 52ccfaac0cb59163c408e1d465f0dffa40f1062b)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../com/cloud/utils/PasswordGenerator.java    | 25 ++++++++----
 .../cloud/utils/PasswordGeneratorTest.java    | 39 +++++++++++++++----
 2 files changed, 48 insertions(+), 16 deletions(-)

diff --git a/utils/src/com/cloud/utils/PasswordGenerator.java b/utils/src/com/cloud/utils/PasswordGenerator.java
index 0d791431b0..3ba54f2fa9 100644
--- a/utils/src/com/cloud/utils/PasswordGenerator.java
+++ b/utils/src/com/cloud/utils/PasswordGenerator.java
@@ -20,6 +20,9 @@
 package com.cloud.utils;
 
 import java.security.SecureRandom;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
 import java.util.Random;
 
 /**
@@ -48,14 +51,19 @@ public static String generateRandomPassword(int num) {
                 password.append(generateAlphaNumeric(r));
             }
         } else {
-            // Generate random 3-character string with a lowercase character,
-            // uppercase character, and a digit
-            password.append(generateLowercaseChar(r)).append(generateUppercaseChar(r)).append(generateDigit(r));
-
-            // Generate a random n-character string with only lowercase
-            // characters
-            for (int i = 0; i < num - 3; i++) {
-                password.append(generateLowercaseChar(r));
+            List<Character> passwordChars = new ArrayList<Character>();
+            passwordChars.add(generateLowercaseChar(r));
+            passwordChars.add(generateUppercaseChar(r));
+            passwordChars.add(generateDigit(r));
+
+            for (int i = passwordChars.size(); i < num; i++) {
+                passwordChars.add(generateAlphaNumeric(r));
+            }
+
+            Collections.shuffle(passwordChars, new SecureRandom());
+
+            for (char c : passwordChars) {
+                password.append(c);
             }
         }
 
@@ -87,4 +95,5 @@ public static String generatePresharedKey(int numChars) {
         return psk.toString();
 
     }
+
 }
diff --git a/utils/test/com/cloud/utils/PasswordGeneratorTest.java b/utils/test/com/cloud/utils/PasswordGeneratorTest.java
index 413b86618c..e71436d9b3 100644
--- a/utils/test/com/cloud/utils/PasswordGeneratorTest.java
+++ b/utils/test/com/cloud/utils/PasswordGeneratorTest.java
@@ -30,13 +30,36 @@ public void generateRandomPassword() {
         Assert.assertTrue(PasswordGenerator.generateRandomPassword(1).length() == 3);
         Assert.assertTrue(PasswordGenerator.generateRandomPassword(5).length() == 5);
         String password = PasswordGenerator.generateRandomPassword(8);
-        // TODO: this might give more help to bruteforcing than desired
-        // the actual behavior is that the first character is a random lowercase
-        // char
-        Assert.assertTrue(Character.isLowerCase(password.charAt(0)));
-        // the second character is a random upper case char
-        Assert.assertTrue(Character.isUpperCase(password.charAt(1)));
-        // and the third is a digit
-        Assert.assertTrue(Character.isDigit(password.charAt(2)));
+
+        Assert.assertTrue(containsDigit(password));
+        Assert.assertTrue(containsLowercase(password));
+        Assert.assertTrue(containsUppercase(password));
+    }
+
+    private boolean containsUppercase(String password) {
+        for (char c : password.toCharArray()) {
+            if (Character.isUpperCase(c)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    private boolean containsLowercase(String password) {
+        for (char c : password.toCharArray()) {
+            if (Character.isLowerCase(c)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    private boolean containsDigit(String password) {
+        for (char c : password.toCharArray()) {
+            if (Character.isDigit(c)) {
+                return true;
+            }
+        }
+        return false;
     }
 }

From 2e6c7ce4c8bc98c51d153a595d757bbcc886a2a6 Mon Sep 17 00:00:00 2001
From: Abhinandan Prateek <abhinandan.prateek@shapeblue.com>
Date: Tue, 24 Nov 2015 13:29:59 +0530
Subject: [PATCH 097/115] CLOUDSTACK-9064: The users should be able to create
 multiple Guest Shared Networks in same Vlan ID, same Physical Network and
 same network, just with a different IP ranges.

---
 .../cloudstack/engine/orchestration/NetworkOrchestrator.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java b/engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
index 093f113821..f74a688c96 100755
--- a/engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
+++ b/engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
@@ -1944,7 +1944,7 @@ public Network createGuestNetwork(long networkOfferingId, final String name, fin
             } else {
                 // don't allow to creating shared network with given Vlan ID, if there already exists a isolated network or
                 // shared network with same Vlan ID in the zone
-                if (_networksDao.countByZoneUriAndGuestType(zoneId, uri, GuestType.Isolated) > 0 || _networksDao.countByZoneUriAndGuestType(zoneId, uri, GuestType.Shared) > 0) {
+                if (_networksDao.countByZoneUriAndGuestType(zoneId, uri, GuestType.Isolated) > 0 ) {
                     throw new InvalidParameterValueException("There is a isolated/shared network with vlan id: " + vlanId + " already exists " + "in zone " + zoneId);
                 }
             }

From 0da2736fbf6a386675bdf713c6e5e7a54df35cad Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 25 Nov 2015 14:12:53 +0530
Subject: [PATCH 098/115] ui: fix instances null check regression from 2f250e2

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/instances.js | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/ui/scripts/instances.js b/ui/scripts/instances.js
index 42f08158a1..ec6f17fcc7 100644
--- a/ui/scripts/instances.js
+++ b/ui/scripts/instances.js
@@ -358,11 +358,13 @@
                     data: data,
                     success: function(json) {
                         var items = json.listvirtualmachinesresponse.virtualmachine;
-                        $.each(items, function(idx, vm) {
-                            if (vm.nic && vm.nic.length > 0 && vm.nic[0].ipaddress) {
-                                items[idx].ipaddress = vm.nic[0].ipaddress;
-                            }
-                        });
+                        if (items) {
+                            $.each(items, function(idx, vm) {
+                                if (vm.nic && vm.nic.length > 0 && vm.nic[0].ipaddress) {
+                                    items[idx].ipaddress = vm.nic[0].ipaddress;
+                                }
+                            });
+                        }
                         args.response.success({
                             data: items
                         });

From cbb9c4acdf8262dd74d75df1309d46fa6c6102df Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 25 Nov 2015 14:37:40 +0530
Subject: [PATCH 099/115] CLOUDSTACK-9083: Add disk serial to kvm virt xml

Adds disk serial ids based on volume uuids to the virt xml. This may be useful
for appliances/software that needs some serial ids on the VM disks. This does not
impact existing/running VMs, the vm virt xmls will be updates for running VMs
the next time they are stopped/started.

For testing, disk serial (of debian based systemvm) in the virt xml matched that
in /sys/devices/pci0000:00:0000:00:07.0/virtio4/block/vda/serial.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../kvm/resource/LibvirtComputingResource.java        |  6 ++++++
 .../cloud/hypervisor/kvm/resource/LibvirtVMDef.java   | 11 ++++++++++-
 .../hypervisor/kvm/storage/KVMStorageProcessor.java   |  9 ++++++---
 .../kvm/resource/LibvirtComputingResourceTest.java    |  8 ++++++++
 4 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index 45acef0e5c..85b7376cc6 100755
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -4004,6 +4004,7 @@ public int compare(DiskTO arg0, DiskTO arg1) {
 
             if (data instanceof VolumeObjectTO) {
                 VolumeObjectTO volumeObjectTO = (VolumeObjectTO)data;
+                disk.setSerial(diskUuidToSerial(volumeObjectTO.getUuid()));
                 if ((volumeObjectTO.getBytesReadRate() != null) && (volumeObjectTO.getBytesReadRate() > 0))
                     disk.setBytesReadRate(volumeObjectTO.getBytesReadRate());
                 if ((volumeObjectTO.getBytesWriteRate() != null) && (volumeObjectTO.getBytesWriteRate() > 0))
@@ -4294,6 +4295,11 @@ public StartupCommand[] initialize() {
         }
     }
 
+    public String diskUuidToSerial(String uuid) {
+        String uuidWithoutHyphen = uuid.replace("-","");
+        return uuidWithoutHyphen.substring(0, Math.min(uuidWithoutHyphen.length(), 20));
+    }
+
     private String getIqn() {
         try {
             final String textToFind = "InitiatorName=";
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtVMDef.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtVMDef.java
index 8ff720ea73..688c082788 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtVMDef.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtVMDef.java
@@ -404,7 +404,7 @@ public List<InterfaceDef> getInterfaces() {
 
     public static class DiskDef {
         public enum deviceType {
-            FLOPPY("floppy"), DISK("disk"), CDROM("cdrom");
+            FLOPPY("floppy"), DISK("disk"), CDROM("cdrom"), LUN("lun");
             String _type;
 
             deviceType(String type) {
@@ -509,6 +509,7 @@ public String toString() {
         private Long _iopsReadRate;
         private Long _iopsWriteRate;
         private diskCacheMode _diskCacheMode;
+        private String _serial;
         private boolean qemuDriver = true;
 
         public void setDeviceType(deviceType deviceType) {
@@ -693,6 +694,10 @@ public void setQemuDriver(boolean qemuDriver){
             this.qemuDriver = qemuDriver;
         }
 
+        public void setSerial(String serial) {
+            this._serial = serial;
+        }
+
         @Override
         public String toString() {
             StringBuilder diskBuilder = new StringBuilder();
@@ -746,6 +751,10 @@ public String toString() {
             }
             diskBuilder.append("/>\n");
 
+            if (_serial != null && !_serial.isEmpty() && _deviceType != deviceType.LUN) {
+                diskBuilder.append("<serial>" + _serial + "</serial>");
+            }
+
             if ((_deviceType != deviceType.CDROM) &&
                     (s_libvirtVersion >= 9008) &&
                     (s_qemuVersion >= 1001000) &&
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
index ebbb3d3166..83e151ad52 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
@@ -931,7 +931,7 @@ protected synchronized String attachOrDetachDevice(Connect conn, boolean attach,
         return null;
     }
 
-    protected synchronized String attachOrDetachDisk(Connect conn, boolean attach, String vmName, KVMPhysicalDisk attachingDisk, int devId) throws LibvirtException,
+    protected synchronized String attachOrDetachDisk(Connect conn, boolean attach, String vmName, KVMPhysicalDisk attachingDisk, int devId, String serial) throws LibvirtException,
         InternalErrorException {
         List<DiskDef> disks = null;
         Domain dm = null;
@@ -967,6 +967,7 @@ protected synchronized String attachOrDetachDisk(Connect conn, boolean attach, S
                 }
             } else {
                 diskdef = new DiskDef();
+                diskdef.setSerial(serial);
                 if (attachingPool.getType() == StoragePoolType.RBD) {
                     if(resource.getHypervisorType() == Hypervisor.HypervisorType.LXC){
                         // For LXC, map image to host and then attach to Vm
@@ -1009,6 +1010,7 @@ public Answer attachVolume(AttachCommand cmd) {
         VolumeObjectTO vol = (VolumeObjectTO)disk.getData();
         PrimaryDataStoreTO primaryStore = (PrimaryDataStoreTO)vol.getDataStore();
         String vmName = cmd.getVmName();
+        String serial = resource.diskUuidToSerial(vol.getUuid());
         try {
             Connect conn = LibvirtConnection.getConnectionByVmName(vmName);
 
@@ -1016,7 +1018,7 @@ public Answer attachVolume(AttachCommand cmd) {
 
             KVMPhysicalDisk phyDisk = storagePoolMgr.getPhysicalDisk(primaryStore.getPoolType(), primaryStore.getUuid(), vol.getPath());
 
-            attachOrDetachDisk(conn, true, vmName, phyDisk, disk.getDiskSeq().intValue());
+            attachOrDetachDisk(conn, true, vmName, phyDisk, disk.getDiskSeq().intValue(), serial);
 
             return new AttachAnswer(disk);
         } catch (LibvirtException e) {
@@ -1035,12 +1037,13 @@ public Answer dettachVolume(DettachCommand cmd) {
         VolumeObjectTO vol = (VolumeObjectTO)disk.getData();
         PrimaryDataStoreTO primaryStore = (PrimaryDataStoreTO)vol.getDataStore();
         String vmName = cmd.getVmName();
+        String serial = resource.diskUuidToSerial(vol.getUuid());
         try {
             Connect conn = LibvirtConnection.getConnectionByVmName(vmName);
 
             KVMPhysicalDisk phyDisk = storagePoolMgr.getPhysicalDisk(primaryStore.getPoolType(), primaryStore.getUuid(), vol.getPath());
 
-            attachOrDetachDisk(conn, false, vmName, phyDisk, disk.getDiskSeq().intValue());
+            attachOrDetachDisk(conn, false, vmName, phyDisk, disk.getDiskSeq().intValue(), serial);
 
             storagePoolMgr.disconnectPhysicalDisk(primaryStore.getPoolType(), primaryStore.getUuid(), vol.getPath());
 
diff --git a/plugins/hypervisors/kvm/test/com/cloud/hypervisor/kvm/resource/LibvirtComputingResourceTest.java b/plugins/hypervisors/kvm/test/com/cloud/hypervisor/kvm/resource/LibvirtComputingResourceTest.java
index bf4546c63d..789da343a3 100644
--- a/plugins/hypervisors/kvm/test/com/cloud/hypervisor/kvm/resource/LibvirtComputingResourceTest.java
+++ b/plugins/hypervisors/kvm/test/com/cloud/hypervisor/kvm/resource/LibvirtComputingResourceTest.java
@@ -359,6 +359,14 @@ public void testGetNicStats() {
         assertNotNull(stats);
     }
 
+    @Test
+    public void diskUuidToSerialTest() {
+        String uuid = "38400000-8cf0-11bd-b24e-10b96e4ef00d";
+        String expected = "384000008cf011bdb24e";
+        LibvirtComputingResource lcr = new LibvirtComputingResource();
+        Assert.assertEquals(expected, lcr.diskUuidToSerial(uuid));
+    }
+
     @Test
     public void testUUID() {
         String uuid = "1";

From 4a48427ea49cdd3154ce7b3b574cad502b6b0062 Mon Sep 17 00:00:00 2001
From: Sateesh Chodapuneedi <sateesh@apache.org>
Date: Wed, 14 Jan 2015 08:13:10 +0530
Subject: [PATCH 100/115] CLOUDSTACK-4787 Allow selection of scsi controller
 type in vSphere

    commit #7
    So far only 1 controller (scsi or ide) is supported in Cloudstack for ide or
    scsi, this is existing limitation. Added support for 2nd IDE controller. Support adding IDE
    virtual disk to VM. Also added check if VM is running as IDE virtual disk cannot be attached
    to VM if VM is runnning.If user detaches a virtual disk on lower unit number of controller,
    then subsequent attach operation should find free unit number on the controller and attach
    the virtual disk there.

    commit #6
    Let the controllers of existing VMs continue without flip, current busInfo retrieved from
    chain_info field of volume record from database would be preferred over
    controller settings from all configuration settings.

    commit #5
    Editing global configuration param vmware.root.disk.controller osdefault value results
    in loss of previous root disk controller type. Hence root disk's controller type for legacy
    VMs is unknow post that modificaiton by user. If VM is stop/start then we could get this
    infromation from bus info of existing volume. But if user resets VM and then try to start VM.
    The existing bus info would be lost. Hence existing disk info is not available to depend on.
    Using lsilogic or generic scsi controller for ROOT disk of legacy VMs if reset.

    commit #4
    Avoid adding additional (>1) scsi controllers to system vms. While attaching volume to legacy VM
    don't use osdefault optoin which applicable only for VM created with the option enabled, use
    legacy data disk controller type (lsilogic)

    commit #3
    If root disk's controller type is scsi and data disk controller type condenses
    to any of scsi sub-types then data disk controller type would fall back to root disk controller itself. This
    ensures data volumes would be accessible in all cases as controller of root volume would be reliable
    and it means VM has the supported controller. It also avoids mix of scsi controller sub-types in a user instance.
    Also translating disk controller type scsi to lsilogic.

    commit #2
    Support auto detection of recommended virtual disk controller type for specific guest OS.

    commit #1
    Support granual controller types. Add support for controller types in template registration as well.

    Fix white spaces.
    Removed stale HEAD merge lines
    Removed tail of merge lines
    Fixed VmwareResource, removing storage commands that moved to VmwareStorageProcessor.
    removed stale code of controller that is present in processor
    Fixed check style errors.
    Fixed injection.
    Tested with Linux and windows templates. Unable to run iso based tests due to few bugs in register iso area.

    Signed-off-by: Sateesh Chodapuneedi <sateesh@apache.org>

(cherry picked from commit a4cc987a6f66f20c434942956fffe5951df09e43)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 api/src/com/cloud/vm/VmDetailConstants.java   |   1 +
 .../storage/command/AttachCommand.java        |  16 +
 .../com/cloud/hypervisor/guru/VMwareGuru.java |   7 +
 .../vmware/manager/VmwareManager.java         |   1 +
 .../vmware/manager/VmwareManagerImpl.java     |   8 +
 .../vmware/resource/VmwareResource.java       | 209 ++++++-
 .../resource/VmwareStorageProcessor.java      |  62 ++-
 .../cloud/storage/VolumeApiServiceImpl.java   |   6 +
 .../src/com/cloud/vm/UserVmManagerImpl.java   |   9 +
 .../cloud/hypervisor/vmware/mo/ClusterMO.java |  35 +-
 .../vmware/mo/DiskControllerType.java         |  31 +-
 .../cloud/hypervisor/vmware/mo/HostMO.java    |  17 +-
 .../vmware/mo/HypervisorHostHelper.java       | 112 +++-
 .../vmware/mo/ScsiDiskControllerType.java     |  24 +
 .../vmware/mo/VirtualMachineMO.java           | 524 +++++++++++++++++-
 .../hypervisor/vmware/mo/VmdkAdapterType.java |  48 ++
 .../vmware/mo/VmdkFileDescriptor.java         |  70 +++
 .../vmware/mo/VmwareHypervisorHost.java       |   5 +-
 .../hypervisor/vmware/util/VmwareHelper.java  |  24 +
 19 files changed, 1140 insertions(+), 69 deletions(-)
 create mode 100644 vmware-base/src/com/cloud/hypervisor/vmware/mo/ScsiDiskControllerType.java
 create mode 100644 vmware-base/src/com/cloud/hypervisor/vmware/mo/VmdkAdapterType.java

diff --git a/api/src/com/cloud/vm/VmDetailConstants.java b/api/src/com/cloud/vm/VmDetailConstants.java
index bd6f0e2f64..d06ad67197 100644
--- a/api/src/com/cloud/vm/VmDetailConstants.java
+++ b/api/src/com/cloud/vm/VmDetailConstants.java
@@ -22,4 +22,5 @@ public interface VmDetailConstants {
     public static final String ROOK_DISK_CONTROLLER = "rootDiskController";
     public static final String NESTED_VIRTUALIZATION_FLAG = "nestedVirtualizationFlag";
     public static final String HYPERVISOR_TOOLS_VERSION = "hypervisortoolsversion";
+    public static final String DATA_DISK_CONTROLLER = "dataDiskController";
 }
diff --git a/core/src/org/apache/cloudstack/storage/command/AttachCommand.java b/core/src/org/apache/cloudstack/storage/command/AttachCommand.java
index 795deb2c06..0109d275af 100644
--- a/core/src/org/apache/cloudstack/storage/command/AttachCommand.java
+++ b/core/src/org/apache/cloudstack/storage/command/AttachCommand.java
@@ -19,6 +19,8 @@
 
 package org.apache.cloudstack.storage.command;
 
+import java.util.Map;
+
 import com.cloud.agent.api.Command;
 import com.cloud.agent.api.to.DiskTO;
 
@@ -26,12 +28,26 @@ public final class AttachCommand extends Command implements StorageSubSystemComm
     private DiskTO disk;
     private String vmName;
     private boolean inSeq = false;
+    private Map<String, String> controllerInfo;
 
     public AttachCommand(DiskTO disk, String vmName) {
         super();
         this.disk = disk;
         this.vmName = vmName;
     }
+    public AttachCommand(DiskTO disk, String vmName, Map<String, String> controllerInfo) {
+        super();
+        this.disk = disk;
+        this.vmName = vmName;
+        this.controllerInfo = controllerInfo;
+    }
+
+    public Map<String, String> getControllerInfo() {
+        return controllerInfo;
+    }
+    public void setControllerInfo(Map<String, String> controllerInfo) {
+        this.controllerInfo = controllerInfo;
+    }
 
     @Override
     public boolean executeInSequence() {
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/guru/VMwareGuru.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/guru/VMwareGuru.java
index 9ac32d4757..88ed576283 100644
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/guru/VMwareGuru.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/guru/VMwareGuru.java
@@ -69,6 +69,7 @@
 import com.cloud.hypervisor.HypervisorGuru;
 import com.cloud.hypervisor.HypervisorGuruBase;
 import com.cloud.hypervisor.vmware.manager.VmwareManager;
+import com.cloud.hypervisor.vmware.mo.DiskControllerType;
 import com.cloud.hypervisor.vmware.mo.VirtualEthernetCardType;
 import com.cloud.network.Network.Provider;
 import com.cloud.network.Network.Service;
@@ -208,6 +209,12 @@ public VirtualMachineTO implement(VirtualMachineProfile vm) {
                 details.put(VmDetailConstants.ROOK_DISK_CONTROLLER, _vmwareMgr.getRootDiskController());
             }
         }
+        String diskController = details.get(VmDetailConstants.DATA_DISK_CONTROLLER);
+        if (userVm) {
+            if (diskController == null) {
+                details.put(VmDetailConstants.DATA_DISK_CONTROLLER, DiskControllerType.lsilogic.toString());
+            }
+        }
 
         List<NicProfile> nicProfiles = vm.getNics();
 
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManager.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManager.java
index 35e275e004..72ee2184e3 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManager.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManager.java
@@ -78,5 +78,6 @@ public interface VmwareManager {
 
     boolean isLegacyZone(long dcId);
 
+    public String getDataDiskController();
     boolean hasNexusVSM(Long clusterId);
 }
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java
index e852948b49..2bac9be134 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java
@@ -185,6 +185,8 @@ public class VmwareManagerImpl extends ManagerBase implements VmwareManager, Vmw
 
     private String _rootDiskController = DiskControllerType.ide.toString();
 
+    private String _dataDiskController = DiskControllerType.osdefault.toString();
+
     private final Map<String, String> _storageMounts = new HashMap<String, String>();
 
     private final Random _rand = new Random(System.currentTimeMillis());
@@ -478,6 +480,7 @@ public void setupResourceStartupParams(Map<String, Object> params) {
         params.put("service.console.name", _serviceConsoleName);
         params.put("management.portgroup.name", _managemetPortGroupName);
         params.put("vmware.root.disk.controller", _rootDiskController);
+        params.put("vmware.data.disk.controller", _dataDiskController);
         params.put("vmware.recycle.hung.wokervm", _recycleHungWorker);
         params.put("ports.per.dvportgroup", _portsPerDvPortGroup);
     }
@@ -930,6 +933,11 @@ public String getRootDiskController() {
         return _rootDiskController;
     }
 
