ConfigManager.psm1
|
Import-Module $PSScriptRoot\Utils.psm1 Import-Module $PSScriptRoot\ClusUtils.psm1 $script:CMap = @{} $script:CMap["turnKeySdnPath"] = "" $script:CMap["storePath"] = "" $script:CMap["state"] = "state.json" $script:CMap["credential"] = "cred.json" $script:CMap["workloadcredential"] = "workloadcred.json" $script:CMap["userConfigPath"] = "$PSScriptRoot\config\deployment" $script:CMap["deploymentConfigPath"] = "$PSScriptRoot\config\deployment" $script:CMap["deploymentFile"] = "deployment.json" $script:CMap["hnvpaNetworkFile"] = "networkconfig\logicalnetworks\hnvpa.json" $script:CMap["mgmtNetworkFile"] = "networkconfig\logicalnetworks\management.json" $script:CMap["greNetworkFile"] = "networkconfig\logicalnetworks\grevip.json" $script:CMap["publicVIPNetworkFile"] = "networkconfig\logicalnetworks\publicvip.json" $script:CMap["privateVIPNetworkFile"] = "networkconfig\logicalnetworks\privatevip.json" $script:CMap["macpoolFile"] = "networkconfig\macpools\defaultMacPool.json" $script:CMap["sdnConfigFile"] = "sdnconfig.json" $script:CMap["sdnExpressConfigPath"] = "$PSScriptRoot\config\sdnexpress" $script:CMap["sdnExpressTemplateFile"] = "template.psd1" $script:CMap["sdnExpressGeneratedFile"] = "sdnExpGenerated.psd1" $script:CMap["userWorkloadConfigPath"] = "$PSScriptRoot\config\workload" $script:CMap["workloadConfigPath"] = "$PSScriptRoot\config\workload" $script:CMap["workload"] = "workloadconfig.json" $script:CMap["vhdStore"] = "" $script:MgmtHostNicName = "TurnKeySdn-Mgmt" $script:DefaultTestVhdShare = "\\sesdfs.redmond.corp.microsoft.com\1windows\testcontent\core\io-fabrics\sdn\netcdev\SDN_ADOArtifacts\TestArtifacts\mariner_workload_vhd" $script:DefaultTestVhdFile = "full-2.0.20231004.vhdx" $script:InstallStateInstalled = "installed" $script:InstallStateInstallFailed = "installFailed" $script:InstallStateInstalling = "installing" $script:InstallStateNone = "none" $script:InternetSwitchDefaultName = "turnkeysdn-internet" $script:SdnSwitchDefaultName = "turnkeysdn-sdnswitch" # Corp network routes, used on the management nic of gateway VMs to allow access to corp network $script:MSFTCorpRoutes = @("10.0.0.0/8") function Initialize-StorePath { if (-not [String]::IsNullOrEmpty($script:CMap["turnKeySdnPath"]) -and ` -not ([String]::IsNullOrEmpty($script:CMap["storePath"]))) { return } $csv = Get-CSV if ($null -ne $csv) { $script:CMap["turnKeySdnPath"] = Join-Path $csv "TurnKeySdn" $script:CMap["vhdStore"] = Join-Path $csv "TurnKeySdnVhdStore" } else { $script:CMap["turnKeySdnPath"] = Join-Path $Env:SystemDrive "TurnKeySdn" $script:CMap["vhdStore"] = Join-Path $Env:SystemDrive "TurnKeySdnVhdStore" } $script:CMap["storePath"] = Join-Path $script:CMap["turnKeySdnPath"] ".store" if (Test-IsInitialized) { $script:CMap["deploymentConfigPath"] = Join-Path $script:CMap["turnKeySdnPath"] "DeploymentConfig" $script:CMap["workloadConfigPath"] = Join-Path $script:CMap["turnKeySdnPath"] "WorkloadConfig" } if (-not $(Test-Path (Get-TurnKeySdnPath))) { New-Item (Get-TurnKeySdnPath) -ItemType Directory -ErrorAction Stop | Out-Null } if (-not $(Test-Path (Get-StorePath))) { New-Item (Get-StorePath) -ItemType Directory -ErrorAction Stop | Out-Null } } function Undo-StorePathInitialization { $script:CMap["turnKeySdnPath"] = "" $script:CMap["storePath"] = "" $script:CMap["deploymentConfigPath"] = $script:CMap["userConfigPath"] $script:CMap["workloadConfigPath"] = $script:CMap["userWorkloadConfigPath"] $script:CMap["vhdStore"] = "" } function Get-StorePath { Initialize-StorePath return $script:CMap["storePath"] } function Get-TurnKeySdnPath { Initialize-StorePath return $script:CMap["turnKeySdnPath"] } function Get-InternalDeploymentConfigPath { Initialize-StorePath return $script:CMap["deploymentConfigPath"] } function Get-InternalWorkloadConfigPath { Initialize-StorePath return $script:CMap["workloadConfigPath"] } function Get-VhdStore { Initialize-StorePath return $script:CMap["vhdStore"] } function Get-SdnExpressPath { param ( [parameter(Mandatory = $false)][switch] $SkipConfigPath ) if (-not $($SkipConfigPath.IsPresent)) { $infraconfig = Get-DeploymentConfig $sdnExpPath = $infraconfig.sdnexpressPath if (-not [String]::IsNullOrEmpty($sdnExpPath)) { $sdnExpPSM1 = Join-Path $sdnExpPath "SDNExpress.psm1" if ($(Test-Path $sdnExpPSM1)) { return $sdnExpPath } } } $sdnExpPath = Join-Path $PSScriptRoot "..