+    @Override
+    public String getDataDiskController() {
+        return _dataDiskController;
+    }
+
     @Override
     public int getVcenterSessionTimeout() {
         return _vCenterSessionTimeout;
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
index 9e7db37e23..008f3a39a6 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@@ -80,6 +80,7 @@
 import com.vmware.vim25.VirtualDeviceConfigSpec;
 import com.vmware.vim25.VirtualDeviceConfigSpecOperation;
 import com.vmware.vim25.VirtualDisk;
+import com.vmware.vim25.VirtualDiskFlatVer2BackingInfo;
 import com.vmware.vim25.VirtualEthernetCard;
 import com.vmware.vim25.VirtualEthernetCardDistributedVirtualPortBackingInfo;
 import com.vmware.vim25.VirtualEthernetCardNetworkBackingInfo;
@@ -215,8 +216,8 @@
 import com.cloud.exception.CloudException;
 import com.cloud.exception.InternalErrorException;
 import com.cloud.host.Host.Type;
-import com.cloud.hypervisor.guru.VMwareGuru;
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
+import com.cloud.hypervisor.guru.VMwareGuru;
 import com.cloud.hypervisor.vmware.manager.VmwareHostService;
 import com.cloud.hypervisor.vmware.manager.VmwareManager;
 import com.cloud.hypervisor.vmware.manager.VmwareStorageMount;
@@ -566,7 +567,7 @@ private Answer execute(ResizeVolumeCommand cmd) {
                 // we need to spawn a worker VM to attach the volume to and
                 // resize the volume.
                 useWorkerVm = true;
-                vmName = this.getWorkerName(getServiceContext(), cmd, 0);
+                vmName = getWorkerName(getServiceContext(), cmd, 0);
 
                 morDS = HypervisorHostHelper.findDatastoreWithBackwardsCompatibility(hyperHost, poolId);
                 dsMo = new DatastoreMO(hyperHost.getContext(), morDS);
@@ -595,7 +596,18 @@ private Answer execute(ResizeVolumeCommand cmd) {
                     s_logger.trace("resize volume done (failed)");
                 throw new Exception("No such disk device: " + path);
             }
+            // IDE virtual disk cannot be re-sized if VM is running
+            if (vdisk.second() != null && vdisk.second().contains("ide")) {
+                throw new Exception("Re-sizing a virtual disk over IDE controller is not supported in VMware hypervisor. " +
+                            "Please re-try when virtual disk is attached to a VM using SCSI controller.");
+            }
+
             VirtualDisk disk = vdisk.first();
+            String vmdkAbsFile = getAbsoluteVmdkFile(disk);
+            if (vmdkAbsFile != null && !vmdkAbsFile.isEmpty()) {
+                vmMo.updateAdapterTypeIfRequired(vmdkAbsFile);
+            }
+
             disk.setCapacityInKB(newSize);
 
             VirtualMachineConfigSpec vmConfigSpec = new VirtualMachineConfigSpec();
@@ -1325,6 +1337,63 @@ protected ScaleVmAnswer execute(ScaleVmCommand cmd) {
         return new ScaleVmAnswer(cmd, true, null);
     }
 
+    protected void ensureDiskControllers(VirtualMachineMO vmMo, Pair<String, String> controllerInfo) throws Exception {
+        if (vmMo == null) {
+            return;
+        }
+
+        String msg;
+        String rootDiskController = controllerInfo.first();
+        String dataDiskController = controllerInfo.second();
+        String scsiDiskController;
+        String recommendedDiskController = null;
+
+        if (VmwareHelper.isControllerOsRecommended(dataDiskController) || VmwareHelper.isControllerOsRecommended(rootDiskController)) {
+            recommendedDiskController = vmMo.getRecommendedDiskController(null);
+        }
+        scsiDiskController = HypervisorHostHelper.getScsiController(new Pair<String, String>(rootDiskController, dataDiskController), recommendedDiskController);
+        if (scsiDiskController == null) {
+            return;
+        }
+
+        vmMo.getScsiDeviceControllerKeyNoException();
+        // This VM needs SCSI controllers.
+        // Get count of existing scsi controllers. Helps not to attempt to create more than the maximum allowed 4
+        // Get maximum among the bus numbers in use by scsi controllers. Safe to pick maximum, because we always go sequential allocating bus numbers.
+        Ternary<Integer, Integer, DiskControllerType> scsiControllerInfo = vmMo.getScsiControllerInfo();
+        int requiredNumScsiControllers = VmwareHelper.MAX_SCSI_CONTROLLER_COUNT - scsiControllerInfo.first();
+        int availableBusNum = scsiControllerInfo.second() + 1; // method returned current max. bus number
+
+        if (requiredNumScsiControllers == 0) {
+            return;
+        }
+        if (scsiControllerInfo.first() > 0) {
+            // For VMs which already have a SCSI controller, do NOT attempt to add any more SCSI controllers & return the sub type.
+            // For Legacy VMs would have only 1 LsiLogic Parallel SCSI controller, and doesn't require more.
+            // For VMs created post device ordering support, 4 SCSI subtype controllers are ensured during deployment itself. No need to add more.
+            // For fresh VM deployment only, all required controllers should be ensured.
+            return;
+        }
+        ensureScsiDiskControllers(vmMo, scsiDiskController, requiredNumScsiControllers, availableBusNum);
+    }
+
+    private void ensureScsiDiskControllers(VirtualMachineMO vmMo, String scsiDiskController, int requiredNumScsiControllers, int availableBusNum) throws Exception {
+        // Pick the sub type of scsi
+        if (DiskControllerType.getType(scsiDiskController) == DiskControllerType.pvscsi) {
+            if (!vmMo.isPvScsiSupported()) {
+                String msg = "This VM doesn't support Vmware Paravirtual SCSI controller for virtual disks, because the virtual hardware version is less than 7.";
+                throw new Exception(msg);
+            }
+            vmMo.ensurePvScsiDeviceController(requiredNumScsiControllers, availableBusNum);
+        } else if (DiskControllerType.getType(scsiDiskController) == DiskControllerType.lsisas1068) {
+            vmMo.ensureLsiLogicSasDeviceControllers(requiredNumScsiControllers, availableBusNum);
+        } else if (DiskControllerType.getType(scsiDiskController) == DiskControllerType.buslogic) {
+            vmMo.ensureBusLogicDeviceControllers(requiredNumScsiControllers, availableBusNum);
+        } else if (DiskControllerType.getType(scsiDiskController) == DiskControllerType.lsilogic) {
+            vmMo.ensureScsiDeviceControllers(requiredNumScsiControllers, availableBusNum);
+        }
+    }
+
     protected StartAnswer execute(StartCommand cmd) {
         if (s_logger.isInfoEnabled()) {
             s_logger.info("Executing resource StartCommand: " + _gson.toJson(cmd));
@@ -1340,7 +1409,29 @@ protected StartAnswer execute(StartCommand cmd) {
         Pair<String, String> names = composeVmNames(vmSpec);
         String vmInternalCSName = names.first();
         String vmNameOnVcenter = names.second();
+        String dataDiskController = vmSpec.getDetails().get(VmDetailConstants.DATA_DISK_CONTROLLER);
+        String rootDiskController = vmSpec.getDetails().get(VmDetailConstants.ROOK_DISK_CONTROLLER);
 
+        // If root disk controller is scsi, then data disk controller would also be scsi instead of using 'osdefault'
+        // This helps avoid mix of different scsi subtype controllers in instance.
+        if (DiskControllerType.lsilogic == DiskControllerType.getType(rootDiskController)) {
+            dataDiskController = DiskControllerType.scsi.toString();
+        }
+
+        // Validate the controller types
+        dataDiskController = DiskControllerType.getType(dataDiskController).toString();
+        rootDiskController = DiskControllerType.getType(rootDiskController).toString();
+
+        if (DiskControllerType.getType(rootDiskController) == DiskControllerType.none) {
+            throw new CloudRuntimeException("Invalid root disk controller detected : " + rootDiskController);
+        }
+        if (DiskControllerType.getType(dataDiskController) == DiskControllerType.none) {
+            throw new CloudRuntimeException("Invalid data disk controller detected : " + dataDiskController);
+        }
+
+        Pair<String, String> controllerInfo = new Pair<String, String>(rootDiskController, dataDiskController);
+
+        Boolean systemVm = vmSpec.getType().isUsedBySystem();
         // Thus, vmInternalCSName always holds i-x-y, the cloudstack generated internal VM name.
         VmwareContext context = getServiceContext();
         DatacenterMO dcMo = null;
@@ -1379,6 +1470,9 @@ protected StartAnswer execute(StartCommand cmd) {
 
             VirtualMachineDiskInfoBuilder diskInfoBuilder = null;
             VirtualMachineMO vmMo = hyperHost.findVmOnHyperHost(vmInternalCSName);
+            DiskControllerType systemVmScsiControllerType = DiskControllerType.lsilogic;
+            int firstScsiControllerBusNum = 0;
+            int numScsiControllerForSystemVm = 1;
             boolean hasSnapshot = false;
             if (vmMo != null) {
                 s_logger.info("VM " + vmInternalCSName + " already exists, tear down devices for reconfiguration");
@@ -1392,7 +1486,11 @@ protected StartAnswer execute(StartCommand cmd) {
                     vmMo.tearDownDevices(new Class<?>[] {VirtualDisk.class, VirtualEthernetCard.class});
                 else
                     vmMo.tearDownDevices(new Class<?>[] {VirtualEthernetCard.class});
-                vmMo.ensureScsiDeviceController();
+                if (systemVm) {
+                    ensureScsiDiskControllers(vmMo, systemVmScsiControllerType.toString(), numScsiControllerForSystemVm, firstScsiControllerBusNum);
+                } else {
+                    ensureDiskControllers(vmMo, controllerInfo);
+                }
             } else {
                 ManagedObjectReference morDc = hyperHost.getHyperHostDatacenter();
                 assert (morDc != null);
@@ -1414,7 +1512,13 @@ protected StartAnswer execute(StartCommand cmd) {
                         vmMo.tearDownDevices(new Class<?>[] {VirtualDisk.class, VirtualEthernetCard.class});
                     else
                         vmMo.tearDownDevices(new Class<?>[] {VirtualEthernetCard.class});
-                    vmMo.ensureScsiDeviceController();
+
+                    if (systemVm) {
+                        // System volumes doesn't require more than 1 SCSI controller as there is no requirement for data volumes.
+                        ensureScsiDiskControllers(vmMo, systemVmScsiControllerType.toString(), numScsiControllerForSystemVm, firstScsiControllerBusNum);
+                    } else {
+                        ensureDiskControllers(vmMo, controllerInfo);
+                    }
                 } else {
                     // If a VM with the same name is found in a different cluster in the DC, unregister the old VM and configure a new VM (cold-migration).
                     VirtualMachineMO existingVmInDc = dcMo.findVm(vmInternalCSName);
@@ -1458,7 +1562,7 @@ protected StartAnswer execute(StartCommand cmd) {
                         tearDownVm(vmMo);
                     }else if (!hyperHost.createBlankVm(vmNameOnVcenter, vmInternalCSName, vmSpec.getCpus(), vmSpec.getMaxSpeed().intValue(),
                             getReservedCpuMHZ(vmSpec), vmSpec.getLimitCpuUse(), (int)(vmSpec.getMaxRam() / (1024 * 1024)), getReservedMemoryMb(vmSpec),
-                            translateGuestOsIdentifier(vmSpec.getArch(), vmSpec.getOs(), vmSpec.getPlatformEmulator()).value(), rootDiskDataStoreDetails.first(), false)) {
+                            translateGuestOsIdentifier(vmSpec.getArch(), vmSpec.getOs(), vmSpec.getPlatformEmulator()).value(), rootDiskDataStoreDetails.first(), false, controllerInfo, systemVm)) {
                         throw new Exception("Failed to create VM. vmName: " + vmInternalCSName);
                     }
                 }
@@ -1520,7 +1624,7 @@ protected StartAnswer execute(StartCommand cmd) {
             int scsiUnitNumber = 0;
             int nicUnitNumber = 0;
             int ideControllerKey = vmMo.getIDEDeviceControllerKey();
-            int scsiControllerKey = vmMo.getScsiDeviceControllerKey();
+            int scsiControllerKey = vmMo.getGenericScsiDeviceControllerKeyNoException();
             int controllerKey;
 
             //
@@ -1619,7 +1723,31 @@ protected StartAnswer execute(StartCommand cmd) {
 
                 VirtualMachineDiskInfo matchingExistingDisk = getMatchingExistingDisk(diskInfoBuilder, vol, hyperHost, context);
                 controllerKey = getDiskController(matchingExistingDisk, vol, vmSpec, ideControllerKey, scsiControllerKey);
+                String diskController = getDiskController(vmMo, matchingExistingDisk, vol, new Pair<String, String>(rootDiskController, dataDiskController));
 
+                if (DiskControllerType.getType(diskController) == DiskControllerType.osdefault) {
+                    diskController = vmMo.getRecommendedDiskController(null);
+                }
+                if (DiskControllerType.getType(diskController) == DiskControllerType.ide) {
+                    controllerKey = vmMo.getIDEControllerKey(ideUnitNumber);
+                    if (vol.getType() == Volume.Type.DATADISK) {
+                        // Could be result of flip due to user configured setting or "osdefault" for data disks
+                        // Ensure maximum of 2 data volumes over IDE controller, 3 includeing root volume
+                        if (vmMo.getNumberOfVirtualDisks() > 3) {
+                            throw new CloudRuntimeException("Found more than 3 virtual disks attached to this VM [" + vmMo.getVmName() + "]. Unable to implement the disks over "
+                                    + diskController + " controller, as maximum number of devices supported over IDE controller is 4 includeing CDROM device.");
+                        }
+                    }
+                } else {
+                    controllerKey = vmMo.getScsiDiskControllerKeyNoException(diskController);
+                    if (controllerKey == -1) {
+                        // This may happen for ROOT legacy VMs which doesn't have recommended disk controller when global configuration parameter 'vmware.root.disk.controller' is set to "osdefault"
+                        // Retrieve existing controller and use.
+                        Ternary<Integer, Integer, DiskControllerType> vmScsiControllerInfo = vmMo.getScsiControllerInfo();
+                        DiskControllerType existingControllerType = vmScsiControllerInfo.third();
+                        controllerKey = vmMo.getScsiDiskControllerKeyNoException(existingControllerType.toString());
+                    }
+                }
                 if (!hasSnapshot) {
                     deviceConfigSpecArray[i] = new VirtualDeviceConfigSpec();
 
@@ -1648,7 +1776,7 @@ protected StartAnswer execute(StartCommand cmd) {
                     VirtualDevice device = VmwareHelper.prepareDiskDevice(vmMo, null, controllerKey,
                             diskChain,
                             volumeDsDetails.first(),
-                            (controllerKey == ideControllerKey) ? ideUnitNumber++ : scsiUnitNumber++, i + 1);
+                            (controllerKey == vmMo.getIDEControllerKey(ideUnitNumber)) ? ((ideUnitNumber++) % VmwareHelper.MAX_IDE_CONTROLLER_COUNT) : scsiUnitNumber++, i + 1);
 
                     deviceConfigSpecArray[i].setDevice(device);
                     deviceConfigSpecArray[i].setOperation(VirtualDeviceConfigSpecOperation.ADD);
@@ -1660,7 +1788,7 @@ protected StartAnswer execute(StartCommand cmd) {
                 } else {
                     if (controllerKey == scsiControllerKey && VmwareHelper.isReservedScsiDeviceNumber(scsiUnitNumber))
                         scsiUnitNumber++;
-                    if (controllerKey == ideControllerKey)
+                    if (controllerKey == vmMo.getIDEControllerKey(ideUnitNumber))
                         ideUnitNumber++;
                     else
                         scsiUnitNumber++;
@@ -2187,6 +2315,36 @@ private int getDiskController(VirtualMachineDiskInfo matchingExistingDisk, DiskT
         return controllerKey;
     }
 
+    private String getDiskController(VirtualMachineMO vmMo, VirtualMachineDiskInfo matchingExistingDisk, DiskTO vol, Pair<String, String> controllerInfo) throws Exception {
+        int controllerKey;
+        DiskControllerType controllerType = DiskControllerType.none;
+        if (matchingExistingDisk != null) {
+            String currentBusName = matchingExistingDisk.getDiskDeviceBusName();
+            if (currentBusName != null) {
+                s_logger.info("Chose disk controller based on existing information: " + currentBusName);
+                if (currentBusName.startsWith("ide")) {
+                    controllerType = DiskControllerType.ide;
+                } else if (currentBusName.startsWith("scsi")) {
+                    controllerType = DiskControllerType.scsi;
+                }
+            }
+            if (controllerType == DiskControllerType.scsi || controllerType == DiskControllerType.none) {
+                Ternary<Integer, Integer, DiskControllerType> vmScsiControllerInfo = vmMo.getScsiControllerInfo();
+                controllerType = vmScsiControllerInfo.third();
+            }
+            return controllerType.toString();
+        }
+
+        if (vol.getType() == Volume.Type.ROOT) {
+            s_logger.info("Chose disk controller for vol " + vol.getType() + " -> " + controllerInfo.first()
+                    + ", based on root disk controller settings at global configuration setting.");
+            return controllerInfo.first();
+        } else {
+            s_logger.info("Chose disk controller for vol " + vol.getType() + " -> " + controllerInfo.second()
+                    + ", based on default data disk controller setting i.e. Operating system recommended."); // Need to bring in global configuration setting & template level setting.
+            return controllerInfo.second();
+        }
+    }
     private void postDiskConfigBeforeStart(VirtualMachineMO vmMo, VirtualMachineTO vmSpec, DiskTO[] sortedDisks, int ideControllerKey,
             int scsiControllerKey, Map<String, String> iqnToPath, VmwareHypervisorHost hyperHost, VmwareContext context) throws Exception {
         VirtualMachineDiskInfoBuilder diskInfoBuilder = vmMo.getDiskInfoBuilder();
@@ -3118,8 +3276,13 @@ protected Answer execute(MigrateWithStorageCommand cmd) {
                     relocateSpec.setDatastore(morTgtDatastore);
                 }
                 diskLocator = new VirtualMachineRelocateSpecDiskLocator();
-                diskLocator.setDatastore(morTgtDatastore);
-                int diskId = getVirtualDiskInfo(vmMo, volume.getPath() + ".vmdk");
+                diskLocator.setDatastore(morDsAtSource);
+                Pair<VirtualDisk, String> diskInfo = getVirtualDiskInfo(vmMo, volume.getPath() + ".vmdk");
+                String vmdkAbsFile = getAbsoluteVmdkFile(diskInfo.first());
+                if (vmdkAbsFile != null && !vmdkAbsFile.isEmpty()) {
+                    vmMo.updateAdapterTypeIfRequired(vmdkAbsFile);
+                }
+                int diskId = diskInfo.first().getKey();
                 diskLocator.setDiskId(diskId);
 
                 diskLocators.add(diskLocator);
@@ -3281,7 +3444,13 @@ private Answer execute(MigrateVolumeCommand cmd) {
 
             DatastoreMO targetDsMo = new DatastoreMO(srcHyperHost.getContext(), morDs);
             String fullVolumePath = VmwareStorageLayoutHelper.getVmwareDatastorePathFromVmdkFileName(targetDsMo, vmName, volumePath + ".vmdk");
-            int diskId = getVirtualDiskInfo(vmMo, volumePath + ".vmdk");
+            Pair<VirtualDisk, String> diskInfo = getVirtualDiskInfo(vmMo, volumePath + ".vmdk");
+            String vmdkAbsFile = getAbsoluteVmdkFile(diskInfo.first());
+            if (vmdkAbsFile != null && !vmdkAbsFile.isEmpty()) {
+                vmMo.updateAdapterTypeIfRequired(vmdkAbsFile);
+            }
+            int diskId = diskInfo.first().getKey();
+
             diskLocator = new VirtualMachineRelocateSpecDiskLocator();
             diskLocator.setDatastore(morDs);
             diskLocator.setDiskId(diskId);
@@ -3337,12 +3506,12 @@ private Answer execute(MigrateVolumeCommand cmd) {
         }
     }
 
-    private int getVirtualDiskInfo(VirtualMachineMO vmMo, String srcDiskName) throws Exception {
+    private Pair<VirtualDisk, String> getVirtualDiskInfo(VirtualMachineMO vmMo, String srcDiskName) throws Exception {
         Pair<VirtualDisk, String> deviceInfo = vmMo.getDiskDevice(srcDiskName, false);
         if (deviceInfo == null) {
             throw new Exception("No such disk device: " + srcDiskName);
         }
-        return deviceInfo.first().getKey();
+        return deviceInfo;
     }
 
     private VmwareHypervisorHost getTargetHyperHost(DatacenterMO dcMo, String destIp) throws Exception {
@@ -4943,8 +5112,10 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
             value = (String)params.get("vmware.root.disk.controller");
             if (value != null && value.equalsIgnoreCase("scsi"))
                 _rootDiskController = DiskControllerType.scsi;
-            else
+            else if (value != null && value.equalsIgnoreCase("ide"))
                 _rootDiskController = DiskControllerType.ide;
+            else
+                _rootDiskController = DiskControllerType.osdefault;
 
             Integer intObj = (Integer)params.get("ports.per.dvportgroup");
             if (intObj != null)
@@ -5168,4 +5339,14 @@ public Answer execute(DestroyCommand cmd) {
             return new Answer(cmd, false, msg);
         }
     }
+
+    private String getAbsoluteVmdkFile(VirtualDisk disk) {
+        String vmdkAbsFile = null;
+        VirtualDeviceBackingInfo backingInfo = disk.getBacking();
+        if (backingInfo instanceof VirtualDiskFlatVer2BackingInfo) {
+            VirtualDiskFlatVer2BackingInfo diskBackingInfo = (VirtualDiskFlatVer2BackingInfo)backingInfo;
+            vmdkAbsFile = diskBackingInfo.getFileName();
+        }
+        return vmdkAbsFile;
+    }
 }
diff --git a/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareStorageProcessor.java b/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareStorageProcessor.java
index 0ab97c0920..bc454e7425 100644
--- a/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareStorageProcessor.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareStorageProcessor.java
@@ -71,12 +71,14 @@
 import com.cloud.agent.api.to.DiskTO;
 import com.cloud.agent.api.to.NfsTO;
 import com.cloud.hypervisor.vmware.manager.VmwareHostService;
+import com.cloud.hypervisor.vmware.manager.VmwareManager;
 import com.cloud.hypervisor.vmware.manager.VmwareStorageMount;
 import com.cloud.hypervisor.vmware.mo.ClusterMO;
 import com.cloud.hypervisor.vmware.mo.CustomFieldConstants;
 import com.cloud.hypervisor.vmware.mo.DatacenterMO;
 import com.cloud.hypervisor.vmware.mo.DatastoreFile;
 import com.cloud.hypervisor.vmware.mo.DatastoreMO;
+import com.cloud.hypervisor.vmware.mo.DiskControllerType;
 import com.cloud.hypervisor.vmware.mo.HostDatastoreSystemMO;
 import com.cloud.hypervisor.vmware.mo.HostMO;
 import com.cloud.hypervisor.vmware.mo.HostStorageSystemMO;
@@ -100,15 +102,16 @@
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.script.Script;
 import com.cloud.vm.VirtualMachine.PowerState;
+import com.cloud.vm.VmDetailConstants;
 
 public class VmwareStorageProcessor implements StorageProcessor {
     private static final Logger s_logger = Logger.getLogger(VmwareStorageProcessor.class);
 
-    private VmwareHostService hostService;
-    private boolean _fullCloneFlag;
-    private VmwareStorageMount mountService;
-    private VmwareResource resource;
-    private Integer _timeout;
+    private final VmwareHostService hostService;
+    private final boolean _fullCloneFlag;
+    private final VmwareStorageMount mountService;
+    private final VmwareResource resource;
+    private final Integer _timeout;
     protected Integer _shutdownWaitMs;
     private final Gson _gson;
     private final StorageLayer _storage = new JavaStorageLayer();
@@ -1279,10 +1282,10 @@ public Answer attachVolume(AttachCommand cmd) {
         String storageHost = details.get(DiskTO.STORAGE_HOST);
         int storagePort = Integer.parseInt(details.get(DiskTO.STORAGE_PORT));
 
-        return this.attachVolume(cmd, cmd.getDisk(), true, isManaged, cmd.getVmName(), iScsiName, storageHost, storagePort);
+        return this.attachVolume(cmd, cmd.getDisk(), true, isManaged, cmd.getVmName(), iScsiName, storageHost, storagePort, cmd.getControllerInfo());
     }
 
-    private Answer attachVolume(Command cmd, DiskTO disk, boolean isAttach, boolean isManaged, String vmName, String iScsiName, String storageHost, int storagePort) {
+    private Answer attachVolume(Command cmd, DiskTO disk, boolean isAttach, boolean isManaged, String vmName, String iScsiName, String storageHost, int storagePort, Map<String, String> controllerInfo) {
         VolumeObjectTO volumeTO = (VolumeObjectTO)disk.getData();
         DataStoreTO primaryStore = volumeTO.getDataStore();
         try {
@@ -1342,7 +1345,24 @@ private Answer attachVolume(Command cmd, DiskTO disk, boolean isAttach, boolean
             AttachAnswer answer = new AttachAnswer(disk);
 
             if (isAttach) {
-                vmMo.attachDisk(new String[] { datastoreVolumePath }, morDs);
+                String dataDiskController = controllerInfo.get(VmDetailConstants.DATA_DISK_CONTROLLER);
+                String rootDiskController = controllerInfo.get(VmDetailConstants.ROOK_DISK_CONTROLLER);
+                DiskControllerType rootDiskControllerType = DiskControllerType.getType(rootDiskController);
+
+                if (dataDiskController == null) {
+                    dataDiskController = getLegacyVmDataDiskController();
+                } else if ((rootDiskControllerType == DiskControllerType.lsilogic) ||
+                           (rootDiskControllerType == DiskControllerType.lsisas1068) ||
+                           (rootDiskControllerType == DiskControllerType.pvscsi) ||
+                           (rootDiskControllerType == DiskControllerType.buslogic)) {
+                    //TODO: Support mix of SCSI controller types for single VM. If root disk is already over
+                    //a SCSI controller then use the same for data volume as well. This limitation will go once mix
+                    //of SCSI controller types for single VM.
+                    dataDiskController = rootDiskController;
+                } else if (DiskControllerType.getType(dataDiskController) == DiskControllerType.osdefault) {
+                    dataDiskController = vmMo.getRecommendedDiskController(null);
+                }
+                vmMo.attachDisk(new String[] {datastoreVolumePath}, morDs, dataDiskController);
             } else {
                 vmMo.removeAllSnapshots();
                 vmMo.detachDisk(datastoreVolumePath, false);
@@ -1480,7 +1500,7 @@ public Answer dettachIso(DettachCommand cmd) {
 
     @Override
     public Answer dettachVolume(DettachCommand cmd) {
-        return this.attachVolume(cmd, cmd.getDisk(), false, cmd.isManaged(), cmd.getVmName(), cmd.get_iScsiName(), cmd.getStorageHost(), cmd.getStoragePort());
+        return this.attachVolume(cmd, cmd.getDisk(), false, cmd.isManaged(), cmd.getVmName(), cmd.get_iScsiName(), cmd.getStorageHost(), cmd.getStoragePort(), null);
     }
 
     @Override
@@ -2225,4 +2245,28 @@ private static String deriveTemplateUuidOnHost(VmwareHypervisorHost hyperHost, S
         templateUuid = templateUuid.replaceAll("-", "");
         return templateUuid;
     }
+
+    private String getControllerFromConfigurationSetting() throws Exception {
+        String diskController = null;
+        VmwareContext context = null;
+        try {
+            context = hostService.getServiceContext(null);
+            VmwareManager mgr = context.getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
+            diskController = mgr.getDataDiskController();
+        } catch (Throwable e) {
+            if (e instanceof RemoteException) {
+                s_logger.warn("Encounter remote exception to vCenter, invalidate VMware session context");
+                hostService.invalidateServiceContext(context);
+            }
+
+            String details = "Failed to connect to vCenter due to " + VmwareHelper.getExceptionMessage(e);
+            s_logger.error(details, e);
+        }
+
+        return diskController;
+    }
+
+    private String getLegacyVmDataDiskController() throws Exception {
+        return DiskControllerType.lsilogic.toString();
+    }
 }
diff --git a/server/src/com/cloud/storage/VolumeApiServiceImpl.java b/server/src/com/cloud/storage/VolumeApiServiceImpl.java
index b45b8aa872..fa2888ab3f 100644
--- a/server/src/com/cloud/storage/VolumeApiServiceImpl.java
+++ b/server/src/com/cloud/storage/VolumeApiServiceImpl.java
@@ -138,6 +138,7 @@
 import com.cloud.vm.VMInstanceVO;
 import com.cloud.vm.VirtualMachine;
 import com.cloud.vm.VirtualMachine.State;
+import com.cloud.vm.VmDetailConstants;
 import com.cloud.vm.VmWork;
 import com.cloud.vm.VmWorkAttachVolume;
 import com.cloud.vm.VmWorkConstants;
@@ -2319,6 +2320,11 @@ private VolumeVO sendAttachVolumeCommand(UserVmVO vm, VolumeVO volumeToAttach, L
                 details.put(DiskTO.CHAP_TARGET_USERNAME, chapInfo.getTargetUsername());
                 details.put(DiskTO.CHAP_TARGET_SECRET, chapInfo.getTargetSecret());
             }
+            _userVmDao.loadDetails(vm);
+            Map<String, String> controllerInfo = new HashMap<String, String>();
+            controllerInfo.put(VmDetailConstants.ROOK_DISK_CONTROLLER, vm.getDetail(VmDetailConstants.ROOK_DISK_CONTROLLER));
+            controllerInfo.put(VmDetailConstants.DATA_DISK_CONTROLLER, vm.getDetail(VmDetailConstants.DATA_DISK_CONTROLLER));
+            cmd.setControllerInfo(controllerInfo);
 
             try {
                 answer = (AttachAnswer)_agentMgr.send(hostId, cmd);
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index 66f7fc1d8d..6f49bb2b5c 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -3112,8 +3112,17 @@ public UserVmVO doInTransaction(TransactionStatus status) throws InsufficientCap
                     if (guestOS.getDisplayName().toLowerCase().contains("apple mac os")) {
                         vm.setDetail("smc.present", "TRUE");
                         vm.setDetail(VmDetailConstants.ROOK_DISK_CONTROLLER, "scsi");
+                        vm.setDetail(VmDetailConstants.DATA_DISK_CONTROLLER, "scsi");
                         vm.setDetail("firmware", "efi");
                         s_logger.info("guestOS is OSX : overwrite root disk controller to scsi, use smc and efi");
+                    } else {
+                        String controllerSetting = _configDao.getValue("vmware.root.disk.controller");
+                        vm.setDetail(VmDetailConstants.ROOK_DISK_CONTROLLER, controllerSetting);
+                        if (controllerSetting.equalsIgnoreCase("scsi")) {
+                            vm.setDetail(VmDetailConstants.DATA_DISK_CONTROLLER, "scsi");
+                        } else {
+                            vm.setDetail(VmDetailConstants.DATA_DISK_CONTROLLER, "osdefault");
+                        }
                     }
                 }
 
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/ClusterMO.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/ClusterMO.java
index 1b72b73bd8..b5f0500d39 100755
--- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/ClusterMO.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/ClusterMO.java
@@ -34,6 +34,7 @@
 import com.vmware.vim25.CustomFieldStringValue;
 import com.vmware.vim25.DatastoreInfo;
 import com.vmware.vim25.DynamicProperty;
+import com.vmware.vim25.GuestOsDescriptor;
 import com.vmware.vim25.HostHardwareSummary;
 import com.vmware.vim25.HostIpRouteEntry;
 import com.vmware.vim25.HostRuntimeInfo;
@@ -46,9 +47,11 @@
 import com.vmware.vim25.PropertyFilterSpec;
 import com.vmware.vim25.PropertySpec;
 import com.vmware.vim25.TraversalSpec;
+import com.vmware.vim25.VirtualMachineConfigOption;
 import com.vmware.vim25.VirtualMachineConfigSpec;
 
 import com.cloud.hypervisor.vmware.util.VmwareContext;
+import com.cloud.hypervisor.vmware.util.VmwareHelper;
 import com.cloud.utils.Pair;
 import com.cloud.utils.exception.CloudRuntimeException;
 
@@ -271,7 +274,7 @@ public void importVmFromOVF(String ovfFilePath, String vmName, DatastoreMO dsMo,
 
     @Override
     public boolean createBlankVm(String vmName, String vmInternalCSName, int cpuCount, int cpuSpeedMHz, int cpuReservedMHz, boolean limitCpuUse, int memoryMB,
-            int memoryReserveMB, String guestOsIdentifier, ManagedObjectReference morDs, boolean snapshotDirToParent) throws Exception {
+            int memoryReserveMB, String guestOsIdentifier, ManagedObjectReference morDs, boolean snapshotDirToParent, Pair<String, String> controllerInfo, Boolean systemVm) throws Exception {
 
         if (s_logger.isTraceEnabled())
             s_logger.trace("vCenter API trace - createBlankVm(). target MOR: " + _mor.getValue() + ", vmName: " + vmName + ", cpuCount: " + cpuCount + ", cpuSpeedMhz: " +
@@ -280,7 +283,7 @@ public boolean createBlankVm(String vmName, String vmInternalCSName, int cpuCoun
 
         boolean result =
                 HypervisorHostHelper.createBlankVm(this, vmName, vmInternalCSName, cpuCount, cpuSpeedMHz, cpuReservedMHz, limitCpuUse, memoryMB, memoryReserveMB,
-                        guestOsIdentifier, morDs, snapshotDirToParent);
+                        guestOsIdentifier, morDs, snapshotDirToParent, controllerInfo, systemVm);
 
         if (s_logger.isTraceEnabled())
             s_logger.trace("vCenter API trace - createBlankVm() done");
@@ -582,4 +585,32 @@ public LicenseAssignmentManagerMO getLicenseAssignmentManager() throws Exception
         // LicenseAssignmentManager deals with only host/vcenter licenses only. Has nothing todo with cluster
         throw new CloudRuntimeException("Unable to get LicenseAssignmentManager at cluster level");
     }
+    private ManagedObjectReference getEnvironmentBrowser() throws Exception {
+        if (_environmentBrowser == null) {
+            _environmentBrowser = _context.getVimClient().getMoRefProp(_mor, "environmentBrowser");
+        }
+        return _environmentBrowser;
+    }
+    @Override
+    public String getRecommendedDiskController(String guestOsId) throws Exception {
+        VirtualMachineConfigOption vmConfigOption = _context.getService().queryConfigOption(getEnvironmentBrowser(), null, null);
+        GuestOsDescriptor guestOsDescriptor = null;
+        String diskController = null;
+        List<GuestOsDescriptor> guestDescriptors = vmConfigOption.getGuestOSDescriptor();
+        for (GuestOsDescriptor descriptor : guestDescriptors) {
+            if (guestOsId != null && guestOsId.equalsIgnoreCase(descriptor.getId())) {
+                guestOsDescriptor = descriptor;
+                break;
+            }
+        }
+        if (guestOsDescriptor != null) {
+            diskController = VmwareHelper.getRecommendedDiskControllerFromDescriptor(guestOsDescriptor);
+            s_logger.debug("Retrieved recommended disk controller for guest OS : " + guestOsId + " in cluster " + getHyperHostName() + " : " + diskController);
+            return diskController;
+        } else {
+            String msg = "Unable to retrieve recommended disk controller for guest OS : " + guestOsId + " in cluster " + getHyperHostName();
+            s_logger.error(msg);
+            throw new CloudRuntimeException(msg);
+        }
+    }
 }
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/DiskControllerType.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/DiskControllerType.java
index def584df1f..3e6b8bb53e 100644
--- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/DiskControllerType.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/DiskControllerType.java
@@ -17,5 +17,34 @@
 package com.cloud.hypervisor.vmware.mo;
 
 public enum DiskControllerType {
-    ide, scsi
+    ide,
+    scsi,
+    osdefault,
+    lsilogic,
+    lsisas1068,
+    buslogic,
+    pvscsi,
+    none;
+    public static DiskControllerType getType(String diskController) {
+        if (diskController == null || diskController.equalsIgnoreCase("osdefault")) {
+            return DiskControllerType.osdefault;
+        } else if (diskController.equalsIgnoreCase("vim.vm.device.VirtualLsiLogicSASController") || diskController.equalsIgnoreCase("VirtualLsiLogicSASController")
+                || diskController.equalsIgnoreCase(ScsiDiskControllerType.LSILOGIC_SAS)) {
+            return DiskControllerType.lsisas1068;
+        } else if (diskController.equalsIgnoreCase("vim.vm.device.VirtualLsiLogicController") || diskController.equalsIgnoreCase("VirtualLsiLogicController")
+                || diskController.equalsIgnoreCase(ScsiDiskControllerType.LSILOGIC_PARALLEL) || diskController.equalsIgnoreCase("scsi")) {
+            return DiskControllerType.lsilogic;
+        } else if (diskController.equalsIgnoreCase("vim.vm.device.VirtualIDEController") || diskController.equalsIgnoreCase("VirtualIDEController")
+                || diskController.equalsIgnoreCase("ide")) {
+            return DiskControllerType.ide;
+        } else if (diskController.equalsIgnoreCase("vim.vm.device.ParaVirtualSCSIController") || diskController.equalsIgnoreCase("ParaVirtualSCSIController")
+                || diskController.equalsIgnoreCase(ScsiDiskControllerType.VMWARE_PARAVIRTUAL)) {
+            return DiskControllerType.pvscsi;
+        } else if (diskController.equalsIgnoreCase("vim.vm.device.VirtualBusLogicController") || diskController.equalsIgnoreCase("VirtualBusLogicController")
+                || diskController.equalsIgnoreCase(ScsiDiskControllerType.BUSLOGIC)) {
+            return DiskControllerType.buslogic;
+        } else {
+            return DiskControllerType.none;
+        }
+    }
 }
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HostMO.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HostMO.java
index b5844e9a98..a635712ffc 100755
--- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HostMO.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HostMO.java
@@ -734,16 +734,17 @@ public void importVmFromOVF(String ovfFilePath, String vmName, DatastoreMO dsMo,
 
     @Override
     public boolean createBlankVm(String vmName, String vmInternalCSName, int cpuCount, int cpuSpeedMHz, int cpuReservedMHz, boolean limitCpuUse, int memoryMB,
-            int memoryReserveMB, String guestOsIdentifier, ManagedObjectReference morDs, boolean snapshotDirToParent) throws Exception {
+            int memoryReserveMB, String guestOsIdentifier, ManagedObjectReference morDs, boolean snapshotDirToParent, Pair<String, String> controllerInfo, Boolean systemVm) throws Exception {
 
         if (s_logger.isTraceEnabled())
             s_logger.trace("vCenter API trace - createBlankVm(). target MOR: " + _mor.getValue() + ", vmName: " + vmName + ", cpuCount: " + cpuCount + ", cpuSpeedMhz: " +
                     cpuSpeedMHz + ", cpuReservedMHz: " + cpuReservedMHz + ", limitCpu: " + limitCpuUse + ", memoryMB: " + memoryMB + ", guestOS: " + guestOsIdentifier +
-                    ", datastore: " + morDs.getValue() + ", snapshotDirToParent: " + snapshotDirToParent);
+                    ", datastore: " + morDs.getValue() + ", snapshotDirToParent: " + snapshotDirToParent +
+                    ", controllerInfo:[" + controllerInfo.first() + "," + controllerInfo.second() + "], systemvm: " + systemVm);
 
         boolean result =
                 HypervisorHostHelper.createBlankVm(this, vmName, vmInternalCSName, cpuCount, cpuSpeedMHz, cpuReservedMHz, limitCpuUse, memoryMB, memoryReserveMB,
-                        guestOsIdentifier, morDs, snapshotDirToParent);
+                        guestOsIdentifier, morDs, snapshotDirToParent, controllerInfo, systemVm);
 
         if (s_logger.isTraceEnabled())
             s_logger.trace("vCenter API trace - createBlankVm() done");
@@ -1045,6 +1046,16 @@ public void enableVncOnHostFirewall() throws Exception {
         }
     }
 
+    @Override
+    public String getRecommendedDiskController(String guestOsId) throws Exception {
+        ManagedObjectReference morParent = getParentMor();
+        if (morParent.getType().equals("ClusterComputeResource")) {
+            ClusterMO clusterMo = new ClusterMO(_context, morParent);
+            return clusterMo.getRecommendedDiskController(guestOsId);
+        }
+        return null;
+    }
+
     public String getHostManagementIp(String managementPortGroup) throws Exception {
         HostNetworkInfo netInfo = getHostNetworkInfo();
 
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java
index a3a9d89af9..f012d4d541 100755
--- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java
@@ -68,18 +68,24 @@
 import com.vmware.vim25.OvfCreateImportSpecParams;
 import com.vmware.vim25.OvfCreateImportSpecResult;
 import com.vmware.vim25.OvfFileItem;
+import com.vmware.vim25.ParaVirtualSCSIController;
 import com.vmware.vim25.VMwareDVSConfigSpec;
 import com.vmware.vim25.VMwareDVSPortSetting;
 import com.vmware.vim25.VMwareDVSPortgroupPolicy;
 import com.vmware.vim25.VMwareDVSPvlanConfigSpec;
 import com.vmware.vim25.VMwareDVSPvlanMapEntry;
+import com.vmware.vim25.VirtualBusLogicController;
+import com.vmware.vim25.VirtualController;
 import com.vmware.vim25.VirtualDeviceConfigSpec;
 import com.vmware.vim25.VirtualDeviceConfigSpecOperation;
+import com.vmware.vim25.VirtualIDEController;
 import com.vmware.vim25.VirtualLsiLogicController;
+import com.vmware.vim25.VirtualLsiLogicSASController;
 import com.vmware.vim25.VirtualMachineConfigSpec;
 import com.vmware.vim25.VirtualMachineFileInfo;
 import com.vmware.vim25.VirtualMachineGuestOsIdentifier;
 import com.vmware.vim25.VirtualMachineVideoCard;
+import com.vmware.vim25.VirtualSCSIController;
 import com.vmware.vim25.VirtualSCSISharing;
 import com.vmware.vim25.VmwareDistributedVirtualSwitchPvlanSpec;
 import com.vmware.vim25.VmwareDistributedVirtualSwitchVlanIdSpec;
@@ -1125,11 +1131,13 @@ public static ManagedObjectReference waitForNetworkReady(HostMO hostMo, String n
     }
 
     public static boolean createBlankVm(VmwareHypervisorHost host, String vmName, String vmInternalCSName, int cpuCount, int cpuSpeedMHz, int cpuReservedMHz,
-            boolean limitCpuUse, int memoryMB, int memoryReserveMB, String guestOsIdentifier, ManagedObjectReference morDs, boolean snapshotDirToParent) throws Exception {
+            boolean limitCpuUse, int memoryMB, int memoryReserveMB, String guestOsIdentifier, ManagedObjectReference morDs, boolean snapshotDirToParent,
+            Pair<String, String> controllerInfo, Boolean systemVm) throws Exception {
 
         if (s_logger.isInfoEnabled())
             s_logger.info("Create blank VM. cpuCount: " + cpuCount + ", cpuSpeed(MHz): " + cpuSpeedMHz + ", mem(Mb): " + memoryMB);
 
+        VirtualDeviceConfigSpec controllerSpec = null;
         // VM config basics
         VirtualMachineConfigSpec vmConfig = new VirtualMachineConfigSpec();
         vmConfig.setName(vmName);
@@ -1138,14 +1146,33 @@ public static boolean createBlankVm(VmwareHypervisorHost host, String vmName, St
 
         VmwareHelper.setBasicVmConfig(vmConfig, cpuCount, cpuSpeedMHz, cpuReservedMHz, memoryMB, memoryReserveMB, guestOsIdentifier, limitCpuUse);
 
-        // Scsi controller
-        VirtualLsiLogicController scsiController = new VirtualLsiLogicController();
-        scsiController.setSharedBus(VirtualSCSISharing.NO_SHARING);
-        scsiController.setBusNumber(0);
-        scsiController.setKey(1);
-        VirtualDeviceConfigSpec scsiControllerSpec = new VirtualDeviceConfigSpec();
-        scsiControllerSpec.setDevice(scsiController);
-        scsiControllerSpec.setOperation(VirtualDeviceConfigSpecOperation.ADD);
+        String recommendedController = host.getRecommendedDiskController(guestOsIdentifier);
+        String newRootDiskController = controllerInfo.first();
+        String newDataDiskController = controllerInfo.second();
+        if (DiskControllerType.getType(controllerInfo.first()) == DiskControllerType.osdefault) {
+            newRootDiskController = recommendedController;
+        }
+        if (DiskControllerType.getType(controllerInfo.second()) == DiskControllerType.osdefault) {
+            newDataDiskController = recommendedController;
+        }
+
+        Pair<String, String> updatedControllerInfo = new Pair<String, String>(newRootDiskController, newDataDiskController);
+        String scsiDiskController = HypervisorHostHelper.getScsiController(updatedControllerInfo, recommendedController);
+        // If there is requirement for a SCSI controller, ensure to create those.
+        if (scsiDiskController != null) {
+        int busNum = 0;
+            int maxControllerCount = VmwareHelper.MAX_SCSI_CONTROLLER_COUNT;
+            if (systemVm) {
+                maxControllerCount = 1;
+            }
+            while (busNum < maxControllerCount) {
+            VirtualDeviceConfigSpec scsiControllerSpec = new VirtualDeviceConfigSpec();
+                scsiControllerSpec = getControllerSpec(DiskControllerType.getType(scsiDiskController).toString(), busNum);
+
+            vmConfig.getDeviceChange().add(scsiControllerSpec);
+            busNum++;
+            }
+        }
 
         VirtualMachineFileInfo fileInfo = new VirtualMachineFileInfo();
         DatastoreMO dsMo = new DatastoreMO(host.getContext(), morDs);
@@ -1160,7 +1187,6 @@ public static boolean createBlankVm(VmwareHypervisorHost host, String vmName, St
         videoDeviceSpec.setDevice(videoCard);
         videoDeviceSpec.setOperation(VirtualDeviceConfigSpecOperation.ADD);
 
-        vmConfig.getDeviceChange().add(scsiControllerSpec);
         vmConfig.getDeviceChange().add(videoDeviceSpec);
         if (host.createVm(vmConfig)) {
             // Here, when attempting to find the VM, we need to use the name
@@ -1190,6 +1216,34 @@ public static boolean createBlankVm(VmwareHypervisorHost host, String vmName, St
         return false;
     }
 
+    private static VirtualDeviceConfigSpec getControllerSpec(String diskController, int busNum) {
+        VirtualDeviceConfigSpec controllerSpec = new VirtualDeviceConfigSpec();
+        VirtualController controller = null;
+
+        if (diskController.equalsIgnoreCase(DiskControllerType.ide.toString())) {
+           controller = new VirtualIDEController();
+        } else if (DiskControllerType.pvscsi == DiskControllerType.getType(diskController)) {
+            controller = new ParaVirtualSCSIController();
+        } else if (DiskControllerType.lsisas1068 == DiskControllerType.getType(diskController)) {
+            controller = new VirtualLsiLogicSASController();
+        } else if (DiskControllerType.buslogic == DiskControllerType.getType(diskController)) {
+            controller = new VirtualBusLogicController();
+        } else if (DiskControllerType.lsilogic == DiskControllerType.getType(diskController)) {
+            controller = new VirtualLsiLogicController();
+        }
+
+        if (!diskController.equalsIgnoreCase(DiskControllerType.ide.toString())) {
+            ((VirtualSCSIController)controller).setSharedBus(VirtualSCSISharing.NO_SHARING);
+        }
+
+        controller.setBusNumber(busNum);
+        controller.setKey(busNum - VmwareHelper.MAX_SCSI_CONTROLLER_COUNT);
+
+        controllerSpec.setDevice(controller);
+        controllerSpec.setOperation(VirtualDeviceConfigSpecOperation.ADD);
+
+        return controllerSpec;
+    }
     public static VirtualMachineMO createWorkerVM(VmwareHypervisorHost hyperHost, DatastoreMO dsMo, String vmName) throws Exception {
 