\..\SDNExpress" $sdnExpPSM1 = Join-Path $sdnExpPath "SDNExpress.psm1" if ($(Test-Path $sdnExpPSM1)) { return $sdnExpPath } Import-Module -Name SdnExpress -ErrorAction SilentlyContinue $module = Get-Module SdnExpress if ($null -ne $module) { return $module.ModuleBase } return $null } function Set-SdnExpressPathInternal { param( [parameter(Mandatory = $true)][string] $sdnExpressPath ) $infraconfig = Get-DeploymentConfig $infraconfig.sdnexpressPath = $sdnExpressPath Set-DeploymentConfig -deploymentConfig $infraconfig Write-TraceLog "Set-SdnExpressPath: Updated path to $sdnExpressPath" } function Get-SdnExpressModule { $sdnExpPath = Get-SdnExpressPath $sdnexpress = Join-Path $sdnExpPath SDNExpress.psm1 return $sdnexpress } function Get-SdnExpressScript { $sdnExpPath = Get-SdnExpressPath $sdnexpress = Join-Path $sdnExpPath SDNExpress.ps1 return $sdnexpress } function Get-RestoreReplayScriptPath { param ( [parameter(Mandatory = $false)][switch] $SkipConfigPath ) if (-not $($SkipConfigPath.IsPresent)) { $infraconfig = Get-DeploymentConfig $restoreReplayScriptPath = $infraconfig.restoreReplayScriptPath if (-not [String]::IsNullOrEmpty($restoreReplayScriptPath)) { $restoreReplayScript = Join-Path $restoreReplayScriptPath RestoreReplay.ps1 if ($(Test-Path $restoreReplayScript)) { return $restoreReplayScriptPath } } } $restoreReplayScriptPath = Join-Path $PSScriptRoot "..\BCDR" $restoreReplayScript = Join-Path $restoreReplayScriptPath RestoreReplay.ps1 if ($(Test-Path $restoreReplayScript)) { return $restoreReplayScriptPath } $script = Get-InstalledScript RestoreReplay -ErrorAction SilentlyContinue if ($null -ne $script) { return $script.InstalledLocation } return $null } function Get-RestoreReplayScript { $restoreReplayScriptPath = Get-RestoreReplayScriptPath $restoreReplay = Join-Path $restoreReplayScriptPath RestoreReplay.ps1 return $restoreReplay } function Get-DefaultNetworkControllerPsModulePath { return Join-Path $env:SystemRoot "system32\WindowsPowerShell\v1.0\Modules\NetworkControllerFc" } function Get-DefaultNetworkControllerPackageLocation { return (Join-Path $env:SystemRoot "NetworkController") } function Get-DefaultNetworkControllerDBLocation { $csv = Get-CSV if ($csv -ne $null) { return (Join-Path $csv "FCNCDB") } return (Join-Path $env:SystemDrive "FCNCDB") } function Set-AddressRandmoizerSeed { param( [parameter(Mandatory = $true)][int] $seed ) $internalConfig = Get-TurnKeySdnInternalConfig -configType state $internalConfig.randomizerSeed = $seed Set-TurnKeySdnInternalConfig -configType state -config $internalConfig } function Get-AddressRandmoizerSeed { $internalConfig = Get-TurnKeySdnInternalConfig -configType state if (-not [String]::IsNullOrEmpty($internalConfig.randomizerSeed)) { return [int]$internalConfig.randomizerSeed } $curhost = (hostname) $hostIndex = $curhost.Substring($($curhost.Length - 2)) $result = 0 if (-not [int]::TryParse($hostIndex, [ref]$result)) { $result = Get-Random -Minimum 1 -Maximum 60 } return $result } function Get-RandomizedIPv4Address { param( $address, $randomizer ) $addresses = $address.Split(".") $addresses[1] = ([int]$addresses[1] + $randomizer) % 255 return $addresses -join '.' } function Update-IPv4Address { param( $Address ) $depConfig = Get-DeploymentConfig if (-not $depConfig.randomizeAddresses) { return $Address } $randomizer = Get-AddressRandmoizerSeed $addr = Get-RandomizedIPv4Address -address $Address -randomizer $randomizer return $addr } function Update-LoadbalancerFrontEndIPAddress { param( $loadbalancer ) $loadbalancer.properties.frontendIPConfigurations | ForEach-Object { $frontendIPProp = $_.properties if(-not [String]::IsNullOrEmpty($frontendIPProp.privateIPAddress)) { $subnetInfo = $frontendIPProp.subnet.resourceRef -split '/' # No need to randomize ILB Vip, as it won't be configured on the Mux external interface (BgpLessMux) if($subnetInfo[1] -eq "virtualNetworks") { continue; } $frontendIPProp.privateIPAddress = Update-IPv4Address -Address $frontendIPProp.privateIPAddress # Randomizing the subnet ref for PublicVIP lnet if($subnetInfo[2] -eq "PublicVIP") { $subnetInfo[4] = Update-IPv4Address -Address $subnetInfo[4] $frontendIPProp.subnet.resourceRef = $subnetInfo -join '/' } } } return $loadbalancer } function Update-LogicalNetworkAddresses { param( $network ) $depConfig = Get-DeploymentConfig if (-not $depConfig.randomizeAddresses) { return $network } $isOneNode = $depConfig.hyperVHosts.Count -eq 1 $randomizer = Get-AddressRandmoizerSeed $network.properties.subnets | ForEach-Object { $subnetProp = $_.properties $subnetProp.addressPrefix = Get-RandomizedIPv4Address -address $subnetProp.addressPrefix -randomizer $randomizer $newGateways = @() $subnetProp.defaultGateways | ForEach-Object { $newGateways += Get-RandomizedIPv4Address -address $_ -randomizer $randomizer } $subnetProp.defaultGateways = $newGateways $subnetProp.ipPools | Foreach-Object { $poolProp = $_.Properties $poolProp.startIpAddress = Get-RandomizedIPv4Address -address $poolProp.startIpAddress -randomizer $randomizer $poolProp.endIpAddress = Get-RandomizedIPv4Address -address $poolProp.endIpAddress -randomizer $randomizer } if ($isOneNode -and (-not ([string]::IsNullOrEmpty($subnetProp.vlanID)) -and ($subnetProp.vlanID -ne 0))) { $subnetProp.vlanID = $([int]$subnetProp.vlanID) + $randomizer } } return $network } function Set-TurnKeySdnInternalConfig { param( [ValidateSet("workloadcredential","credential", "state")] [parameter(Mandatory = $true)][string] $configType, [parameter(Mandatory = $true)] $config ) $configFile = Join-Path (Get-StorePath) $script:CMap[$configType] $value = $(ConvertTo-Json $config -Depth 10) Set-Content -Path $configFile -Value $value -Encoding UTF8 } function Get-TurnKeySdnInternalConfig { param( [ValidateSet("workloadcredential","credential", "state")] [parameter(Mandatory = $true)][string] $configType ) $configFile = Join-Path (Get-StorePath) $script:CMap[$configType] return $(Get-Config $configFile) } function Test-TurnKeySdnStateConfigExist { $configFile = Get-StateFileWithoutInit return $(Test-Path $configFile) } function Get-TurnKeySdnCred { $configFile = Join-Path (Get-StorePath) $script:CMap["credential"] try { $c = Get-Config $configFile } catch { } if ([String]::IsNullOrEmpty($c.username) -or [String]::IsNullOREmpty($c.password)) { Write-TraceLog "Get-TurnKeySdnCred: Failed to get credentials, defaulting to empty cred" return [pscredential]::Empty } $cred = [pscredential]::new($c.username, $($c.password | ConvertTo-SecureString -ErrorAction Stop)) return $cred } function Get-TurnKeySdnWorkloadVmCred { $configFile = Join-Path (Get-StorePath) $script:CMap["workloadcredential"] try { $c = Get-Config $configFile } catch { } if([string]::IsNullOrEmpty($c.username) -or [string]::IsNullOrEmpty($c.password)) { Write-TraceLog "Get-TurnKeySdnWorkloadVmCred: Failed to get credentials, defaulting to $Env:TURNKEY_WORKLOAD_USERNAME cred" $vmUserName = $Env:TURNKEY_WORKLOAD_USERNAME $vmUserPassword = $Env:TURNKEY_WORKLOAD_PASSWORD return [pscredential]::new($vmUserName, $($vmUserPassword | ConvertTo-SecureString -AsPlainText -Force)) } else { $vmUserName = $c.username $vmUserPassword = $c.password } $cred = [pscredential]::new($vmUserName, $($vmUserPassword | ConvertTo-SecureString -ErrorAction Stop)) return $cred } function Get-Config { param( [parameter(Mandatory = $true)][string] $file ) Test-FileExist -path $file $config = Get-Content $file -ErrorAction Stop | ConvertFrom-Json return $config } function Get-GreVipLogicalNetworkConfig { param( [Parameter(Mandatory = $false)][bool] $RandomizeAddress = $true ) $greNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["greNetworkFile"] $network = Get-Config $greNetworkFile if ($RandomizeAddress) { $network = Update-LogicalNetworkAddresses $network } return $network } function Set-GreVipNetworkConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$Network ) $greNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["greNetworkFile"] $Network | ConvertTo-Json -Depth 100 | Out-File $greNetworkFile -Force } function Get-HnvPaNetworkConfig { param( [Parameter(Mandatory = $false)][bool] $RandomizeAddress = $true ) $hnvpaNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["hnvpaNetworkFile"] $hnvPaNetwork = Get-Config $hnvpaNetworkFile if ($RandomizeAddress) { $hnvPaNetwork = Update-LogicalNetworkAddresses $hnvPaNetwork } return $hnvPaNetwork } function Set-HnvPaNetworkConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$Network ) $hnvpaNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["hnvpaNetworkFile"] $Network | ConvertTo-Json -Depth 100 | Out-File $hnvpaNetworkFile -Force } function Get-MgmtNetworkConfig { param( [Parameter(Mandatory = $false)][bool] $RandomizeAddress = $true ) $mgmtNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["mgmtNetworkFile"] $mgmtNetwork = Get-Config $mgmtNetworkFile if ($RandomizeAddress) { $mgmtNetwork = Update-LogicalNetworkAddresses $mgmtNetwork } return $mgmtNetwork } function Set-MgmtNetworkConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$Network ) $mgmtNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["mgmtNetworkFile"] $Network | ConvertTo-Json -Depth 100 | Out-File $mgmtNetworkFile -Force } function Get-PublicVipNetworkConfig { param( [Parameter(Mandatory = $false)][bool] $RandomizeAddress = $true ) $publicVipNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["publicVipNetworkFile"] $publicVipNetwork = Get-Config $publicVipNetworkFile if ($RandomizeAddress) { $publicVipNetwork = Update-LogicalNetworkAddresses $publicVipNetwork } return $publicVipNetwork } function Set-PublicVipNetworkConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$Network ) $publicVipNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["publicVipNetworkFile"] $Network | ConvertTo-Json -Depth 100 | Out-File $publicVipNetworkFile -Force } function Get-PrivateVipNetworkConfig { param( [Parameter(Mandatory = $false)][bool] $RandomizeAddress = $true ) $privateVipNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["privateVipNetworkFile"] $privateVipNetwork = Get-Config $privateVipNetworkFile if ($RandomizeAddress) { $privateVipNetwork = Update-LogicalNetworkAddresses $privateVipNetwork } return $privateVipNetwork } function Set-PrivateVipNetworkConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$Network ) $privateVipNetworkFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["privateVipNetworkFile"] $Network | ConvertTo-Json -Depth 100 | Out-File $privateVipNetworkFile -Force } function Get-DeploymentConfig { $config = Get-Config $(Get-DeploymentFile) # config upgrade for productkey $p = $config | Get-Member -Name productKey -ErrorAction SilentlyContinue if ($null -eq $p) { $config | add-member -NotePropertyName productKey -NotePropertyValue "" } # fix up booleans strings in the config file $config.useRRASRouter = Parse-TurnkeyBoolean $config.useRRASRouter $config.randomizeAddresses = Parse-TurnkeyBoolean $config.randomizeAddresses $config.bypassTORForLBDataPath = Parse-TurnkeyBoolean $config.bypassTORForLBDataPath # config upgrade for preferTestReadyVHD $preferTestReadyVHDKey = $config | Get-Member -Name preferTestReadyVHD -ErrorAction SilentlyContinue if ($null -eq $preferTestReadyVHDKey) { $config | add-member -NotePropertyName preferTestReadyVHD -NotePropertyValue $false } else { $config.preferTestReadyVHD = Parse-TurnkeyBoolean $config.preferTestReadyVHD } return $config } function Get-TorVmConfig { $config = Get-DeploymentConfig return $config.torVmConfig } function Set-TorVmConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$Config ) $depConfig = Get-DeploymentConfig $depConfig.torVmConfig = $Config Set-DeploymentConfig -deploymentConfig $depConfig } function Update-MacAddress { param($mac) $net = Get-MgmtNetworkConfig # Generate a mac address based on the managment network. $prefixElements = $net.properties.subnets[0].properties.addressPrefix.Split("/") $prefixLen = [int]$prefixElements[1] $ip = $prefixElements[0] if ($prefixLen -gt 24) { $secLast_hex = "{0:X2}" -f [int]($ip.Split('.')