         // Allow worker VM to float within cluster so that we will have better chance to
@@ -1398,4 +1452,42 @@ public void action(Long param) {
             }
         }
     }
+
+    public static String getScsiController(Pair<String, String> controllerInfo, String recommendedController) {
+        String rootDiskController = controllerInfo.first();
+        String dataDiskController = controllerInfo.second();
+
+        // If "osdefault" is specified as controller type, then translate to actual recommended controller.
+        if (VmwareHelper.isControllerOsRecommended(rootDiskController)) {
+            rootDiskController = recommendedController;
+        }
+        if (VmwareHelper.isControllerOsRecommended(dataDiskController)) {
+            dataDiskController = recommendedController;
+        }
+
+        String scsiDiskController = null; //If any of the controller provided is SCSI then return it's sub-type.
+        if (isIdeController(rootDiskController) && isIdeController(dataDiskController)) {
+            //Default controllers would exist
+            return null;
+        } else if (isIdeController(rootDiskController) || isIdeController(dataDiskController)) {
+            // Only one of the controller types is IDE. Pick the other controller type to create controller.
+            if (isIdeController(rootDiskController)) {
+                scsiDiskController = dataDiskController;
+            } else {
+                scsiDiskController = rootDiskController;
+            }
+        } else if (DiskControllerType.getType(rootDiskController) != DiskControllerType.getType(dataDiskController)) {
+            // Both ROOT and DATA controllers are SCSI controllers but different sub-types, then prefer ROOT controller
+            scsiDiskController = rootDiskController;
+        } else {
+            // Both are SCSI controllers.
+            scsiDiskController = rootDiskController;
+        }
+        return scsiDiskController;
+    }
+
+    public static boolean isIdeController(String controller) {
+        return DiskControllerType.getType(controller) == DiskControllerType.ide;
+    }
+
 }
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/ScsiDiskControllerType.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/ScsiDiskControllerType.java
new file mode 100644
index 0000000000..8b9a949bbe
--- /dev/null
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/ScsiDiskControllerType.java
@@ -0,0 +1,24 @@
+//Licensed to the Apache Software Foundation (ASF) under one
+//or more contributor license agreements.  See the NOTICE file
+//distributed with this work for additional information
+//regarding copyright ownership.  The ASF licenses this file
+//to you under the Apache License, Version 2.0 (the
+//"License"); you may not use this file except in compliance
+//with the License.  You may obtain a copy of the License at
+//
+//http://www.apache.org/licenses/LICENSE-2.0
+//
+//Unless required by applicable law or agreed to in writing,
+//software distributed under the License is distributed on an
+//"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+//KIND, either express or implied.  See the License for the
+//specific language governing permissions and limitations
+//under the License.
+package com.cloud.hypervisor.vmware.mo;
+
+public interface ScsiDiskControllerType {
+    public final static String LSILOGIC_PARALLEL = "lsilogic";
+    public final static String LSILOGIC_SAS = "lsisas1068";
+    public final static String BUSLOGIC = "buslogic";
+    public final static String VMWARE_PARAVIRTUAL = "pvscsi";
+}
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/VirtualMachineMO.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VirtualMachineMO.java
index ac5b414112..d61cb2ea15 100644
--- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/VirtualMachineMO.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VirtualMachineMO.java
@@ -55,12 +55,15 @@
 import com.vmware.vim25.OvfCreateDescriptorParams;
 import com.vmware.vim25.OvfCreateDescriptorResult;
 import com.vmware.vim25.OvfFile;
+import com.vmware.vim25.ParaVirtualSCSIController;
 import com.vmware.vim25.PropertyFilterSpec;
 import com.vmware.vim25.PropertySpec;
 import com.vmware.vim25.TraversalSpec;
+import com.vmware.vim25.VirtualBusLogicController;
 import com.vmware.vim25.VirtualCdrom;
 import com.vmware.vim25.VirtualCdromIsoBackingInfo;
 import com.vmware.vim25.VirtualCdromRemotePassthroughBackingInfo;
+import com.vmware.vim25.VirtualController;
 import com.vmware.vim25.VirtualDevice;
 import com.vmware.vim25.VirtualDeviceBackingInfo;
 import com.vmware.vim25.VirtualDeviceConfigSpec;
@@ -80,6 +83,7 @@
 import com.vmware.vim25.VirtualHardwareOption;
 import com.vmware.vim25.VirtualIDEController;
 import com.vmware.vim25.VirtualLsiLogicController;
+import com.vmware.vim25.VirtualLsiLogicSASController;
 import com.vmware.vim25.VirtualMachineCloneSpec;
 import com.vmware.vim25.VirtualMachineConfigInfo;
 import com.vmware.vim25.VirtualMachineConfigOption;
@@ -97,7 +101,6 @@
 import com.vmware.vim25.VirtualMachineRuntimeInfo;
 import com.vmware.vim25.VirtualMachineSnapshotInfo;
 import com.vmware.vim25.VirtualMachineSnapshotTree;
-import com.vmware.vim25.VirtualPCIController;
 import com.vmware.vim25.VirtualSCSIController;
 import com.vmware.vim25.VirtualSCSISharing;
 
@@ -1086,6 +1089,130 @@ public void createDisk(String vmdkDatastorePath, VirtualDiskType diskType, Virtu
             s_logger.trace("vCenter API trace - createDisk() done(successfully)");
     }
 
+    public void updateVmdkAdapter(String vmdkFileName, String newAdapterType) throws Exception {
+        Pair<VmdkFileDescriptor, byte[]> vmdkInfo = getVmdkFileInfo(vmdkFileName);
+        VmdkFileDescriptor vmdkFileDescriptor = vmdkInfo.first();
+        boolean isVmfsSparseFile = vmdkFileDescriptor.isVmfsSparseFile();
+        if (!isVmfsSparseFile) {
+            String currentAdapterType = vmdkFileDescriptor.getAdapterType();
+            if (!currentAdapterType.equalsIgnoreCase(newAdapterType)) {
+                s_logger.info("Updating adapter type to " + newAdapterType + " for VMDK file " + vmdkFileName);
+                Pair<DatacenterMO, String> dcInfo = getOwnerDatacenter();
+                byte[] newVmdkContent = vmdkFileDescriptor.changeVmdkAdapterType(vmdkInfo.second(), newAdapterType);
+                String vmdkUploadUrl = getContext().composeDatastoreBrowseUrl(dcInfo.first().getName(), vmdkFileName);
+                getContext().uploadResourceContent(vmdkUploadUrl, newVmdkContent);
+                s_logger.info("Updated VMDK file " + vmdkFileName);
+            }
+        }
+    }
+
+    public void updateAdapterTypeIfRequired(String vmdkFileName) throws Exception {
+        // Validate existing adapter type of VMDK file. Update it with a supported adapter type if validation fails.
+        Pair<VmdkFileDescriptor, byte[]> vmdkInfo = getVmdkFileInfo(vmdkFileName);
+        VmdkFileDescriptor vmdkFileDescriptor = vmdkInfo.first();
+
+        boolean isVmfsSparseFile = vmdkFileDescriptor.isVmfsSparseFile();
+        if (!isVmfsSparseFile) {
+            String currentAdapterTypeStr = vmdkFileDescriptor.getAdapterType();
+            if (s_logger.isTraceEnabled()) {
+                s_logger.trace("Detected adapter type  " + currentAdapterTypeStr + " for VMDK file " + vmdkFileName);
+            }
+            VmdkAdapterType currentAdapterType = VmdkAdapterType.getType(currentAdapterTypeStr);
+            if (currentAdapterType == VmdkAdapterType.none) {
+                // Value of currentAdapterType can be VmdkAdapterType.none only if adapter type of vmdk is set to either
+                // lsisas1068 (SAS controller) or pvscsi (Vmware Paravirtual) only. Valid adapter type for those controllers is lsilogic.
+                // Hence use adapter type lsilogic. Other adapter types ide, lsilogic, buslogic are valid and does not need to be modified.
+                VmdkAdapterType newAdapterType = VmdkAdapterType.lsilogic;
+                s_logger.debug("Updating adapter type to " + newAdapterType + " from " + currentAdapterTypeStr + " for VMDK file " + vmdkFileName);
+                Pair<DatacenterMO, String> dcInfo = getOwnerDatacenter();
+                byte[] newVmdkContent = vmdkFileDescriptor.changeVmdkAdapterType(vmdkInfo.second(), newAdapterType.toString());
+                String vmdkUploadUrl = getContext().composeDatastoreBrowseUrl(dcInfo.first().getName(), vmdkFileName);
+
+                getContext().uploadResourceContent(vmdkUploadUrl, newVmdkContent);
+                s_logger.debug("Updated VMDK file " + vmdkFileName);
+            }
+        }
+    }
+
+    public void attachDisk(String[] vmdkDatastorePathChain, ManagedObjectReference morDs, String diskController) throws Exception {
+
+        if(s_logger.isTraceEnabled())
+            s_logger.trace("vCenter API trace - attachDisk(). target MOR: " + _mor.getValue() + ", vmdkDatastorePath: "
+                            + new Gson().toJson(vmdkDatastorePathChain) + ", datastore: " + morDs.getValue());
+        int controllerKey = 0;
+        int unitNumber = 0;
+
+        if (DiskControllerType.getType(diskController) == DiskControllerType.ide) {
+            // IDE virtual disk cannot be added if VM is running
+            if (getPowerState() == VirtualMachinePowerState.POWERED_ON) {
+                throw new Exception("Adding a virtual disk over IDE controller is not supported while VM is running in VMware hypervisor. Please re-try when VM is not running.");
+            }
+            // Get next available unit number and controller key
+            int ideDeviceCount = getNumberOfIDEDevices();
+            if (ideDeviceCount >= VmwareHelper.MAX_IDE_CONTROLLER_COUNT * VmwareHelper.MAX_ALLOWED_DEVICES_IDE_CONTROLLER) {
+                throw new Exception("Maximum limit of  devices supported on IDE controllers [" + VmwareHelper.MAX_IDE_CONTROLLER_COUNT
+                        * VmwareHelper.MAX_ALLOWED_DEVICES_IDE_CONTROLLER + "] is reached.");
+            }
+            controllerKey = getIDEControllerKey(ideDeviceCount);
+            unitNumber = getFreeUnitNumberOnIDEController(controllerKey);
+        } else {
+            controllerKey = getScsiDiskControllerKey(diskController);
+            unitNumber = -1;
+        }
+        synchronized (_mor.getValue().intern()) {
+            VirtualDevice newDisk = VmwareHelper.prepareDiskDevice(this, null, controllerKey, vmdkDatastorePathChain, morDs, unitNumber, 1);
+            controllerKey = newDisk.getControllerKey();
+            unitNumber = newDisk.getUnitNumber();
+            VirtualDiskFlatVer2BackingInfo backingInfo = (VirtualDiskFlatVer2BackingInfo)newDisk.getBacking();
+            String vmdkFileName = backingInfo.getFileName();
+            DiskControllerType diskControllerType = DiskControllerType.getType(diskController);
+            VmdkAdapterType vmdkAdapterType = VmdkAdapterType.getAdapterType(diskControllerType);
+            if (vmdkAdapterType == VmdkAdapterType.none) {
+                String message = "Failed to attach disk due to invalid vmdk adapter type for vmdk file [" +
+                    vmdkFileName + "] with controller : " + diskControllerType;
+                s_logger.debug(message);
+                throw new Exception(message);
+            }
+            updateVmdkAdapter(vmdkFileName, vmdkAdapterType.toString());
+            VirtualMachineConfigSpec reConfigSpec = new VirtualMachineConfigSpec();
+            VirtualDeviceConfigSpec deviceConfigSpec = new VirtualDeviceConfigSpec();
+
+            deviceConfigSpec.setDevice(newDisk);
+            deviceConfigSpec.setOperation(VirtualDeviceConfigSpecOperation.ADD);
+
+            reConfigSpec.getDeviceChange().add(deviceConfigSpec);
+
+            ManagedObjectReference morTask = _context.getService().reconfigVMTask(_mor, reConfigSpec);
+            boolean result = _context.getVimClient().waitForTask(morTask);
+
+            if (!result) {
+                if (s_logger.isTraceEnabled())
+                    s_logger.trace("vCenter API trace - attachDisk() done(failed)");
+                throw new Exception("Failed to attach disk due to " + TaskMO.getTaskFailureInfo(_context, morTask));
+            }
+
+            _context.waitForTaskProgressDone(morTask);
+        }
+
+        if(s_logger.isTraceEnabled())
+            s_logger.trace("vCenter API trace - attachDisk() done(successfully)");
+    }
+
+    private int getControllerBusNumber(int controllerKey) throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
+
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if (device instanceof VirtualController && device.getKey() == controllerKey) {
+                    return ((VirtualController)device).getBusNumber();
+                }
+            }
+        }
+        throw new Exception("SCSI Controller with key " + controllerKey + " is Not Found");
+
+    }
+
     public void attachDisk(String[] vmdkDatastorePathChain, ManagedObjectReference morDs) throws Exception {
 
         if (s_logger.isTraceEnabled())
@@ -1754,20 +1881,17 @@ public VirtualMachineMO cloneFromDiskChain(String clonedVmName, int cpuSpeedMHz,
         }
     }
 
-  public String getGuestId() throws Exception {
-    return (String)_context.getVimClient().getDynamicProperty(_mor, "config.guestId");
-  }
-
     public GuestOsDescriptor getGuestOsDescriptor(String guestOsId) throws Exception {
         GuestOsDescriptor guestOsDescriptor = null;
-        if (guestOsId == null) {
-            guestOsId = getGuestId();
+        String guestId = guestOsId;
+        if (guestId == null) {
+            guestId = getGuestId();
         }
         ManagedObjectReference vmEnvironmentBrowser = _context.getVimClient().getMoRefProp(_mor, "environmentBrowser");
         VirtualMachineConfigOption vmConfigOption = _context.getService().queryConfigOption(vmEnvironmentBrowser, null, null);
         List<GuestOsDescriptor> guestDescriptors = vmConfigOption.getGuestOSDescriptor();
         for (GuestOsDescriptor descriptor : guestDescriptors) {
-            if (guestOsId != null && guestOsId.equalsIgnoreCase(descriptor.getId())) {
+            if (guestId != null && guestId.equalsIgnoreCase(descriptor.getId())) {
                 guestOsDescriptor = descriptor;
                 break;
             }
@@ -1906,6 +2030,134 @@ public void moveAllVmDiskFiles(DatastoreMO destDsMo, String destDsDir, boolean f
         }
     }
 
+    public int getPvScsiDeviceControllerKeyNoException() throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
+
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if (device instanceof ParaVirtualSCSIController) {
+                    return device.getKey();
+                }
+            }
+        }
+
+        return -1;
+    }
+
+    public int getPvScsiDeviceControllerKey() throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
+
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if (device instanceof ParaVirtualSCSIController) {
+                    return device.getKey();
+                }
+            }
+        }
+
+        assert (false);
+        throw new Exception("VMware Paravirtual SCSI Controller Not Found");
+    }
+
+    public void ensurePvScsiDeviceController(int requiredNumScsiControllers, int availableBusNum) throws Exception {
+        VirtualMachineConfigSpec vmConfig = new VirtualMachineConfigSpec();
+
+        int busNum = availableBusNum;
+        while (busNum < requiredNumScsiControllers) {
+            ParaVirtualSCSIController scsiController = new ParaVirtualSCSIController();
+
+            scsiController.setSharedBus(VirtualSCSISharing.NO_SHARING);
+            scsiController.setBusNumber(busNum);
+            scsiController.setKey(busNum - VmwareHelper.MAX_SCSI_CONTROLLER_COUNT);
+            VirtualDeviceConfigSpec scsiControllerSpec = new VirtualDeviceConfigSpec();
+            scsiControllerSpec.setDevice(scsiController);
+            scsiControllerSpec.setOperation(VirtualDeviceConfigSpecOperation.ADD);
+
+            vmConfig.getDeviceChange().add(scsiControllerSpec);
+            busNum++;
+        }
+
+        if (configureVm(vmConfig)) {
+            throw new Exception("Unable to add Scsi controllers to the VM " + getName());
+        } else {
+            s_logger.info("Successfully added " + requiredNumScsiControllers + " SCSI controllers.");
+        }
+    }
+
+    public String getRecommendedDiskController(String guestOsId) throws Exception {
+        String recommendedController;
+        GuestOsDescriptor guestOsDescriptor = getGuestOsDescriptor(guestOsId);
+        recommendedController = VmwareHelper.getRecommendedDiskControllerFromDescriptor(guestOsDescriptor);
+        return recommendedController;
+    }
+
+    public boolean isPvScsiSupported() throws Exception {
+        int virtualHardwareVersion;
+
+        virtualHardwareVersion = getVirtualHardwareVersion();
+
+        // Check if virtual machine is using hardware version 7 or later.
+        if (virtualHardwareVersion < 7) {
+            s_logger.error("The virtual hardware version of the VM is " + virtualHardwareVersion
+                    + ", which doesn't support PV SCSI controller type for virtual harddisks. Please upgrade this VM's virtual hardware version to 7 or later.");
+            return false;
+        }
+        return true;
+    }
+
+    // Would be useful if there exists multiple sub types of SCSI controllers per VM are supported in CloudStack f
+    public int getScsiDiskControllerKey(String diskController) throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
+
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if ((DiskControllerType.getType(diskController) == DiskControllerType.lsilogic || DiskControllerType.getType(diskController) == DiskControllerType.scsi)
+                        && device instanceof VirtualLsiLogicController) {
+                    return ((VirtualLsiLogicController)device).getKey();
+                } else if ((DiskControllerType.getType(diskController) == DiskControllerType.lsisas1068 || DiskControllerType.getType(diskController) == DiskControllerType.scsi)
+                        && device instanceof VirtualLsiLogicSASController) {
+                    return ((VirtualLsiLogicSASController)device).getKey();
+                } else if ((DiskControllerType.getType(diskController) == DiskControllerType.pvscsi || DiskControllerType.getType(diskController) == DiskControllerType.scsi)
+                        && device instanceof ParaVirtualSCSIController) {
+                    return ((ParaVirtualSCSIController)device).getKey();
+                } else if ((DiskControllerType.getType(diskController) == DiskControllerType.buslogic || DiskControllerType.getType(diskController) == DiskControllerType.scsi)
+                        && device instanceof VirtualBusLogicController) {
+                    return ((VirtualBusLogicController)device).getKey();
+                }
+            }
+        }
+
+        assert (false);
+        throw new Exception(diskController + " Controller Not Found");
+    }
+
+    public int getScsiDiskControllerKeyNoException(String diskController) throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
+
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if ((DiskControllerType.getType(diskController) == DiskControllerType.lsilogic || DiskControllerType.getType(diskController) == DiskControllerType.scsi)
+                        && device instanceof VirtualLsiLogicController) {
+                    return ((VirtualLsiLogicController)device).getKey();
+                } else if ((DiskControllerType.getType(diskController) == DiskControllerType.lsisas1068 || DiskControllerType.getType(diskController) == DiskControllerType.scsi)
+                        && device instanceof VirtualLsiLogicSASController) {
+                    return ((VirtualLsiLogicSASController)device).getKey();
+                } else if ((DiskControllerType.getType(diskController) == DiskControllerType.pvscsi || DiskControllerType.getType(diskController) == DiskControllerType.scsi)
+                        && device instanceof ParaVirtualSCSIController) {
+                    return ((ParaVirtualSCSIController)device).getKey();
+                } else if ((DiskControllerType.getType(diskController) == DiskControllerType.buslogic || DiskControllerType.getType(diskController) == DiskControllerType.scsi)
+                        && device instanceof VirtualBusLogicController) {
+                    return ((VirtualBusLogicController)device).getKey();
+                }
+            }
+        }
+        return -1;
+    }
+
     public int getNextScsiDiskDeviceNumber() throws Exception {
         int scsiControllerKey = getScsiDeviceControllerKey();
         int deviceNumber = getNextDeviceNumber(scsiControllerKey);
@@ -1918,7 +2170,7 @@ public int getScsiDeviceControllerKey() throws Exception {
 
         if (devices != null && devices.size() > 0) {
             for (VirtualDevice device : devices) {
-                if (device instanceof VirtualLsiLogicController) {
+                if (device instanceof VirtualSCSIController) {
                     return device.getKey();
                 }
             }
@@ -1928,12 +2180,27 @@ public int getScsiDeviceControllerKey() throws Exception {
         throw new Exception("SCSI Controller Not Found");
     }
 
-    public int getScsiDeviceControllerKeyNoException() throws Exception {
+    public int getGenericScsiDeviceControllerKeyNoException() throws Exception {
         List<VirtualDevice> devices = _context.getVimClient().getDynamicProperty(_mor, "config.hardware.device");
 
         if (devices != null && devices.size() > 0) {
             for (VirtualDevice device : devices) {
-                if (device instanceof VirtualLsiLogicController) {
+                if (device instanceof VirtualSCSIController) {
+                    return device.getKey();
+                }
+            }
+        }
+
+        return -1;
+    }
+
+    public int getScsiDeviceControllerKeyNoException() throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+            getDynamicProperty(_mor, "config.hardware.device");
+
+        if(devices != null && devices.size() > 0) {
+            for(VirtualDevice device : devices) {
+                if(device instanceof VirtualLsiLogicController) {
                     return device.getKey();
                 }
             }
@@ -1963,6 +2230,32 @@ public void ensureScsiDeviceController() throws Exception {
         }
     }
 
+    public void ensureScsiDeviceControllers(int count, int availableBusNum) throws Exception {
+        int scsiControllerKey = getScsiDeviceControllerKeyNoException();
+        if (scsiControllerKey < 0) {
+            VirtualMachineConfigSpec vmConfig = new VirtualMachineConfigSpec();
+
+            int busNum = availableBusNum;
+            while (busNum < count) {
+            VirtualLsiLogicController scsiController = new VirtualLsiLogicController();
+            scsiController.setSharedBus(VirtualSCSISharing.NO_SHARING);
+                scsiController.setBusNumber(busNum);
+                scsiController.setKey(busNum - VmwareHelper.MAX_SCSI_CONTROLLER_COUNT);
+            VirtualDeviceConfigSpec scsiControllerSpec = new VirtualDeviceConfigSpec();
+            scsiControllerSpec.setDevice(scsiController);
+            scsiControllerSpec.setOperation(VirtualDeviceConfigSpecOperation.ADD);
+
+            vmConfig.getDeviceChange().add(scsiControllerSpec);
+                busNum++;
+            }
+            if (configureVm(vmConfig)) {
+                throw new Exception("Unable to add Scsi controllers to the VM " + getName());
+            } else {
+                s_logger.info("Successfully added " + count + " SCSI controllers.");
+            }
+        }
+    }
+
     // return pair of VirtualDisk and disk device bus name(ide0:0, etc)
     public Pair<VirtualDisk, String> getDiskDevice(String vmdkDatastorePath, boolean matchExactly) throws Exception {
         List<VirtualDevice> devices = _context.getVimClient().getDynamicProperty(_mor, "config.hardware.device");
@@ -2335,43 +2628,84 @@ public int getIDEDeviceControllerKey() throws Exception {
         throw new Exception("IDE Controller Not Found");
     }
 
-    public int getNextIDEDeviceNumber() throws Exception {
-        int controllerKey = getIDEDeviceControllerKey();
-        return getNextDeviceNumber(controllerKey);
+    public int getIDEControllerKey(int ideUnitNumber) throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+            getDynamicProperty(_mor, "config.hardware.device");
+
+        int requiredIdeController = ideUnitNumber / VmwareHelper.MAX_IDE_CONTROLLER_COUNT;
+
+        int ideControllerCount = 0;
+        if(devices != null && devices.size() > 0) {
+            for(VirtualDevice device : devices) {
+                if(device instanceof VirtualIDEController) {
+                    if (ideControllerCount == requiredIdeController) {
+                        return ((VirtualIDEController)device).getKey();
+                    }
+                    ideControllerCount++;
+                }
+            }
+        }
+
+        assert(false);
+        throw new Exception("IDE Controller Not Found");
     }
 
-    public VirtualDevice getIsoDevice() throws Exception {
-        List<VirtualDevice> devices = _context.getVimClient().getDynamicProperty(_mor, "config.hardware.device");
+    public int getNumberOfIDEDevices() throws Exception {
+        int ideDeviceCount = 0;
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
+
         if (devices != null && devices.size() > 0) {
             for (VirtualDevice device : devices) {
-                if (device instanceof VirtualCdrom) {
-                    return device;
+                if (device instanceof VirtualIDEController) {
+                    ideDeviceCount += ((VirtualIDEController)device).getDevice().size();
                 }
             }
         }
-        return null;
+        return ideDeviceCount;
     }
 
-    public int getPCIDeviceControllerKey() throws Exception {
-        List<VirtualDevice> devices = _context.getVimClient().getDynamicProperty(_mor, "config.hardware.device");
+    public int getFreeUnitNumberOnIDEController(int controllerKey) throws Exception {
+        int freeUnitNumber = 0;
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
 
+        int deviceCount = 0;
+        int ideDeviceUnitNumber = -1;
         if (devices != null && devices.size() > 0) {
             for (VirtualDevice device : devices) {
-                if (device instanceof VirtualPCIController) {
-                    return ((VirtualPCIController)device).getKey();
+                if (device instanceof VirtualDisk && (controllerKey == device.getControllerKey())) {
+                    deviceCount++;
+                    ideDeviceUnitNumber = device.getUnitNumber();
                 }
             }
         }
-
-        assert (false);
-        throw new Exception("PCI Controller Not Found");
+        if (deviceCount == 1) {
+            if (ideDeviceUnitNumber == 0) {
+                freeUnitNumber = 1;
+            } // else freeUnitNumber is already initialized to 0
+        } else if (deviceCount == 2) {
+            throw new Exception("IDE controller with key [" + controllerKey + "] already has 2 device attached. Cannot attach more than the limit of 2.");
+        }
+        return freeUnitNumber;
     }
-
-    public int getNextPCIDeviceNumber() throws Exception {
-        int controllerKey = getPCIDeviceControllerKey();
+    public int getNextIDEDeviceNumber() throws Exception {
+        int controllerKey = getIDEDeviceControllerKey();
         return getNextDeviceNumber(controllerKey);
     }
 
+    public VirtualDevice getIsoDevice() throws Exception {
+        List<VirtualDevice> devices = _context.getVimClient().getDynamicProperty(_mor, "config.hardware.device");
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if (device instanceof VirtualCdrom) {
+                    return device;
+                }
+            }
+        }
+        return null;
+    }
+
     public int getNextDeviceNumber(int controllerKey) throws Exception {
         List<VirtualDevice> devices = _context.getVimClient().getDynamicProperty(_mor, "config.hardware.device");
 
@@ -2626,6 +2960,9 @@ public long getHotAddMemoryIncrementSizeInMb() throws Exception {
     public long getHotAddMemoryLimitInMb() throws Exception {
         return (Long)_context.getVimClient().getDynamicProperty(_mor, "config.hotPlugMemoryLimit");
     }
+    public String getGuestId() throws Exception {
+        return (String)_context.getVimClient().getDynamicProperty(_mor, "config.guestId");
+    }
 
     public int getCoresPerSocket() throws Exception {
         // number of cores per socket is 1 in case of ESXi. It's not defined explicitly and the property is support since vSphere API 5.0.
@@ -2702,6 +3039,135 @@ public boolean isMemoryHotAddSupported(String guestOsId) throws Exception {
         }
         return guestOsSupportsMemoryHotAdd && virtualHardwareSupportsMemoryHotAdd;
     }
+    public void ensureLsiLogicSasDeviceControllers(int count, int availableBusNum) throws Exception {
+        int scsiControllerKey = getLsiLogicSasDeviceControllerKeyNoException();
+        if (scsiControllerKey < 0) {
+            VirtualMachineConfigSpec vmConfig = new VirtualMachineConfigSpec();
+
+            int busNum = availableBusNum;
+            while (busNum < count) {
+                VirtualLsiLogicSASController scsiController = new VirtualLsiLogicSASController();
+                scsiController.setSharedBus(VirtualSCSISharing.NO_SHARING);
+                scsiController.setBusNumber(busNum);
+                scsiController.setKey(busNum - VmwareHelper.MAX_SCSI_CONTROLLER_COUNT);
+                VirtualDeviceConfigSpec scsiControllerSpec = new VirtualDeviceConfigSpec();
+                scsiControllerSpec.setDevice(scsiController);
+                scsiControllerSpec.setOperation(VirtualDeviceConfigSpecOperation.ADD);
+
+                vmConfig.getDeviceChange().add(scsiControllerSpec);
+                busNum++;
+            }
+            if (configureVm(vmConfig)) {
+                throw new Exception("Unable to add Scsi controller of type LsiLogic SAS.");
+            }
+        }
+
+    }
+
+    private int getLsiLogicSasDeviceControllerKeyNoException() throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
+
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if (device instanceof VirtualLsiLogicSASController) {
+                    return device.getKey();
+                }
+            }
+        }
+
+        return -1;
+    }
+
+    public void ensureBusLogicDeviceControllers(int count, int availableBusNum) throws Exception {
+        int scsiControllerKey = getBusLogicDeviceControllerKeyNoException();
+        if (scsiControllerKey < 0) {
+            VirtualMachineConfigSpec vmConfig = new VirtualMachineConfigSpec();
+
+            int busNum = availableBusNum;
+            while (busNum < count) {
+                VirtualBusLogicController scsiController = new VirtualBusLogicController();
+
+                scsiController.setSharedBus(VirtualSCSISharing.NO_SHARING);
+                scsiController.setBusNumber(busNum);
+                scsiController.setKey(busNum - VmwareHelper.MAX_SCSI_CONTROLLER_COUNT);
+                VirtualDeviceConfigSpec scsiControllerSpec = new VirtualDeviceConfigSpec();
+                scsiControllerSpec.setDevice(scsiController);
+                scsiControllerSpec.setOperation(VirtualDeviceConfigSpecOperation.ADD);
+
+                vmConfig.getDeviceChange().add(scsiControllerSpec);
+                busNum++;
+            }
+
+            if (configureVm(vmConfig)) {
+                throw new Exception("Unable to add Scsi BusLogic controllers to the VM " + getName());
+            } else {
+                s_logger.info("Successfully added " + count + " SCSI BusLogic controllers.");
+            }
+        }
+    }
+
+    private int getBusLogicDeviceControllerKeyNoException() throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
+
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if (device instanceof VirtualBusLogicController) {
+                    return device.getKey();
+                }
+            }
+        }
+
+        return -1;
+    }
+
+    public Ternary<Integer, Integer, DiskControllerType> getScsiControllerInfo() throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
+                getDynamicProperty(_mor, "config.hardware.device");
+
+        int scsiControllerCount = 0;
+        int busNum = -1;
+        DiskControllerType controllerType = DiskControllerType.lsilogic;
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if (device instanceof VirtualSCSIController) {
+                    scsiControllerCount++;
+                    int deviceBus = ((VirtualSCSIController)device).getBusNumber();
+                    if (busNum < deviceBus) {
+                        busNum = deviceBus;
+                    }
+                    if (device instanceof VirtualLsiLogicController) {
+                        controllerType = DiskControllerType.lsilogic;
+                    } else if (device instanceof VirtualLsiLogicSASController) {
+                        controllerType = DiskControllerType.lsisas1068;
+                    } else if (device instanceof VirtualBusLogicController) {
+                        controllerType = DiskControllerType.buslogic;
+                    } else if (device instanceof ParaVirtualSCSIController) {
+                        controllerType = DiskControllerType.pvscsi;
+                    }
+                }
+            }
+        }
+
+        return new Ternary<Integer, Integer, DiskControllerType>(scsiControllerCount, busNum, controllerType);
+    }
+
+    public int getNumberOfVirtualDisks() throws Exception {
+        List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().getDynamicProperty(_mor, "config.hardware.device");
+
+        s_logger.info("Counting disk devices attached to VM " + getVmName());
+        int count = 0;
+
+        if (devices != null && devices.size() > 0) {
+            for (VirtualDevice device : devices) {
+                if (device instanceof VirtualDisk) {
+                    count++;
+                }
+            }
+        }
+        return count;
+    }
 
     public boolean consolidateVmDisks() throws Exception {
         ManagedObjectReference morTask = _context.getService().consolidateVMDisksTask(_mor);
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmdkAdapterType.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmdkAdapterType.java
new file mode 100644
index 0000000000..f602c46d79
--- /dev/null
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmdkAdapterType.java
@@ -0,0 +1,48 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.hypervisor.vmware.mo;
+
+public enum VmdkAdapterType {
+    ide,
+    lsilogic,
+    buslogic,
+    none;
+
+    public static VmdkAdapterType getAdapterType(DiskControllerType diskControllerType) {
+        if (diskControllerType == DiskControllerType.ide) {
+            return VmdkAdapterType.ide;
+        } else if (diskControllerType == DiskControllerType.buslogic) {
+            return VmdkAdapterType.buslogic;
+        } else if (diskControllerType == DiskControllerType.lsilogic || diskControllerType == DiskControllerType.pvscsi || diskControllerType == DiskControllerType.lsisas1068) {
+            return VmdkAdapterType.lsilogic;
+        } else {
+            return VmdkAdapterType.none;
+        }
+    }
+
+    public static VmdkAdapterType getType(String vmdkAdapterType) {
+        if (vmdkAdapterType.equalsIgnoreCase("ide")) {
+            return VmdkAdapterType.ide;
+        } else if (vmdkAdapterType.equalsIgnoreCase("lsilogic")) {
+            return VmdkAdapterType.lsilogic;
+        } else if (vmdkAdapterType.equalsIgnoreCase("buslogic")) {
+            return VmdkAdapterType.buslogic;
+        } else {
+            return VmdkAdapterType.none;
+        }
+    }
+}
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmdkFileDescriptor.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmdkFileDescriptor.java
index 8aecfdd01b..932c251b04 100755
--- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmdkFileDescriptor.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmdkFileDescriptor.java
@@ -29,6 +29,9 @@
 
 public class VmdkFileDescriptor {
     private static final Logger s_logger = Logger.getLogger(VmdkFileDescriptor.class);
+    private static final String VMDK_PROPERTY_CREATE_TYPE = "createType";
+    private static final String VMDK_CREATE_TYPE_VMFSSPARSE = "vmfsSparse";
+    private static final String VMDK_PROPERTY_ADAPTER_TYPE = "ddb.adapterType";
 
     private Properties _properties = new Properties();
     private String _baseFileName;
@@ -84,6 +87,73 @@ public String getParentFileName() {
         return _properties.getProperty("parentFileNameHint");
     }
 
+    public boolean isVmfsSparseFile() {
+        String vmdkCreateType = _properties.getProperty(VMDK_PROPERTY_CREATE_TYPE);
+        if (vmdkCreateType.equalsIgnoreCase(VMDK_CREATE_TYPE_VMFSSPARSE)) {
+            return true;
+        }
+        return false;
+    }
+
+    public String getAdapterType() {
+        return _properties.getProperty(VMDK_PROPERTY_ADAPTER_TYPE);
+    }
+
+
+    public static byte[] changeVmdkAdapterType(byte[] vmdkContent, String newAdapterType) throws IOException {
+        assert (vmdkContent != null);
+
+        BufferedReader in = null;
+        BufferedWriter out = null;
+        ByteArrayOutputStream bos = new ByteArrayOutputStream();
+
+        try {
+            in = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(vmdkContent)));
+            out = new BufferedWriter(new OutputStreamWriter(bos));
+            String line;
+            while ((line = in.readLine()) != null) {
+                // ignore empty and comment lines
+                line = line.trim();
+                if (line.isEmpty()) {
+                    out.newLine();
+                    continue;
+                }
+                if (line.charAt(0) == '#') {
+                    out.write(line);
+                    out.newLine();
+                    continue;
+                }
+
+                String[] tokens = line.split("=");
+                if (tokens.length == 2) {
+                    String name = tokens[0].trim();
+                    String value = tokens[1].trim();
+                    if (value.charAt(0) == '\"')
+                        value = value.substring(1, value.length() - 1);
+
+                    if (newAdapterType != null && name.equals(VMDK_PROPERTY_ADAPTER_TYPE)) {
+                        out.write(name + "=\"" + newAdapterType + "\"");
+                        out.newLine();
+                    } else {
+                        out.write(line);
+                        out.newLine();
+                    }
+                } else {
+                    out.write(line);
+                    out.newLine();
+                }
+            }
+        } finally {
+            if (in != null)
+                in.close();
+            if (out != null)
+                out.close();
+        }
+
+        return bos.toByteArray();
+
+    }
+
     public static byte[] changeVmdkContentBaseInfo(byte[] vmdkContent, String baseFileName, String parentFileName) throws IOException {
 
         assert (vmdkContent != null);
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmwareHypervisorHost.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmwareHypervisorHost.java
index 9727e17331..fdfc254278 100755
--- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmwareHypervisorHost.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VmwareHypervisorHost.java
@@ -23,6 +23,7 @@
 import com.vmware.vim25.VirtualMachineConfigSpec;
 
 import com.cloud.hypervisor.vmware.util.VmwareContext;
+import com.cloud.utils.Pair;
 
 /**
  * Interface to consolidate ESX(i) hosts and HA/FT clusters into a common interface used by CloudStack Hypervisor resources
@@ -53,7 +54,8 @@ public interface VmwareHypervisorHost {
     boolean createVm(VirtualMachineConfigSpec vmSpec) throws Exception;
 
     boolean createBlankVm(String vmName, String vmInternalCSName, int cpuCount, int cpuSpeedMHz, int cpuReservedMHz, boolean limitCpuUse, int memoryMB,
-        int memoryReserveMB, String guestOsIdentifier, ManagedObjectReference morDs, boolean snapshotDirToParent) throws Exception;
+        int memoryReserveMB, String guestOsIdentifier, ManagedObjectReference morDs, boolean snapshotDirToParent,
+        Pair<String, String> controllerInfo, Boolean systemVm) throws Exception;
 
     void importVmFromOVF(String ovfFilePath, String vmName, DatastoreMO dsMo, String diskOption) throws Exception;
 
@@ -81,4 +83,5 @@ boolean createBlankVm(String vmName, String vmInternalCSName, int cpuCount, int
     ComputeResourceSummary getHyperHostHardwareSummary() throws Exception;
 
     LicenseAssignmentManagerMO getLicenseAssignmentManager() throws Exception;
+    String getRecommendedDiskController(String guestOsId) throws Exception;
 }
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareHelper.java b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareHelper.java
index b2b10907d6..837981393e 100644
--- a/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareHelper.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/util/VmwareHelper.java
@@ -34,6 +34,7 @@
 
 import com.vmware.vim25.DistributedVirtualSwitchPortConnection;
 import com.vmware.vim25.DynamicProperty;
+import com.vmware.vim25.GuestOsDescriptor;
 import com.vmware.vim25.ManagedObjectReference;
 import com.vmware.vim25.MethodFault;
 import com.vmware.vim25.ObjectContent;
@@ -62,6 +63,7 @@
 import com.vmware.vim25.VirtualVmxnet2;
 import com.vmware.vim25.VirtualVmxnet3;
 
+import com.cloud.hypervisor.vmware.mo.DiskControllerType;
 import com.cloud.hypervisor.vmware.mo.HostMO;
 import com.cloud.hypervisor.vmware.mo.LicenseAssignmentManagerMO;
 import com.cloud.hypervisor.vmware.mo.VirtualEthernetCardType;
@@ -75,6 +77,11 @@ public class VmwareHelper {
     @SuppressWarnings("unused")
     private static final Logger s_logger = Logger.getLogger(VmwareHelper.class);
 
+    public static final int MAX_SCSI_CONTROLLER_COUNT = 4;
+    public static final int MAX_IDE_CONTROLLER_COUNT = 2;
+    public static final int MAX_ALLOWED_DEVICES_IDE_CONTROLLER = 2;
+    public static final int MAX_ALLOWED_DEVICES_SCSI_CONTROLLER = 15;
+
     public static boolean isReservedScsiDeviceNumber(int deviceNumber) {
         return deviceNumber == 7;
     }
@@ -705,6 +712,19 @@ public static String getVCenterSafeUuid() {
         return UUID.randomUUID().toString().replaceAll("-", "");
     }
 
+    public static String getRecommendedDiskControllerFromDescriptor(GuestOsDescriptor guestOsDescriptor) throws Exception {
+        String recommendedController;
+
+        recommendedController = guestOsDescriptor.getRecommendedDiskController();
+
+        // By-pass auto detected PVSCSI controller to use LsiLogic Parallel instead
+        if (DiskControllerType.getType(recommendedController) == DiskControllerType.pvscsi) {
+            recommendedController = DiskControllerType.lsilogic.toString();
+        }
+
+        return recommendedController;
+    }
+
     public static String trimSnapshotDeltaPostfix(String name) {
         String[] tokens = name.split("-");
         if (tokens.length > 1 && tokens[tokens.length - 1].matches("[0-9]{6,}")) {
@@ -716,4 +736,8 @@ public static String trimSnapshotDeltaPostfix(String name) {
         return name;
     }
 
+    public static boolean isControllerOsRecommended(String dataDiskController) {
+        return DiskControllerType.getType(dataDiskController) == DiskControllerType.osdefault;
+    }
+
 }

From c7d67628b3ff86802a1ac3b58e0bc05d54afd543 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Fri, 27 Nov 2015 18:30:00 +0530
Subject: [PATCH 101/115] CLOUDSTACK-4787: Allow users to select disk
 controller for VM/template

- Adds new controller types in the UI, for selecting root disk controller while
  registering templates
- Fixes bug to not override disk controller type if provided in the details (either
  vm details or from template details)

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../src/com/cloud/configuration/Config.java   |  2 +-
 .../src/com/cloud/vm/UserVmManagerImpl.java   | 15 +++++++++-----
 ui/scripts/templates.js                       | 20 +++++++++++++++++++
 3 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index 41a187237c..3a24698f52 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -1195,7 +1195,7 @@ public enum Config {
             String.class,
             "vmware.root.disk.controller",
             "ide",
-            "Specify the default disk controller for root volumes, valid values are scsi, ide",
+            "Specify the default disk controller for root volumes, valid values are scsi, ide, osdefault. Please check documentation for more details on each of these values.",
             null),
     VmwareSystemVmNicDeviceType(
             "Advanced",
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index 6f49bb2b5c..35aafb8164 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -3117,11 +3117,16 @@ public UserVmVO doInTransaction(TransactionStatus status) throws InsufficientCap
                         s_logger.info("guestOS is OSX : overwrite root disk controller to scsi, use smc and efi");
                     } else {
                         String controllerSetting = _configDao.getValue("vmware.root.disk.controller");
-                        vm.setDetail(VmDetailConstants.ROOK_DISK_CONTROLLER, controllerSetting);
-                        if (controllerSetting.equalsIgnoreCase("scsi")) {
-                            vm.setDetail(VmDetailConstants.DATA_DISK_CONTROLLER, "scsi");
-                        } else {
-                            vm.setDetail(VmDetailConstants.DATA_DISK_CONTROLLER, "osdefault");
+                        // Don't override if VM already has root/data disk controller detail
+                        if (vm.getDetail(VmDetailConstants.ROOK_DISK_CONTROLLER) == null) {
+                            vm.setDetail(VmDetailConstants.ROOK_DISK_CONTROLLER, controllerSetting);
+                        }
+                        if (vm.getDetail(VmDetailConstants.DATA_DISK_CONTROLLER) == null) {
+                            if (controllerSetting.equalsIgnoreCase("scsi")) {
+                                vm.setDetail(VmDetailConstants.DATA_DISK_CONTROLLER, "scsi");
+                            } else {
+                                vm.setDetail(VmDetailConstants.DATA_DISK_CONTROLLER, "osdefault");
+                            }
                         }
                     }
                 }
diff --git a/ui/scripts/templates.js b/ui/scripts/templates.js
index 6d09b51042..bff971c56c 100644
--- a/ui/scripts/templates.js
+++ b/ui/scripts/templates.js
@@ -281,6 +281,26 @@
                                                 id: "ide",
                                                 description: "ide"
                                             });
+                                            items.push({
+                                                id: "osdefault",
+                                                description: "osdefault"
+                                            });
+                                            items.push({
+                                                id: "pvscsi",
+                                                description: "pvscsi"
+                                            });
+                                            items.push({
+                                                id: "lsilogic",
+                                                description: "lsilogic"
+                                            });
+                                            items.push({
+                                                id: "lsisas1068",
+                                                description: "lsilogicsas"
+                                            });
+                                            items.push({
+                                                id: "buslogic",
+                                                description: "buslogic"
+                                            });
                                             args.response.success({
                                                 data: items
                                             });

From e1ef2e9ac08193ef515e7817de2936850125035b Mon Sep 17 00:00:00 2001
From: Boris Schrijver <boris@pcextreme.nl>
Date: Mon, 23 Nov 2015 00:07:29 +0100
Subject: [PATCH 102/115] CLOUDSTACK-9078: Gave scripts executable permissions.

(cherry picked from commit e2fc270480916901b2bfd4f4bab376a6008f9f57)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	python/lib/cloudutils/serviceConfigServer.py
---
 python/lib/cloudutils/serviceConfigServer.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/python/lib/cloudutils/serviceConfigServer.py b/python/lib/cloudutils/serviceConfigServer.py
index b928df4d49..7d4240e30d 100644
--- a/python/lib/cloudutils/serviceConfigServer.py
+++ b/python/lib/cloudutils/serviceConfigServer.py
@@ -108,6 +108,8 @@ def checkHostName():
         #distro like sl 6.1 needs this folder, or tomcat6 failed to start
         checkHostName()
         bash("mkdir /var/log/cloudstack-management/")
+        bash("chown cloud:cloud -R /var/lib/cloudstack/")
+        bash("chmod +x -R /usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/")
         #set max process per account is unlimited
         if os.path.exists("/etc/security/limits.conf"):
             cfo = configFileOps("/etc/security/limits.conf")

From 296a5d77528d11ec43fd239698f7314dc977408d Mon Sep 17 00:00:00 2001
From: dsclose <dsclose@users.noreply.github.com>
Date: Thu, 12 Nov 2015 08:05:57 +0000
Subject: [PATCH 103/115] CLOUDSTACK-9058

Respond with "saved_password" if no password is to be issued.
(cherry picked from commit 8a7deefe64cab0b3c49ebc510c6524b1fad1f884)

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py b/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py
index 91dec24e9a..fc84910a11 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py
@@ -113,6 +113,7 @@ def do_GET(self):
         if requestType == 'send_my_password':
             password = getPassword(clientAddress)
             if not password:
+                self.wfile.write('saved_password')
                 syslog.syslog('serve_password: requested password not found for %s' % clientAddress)
             else:
                 self.wfile.write(password)

From 75f7c4d085a7387f0121ebb4834cb983ec1f056d Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 30 Nov 2015 15:39:24 +0530
Subject: [PATCH 104/115] CLOUDSTACK-9053 security upgrade as per
 COLLECTIONS-580

Picked from Daan's fix from: https://github.com/apache/cloudstack/pull/1089

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 94b4be97a6..3090888f99 100644
--- a/pom.xml
+++ b/pom.xml
@@ -45,7 +45,7 @@
     <cs.pool.version>1.6</cs.pool.version>
     <cs.codec.version>1.6</cs.codec.version>
     <cs.configuration.version>1.8</cs.configuration.version>
-    <cs.collections.version>3.2.1</cs.collections.version>
+    <cs.collections.version>3.2.2</cs.collections.version>
     <cs.logging.version>1.1.1</cs.logging.version>
     <cs.discovery.version>0.5</cs.discovery.version>
     <cs.ejb.version>3.0</cs.ejb.version>

From 865dd46bbed6d4f8dd8731a8efb15ede93cb3425 Mon Sep 17 00:00:00 2001
From: Boris Schrijver <boris@pcextreme.nl>
Date: Sun, 8 Nov 2015 20:38:08 +0100
Subject: [PATCH 105/115] CLOUDSTACK-9045: Corrected mount point for management
 server DEBIAN.

(cherry picked from commit 7bbc5338c50820107dc5a7c4b6c1fbf09e1afd40)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 packaging/debian/replace.properties | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/packaging/debian/replace.properties b/packaging/debian/replace.properties
index 5a0bd58ab6..124c016387 100644
--- a/packaging/debian/replace.properties
+++ b/packaging/debian/replace.properties
@@ -21,7 +21,6 @@ DBROOTPW=
 MSLOG=vmops.log
 APISERVERLOG=api.log
 DBHOST=localhost
-MSMNTDIR=/mnt
 COMPONENTS-SPEC=components-premium.xml
 AWSAPILOG=awsapi.log
 REMOTEHOST=localhost
@@ -45,7 +44,7 @@ MSCONF=/etc/cloudstack/management
 MSENVIRON=/usr/share/cloudstack-management
 MSLOG=/var/log/cloudstack/management/management-server.log
 MSLOGDIR=/var/log/cloudstack/management/
-MSMNTDIR=/var/lib/cloud/mnt
+MSMNTDIR=/var/lib/cloudstack/mnt
 MSUSER=cloud
 PIDDIR=/var/run
 PLUGINJAVADIR=

From d62335215b2b95cf29599186b97f08efd162c3a8 Mon Sep 17 00:00:00 2001
From: Boris Schrijver <boris@pcextreme.nl>
Date: Thu, 5 Nov 2015 16:30:14 +0100
Subject: [PATCH 106/115] CLOUDSTACK-9039: Fix paths for logging Ubuntu
 Management.

(cherry picked from commit acd49d801be0cf5675ce2b2130277b85fad213bd)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 python/lib/cloudutils/serviceConfig.py       | 2 +-
 python/lib/cloudutils/serviceConfigServer.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/python/lib/cloudutils/serviceConfig.py b/python/lib/cloudutils/serviceConfig.py
index 292c9a77d7..8847e63e03 100755
--- a/python/lib/cloudutils/serviceConfig.py
+++ b/python/lib/cloudutils/serviceConfig.py
@@ -54,7 +54,7 @@ def configration(self):
         except:
             logging.debug(formatExceptionInfo())
             if self.syscfg.env.mode == "Server":
-                raise CloudRuntimeException("Configure %s failed, Please check the /var/log/cloudstack/setupManagement.log for detail"%self.serviceName)
+                raise CloudRuntimeException("Configure %s failed, Please check the /var/log/cloudstack/management/setupManagement.log for detail"%self.serviceName)
             else:
                 raise CloudRuntimeException("Configure %s failed, Please check the /var/log/cloudstack/agent/setup.log for detail"%self.serviceName)
 
diff --git a/python/lib/cloudutils/serviceConfigServer.py b/python/lib/cloudutils/serviceConfigServer.py
index 7d4240e30d..b9062e296e 100644
--- a/python/lib/cloudutils/serviceConfigServer.py
+++ b/python/lib/cloudutils/serviceConfigServer.py
@@ -126,4 +126,4 @@ def checkHostName():
         if self.syscfg.svo.enableService("cloudstack-management"):
             return True
         else:
-            raise CloudRuntimeException("Failed to configure %s, please see the /var/log/cloudstack/setupManagement.log for detail"%self.serviceName)
+            raise CloudRuntimeException("Failed to configure %s, please see the /var/log/cloudstack/management/setupManagement.log for detail"%self.serviceName)

From 0a8e43b502db0aa6acca046fb7a5c72c51268573 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Thu, 3 Dec 2015 00:10:30 +0530
Subject: [PATCH 107/115] debian: Partially pick change from #626 for getting
 version

- fix release version automatically updated using pom.xml
- allows building of 4.5 pkgs on Ubuntu

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 debian/rules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/rules b/debian/rules
index 45461bb743..f66f0f65a5 100755
--- a/debian/rules
+++ b/debian/rules
@@ -11,7 +11,7 @@
 # build-arch and build-indep targets  by Bill Allombert 2001
 
 DEBVERS := $(shell dpkg-parsechangelog | sed -n -e 's/^Version: //p')
-VERSION := $(shell echo '$(DEBVERS)' | sed -e 's/^[[:digit:]]*://' -e 's/[~-].*//')
+VERSION := $(shell cat pom.xml | sed '22!d' | cut -d'>' -f2 | cut -d'<' -f1)
 MVNADD := $(shell if echo '$(DEBVERS)' | grep -q snapshot; then echo ; fi )
 PACKAGE = $(shell dh_listpackages|head -n 1|cut -d '-' -f 1)
 SYSCONFDIR = "/etc"

From 421bc00cd6005d9e8484c6df46a3b84ff466afd2 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Fri, 4 Dec 2015 13:47:03 +0530
Subject: [PATCH 108/115] rate-limit: increase JVM memory and enable fork mode
 for unit tests

Enables forkmode for surefire plugin and increases memory opts for JVM
for rate-limit tests. This tries to fix intermittent Jenkins failures
which look like:

multipleClientsCanAccessWithoutBlocking(org.apache.cloudstack.ratelimit.ApiRateLimitTest):
unable to create new native thread

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 plugins/api/rate-limit/pom.xml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/plugins/api/rate-limit/pom.xml b/plugins/api/rate-limit/pom.xml
index 7f2f3fa845..b5ccb1a44e 100644
--- a/plugins/api/rate-limit/pom.xml
+++ b/plugins/api/rate-limit/pom.xml
@@ -32,7 +32,8 @@
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-surefire-plugin</artifactId>
         <configuration>
-          <argLine>-Xmx1024m</argLine>
+          <forkMode>always</forkMode>
+          <argLine>-Xmx2048m -XX:MaxPermSize=1024m</argLine>
           <excludes>
             <exclude>org/apache/cloudstack/ratelimit/integration/*</exclude>
           </excludes>

From 155ea2e7b22d18023c3ad58bb527dd965d108911 Mon Sep 17 00:00:00 2001
From: Laszlo Hornyak <laszlo.hornyak@gmail.com>
Date: Wed, 21 Oct 2015 21:36:15 +0200
Subject: [PATCH 109/115] CLOUDSTACK-8977: remove session creation from
 index.jsp

Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
(cherry picked from commit 040810e67a9139528231c73418997f21aead1db7)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/index.jsp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/index.jsp b/ui/index.jsp
index 60f3cc3832..5c58c74431 100644
--- a/ui/index.jsp
+++ b/ui/index.jsp
@@ -16,7 +16,7 @@
      KIND, either express or implied.  See the License for the
      specific language governing permissions and limitations
      under the License.
-     --%><%@ page contentType="text/html; charset=UTF-8" %>
+     --%><%@ page contentType="text/html; charset=UTF-8" session="false" %>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>
 <c:if test="${!empty cookie.lang}">

From 238954cf58edce3389a73a837fca3d0796fb612d Mon Sep 17 00:00:00 2001
From: Nitin Kumar Maharana <nitin.maharana@gmail.com>
Date: Tue, 17 Nov 2015 23:02:55 +0530
Subject: [PATCH 110/115] CLOUDSTACK-9068: Listing Port Forwarding Rules take
 too much time to load

For setting the width of each data item for each row of Port Forwarding rules, it was processing all rules.

Basically for each data item, it was searching in all rules, which is un-necessary.
If there are N-Rules, It was processing N-times.

Now, it only processes one time by taking all N-rules at a time.
The previous solution was of O(NxN). Now its changed to O(N).

(cherry picked from commit 48df255f71e9938cc9e0879cbc60d9a0a778d95a)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/ui/widgets/multiEdit.js | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/ui/scripts/ui/widgets/multiEdit.js b/ui/scripts/ui/widgets/multiEdit.js
index c4de8cecbe..e14f3ef1a1 100755
--- a/ui/scripts/ui/widgets/multiEdit.js
+++ b/ui/scripts/ui/widgets/multiEdit.js
@@ -278,9 +278,6 @@
                     $td.addClass('blank');
                 }
 
-                // Align width to main header
-                _medit.refreshItemWidths($multi);
-                
                 if (data._hideFields &&
                     $.inArray(fieldName, data._hideFields) > -1) {
                     $td.addClass('disabled');

From 63b8de62e093749ba0b1931a0e243c4b81494234 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 4 Apr 2016 12:53:45 +0530
Subject: [PATCH 111/115] ui: fix typo in dashboard's fetchlatest usage

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 ui/scripts/dashboard.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ui/scripts/dashboard.js b/ui/scripts/dashboard.js
index dff6a91a9e..a2fe048615 100644
--- a/ui/scripts/dashboard.js
+++ b/ui/scripts/dashboard.js
@@ -184,9 +184,9 @@
                     },
                     capacity: function(data) {
                         if (window.fetchLatestflag == 1) {
-                            data.fetchLastest = true;
+                            data.fetchLatest = true;
                         } else {
-                            data.fetchLastest = false;
+                            data.fetchLatest = false;
                         }
                         window.fetchLatestflag = 0;
                         dataFns.alerts(data);

From b0f3bea188bdf2bc889f74eeddd919878e5d170e Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 25 Jan 2016 17:56:01 +0100
Subject: [PATCH 112/115] vmware: improve support for disk controllers

- Improve disk chain usage while attaching, migrating disks
- Gets root disk controller based diskDeviceBusName from volume's chain info

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #1366
---
 .../api/storage/MigrateVolumeAnswer.java      |  9 ++++
 .../storage/command/AttachAnswer.java         | 17 +++++++
 .../motion/AncientDataMotionStrategy.java     |  4 ++
 .../vmware/resource/VmwareResource.java       | 31 +++++++++---
 .../resource/VmwareStorageProcessor.java      | 28 +++++------
 .../motion/VmwareStorageMotionStrategy.java   |  3 ++
 .../cloud/storage/VolumeApiServiceImpl.java   | 40 ++++++++++++++++
 server/src/com/cloud/vm/UserVmManager.java    |  2 +
 .../src/com/cloud/vm/UserVmManagerImpl.java   |  9 ++++
 .../volume/VirtualMachineVolumeChainInfo.java | 48 +++++++++++++++++++
 .../vmware/mo/GuestOsDescriptorType.java      | 38 +++++++++++++++
 .../vmware/mo/VirtualMachineMO.java           |  7 ++-
 12 files changed, 212 insertions(+), 24 deletions(-)
 create mode 100644 utils/src/org/apache/cloudstack/utils/volume/VirtualMachineVolumeChainInfo.java
 create mode 100644 vmware-base/src/com/cloud/hypervisor/vmware/mo/GuestOsDescriptorType.java

diff --git a/core/src/com/cloud/agent/api/storage/MigrateVolumeAnswer.java b/core/src/com/cloud/agent/api/storage/MigrateVolumeAnswer.java
index 3db3e863c5..43ce4a6ac8 100644
--- a/core/src/com/cloud/agent/api/storage/MigrateVolumeAnswer.java
+++ b/core/src/com/cloud/agent/api/storage/MigrateVolumeAnswer.java
@@ -24,6 +24,7 @@
 
 public class MigrateVolumeAnswer extends Answer {
     private String volumePath;
+    private String volumeChain;
 
     public MigrateVolumeAnswer(Command command, boolean success, String details, String volumePath) {
         super(command, success, details);
@@ -38,4 +39,12 @@ public MigrateVolumeAnswer(Command command) {
     public String getVolumePath() {
         return volumePath;
     }
+
+    public String getVolumeChainInfo() {
+        return volumeChain;
+    }
+
+    public void setVolumeChainInfo(String volumeChain) {
+        this.volumeChain = volumeChain;
+    }
 }
\ No newline at end of file
diff --git a/core/src/org/apache/cloudstack/storage/command/AttachAnswer.java b/core/src/org/apache/cloudstack/storage/command/AttachAnswer.java
index 80736891cb..16452afe63 100644
--- a/core/src/org/apache/cloudstack/storage/command/AttachAnswer.java
+++ b/core/src/org/apache/cloudstack/storage/command/AttachAnswer.java
@@ -22,8 +22,11 @@
 import com.cloud.agent.api.Answer;
 import com.cloud.agent.api.to.DiskTO;
 
+import java.util.Map;
+
 public class AttachAnswer extends Answer {
     private DiskTO disk;
+    private Map<String, String> diskDetails;
 
     public AttachAnswer() {
         super(null);
@@ -34,6 +37,12 @@ public AttachAnswer(DiskTO disk) {
         setDisk(disk);
     }
 
+    public AttachAnswer(DiskTO disk, Map<String, String> diskDetails) {
+        super(null);
+        setDisk(disk);
+        setDiskDetails(diskDetails);
+    }
+
     public AttachAnswer(String errMsg) {
         super(null, false, errMsg);
     }
@@ -45,4 +54,12 @@ public DiskTO getDisk() {
     public void setDisk(DiskTO disk) {
         this.disk = disk;
     }
+
+    public Map<String, String> getDiskDetails() {
+        return diskDetails;
+    }
+
+    public void setDiskDetails(Map<String, String> diskDetails) {
+        this.diskDetails = diskDetails;
+    }
 }
diff --git a/engine/storage/datamotion/src/org/apache/cloudstack/storage/motion/AncientDataMotionStrategy.java b/engine/storage/datamotion/src/org/apache/cloudstack/storage/motion/AncientDataMotionStrategy.java
index 7e572c3c50..c9c35b45d7 100644
--- a/engine/storage/datamotion/src/org/apache/cloudstack/storage/motion/AncientDataMotionStrategy.java
+++ b/engine/storage/datamotion/src/org/apache/cloudstack/storage/motion/AncientDataMotionStrategy.java
@@ -407,6 +407,10 @@ protected Answer migrateVolumeToPool(DataObject srcData, DataObject destData) {
             VolumeVO volumeVo = volDao.findById(volume.getId());
             Long oldPoolId = volume.getPoolId();
             volumeVo.setPath(((MigrateVolumeAnswer)answer).getVolumePath());
+            String chainInfo = ((MigrateVolumeAnswer) answer).getVolumeChainInfo();
+            if (chainInfo != null) {
+                volumeVo.setChainInfo(chainInfo);
+            }
             volumeVo.setPodId(destPool.getPodId());
             volumeVo.setPoolId(destPool.getId());
             volumeVo.setLastPoolId(oldPoolId);
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
index 008f3a39a6..e9fca8c763 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@@ -33,7 +33,6 @@
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
-import java.util.Map.Entry;
 import java.util.Random;
 import java.util.Set;
 import java.util.TimeZone;
@@ -228,6 +227,7 @@
 import com.cloud.hypervisor.vmware.mo.DatastoreFile;
 import com.cloud.hypervisor.vmware.mo.DatastoreMO;
 import com.cloud.hypervisor.vmware.mo.DiskControllerType;
+import com.cloud.hypervisor.vmware.mo.GuestOsDescriptorType;
 import com.cloud.hypervisor.vmware.mo.FeatureKeyConstants;
 import com.cloud.hypervisor.vmware.mo.HostMO;
 import com.cloud.hypervisor.vmware.mo.HostStorageSystemMO;
@@ -1449,7 +1449,7 @@ protected StartAnswer execute(StartCommand cmd) {
                 s_logger.error(msg);
                 throw new Exception(msg);
             }
-
+            String guestOsId = translateGuestOsIdentifierEx(vmSpec.getArch(), vmSpec.getOs(), vmSpec.getPlatformEmulator());
             DiskTO[] disks = validateDisks(vmSpec.getDisks());
             assert (disks.length > 0);
             NicTO[] nics = vmSpec.getNics();
@@ -1562,7 +1562,7 @@ protected StartAnswer execute(StartCommand cmd) {
                         tearDownVm(vmMo);
                     }else if (!hyperHost.createBlankVm(vmNameOnVcenter, vmInternalCSName, vmSpec.getCpus(), vmSpec.getMaxSpeed().intValue(),
                             getReservedCpuMHZ(vmSpec), vmSpec.getLimitCpuUse(), (int)(vmSpec.getMaxRam() / (1024 * 1024)), getReservedMemoryMb(vmSpec),
-                            translateGuestOsIdentifier(vmSpec.getArch(), vmSpec.getOs(), vmSpec.getPlatformEmulator()).value(), rootDiskDataStoreDetails.first(), false, controllerInfo, systemVm)) {
+                            guestOsId, rootDiskDataStoreDetails.first(), false, controllerInfo, systemVm)) {
                         throw new Exception("Failed to create VM. vmName: " + vmInternalCSName);
                     }
                 }
@@ -1586,7 +1586,6 @@ protected StartAnswer execute(StartCommand cmd) {
             }
 
             VirtualMachineConfigSpec vmConfigSpec = new VirtualMachineConfigSpec();
-            String guestOsId = translateGuestOsIdentifier(vmSpec.getArch(), vmSpec.getOs(), vmSpec.getPlatformEmulator()).value();
 
             VmwareHelper.setBasicVmConfig(vmConfigSpec, vmSpec.getCpus(), vmSpec.getMaxSpeed(),
                     getReservedCpuMHZ(vmSpec), (int)(vmSpec.getMaxRam() / (1024 * 1024)), getReservedMemoryMb(vmSpec),
@@ -3357,6 +3356,7 @@ protected Answer execute(MigrateWithStorageCommand cmd) {
                 s_logger.debug("Successfully consolidated disks of VM " + vmName + ".");
             }
 
+            VirtualMachineDiskInfoBuilder diskInfoBuilder = vmMo.getDiskInfoBuilder();
             // Update and return volume path for every disk because that could have changed after migration
             for (Pair<VolumeTO, StorageFilerTO> entry : volToFiler) {
                 volume = entry.first();
@@ -3365,8 +3365,12 @@ protected Answer execute(MigrateWithStorageCommand cmd) {
                 for (VirtualDisk disk : disks) {
                     if (volumeDeviceKey.get(volumeId) == disk.getKey()) {
                         VolumeObjectTO newVol = new VolumeObjectTO();
+                        String newPath = vmMo.getVmdkFileBaseName(disk);
+                        String poolName = entry.second().getUuid().replace("-", "");
+                        VirtualMachineDiskInfo diskInfo = diskInfoBuilder.getDiskInfoByBackingFileBaseName(newPath, poolName);
                         newVol.setId(volumeId);
-                        newVol.setPath(vmMo.getVmdkFileBaseName(disk));
+                        newVol.setChainInfo(this._gson.toJson(diskInfo));
+                        newVol.setPath(newPath);
                         volumeToList.add(newVol);
                         break;
                     }
@@ -3498,7 +3502,11 @@ private Answer execute(MigrateVolumeCommand cmd) {
                     }
             }
 
-            return new MigrateVolumeAnswer(cmd, true, null, volumePath);
+            VirtualMachineDiskInfoBuilder diskInfoBuilder = vmMo.getDiskInfoBuilder();
+            String chainInfo = _gson.toJson(diskInfoBuilder.getDiskInfoByBackingFileBaseName(volumePath, poolTo.getUuid().replace("-", "")));
+            MigrateVolumeAnswer answer = new MigrateVolumeAnswer(cmd, true, null, volumePath);
+            answer.setVolumeChainInfo(chainInfo);
+            return answer;
         } catch (Exception e) {
             String msg = "Catch Exception " + e.getClass().getName() + " due to " + e.toString();
             s_logger.error(msg, e);
@@ -4672,6 +4680,17 @@ private VirtualMachineGuestOsIdentifier translateGuestOsIdentifier(String cpuArc
         return VirtualMachineGuestOsIdentifier.OTHER_GUEST;
     }
 
+    private String translateGuestOsIdentifierEx(String cpuArchitecture, String guestOs, String cloudGuestOs) {
+        if (cloudGuestOs != null) {
+            GuestOsDescriptorType guestOsId = GuestOsDescriptorType.fromValue(cloudGuestOs);
+            if (guestOsId != null) {
+                s_logger.debug("Found guest OS mapping name for guest os: " + guestOs);
+                return guestOsId.toString();
+            }
+        }
+        return translateGuestOsIdentifier(cpuArchitecture, guestOs, cloudGuestOs).value();
+    }
+
     private HashMap<String, HostVmStateReportEntry> getHostVmStateReport() throws Exception {
         VmwareHypervisorHost hyperHost = getHyperHost(getServiceContext());
 
diff --git a/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareStorageProcessor.java b/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareStorageProcessor.java
index bc454e7425..2b710f5f2b 100644
--- a/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareStorageProcessor.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareStorageProcessor.java
@@ -1345,24 +1345,18 @@ private Answer attachVolume(Command cmd, DiskTO disk, boolean isAttach, boolean
             AttachAnswer answer = new AttachAnswer(disk);
 
             if (isAttach) {
-                String dataDiskController = controllerInfo.get(VmDetailConstants.DATA_DISK_CONTROLLER);
-                String rootDiskController = controllerInfo.get(VmDetailConstants.ROOK_DISK_CONTROLLER);
-                DiskControllerType rootDiskControllerType = DiskControllerType.getType(rootDiskController);
-
-                if (dataDiskController == null) {
-                    dataDiskController = getLegacyVmDataDiskController();
-                } else if ((rootDiskControllerType == DiskControllerType.lsilogic) ||
-                           (rootDiskControllerType == DiskControllerType.lsisas1068) ||
-                           (rootDiskControllerType == DiskControllerType.pvscsi) ||
-                           (rootDiskControllerType == DiskControllerType.buslogic)) {
-                    //TODO: Support mix of SCSI controller types for single VM. If root disk is already over
-                    //a SCSI controller then use the same for data volume as well. This limitation will go once mix
-                    //of SCSI controller types for single VM.
-                    dataDiskController = rootDiskController;
-                } else if (DiskControllerType.getType(dataDiskController) == DiskControllerType.osdefault) {
-                    dataDiskController = vmMo.getRecommendedDiskController(null);
+                Map<String, String> diskDetails = new HashMap<String, String>();
+                String diskController = null;
+                if (controllerInfo != null) {
+                    diskController = controllerInfo.get(VmDetailConstants.DATA_DISK_CONTROLLER);
                 }
-                vmMo.attachDisk(new String[] {datastoreVolumePath}, morDs, dataDiskController);
+                if (diskController == null) {
+                    diskController = getLegacyVmDataDiskController();
+                }
+                if (DiskControllerType.getType(diskController) == DiskControllerType.osdefault) {
+                    diskController = vmMo.getRecommendedDiskController(null);
+                }
+                vmMo.attachDisk(new String[] {datastoreVolumePath}, morDs, diskController);
             } else {
                 vmMo.removeAllSnapshots();
                 vmMo.detachDisk(datastoreVolumePath, false);
diff --git a/plugins/hypervisors/vmware/src/org/apache/cloudstack/storage/motion/VmwareStorageMotionStrategy.java b/plugins/hypervisors/vmware/src/org/apache/cloudstack/storage/motion/VmwareStorageMotionStrategy.java
index da9764de54..4b77aab617 100644
--- a/plugins/hypervisors/vmware/src/org/apache/cloudstack/storage/motion/VmwareStorageMotionStrategy.java
+++ b/plugins/hypervisors/vmware/src/org/apache/cloudstack/storage/motion/VmwareStorageMotionStrategy.java
@@ -207,6 +207,9 @@ private void updateVolumesAfterMigration(Map<VolumeInfo, DataStore> volumeToPool
                     VolumeVO volumeVO = volDao.findById(volume.getId());
                     Long oldPoolId = volumeVO.getPoolId();
                     volumeVO.setPath(volumeTo.getPath());
+                    if (volumeTo.getChainInfo() != null) {
+                        volumeVO.setChainInfo(volumeTo.getChainInfo());
+                    }
                     volumeVO.setLastPoolId(oldPoolId);
                     volumeVO.setFolder(pool.getPath());
                     volumeVO.setPodId(pool.getPodId());
diff --git a/server/src/com/cloud/storage/VolumeApiServiceImpl.java b/server/src/com/cloud/storage/VolumeApiServiceImpl.java
index fa2888ab3f..68798f23d7 100644
--- a/server/src/com/cloud/storage/VolumeApiServiceImpl.java
+++ b/server/src/com/cloud/storage/VolumeApiServiceImpl.java
@@ -26,6 +26,7 @@
 
 import javax.inject.Inject;
 
+import org.apache.cloudstack.utils.volume.VirtualMachineVolumeChainInfo;
 import org.apache.log4j.Logger;
 
 import org.apache.cloudstack.api.command.user.volume.AttachVolumeCmd;
@@ -96,16 +97,19 @@
 import com.cloud.gpu.GPU;
 import com.cloud.host.HostVO;
 import com.cloud.host.dao.HostDao;
+import com.cloud.hypervisor.Hypervisor;
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.hypervisor.HypervisorCapabilitiesVO;
 import com.cloud.hypervisor.dao.HypervisorCapabilitiesDao;
 import com.cloud.org.Grouping;
+import com.cloud.serializer.GsonHelper;
 import com.cloud.service.dao.ServiceOfferingDetailsDao;
 import com.cloud.storage.Storage.ImageFormat;
 import com.cloud.storage.dao.DiskOfferingDao;
 import com.cloud.storage.dao.SnapshotDao;
 import com.cloud.storage.dao.VMTemplateDao;
 import com.cloud.storage.dao.VolumeDao;
+import com.cloud.storage.dao.VolumeDetailsDao;
 import com.cloud.storage.snapshot.SnapshotApiService;
 import com.cloud.storage.snapshot.SnapshotManager;
 import com.cloud.template.TemplateManager;
@@ -134,6 +138,7 @@
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.fsm.NoTransitionException;
 import com.cloud.utils.fsm.StateMachine2;
+import com.cloud.vm.UserVmManager;
 import com.cloud.vm.UserVmVO;
 import com.cloud.vm.VMInstanceVO;
 import com.cloud.vm.VirtualMachine;
@@ -154,6 +159,8 @@
 import com.cloud.vm.dao.VMInstanceDao;
 import com.cloud.vm.snapshot.VMSnapshotVO;
 import com.cloud.vm.snapshot.dao.VMSnapshotDao;
+import com.google.gson.Gson;
+import com.google.gson.JsonParseException;
 
 public class VolumeApiServiceImpl extends ManagerBase implements VolumeApiService, VmWorkJobHandler {
     private final static Logger s_logger = Logger.getLogger(VolumeApiServiceImpl.class);
@@ -176,6 +183,8 @@ public class VolumeApiServiceImpl extends ManagerBase implements VolumeApiServic
     @Inject
     VolumeDao _volsDao;
     @Inject
+    VolumeDetailsDao _volDetailDao;
+    @Inject
     HostDao _hostDao;
     @Inject
     SnapshotDao _snapshotDao;
@@ -225,6 +234,9 @@ public class VolumeApiServiceImpl extends ManagerBase implements VolumeApiServic
     VmWorkJobDao _workJobDao;
     @Inject
     ClusterDetailsDao _clusterDetailsDao;
+    @Inject
+    UserVmManager _userVmMgr;
+    protected Gson _gson;
 
     private List<StoragePoolAllocator> _storagePoolAllocators;
 
@@ -238,6 +250,7 @@ public class VolumeApiServiceImpl extends ManagerBase implements VolumeApiServic
 
     protected VolumeApiServiceImpl() {
         _volStateMachine = Volume.State.getStateMachine();
+        _gson = GsonHelper.getGsonLogger();
     }
 
     /*
@@ -1781,6 +1794,23 @@ public Volume migrateVolume(MigrateVolumeCmd cmd) {
                                 throw new InvalidParameterValueException("Cannot migrate ROOT volume of a stopped VM to a storage pool in a different VMware datacenter");
                             }
                         }
+
+                        String rootVolChainInfo = vol.getChainInfo();
+                        if ((vm.getType().equals(VirtualMachine.Type.User)) && (rootVolChainInfo != null) && (!rootVolChainInfo.isEmpty())) {
+                            String rootDiskController = null;
+                            try {
+                                VirtualMachineVolumeChainInfo infoInChain = _gson.fromJson(rootVolChainInfo, VirtualMachineVolumeChainInfo.class);
+                                if (infoInChain != null) {
+                                    rootDiskController = infoInChain.getControllerFromDeviceBusName();
+                                }
+                                UserVmVO userVmVo = _userVmDao.findById(vm.getId());
+                                if ((rootDiskController != null) && (!rootDiskController.isEmpty())) {
+                                    _userVmDao.loadDetails(userVmVo);
+                                    _userVmMgr.persistDeviceBusInfo(userVmVo, rootDiskController);
+                                }
+                            } catch (JsonParseException ignored) {
+                            }
+                        }
                     }
                 }
             }
@@ -2325,6 +2355,7 @@ private VolumeVO sendAttachVolumeCommand(UserVmVO vm, VolumeVO volumeToAttach, L
             controllerInfo.put(VmDetailConstants.ROOK_DISK_CONTROLLER, vm.getDetail(VmDetailConstants.ROOK_DISK_CONTROLLER));
             controllerInfo.put(VmDetailConstants.DATA_DISK_CONTROLLER, vm.getDetail(VmDetailConstants.DATA_DISK_CONTROLLER));
             cmd.setControllerInfo(controllerInfo);
+            s_logger.debug("Attach volume id:" + volumeToAttach.getId() +  " on VM id:" + vm.getId() + " has controller info:" + controllerInfo);
 
             try {
                 answer = (AttachAnswer)_agentMgr.send(hostId, cmd);
@@ -2349,6 +2380,15 @@ private VolumeVO sendAttachVolumeCommand(UserVmVO vm, VolumeVO volumeToAttach, L
 
                     _volsDao.update(volumeToAttach.getId(), volumeToAttach);
                 }
+
+                if (host.getHypervisorType() == Hypervisor.HypervisorType.VMware) {
+                    Map<String, String> diskDetails = answer.getDiskDetails();
+                    for (Map.Entry<String, String> detail : diskDetails.entrySet()) {
+                        VolumeDetailVO volumeDetailVo = new VolumeDetailVO(volumeToAttach.getId(), detail.getKey(), detail.getValue(), true);
+                        _volDetailDao.persist(volumeDetailVo);
+                    }
+                }
+
             } else {
                 _volsDao.attachVolume(volumeToAttach.getId(), vm.getId(), deviceId);
             }
diff --git a/server/src/com/cloud/vm/UserVmManager.java b/server/src/com/cloud/vm/UserVmManager.java
index 324547f47e..204619a669 100755
--- a/server/src/com/cloud/vm/UserVmManager.java
+++ b/server/src/com/cloud/vm/UserVmManager.java
@@ -111,4 +111,6 @@ UserVm updateVirtualMachine(long id, String displayName, String group, Boolean h
     public void removeCustomOfferingDetails(long vmId);
 
     void generateUsageEvent(VirtualMachine vm, boolean isDisplay, String eventType);
+
+    void persistDeviceBusInfo(UserVmVO paramUserVmVO, String paramString);
 }
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index 35aafb8164..e3ca9e6998 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -5028,6 +5028,15 @@ private void encryptAndStorePassword(UserVmVO vm, String password) {
         }
     }
 
+    public void persistDeviceBusInfo(UserVmVO vm, String rootDiskController) {
+        String existingVmRootDiskController = vm.getDetail(VmDetailConstants.ROOK_DISK_CONTROLLER);
+        if (((existingVmRootDiskController == null) || (existingVmRootDiskController.isEmpty())) && (rootDiskController != null) && (!rootDiskController.isEmpty())) {
+            vm.setDetail(VmDetailConstants.ROOK_DISK_CONTROLLER, rootDiskController);
+            _vmDao.saveDetails(vm);
+            s_logger.debug("Persisted device bus information rootDiskController=" + rootDiskController + " for vm: " + vm.getDisplayName());
+        }
+    }
+
     @Override
     public String getConfigComponentName() {
         return UserVmManager.class.getSimpleName();
diff --git a/utils/src/org/apache/cloudstack/utils/volume/VirtualMachineVolumeChainInfo.java b/utils/src/org/apache/cloudstack/utils/volume/VirtualMachineVolumeChainInfo.java
new file mode 100644
index 0000000000..ac1648b3b9
--- /dev/null
+++ b/utils/src/org/apache/cloudstack/utils/volume/VirtualMachineVolumeChainInfo.java
@@ -0,0 +1,48 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package org.apache.cloudstack.utils.volume;
+
+public class VirtualMachineVolumeChainInfo {
+    String diskDeviceBusName;
+    String[] diskChain;
+
+    public String getDiskDeviceBusName() {
+        return this.diskDeviceBusName;
+    }
+
+    public void setDiskDeviceBusName(String diskDeviceBusName) {
+        this.diskDeviceBusName = diskDeviceBusName;
+    }
+
+    public String[] getDiskChain() {
+        return this.diskChain;
+    }
+
+    public void setDiskChain(String[] diskChain) {
+        this.diskChain = diskChain;
+    }
+
+    public String getControllerFromDeviceBusName() {
+        if ((this.diskDeviceBusName == null) || (this.diskDeviceBusName.isEmpty()) || (!this.diskDeviceBusName.contains(":"))) {
+            return null;
+        }
+        return this.diskDeviceBusName.substring(0, this.diskDeviceBusName.indexOf(":") - 1);
+    }
+}
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/GuestOsDescriptorType.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/GuestOsDescriptorType.java
new file mode 100644
index 0000000000..364bd87b07
--- /dev/null
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/GuestOsDescriptorType.java
@@ -0,0 +1,38 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.hypervisor.vmware.mo;
+
+public enum GuestOsDescriptorType
+{
+  windows9Guest,
+  windows9_64Guest,
+  windows9Server64Guest,
+  rhel7Guest,
+  rhel7_64Guest;
+
+  public static GuestOsDescriptorType fromValue(String value) {
+    if (value == null) {
+      return null;
+    }
+    GuestOsDescriptorType guestOsType = null;
+    try {
+      guestOsType = valueOf(value);
+    } catch (IllegalArgumentException e) {
+    }
+    return guestOsType;
+  }
+}
diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/VirtualMachineMO.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VirtualMachineMO.java
index d61cb2ea15..86c4f472b1 100644
--- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/VirtualMachineMO.java
+++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/VirtualMachineMO.java
@@ -2112,8 +2112,12 @@ public int getScsiDiskControllerKey(String diskController) throws Exception {
         List<VirtualDevice> devices = (List<VirtualDevice>)_context.getVimClient().
                 getDynamicProperty(_mor, "config.hardware.device");
 
+        String deviceList = "";
         if (devices != null && devices.size() > 0) {
             for (VirtualDevice device : devices) {
+                if (device != null) {
+                    deviceList += String.format(" Device %s: info:%s controller key:%s;", device.getKey(), device.getDeviceInfo(), device.getControllerKey());
+                }
                 if ((DiskControllerType.getType(diskController) == DiskControllerType.lsilogic || DiskControllerType.getType(diskController) == DiskControllerType.scsi)
                         && device instanceof VirtualLsiLogicController) {
                     return ((VirtualLsiLogicController)device).getKey();
@@ -2131,7 +2135,8 @@ public int getScsiDiskControllerKey(String diskController) throws Exception {
         }
 
         assert (false);
-        throw new Exception(diskController + " Controller Not Found");
+        throw new Exception("Scsi disk controller of type " + diskController + " not found among configured devices:" + deviceList +
+                ". Unable to find and return scsi disk controller key.");
     }
 
     public int getScsiDiskControllerKeyNoException(String diskController) throws Exception {

From 419893a2fce15eaad0428bafe74bd01d3ed0c689 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 27 Apr 2016 00:02:11 +0530
Subject: [PATCH 113/115] CLOUDSTACK-9369: Restrict default login to
 ldap/native users

- Restricts default login auth handler to ldap and native-cloudstack users
- Refactors and create re-usable method to find domain by id/path

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 6a90c7cd580da1059adb190d48bf1ae26c6f058f)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 api/src/com/cloud/user/DomainService.java     | 10 ++++++++++
 server/src/com/cloud/api/ApiServer.java       | 16 +++++----------
 .../auth/DefaultLoginAPIAuthenticatorCmd.java | 13 ++++++++++++
 .../src/com/cloud/user/DomainManagerImpl.java | 20 +++++++++++++++++++
 .../com/cloud/user/MockDomainManagerImpl.java |  5 +++++
 5 files changed, 53 insertions(+), 11 deletions(-)

diff --git a/api/src/com/cloud/user/DomainService.java b/api/src/com/cloud/user/DomainService.java
index 4c1f93d073..3ccfcbcea4 100644
--- a/api/src/com/cloud/user/DomainService.java
+++ b/api/src/com/cloud/user/DomainService.java
@@ -56,4 +56,14 @@ public interface DomainService {
      */
     Domain findDomainByPath(String domainPath);
 
+    /**
+     * finds the domain by either id or provided path
+     *
+     * @param id the domain id
+     * @param domainPath the domain path use to lookup a domain
+     *
+     * @return domainId the long value of the domain ID, or null if no domain id exists with provided id/path
+     */
+    Domain findDomainByIdOrPath(Long id, String domainPath);
+
 }
diff --git a/server/src/com/cloud/api/ApiServer.java b/server/src/com/cloud/api/ApiServer.java
index 2ab1f7c67f..7fa4648bc0 100755
--- a/server/src/com/cloud/api/ApiServer.java
+++ b/server/src/com/cloud/api/ApiServer.java
@@ -999,17 +999,11 @@ public ResponseObject loginUser(final HttpSession session, final String username
             final Map<String, Object[]> requestParameters) throws CloudAuthenticationException {
         // We will always use domainId first. If that does not exist, we will use domain name. If THAT doesn't exist
         // we will default to ROOT
-        if (domainId == null) {
-            if (domainPath == null || domainPath.trim().length() == 0) {
-                domainId = Domain.ROOT_DOMAIN;
-            } else {
-                final Domain domainObj = _domainMgr.findDomainByPath(domainPath);
-                if (domainObj != null) {
-                    domainId = domainObj.getId();
-                } else { // if an unknown path is passed in, fail the login call
-                    throw new CloudAuthenticationException("Unable to find the domain from the path " + domainPath);
-                }
-            }
+        final Domain userDomain = _domainMgr.findDomainByIdOrPath(domainId, domainPath);
+        if (userDomain == null || userDomain.getId() < 1L) {
+            throw new CloudAuthenticationException("Unable to find the domain from the path " + domainPath);
+        } else {
+            domainId = userDomain.getId();
         }
 
         final UserAccount userAcct = _accountMgr.authenticateUser(username, password, domainId, loginIpAddress, requestParameters);
diff --git a/server/src/com/cloud/api/auth/DefaultLoginAPIAuthenticatorCmd.java b/server/src/com/cloud/api/auth/DefaultLoginAPIAuthenticatorCmd.java
index ae633a3ec1..0c38c4f62a 100644
--- a/server/src/com/cloud/api/auth/DefaultLoginAPIAuthenticatorCmd.java
+++ b/server/src/com/cloud/api/auth/DefaultLoginAPIAuthenticatorCmd.java
@@ -16,6 +16,9 @@
 // under the License.
 package com.cloud.api.auth;
 
+import com.cloud.domain.Domain;
+import com.cloud.user.User;
+import com.cloud.user.UserAccount;
 import org.apache.cloudstack.api.ApiServerService;
 import com.cloud.api.response.ApiResponseSerializer;
 import com.cloud.exception.CloudAuthenticationException;
@@ -155,6 +158,16 @@ public String authenticate(String command, Map<String, Object[]> params, HttpSes
         if (username != null) {
             final String pwd = ((password == null) ? null : password[0]);
             try {
+                final Domain userDomain = _domainService.findDomainByIdOrPath(domainId, domain);
+                if (userDomain != null) {
+                    domainId = userDomain.getId();
+                } else {
+                    throw new CloudAuthenticationException("Unable to find the domain from the path " + domain);
+                }
+                final UserAccount userAccount = _accountService.getActiveUserAccount(username[0], domainId);
+                if (userAccount == null || !(User.Source.UNKNOWN.equals(userAccount.getSource()) || User.Source.LDAP.equals(userAccount.getSource()))) {
+                    throw new CloudAuthenticationException("User is not allowed CloudStack login");
+                }
                 return ApiResponseSerializer.toSerializedString(_apiServer.loginUser(session, username[0], pwd, domainId, domain, remoteAddress, params),
                         responseType);
             } catch (final CloudAuthenticationException ex) {
diff --git a/server/src/com/cloud/user/DomainManagerImpl.java b/server/src/com/cloud/user/DomainManagerImpl.java
index fbbe0c2870..aa54412ae0 100644
--- a/server/src/com/cloud/user/DomainManagerImpl.java
+++ b/server/src/com/cloud/user/DomainManagerImpl.java
@@ -24,6 +24,7 @@
 import javax.ejb.Local;
 import javax.inject.Inject;
 
+import com.google.common.base.Strings;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
 
@@ -220,6 +221,25 @@ public DomainVO findDomainByPath(String domainPath) {
         return _domainDao.findDomainByPath(domainPath);
     }
 
+    @Override
+    public Domain findDomainByIdOrPath(final Long id, final String domainPath) {
+        Long domainId = id;
+        if (domainId == null) {
+            if (Strings.isNullOrEmpty(domainPath) || domainPath.trim().isEmpty()) {
+                domainId = Domain.ROOT_DOMAIN;
+            } else {
+                final Domain domainVO = findDomainByPath(domainPath);
+                if (domainVO != null) {
+                    domainId = domainVO.getId();
+                }
+            }
+        }
+        if (domainId != null) {
+            return _domainDao.findById(domainId);
+        }
+        return null;
+    }
+
     @Override
     public Set<Long> getDomainParentIds(long domainId) {
         return _domainDao.getDomainParentIds(domainId);
diff --git a/server/test/com/cloud/user/MockDomainManagerImpl.java b/server/test/com/cloud/user/MockDomainManagerImpl.java
index 7dddefbcf3..f44ab08d5d 100644
--- a/server/test/com/cloud/user/MockDomainManagerImpl.java
+++ b/server/test/com/cloud/user/MockDomainManagerImpl.java
@@ -93,6 +93,11 @@ public DomainVO findDomainByPath(String domainPath) {
         return null;
     }
 
+    @Override
+    public DomainVO findDomainByIdOrPath(Long id, String domainPath) {
+        return null;
+    }
+
     @Override
     public Set<Long> getDomainParentIds(long domainId) {
         // TODO Auto-generated method stub

From d5b61312bfb1c09d0635149810904634c9904ddb Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 23 May 2016 11:49:29 +0530
Subject: [PATCH 114/115] CLOUDSTACK-9348: NioConnection improvements

- Unit test to demonstrate denial of service attack
  The NioConnection uses blocking handlers for various events such as connect,
  accept, read, write. In case a client connects NioServer (used by
  agent mgr to service agents on port 8250) but fails to participate in SSL
  handshake or just sits idle, this would block the main IO/selector loop in
  NioConnection. Such a client could be either malicious or aggresive.

  This unit test demonstrates such a malicious client that can perform a
  denial-of-service attack on NioServer that blocks it to serve any other client.

- Use non-blocking SSL handshake
  - Uses non-blocking socket config in NioClient and NioServer/NioConnection
  - Scalable connectivity from agents and peer clustered-management server
  - Removes blocking ssl handshake code with a non-blocking code
  - Protects from denial-of-service issues that can degrade mgmt server responsiveness
    due to an aggressive/malicious client
  - Uses separate executor services for handling ssl handshakes

Cherry-picked and backported from 9c7518698d2f4a9fcc6a83fd22dd5b2fc4260232

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../manager/ClusteredAgentManagerImpl.java    |   9 +-
 utils/src/com/cloud/utils/nio/Link.java       | 266 +++++++++++-------
 utils/src/com/cloud/utils/nio/NioClient.java  |  29 +-
 .../com/cloud/utils/nio/NioConnection.java    |  83 +++---
 utils/src/com/cloud/utils/nio/NioServer.java  |   6 +-
 5 files changed, 238 insertions(+), 155 deletions(-)

diff --git a/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java b/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
index ba82938fcd..f65d83bab5 100755
--- a/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
+++ b/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
@@ -501,7 +501,7 @@ public SocketChannel connectToPeer(String peerName, SocketChannel prevCh) {
                 SocketChannel ch1 = null;
                 try {
                     ch1 = SocketChannel.open(new InetSocketAddress(addr, Port.value()));
-                    ch1.configureBlocking(true); // make sure we are working at blocking mode
+                    ch1.configureBlocking(false);
                     ch1.socket().setKeepAlive(true);
                     ch1.socket().setSoTimeout(60 * 1000);
                     try {
@@ -509,8 +509,11 @@ public SocketChannel connectToPeer(String peerName, SocketChannel prevCh) {
                         sslEngine = sslContext.createSSLEngine(ip, Port.value());
                         sslEngine.setUseClientMode(true);
                         sslEngine.setEnabledProtocols(SSLUtils.getSupportedProtocols(sslEngine.getEnabledProtocols()));
-
-                        Link.doHandshake(ch1, sslEngine, true);
+                        sslEngine.beginHandshake();
+                        if (!Link.doHandshake(ch1, sslEngine, true)) {
+                            ch1.close();
+                            throw new IOException("SSL handshake failed!");
+                        }
                         s_logger.info("SSL: Handshake done");
                     } catch (Exception e) {
                         ch1.close();
diff --git a/utils/src/com/cloud/utils/nio/Link.java b/utils/src/com/cloud/utils/nio/Link.java
index ddfd474dff..4331ef283c 100755
--- a/utils/src/com/cloud/utils/nio/Link.java
+++ b/utils/src/com/cloud/utils/nio/Link.java
@@ -24,11 +24,8 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.InetSocketAddress;
-import java.net.SocketTimeoutException;
 import java.nio.ByteBuffer;
-import java.nio.channels.Channels;
 import java.nio.channels.ClosedChannelException;
-import java.nio.channels.ReadableByteChannel;
 import java.nio.channels.SelectionKey;
 import java.nio.channels.SocketChannel;
 import java.security.GeneralSecurityException;
@@ -40,6 +37,7 @@
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLEngineResult;
 import javax.net.ssl.SSLEngineResult.HandshakeStatus;
+import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
@@ -453,115 +451,185 @@ public static SSLContext initSSLContext(boolean isClient) throws GeneralSecurity
         return sslContext;
     }
 
-    public static void doHandshake(SocketChannel ch, SSLEngine sslEngine, boolean isClient) throws IOException {
-        if (s_logger.isTraceEnabled()) {
-            s_logger.trace("SSL: begin Handshake, isClient: " + isClient);
+    public static ByteBuffer enlargeBuffer(ByteBuffer buffer, final int sessionProposedCapacity) {
+        if (buffer == null || sessionProposedCapacity < 0) {
+            return buffer;
         }
-
-        SSLEngineResult engResult;
-        SSLSession sslSession = sslEngine.getSession();
-        HandshakeStatus hsStatus;
-        ByteBuffer in_pkgBuf = ByteBuffer.allocate(sslSession.getPacketBufferSize() + 40);
-        ByteBuffer in_appBuf = ByteBuffer.allocate(sslSession.getApplicationBufferSize() + 40);
-        ByteBuffer out_pkgBuf = ByteBuffer.allocate(sslSession.getPacketBufferSize() + 40);
-        ByteBuffer out_appBuf = ByteBuffer.allocate(sslSession.getApplicationBufferSize() + 40);
-        int count;
-        ch.socket().setSoTimeout(60 * 1000);
-        InputStream inStream = ch.socket().getInputStream();
-        // Use readCh to make sure the timeout on reading is working
-        ReadableByteChannel readCh = Channels.newChannel(inStream);
-
-        if (isClient) {
-            hsStatus = SSLEngineResult.HandshakeStatus.NEED_WRAP;
+        if (sessionProposedCapacity > buffer.capacity()) {
+            buffer = ByteBuffer.allocate(sessionProposedCapacity);
         } else {
-            hsStatus = SSLEngineResult.HandshakeStatus.NEED_UNWRAP;
+            buffer = ByteBuffer.allocate(buffer.capacity() * 2);
         }
+        return buffer;
+    }
 
-        while (hsStatus != SSLEngineResult.HandshakeStatus.FINISHED) {
-            if (s_logger.isTraceEnabled()) {
-                s_logger.trace("SSL: Handshake status " + hsStatus);
+    public static ByteBuffer handleBufferUnderflow(final SSLEngine engine, ByteBuffer buffer) {
+        if (engine == null || buffer == null) {
+            return buffer;
+        }
+        if (buffer.position() < buffer.limit()) {
+            return buffer;
+        }
+        ByteBuffer replaceBuffer = enlargeBuffer(buffer, engine.getSession().getPacketBufferSize());
+        buffer.flip();
+        replaceBuffer.put(buffer);
+        return replaceBuffer;
+    }
+
+    private static boolean doHandshakeUnwrap(final SocketChannel socketChannel, final SSLEngine sslEngine,
+                                             ByteBuffer peerAppData, ByteBuffer peerNetData, final int appBufferSize) throws IOException {
+        if (socketChannel == null || sslEngine == null || peerAppData == null || peerNetData == null || appBufferSize < 0) {
+            return false;
+        }
+        if (socketChannel.read(peerNetData) < 0) {
+            if (sslEngine.isInboundDone() && sslEngine.isOutboundDone()) {
+                return false;
             }
-            engResult = null;
-            if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
-                out_pkgBuf.clear();
-                out_appBuf.clear();
-                out_appBuf.put("Hello".getBytes());
-                engResult = sslEngine.wrap(out_appBuf, out_pkgBuf);
-                out_pkgBuf.flip();
-                int remain = out_pkgBuf.limit();
-                while (remain != 0) {
-                    remain -= ch.write(out_pkgBuf);
-                    if (remain < 0) {
-                        throw new IOException("Too much bytes sent?");
-                    }
-                }
-            } else if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
-                in_appBuf.clear();
-                // One packet may contained multiply operation
-                if (in_pkgBuf.position() == 0 || !in_pkgBuf.hasRemaining()) {
-                    in_pkgBuf.clear();
-                    count = 0;
-                    try {
-                        count = readCh.read(in_pkgBuf);
-                    } catch (SocketTimeoutException ex) {
-                        if (s_logger.isTraceEnabled()) {
-                            s_logger.trace("Handshake reading time out! Cut the connection");
-                        }
-                        count = -1;
-                    }
-                    if (count == -1) {
-                        throw new IOException("Connection closed with -1 on reading size.");
-                    }
-                    in_pkgBuf.flip();
+            try {
+                sslEngine.closeInbound();
+            } catch (SSLException e) {
+                s_logger.warn("This SSL engine was forced to close inbound due to end of stream.");
+            }
+            sslEngine.closeOutbound();
+            // After closeOutbound the engine will be set to WRAP state,
+            // in order to try to send a close message to the client.
+            return true;
+        }
+        peerNetData.flip();
+        SSLEngineResult result = null;
+        try {
+            result = sslEngine.unwrap(peerNetData, peerAppData);
+            peerNetData.compact();
+        } catch (SSLException sslException) {
+            s_logger.error("SSL error occurred while processing unwrap data: " + sslException.getMessage());
+            sslEngine.closeOutbound();
+            return true;
+        }
+        switch (result.getStatus()) {
+            case OK:
+                break;
+            case BUFFER_OVERFLOW:
+                // Will occur when peerAppData's capacity is smaller than the data derived from peerNetData's unwrap.
+                peerAppData = enlargeBuffer(peerAppData, appBufferSize);
+                break;
+            case BUFFER_UNDERFLOW:
+                // Will occur either when no data was read from the peer or when the peerNetData buffer
+                // was too small to hold all peer's data.
+                peerNetData = handleBufferUnderflow(sslEngine, peerNetData);
+                break;
+            case CLOSED:
+                if (sslEngine.isOutboundDone()) {
+                    return false;
+                } else {
+                    sslEngine.closeOutbound();
+                    break;
                 }
-                engResult = sslEngine.unwrap(in_pkgBuf, in_appBuf);
-                ByteBuffer tmp_pkgBuf = ByteBuffer.allocate(sslSession.getPacketBufferSize() + 40);
-                int loop_count = 0;
-                while (engResult.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
-                    // The client is too slow? Cut it and let it reconnect
-                    if (loop_count > 10) {
-                        throw new IOException("Too many times in SSL BUFFER_UNDERFLOW, disconnect guest.");
-                    }
-                    // We need more packets to complete this operation
-                    if (s_logger.isTraceEnabled()) {
-                        s_logger.trace("SSL: Buffer underflowed, getting more packets");
-                    }
-                    tmp_pkgBuf.clear();
-                    count = ch.read(tmp_pkgBuf);
-                    if (count == -1) {
-                        throw new IOException("Connection closed with -1 on reading size.");
-                    }
-                    tmp_pkgBuf.flip();
-
-                    in_pkgBuf.mark();
-                    in_pkgBuf.position(in_pkgBuf.limit());
-                    in_pkgBuf.limit(in_pkgBuf.limit() + tmp_pkgBuf.limit());
-                    in_pkgBuf.put(tmp_pkgBuf);
-                    in_pkgBuf.reset();
+            default:
+                throw new IllegalStateException("Invalid SSL status: " + result.getStatus());
+        }
+        return true;
+    }
 
-                    in_appBuf.clear();
-                    engResult = sslEngine.unwrap(in_pkgBuf, in_appBuf);
-                    loop_count++;
+    private static boolean doHandshakeWrap(final SocketChannel socketChannel, final SSLEngine sslEngine,
+                                           ByteBuffer myAppData, ByteBuffer myNetData, ByteBuffer peerNetData,
+                                           final int netBufferSize) throws IOException {
+        if (socketChannel == null || sslEngine == null || myNetData == null || peerNetData == null
+                || myAppData == null || netBufferSize < 0) {
+            return false;
+        }
+        myNetData.clear();
+        SSLEngineResult result = null;
+        try {
+            result = sslEngine.wrap(myAppData, myNetData);
+        } catch (SSLException sslException) {
+            s_logger.error("SSL error occurred while processing wrap data: " + sslException.getMessage());
+            sslEngine.closeOutbound();
+            return true;
+        }
+        switch (result.getStatus()) {
+            case OK :
+                myNetData.flip();
+                while (myNetData.hasRemaining()) {
+                    socketChannel.write(myNetData);
                 }
-            } else if (hsStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
-                Runnable run;
-                while ((run = sslEngine.getDelegatedTask()) != null) {
-                    if (s_logger.isTraceEnabled()) {
-                        s_logger.trace("SSL: Running delegated task!");
+                break;
+            case BUFFER_OVERFLOW:
+                // Will occur if there is not enough space in myNetData buffer to write all the data
+                // that would be generated by the method wrap. Since myNetData is set to session's packet
+                // size we should not get to this point because SSLEngine is supposed to produce messages
+                // smaller or equal to that, but a general handling would be the following:
+                myNetData = enlargeBuffer(myNetData, netBufferSize);
+                break;
+            case BUFFER_UNDERFLOW:
+                throw new SSLException("Buffer underflow occurred after a wrap. We should not reach here.");
+            case CLOSED:
+                try {
+                    myNetData.flip();
+                    while (myNetData.hasRemaining()) {
+                        socketChannel.write(myNetData);
                     }
-                    run.run();
+                    // At this point the handshake status will probably be NEED_UNWRAP
+                    // so we make sure that peerNetData is clear to read.
+                    peerNetData.clear();
+                } catch (Exception e) {
+                    s_logger.error("Failed to send server's CLOSE message due to socket channel's failure.");
                 }
-            } else if (hsStatus == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
-                throw new IOException("NOT a handshaking!");
+                break;
+            default:
+                throw new IllegalStateException("Invalid SSL status: " + result.getStatus());
+        }
+        return true;
+    }
+
+    public static boolean doHandshake(final SocketChannel socketChannel, final SSLEngine sslEngine, final boolean isClient) throws IOException {
+        if (socketChannel == null || sslEngine == null) {
+            return false;
+        }
+        final int appBufferSize = sslEngine.getSession().getApplicationBufferSize();
+        final int netBufferSize = sslEngine.getSession().getPacketBufferSize();
+        ByteBuffer myAppData = ByteBuffer.allocate(appBufferSize);
+        ByteBuffer peerAppData = ByteBuffer.allocate(appBufferSize);
+        ByteBuffer myNetData = ByteBuffer.allocate(netBufferSize);
+        ByteBuffer peerNetData = ByteBuffer.allocate(netBufferSize);
+
+        final long startTimeMills = System.currentTimeMillis();
+
+        HandshakeStatus handshakeStatus = sslEngine.getHandshakeStatus();
+        while (handshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED
+                && handshakeStatus != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
+            final long timeTaken = System.currentTimeMillis() - startTimeMills;
+            if (timeTaken > 15000L) {
+                s_logger.warn("SSL Handshake has taken more than 15s to connect to: " + socketChannel.getRemoteAddress() +
+                        ". Please investigate this connection.");
+                return false;
             }
-            if (engResult != null && engResult.getStatus() != SSLEngineResult.Status.OK) {
-                throw new IOException("Fail to handshake! " + engResult.getStatus());
+            switch (handshakeStatus) {
+                case NEED_UNWRAP:
+                    if (!doHandshakeUnwrap(socketChannel, sslEngine, peerAppData, peerNetData, appBufferSize)) {
+                        return false;
+                    }
+                    break;
+                case NEED_WRAP:
+                    if (!doHandshakeWrap(socketChannel, sslEngine,  myAppData, myNetData, peerNetData, netBufferSize)) {
+                        return false;
+                    }
+                    break;
+                case NEED_TASK:
+                    Runnable task;
+                    while ((task = sslEngine.getDelegatedTask()) != null) {
+                        task.run();
+                    }
+                    break;
+                case FINISHED:
+                    break;
+                case NOT_HANDSHAKING:
+                    break;
+                default:
+                    throw new IllegalStateException("Invalid SSL status: " + handshakeStatus);
             }
-            if (engResult != null)
-                hsStatus = engResult.getHandshakeStatus();
-            else
-                hsStatus = sslEngine.getHandshakeStatus();
+            handshakeStatus = sslEngine.getHandshakeStatus();
         }
+        return true;
     }
 
 }
diff --git a/utils/src/com/cloud/utils/nio/NioClient.java b/utils/src/com/cloud/utils/nio/NioClient.java
index 2f742f99dc..620a354545 100755
--- a/utils/src/com/cloud/utils/nio/NioClient.java
+++ b/utils/src/com/cloud/utils/nio/NioClient.java
@@ -37,7 +37,6 @@ public class NioClient extends NioConnection {
     private static final Logger s_logger = Logger.getLogger(NioClient.class);
 
     protected String _host;
-    protected String _bindAddress;
     protected SocketChannel _clientConnection;
 
     public NioClient(String name, String host, int port, int workers, HandlerFactory factory) {
@@ -45,10 +44,6 @@ public NioClient(String name, String host, int port, int workers, HandlerFactory
         _host = host;
     }
 
-    public void setBindAddress(String ipAddress) {
-        _bindAddress = ipAddress;
-    }
-
     @Override
     protected void init() throws IOException {
         _selector = Selector.open();
@@ -56,29 +51,23 @@ protected void init() throws IOException {
 
         try {
             _clientConnection = SocketChannel.open();
-            _clientConnection.configureBlocking(true);
             s_logger.info("Connecting to " + _host + ":" + _port);
 
-            if (_bindAddress != null) {
-                s_logger.info("Binding outbound interface at " + _bindAddress);
-
-                InetSocketAddress bindAddr = new InetSocketAddress(_bindAddress, 0);
-                _clientConnection.socket().bind(bindAddr);
-            }
-
             InetSocketAddress peerAddr = new InetSocketAddress(_host, _port);
             _clientConnection.connect(peerAddr);
+            _clientConnection.configureBlocking(false);
 
-            SSLEngine sslEngine = null;
-            // Begin SSL handshake in BLOCKING mode
-            _clientConnection.configureBlocking(true);
-
-            SSLContext sslContext = Link.initSSLContext(true);
-            sslEngine = sslContext.createSSLEngine(_host, _port);
+            final SSLContext sslContext = Link.initSSLContext(true);
+            SSLEngine sslEngine = sslContext.createSSLEngine(_host, _port);
             sslEngine.setUseClientMode(true);
             sslEngine.setEnabledProtocols(SSLUtils.getSupportedProtocols(sslEngine.getEnabledProtocols()));
 
-            Link.doHandshake(_clientConnection, sslEngine, true);
+            sslEngine.beginHandshake();
+            if (!Link.doHandshake(_clientConnection, sslEngine, true)) {
+                s_logger.error("SSL Handshake failed while connecting to host: " + _host + " port: " + _port);
+                _selector.close();
+                throw new IOException("SSL Handshake failed while connecting to host: " + _host + " port: " + _port);
+            }
             s_logger.info("SSL: Handshake done");
             s_logger.info("Connected to " + _host + ":" + _port);
 
diff --git a/utils/src/com/cloud/utils/nio/NioConnection.java b/utils/src/com/cloud/utils/nio/NioConnection.java
index 34679b8277..c93d697fb3 100755
--- a/utils/src/com/cloud/utils/nio/NioConnection.java
+++ b/utils/src/com/cloud/utils/nio/NioConnection.java
@@ -33,6 +33,7 @@
 import java.util.Iterator;
 import java.util.List;
 import java.util.Set;
+import java.util.concurrent.Executors;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.LinkedBlockingQueue;
 import java.util.concurrent.ThreadPoolExecutor;
@@ -63,6 +64,7 @@ public abstract class NioConnection implements Runnable {
     protected HandlerFactory _factory;
     protected String _name;
     protected ExecutorService _executor;
+    protected ExecutorService _sslHandshakeExecutor;
 
     public NioConnection(String name, int port, int workers, HandlerFactory factory) {
         _name = name;
@@ -72,6 +74,7 @@ public NioConnection(String name, int port, int workers, HandlerFactory factory)
         _port = port;
         _factory = factory;
         _executor = new ThreadPoolExecutor(workers, 5 * workers, 1, TimeUnit.DAYS, new LinkedBlockingQueue<Runnable>(), new NamedThreadFactory(name + "-Handler"));
+        _sslHandshakeExecutor = Executors.newCachedThreadPool(new NamedThreadFactory(name + "-SSLHandshakeHandler"));
     }
 
     public void start() {
@@ -127,7 +130,7 @@ public void run() {
 
         while (_isRunning) {
             try {
-                _selector.select();
+                _selector.select(1000);
 
                 // Someone is ready for I/O, get the ready keys
                 Set<SelectionKey> readyKeys = _selector.selectedKeys();
@@ -180,53 +183,69 @@ public void run() {
 
     abstract void unregisterLink(InetSocketAddress saddr);
 
-    protected void accept(SelectionKey key) throws IOException {
-        ServerSocketChannel serverSocketChannel = (ServerSocketChannel)key.channel();
+    protected void accept(final SelectionKey key) throws IOException {
+        final ServerSocketChannel serverSocketChannel = (ServerSocketChannel)key.channel();
 
-        SocketChannel socketChannel = serverSocketChannel.accept();
-        Socket socket = socketChannel.socket();
+        final SocketChannel socketChannel = serverSocketChannel.accept();
+        socketChannel.configureBlocking(false);
+        final Socket socket = socketChannel.socket();
         socket.setKeepAlive(true);
 
-        if (s_logger.isTraceEnabled()) {
-            s_logger.trace("Connection accepted for " + socket);
-        }
-
-        // Begin SSL handshake in BLOCKING mode
-        socketChannel.configureBlocking(true);
-
-        SSLEngine sslEngine = null;
+        final SSLEngine sslEngine;
         try {
-            SSLContext sslContext = Link.initSSLContext(false);
+            final SSLContext sslContext = Link.initSSLContext(false);
             sslEngine = sslContext.createSSLEngine();
             sslEngine.setUseClientMode(false);
             sslEngine.setNeedClientAuth(false);
             sslEngine.setEnabledProtocols(SSLUtils.getSupportedProtocols(sslEngine.getEnabledProtocols()));
 
-            Link.doHandshake(socketChannel, sslEngine, false);
-
-        } catch (Exception e) {
-            if (s_logger.isTraceEnabled()) {
-                s_logger.trace("Socket " + socket + " closed on read.  Probably -1 returned: " + e.getMessage());
-            }
+            final NioConnection nioConnection = this;
+            _sslHandshakeExecutor.submit(new Runnable() {
+                @Override
+                public void run() {
+                    _selector.wakeup();
+                    try {
+                        sslEngine.beginHandshake();
+                        if (!Link.doHandshake(socketChannel, sslEngine, false)) {
+                            throw new IOException("SSL handshake timed out with " + socketChannel.getRemoteAddress());
+                        }
+                        if (s_logger.isTraceEnabled()) {
+                            s_logger.trace("SSL: Handshake done");
+                        }
+                        final InetSocketAddress saddr = (InetSocketAddress)socket.getRemoteSocketAddress();
+                        final Link link = new Link(saddr, nioConnection);
+                        link.setSSLEngine(sslEngine);
+                        link.setKey(socketChannel.register(key.selector(), SelectionKey.OP_READ, link));
+                        final Task task = _factory.create(Task.Type.CONNECT, link, null);
+                        registerLink(saddr, link);
+                        _executor.submit(task);
+                    } catch (IOException e) {
+                        if (s_logger.isTraceEnabled()) {
+                            s_logger.trace("Connection closed due to failure: " + e.getMessage());
+                        }
+                        try {
+                            socketChannel.close();
+                            socket.close();
+                        } catch (IOException ignore) {
+                        }
+                    } finally {
+                        _selector.wakeup();
+                    }
+                }
+            });
+         } catch (final Exception e) {
+             if (s_logger.isTraceEnabled()) {
+                s_logger.trace("Connection closed due to failure: " + e.getMessage());
+             }
             try {
                 socketChannel.close();
                 socket.close();
             } catch (IOException ignore) {
             }
             return;
+        } finally {
+            _selector.wakeup();
         }
-
-        if (s_logger.isTraceEnabled()) {
-            s_logger.trace("SSL: Handshake done");
-        }
-        socketChannel.configureBlocking(false);
-        InetSocketAddress saddr = (InetSocketAddress)socket.getRemoteSocketAddress();
-        Link link = new Link(saddr, this);
-        link.setSSLEngine(sslEngine);
-        link.setKey(socketChannel.register(key.selector(), SelectionKey.OP_READ, link));
-        Task task = _factory.create(Task.Type.CONNECT, link, null);
-        registerLink(saddr, link);
-        _executor.execute(task);
     }
 
     protected void terminate(SelectionKey key) {
diff --git a/utils/src/com/cloud/utils/nio/NioServer.java b/utils/src/com/cloud/utils/nio/NioServer.java
index 98a4a51dbf..adcecda4e6 100755
--- a/utils/src/com/cloud/utils/nio/NioServer.java
+++ b/utils/src/com/cloud/utils/nio/NioServer.java
@@ -43,6 +43,10 @@ public NioServer(String name, int port, int workers, HandlerFactory factory) {
         _links = new WeakHashMap<InetSocketAddress, Link>(1024);
     }
 
+    public int getPort() {
+        return _serverSocket.socket().getLocalPort();
+    }
+
     @Override
     protected void init() throws IOException {
         _selector = SelectorProvider.provider().openSelector();
@@ -55,7 +59,7 @@ protected void init() throws IOException {
 
         _serverSocket.register(_selector, SelectionKey.OP_ACCEPT, null);
 
-        s_logger.info("NioConnection started and listening on " + _localAddr.toString());
+        s_logger.info("NioConnection started and listening on " + _serverSocket.socket().getLocalSocketAddress());
     }
 
     @Override

From 79f07db66785b800c7711ca02800c14c108673b2 Mon Sep 17 00:00:00 2001
From: Murali Reddy <muralimmreddy@gmail.com>
Date: Thu, 12 May 2016 13:23:11 +0530
Subject: [PATCH 115/115] CLOUDSTACK-9376: Restrict listTemplates API with
 filter=all for root admin

Restricts use of listemplates API with templatefilter=all for root admin only.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../com/cloud/api/query/QueryManagerImpl.java |  4 +-
 test/integration/component/test_templates.py  | 93 ++++++++++++++++++-
 2 files changed, 91 insertions(+), 6 deletions(-)

diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java
index c67b1cf26a..11aa4e9011 100644
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@ -2946,9 +2946,9 @@ private Pair<List<TemplateJoinVO>, Integer> searchForTemplatesInternal(ListTempl
 
         boolean listAll = false;
         if (templateFilter != null && templateFilter == TemplateFilter.all) {
-            if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+            if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
                 throw new InvalidParameterValueException("Filter " + TemplateFilter.all
-                        + " can be specified by admin only");
+                        + " can be specified by root admin only");
             }
             listAll = true;
         }
diff --git a/test/integration/component/test_templates.py b/test/integration/component/test_templates.py
index 06b8c5f58d..a0edc09e01 100644
--- a/test/integration/component/test_templates.py
+++ b/test/integration/component/test_templates.py
@@ -22,6 +22,7 @@
 from marvin.cloudstackAPI import listZones
 from marvin.lib.utils import (cleanup_resources)
 from marvin.lib.base import (Account,
+                             Domain,
                              Template,
                              ServiceOffering,
                              VirtualMachine,
@@ -49,8 +50,18 @@ def __init__(self):
                                     # Random characters are appended for unique
                                     # username
                                     "password": "password",
-                         },
-                         "service_offering": {
+                        },
+                        "account1": {
+                                    "email": "test@test.com",
+                                    "firstname": "Test1",
+                                    "lastname": "User1",
+                                    "username": "test1",
+                                    # Random characters are appended for unique
+                                    # username
+                                    "password": "password",
+                        },
+                        "testdomain": {"name": "test"},
+                        "service_offering": {
                                     "name": "Tiny Instance",
                                     "displaytext": "Tiny Instance",
                                     "cpunumber": 1,
@@ -109,7 +120,7 @@ class TestCreateTemplate(cloudstackTestCase):
 
     def setUp(self):
         self.apiclient = self.testClient.getApiClient()
-        self.hypervisor = self.testClient.getHypervisorInfo() 
+        self.hypervisor = self.testClient.getHypervisorInfo()
         self.dbclient = self.testClient.getDbConnection()
         self.cleanup = []
         return
@@ -193,7 +204,7 @@ def test_01_create_template(self):
                                         zoneid=self.zone.id,
                                         account=self.account.name,
                                         domainid=self.account.domainid,
-                                        hypervisor=self.hypervisor 
+                                        hypervisor=self.hypervisor
                                         )
         self.debug(
                 "Registered a template of format: %s with ID: %s" % (
@@ -581,3 +592,77 @@ def test_04_template_from_snapshot(self):
                             "Check the state of VM created from Template"
                         )
         return
+
+
+class TestListTemplate(cloudstackTestCase):
+
+    def setUp(self):
+        self.apiclient = self.testClient.getApiClient()
+        self.hypervisor = self.testClient.getHypervisorInfo()
+        self.dbclient = self.testClient.getDbConnection()
+        self.cleanup = []
+
+        self.services = Services().services
+        # Get Zone, Domain and templates
+        self.domain = get_domain(self.apiclient)
+        self.account = Account.create(
+                            self.apiclient,
+                            self.services["account"],
+                            domainid=self.domain.id
+                            )
+        self.newdomain = Domain.create(
+                           self.apiclient,
+                           self.services["testdomain"],
+                           parentdomainid=self.domain.id
+                           )
+        self.newdomain_account = Account.create(
+                           self.apiclient,
+                           self.services["account1"],
+                           admin=True,
+                           domainid=self.newdomain.id
+                           )
+        self.cleanup = [
+                        self.account,
+                        self.newdomain_account,
+                        self.newdomain,
+                        ]
+
+
+    def tearDown(self):
+        try:
+            # Clean up, terminate the created templates
+            cleanup_resources(self.apiclient, self.cleanup)
+        except Exception as e:
+            raise Exception("Warning: Exception during cleanup : %s" % e)
+
+
+    @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg"], required_hardware="false")
+    def test_01_list_templates_with_templatefilter_all_normal_user(self):
+        """
+            Test list templates with templatefilter=all is not permitted for normal user
+        """
+
+        user_api_client = self.testClient.getUserApiClient(
+                                    UserName=self.account.name,
+                                    DomainName=self.account.domain)
+        try:
+            list_template_response = Template.list(self.user_api_client, templatefilter='all')
+            self.fail("Regular User is able to use templatefilter='all' in listTemplates API call")
+        except Exception as e:
+            self.debug("ListTemplates API with templatefilter='all' is not permitted for normal user")
+
+
+    @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg"], required_hardware="false")
+    def test_02_list_templates_with_templatefilter_all_domain_admin(self):
+        """
+            Test list templates with templatefilter=all is not permitted for domain admin
+        """
+
+        domain_user_api_client = self.testClient.getUserApiClient(
+                                    UserName=self.newdomain_account.name,
+                                    DomainName=self.newdomain_account.domain)
+        try:
+            list_template_response = Template.list(self.domain_user_api_client, templatefilter='all')
+            self.fail("Domain admin is able to use templatefilter='all' in listTemplates API call")
+        except Exception as e:
+            self.debug("ListTemplates API with templatefilter='all' is not permitted for domain admin user")