[-2]) $last_hex = "{0:X2}" -f [int]($ip.Split('.')[-1]) } elseif ($prefixLen -gt 8 -and $prefixLen -le 24) { $secLast_hex = "{0:X2}" -f [int]($ip.Split('.')[-3]) $last_hex = "{0:X2}" -f [int]($ip.Split('.')[-2]) } else { $secLast_hex = "{0:X2}" -f [int]($ip.Split('.')[-4]) $last_hex = "{0:X2}" -f [int]($ip.Split('.')[-3]) } $macEle = $mac.Split("-") $macEle[3] = $secLast_hex $macEle[4] = $last_hex $result = $macEle -join '-' return $result } function Get-DefaultMacPoolConfig { $configFileName = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["macpoolFile"] $config = Get-Config $configFileName # Always randomize mac addresses, if needed expose a separate flag to disable. $config.properties.startMacAddress = Update-MacAddress -mac $config.properties.startMacAddress $config.properties.endMacAddress = Update-MacAddress -mac $config.properties.endMacAddress return $config } function Set-MacPoolConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$Config ) $configFileName = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["macpoolFile"] $Config | ConvertTo-Json -Depth 100 | Out-File $configFileName -Force } function Get-SdnConfig { $configFileName = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["sdnConfigFile"] $config = Get-Config $configFileName return $config } function Test-ValidDepId { param( [parameter(Mandatory = $true)][string] $id ) if ($id.Length -gt 9) { Write-TraceLog "Test-ValidDepId failed, id $id must be less than 9 characters" return $false } $names = @("NC-$id", "$id-$(Get-RouterVMSuffix)", "$id-$(Get-NCVMSuffix)0", "$id-$(Get-MUXVMSuffix)0", "$id-$(Get-GWVMSuffix)0") foreach($name in $names) { $result = (Resolve-DnsName $name -ErrorAction SilentlyContinue) if ($result -ne $null) { Write-TraceLog "Test-ValidDepId failed, another deployment with id $id already exists" return $false } } Write-TraceLog "Test-ValidDepId $id passed all validations" return $true } function Get-NewDepId { while($true) { $id = ((New-Guid).guid).split("-")[0] # Skip if the name is already in use if ($(Test-ValidDepId -id $id)) { return $id } } } function Set-DeploymentId { param( [parameter(Mandatory = $false)][string] $id ) $internalConfig = Get-TurnKeySdnInternalConfig -configType state $internalConfig.depId = $id if ([String]::IsNullOrEmpty($internalConfig.torId)) { $internalConfig.torId = $id } Set-TurnKeySdnInternalConfig -configType state -config $internalConfig } function Get-TurnKeySdnDeploymentId { $configFileName = Join-Path (Get-StorePath) $script:CMap["state"] $config = Get-Config $configFileName return $config.depId } function Get-TorId { $configFileName = Join-Path (Get-StorePath) $script:CMap["state"] $config = Get-Config $configFileName return $config.torId } function Get-StateFileWithoutInit { $csv = Get-CSV if ($csv -ne $null) { $installPath = Join-Path $csv "TurnKeySdn" } else { $installPath = Join-Path $Env:SystemDrive "TurnKeySdn" } $storePath = Join-Path $installPath ".store" $configFileName = Join-Path $storePath $script:CMap["state"] return $configFileName } function Remove-TurnKeySdnStore { param ( [parameter(Mandatory = $false)][switch] $SkipStore ) try { $depConfig = Get-DeploymentConfig $deployFolder = $depConfig.vmLocation if (-not [string]::IsNullOrEmpty($deployFolder)) { Write-TraceLog "Remove-TurnKeySdnStore removing deployment folder $deployFolder" Remove-Item $depConfig.vmLocation -Recurse -Force -ErrorAction SilentlyContinue } } catch { Write-TraceLog "Remove-TurnKeySdnStore: Failed to remove vmLocation $deployFolder, error $_" } try { $workloadConfig = Get-TurnKeySdnWorkloadConfig $workloadDeployFolder = $workloadConfig.deploymentpath if (-not [String]::IsNullOrEmpty($workloadDeployFolder)) { Write-TraceLog "Remove-TurnKeySdnStore removing workload folder $workloadDeployFolder" Remove-Item $workloadDeployFolder -Recurse -Force -ErrorAction SilentlyContinue } } catch { Write-TraceLog "Remove-TurnKeySdnStore: Failed to remove deploymentpath $workloadDeployFolder, error $_" } if (Test-IsInitialized) { try { $inernalWorkConfig = Get-InternalWorkloadConfigPath if (-not [String]::IsNullOrEmpty($inernalWorkConfig)) { Write-TraceLog "Remove-TurnKeySdnStore removing workload config folder $inernalWorkConfig" Remove-Item $inernalWorkConfig -Recurse -Force -ErrorAction SilentlyContinue } } catch { Write-TraceLog "Remove-TurnKeySdnStore: Failed to remove deploymentpath $inernalWorkConfig, error $_" } try { $inernalDepConfig = Get-InternalDeploymentConfigPath if (-not [String]::IsNullOrEmpty($inernalDepConfig)) { Write-TraceLog "Remove-TurnKeySdnStore removing deployment config folder $inernalDepConfig" Remove-Item $inernalDepConfig -Recurse -Force -ErrorAction SilentlyContinue } } catch { Write-TraceLog "Remove-TurnKeySdnStore: Failed to remove deploymentpath $inernalDepConfig, error $_" } } $configPresent = Test-TurnKeySdnStateConfigExist if ($($SkipStore.IsPresent) -and $configPresent) { Write-TraceLog "Remove-TurnKeySdnStore: Resetting install states" $state = Get-StateInternal $state.depId = "" $state.initialized = $false $state.installState = $script:InstallStateNone $state.mgmtIPOffset = "0" Set-TurnKeySdnInternalConfig -configType state -config $state Reset-Credential Write-TraceLog "Remove-TurnKeySdnStore: Skipping store path removal" return } try { $storePath = Get-TurnKeySdnPath if (-not [String]::IsNullOrEmpty($storePath)) { Write-TraceLog "Remove-TurnKeySdnStore removing storePath $storePath" Remove-Item $storePath -Recurse -Force -ErrorAction SilentlyContinue } } catch { Write-TraceLog "Remove-TurnKeySdnStore: Failed to remove storePath $storePath, error $_" } } function Get-TurnKeySdnRestEndpoint { $sdnConfig = Get-SdnConfig $endpoint = $sdnConfig.networkController.restName if (-not [String]::IsNullOrEmpty($endpoint)) { return $endpoint } if ([String]::IsNullOrEmpty($sdnConfig.networkController.restIpAddress)) { throw "Invalid sdn configuration, both restname and IP are empty" } return $sdnConfig.networkController.restIpAddress.split("/")[0] } function Get-TurnKeySdnNCRuntime() { $sdnConfig = Get-SdnConfig return $sdnConfig.networkController.runtime } function Set-TurnKeySdnConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$sdnConfig ) $configString = $sdnConfig | ConvertTo-Json -Depth 10 $configFile = Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["sdnConfigFile"] Set-Content -Path $configFile -Value $configString -Encoding UTF8 } function Set-DeploymentConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$deploymentConfig ) $configString = $deploymentConfig | ConvertTo-Json -Depth 10 Set-Content -Path $(Get-DeploymentFile) -Value $configString -Encoding UTF8 } function LoadSdnExpressConfig { $sdnexpress = Import-LocalizedData ` -BaseDirectory $script:CMap["sdnExpressConfigPath"] ` -FileName $script:CMap["sdnExpressTemplateFile"] return $sdnexpress } function Get-SdnExpressGeneratedFilePath { # returns the path for a rendered copy of sdnexpress return Join-Path -Path $script:CMap["sdnExpressConfigPath"] -ChildPath $script:CMap["sdnExpressGeneratedFile"] } function Get-WorkloadConfigPath { param( [ValidateSet("LoadBalancer", "LoadBalancer_Static", "VNET", "VNET_Static", "LogicalNetwork", "Gateway", "Gateway_Static", "None", "HLK", "MultiVlanVip")] [Parameter(Mandatory = $false)] $WorkloadType, [Parameter(Mandatory = $false)] $WorkloadFolder ) if ($WorkloadType -eq "None" -or [String]::IsNullOrEmpty($WorkloadType)) { $WorkloadType = "LoadBalancer" } if ([String]::IsNullOrEmpty($WorkloadFolder)) { $WorkloadFolder = $WorkloadType } $path = Join-Path(Get-InternalWorkloadConfigPath) $WorkloadFolder if (-not (Test-Path $path)) { throw "Workload $WorkloadType not found at $path" } return $path } function Get-TurnKeySdnWorkloadConfig { $workloadConfigFile = Join-Path (Get-InternalWorkloadConfigPath) $script:CMap["workload"] $workloadConfig = Get-Config $workloadConfigFile return $workloadConfig } function Get-SdnWorkloadDeploymentPath { $workloadConfig = Get-TurnKeySdnWorkloadConfig if (-not [String]::isnullorempty($workloadConfig.deploymentpath)) { return $workloadConfig.deploymentpath } } function Set-TurnKeySdnWorkloadConfig { param( [parameter(Mandatory = $true)][PSCustomObject]$config ) $configString = $config | ConvertTo-Json -Depth 10 $configFile = Join-Path (Get-InternalWorkloadConfigPath) $script:CMap["workload"] Set-Content -Path $configFile -Value $configString -Encoding UTF8 } function Get-SdnWorkloadVirtualGateways { param( [Parameter(Mandatory = $true)] $WorkloadConfigPath ) $jsonPath = Join-Path $workloadConfigPath "jsons\virtualgateways" if (-not $(Test-Path $jsonPath)) { return $null } Get-ChildItem $jsonPath } function Get-SdnWorkloadLogicalNetworks { param( [Parameter(Mandatory = $true)] $WorkloadConfigPath ) $jsonPath = Join-Path $workloadConfigPath "jsons\logicalnetworks" if (-not $(Test-Path $jsonPath)) { return $null } Get-ChildItem $jsonPath } function Get-SdnWorkloadNetworkInterfaces { param( [Parameter(Mandatory = $true)] $WorkloadConfigPath ) $nicJsonPath = Join-Path $workloadConfigPath "jsons\networkinterfaces" if (-not $(Test-Path $nicJsonPath)) { return $null } Get-ChildItem $nicJsonPath } function Get-SdnWorkloadLoadbalancers { param( [Parameter(Mandatory=$true)] $WorkloadConfigPath ) $lbJsonPath = Join-Path $workloadConfigPath "jsons\loadbalancers" if (-not $(Test-Path $lbJsonPath)) { return $null } Get-ChildItem $lbJsonPath } function Get-TurnKeySdnHyperVHosts { $depConfig = Get-DeploymentConfig if ($depConfig.hyperVHosts.Count -gt 0) { return $depConfig.hyperVHosts } if (Test-IsCluster) { $sdnConfig = get-sdnconfig Write-TraceLog "Get-TurnKeySdnHyperVHosts: No hosts found, defaulting to clusternodes" if ($sdnConfig.networkController.FC.siteAware) { $infraconfig.hyperVHosts = @(Get-NodesInSiteFaultDomain) } else { $hypervHosts = (get-cluster | get-clusternode).Name } } else { Write-TraceLog "Get-TurnKeySdnHyperVHosts: No hosts found, defaulting to local host" $hypervHosts = @($(hostname)) } return $hypervHosts } function Get-SdnSwitchName { $depConfig = Get-DeploymentConfig return $depConfig.sdnSwitchName } function Initialize-TurnKeySdnDeploymentId { $config = Get-TurnKeySdnInternalConfig -configType state $updated = $false if ([String]::IsNullOrEmpty($config.depId)) { $config.depId = Get-NewDepId $updated = $true } if ([String]::IsNullOrEmpty($config.torId)) { $config.torId = $config.depId $updated = $true } if ([String]::IsNullOrEmpty($config.randomizerSeed)) { $config.randomizerSeed = Get-AddressRandmoizerSeed $updated = $true } if ($updated) { Set-TurnKeySdnInternalConfig -configType state -config $config } } function Initialize-Store { Initialize-StorePath $script:CMap["deploymentConfigPath"] = Join-Path $script:CMap["turnKeySdnPath"] "DeploymentConfig" $script:CMap["workloadConfigPath"] = Join-Path $script:CMap["turnKeySdnPath"] "WorkloadConfig" $internalConfigPath = $script:CMap["deploymentConfigPath"] $internalWorkloadConfigPath = $script:CMap["workloadConfigPath"] if (-not (Test-Path $internalConfigPath)) { New-Item $internalConfigPath -ItemType Directory -ErrorAction Stop | Out-Null } if (-not (Test-Path $internalWorkloadConfigPath)) { New-Item $internalWorkloadConfigPath -ItemType Directory -ErrorAction Stop | Out-Null } $userConfigPath = $script:CMap["userConfigPath"] Write-TraceLog "Copying user config from $userConfigPath to $internalConfigPath" robocopy $userConfigPath $script:CMap["deploymentConfigPath"] /E /XO /NC /NS /NP /NFL /NDL /NJH /NJS $userWorkloadConfigPath = $script:CMap["userWorkloadConfigPath"] Write-TraceLog "Copying user workload config from $userWorkloadConfigPath to $internalWorkloadConfigPath" robocopy $userWorkloadConfigPath $internalWorkloadConfigPath /E /XO /NC /NS /NP /NFL /NDL /NJH /NJS $vhdStore = Get-VhdStore if (-not (Test-Path $vhdStore)) { New-Item $vhdStore -ItemType Directory -ErrorAction Stop | Out-Null } $credFile = Join-Path (Get-StorePath) $script:CMap["credential"] if (-not $(Test-Path $credFile)) { Reset-Credential } $stateFile = Join-Path (Get-StorePath) $script:CMap["state"] if (-not $(Test-Path $stateFile)) { $state = @{} $state["depId"] = "" $state["torId"] = "" $state["randomizerSeed"] = "" $state["initialized"] = $false $state["installState"] = $script:InstallStateNone $state["mgmtIPOffset"] = "0" Set-TurnKeySdnInternalConfig -configType state -config $state } Initialize-TurnKeySdnDeploymentId } function Get-DeploymentFile { return Join-Path (Get-InternalDeploymentConfigPath) $script:CMap["deploymentFile"] } function Get-MgmtNicName { return $script:MgmtHostNicName } function Get-DefaultWorkloadVhdShare { return $script:DefaultTestVhdShare } function Get-DefaultWorkloadVhdFile { return $script:DefaultTestVhdFile } function Get-StateInternal { $stateFile = Get-StateFileWithoutInit $config = Get-Config $stateFile return $config } function Set-InstallState { param( [ValidateSet("installed", "installFailed", "installing", "none")] [parameter(Mandatory = $true)][string] $state ) $config = Get-StateInternal $config.installState = $state Set-TurnKeySdnInternalConfig -configType state -config $config } function Test-IsInstalled { try { $config = Get-StateInternal } catch { return $false } return $config.installState -ieq "installed" } function Test-IsInitialized { try { $config = Get-StateInternal } catch { return $false } return $config.initialized } function Set-Initialized { $config = Get-TurnKeySdnInternalConfig -configType state $config.initialized = $true Set-TurnKeySdnInternalConfig -configType state -config $config } function Get-NextManagementIPOffset { $config = Get-StateInternal [int]$offset = $config.mgmtIPOffset $config.mgmtIPOffset = $offset + 1 Set-TurnKeySdnInternalConfig -configType state -config $config return $offset } function Initialize-ManagementIPOffset { $config = Get-StateInternal $config.mgmtIPOffset = 0 Set-TurnKeySdnInternalConfig -configType state -config $config } function Get-MsftCorpRoutes { return $script:MSFTCorpRoutes } function Test-RRASRouterEnabled { $depConfig = Get-DeploymentConfig return $depConfig.useRRASRouter } function Get-DefaultInternetSwitchName { return $script:InternetSwitchDefaultName } function Get-DefaultSdnSwitchName { return $script:SdnSwitchDefaultName } function Get-RouterVMSuffix { "-TOR" } function Get-NCVMSuffix { "-NC" } function Get-MUXVMSuffix { "-MUX" } function Get-GWVMSuffix { "-GW" } function Get-DefaultCtsTrafficFolder { if (-not (Test-IsCluster)) { return "$env:SystemDrive\Tools" } $csvPath = Get-CSV return $(Join-Path -Path $csvPath -ChildPath "WorkloadTools") } function Get-DefaultCtsTrafficFile { return $(Join-Path -Path (Get-DefaultCtsTrafficFolder) -ChildPath "CtsTraffic.exe") } function Get-CtsTrafficGitHubUri { return "https://github.com/microsoft/ctsTraffic/raw/master/Releases/2.0.3.2/x64/ctsTraffic.exe" } function Copy-OrGetCtsTraffficExe { param( [parameter(Mandatory = $false)][string] $SourceFolder ) $defaultCtsTrafficFolder = Get-DefaultCtsTrafficFolder if (-not (Test-Path $defaultCtsTrafficFolder)) { New-item -Path $defaultCtsTrafficFolder -ItemType Directory -Force -ErrorAction Stop | Out-Null } $ctsTraffic = Get-DefaultCtsTrafficFile $source = Join-Path $SourceFolder "CtsTraffic.exe" if (-not $(Test-Path $source) -and -not $(Test-Path $ctsTraffic)) { Write-TraceLog "Copy-OrGetCtsTraffficExe: Ctstraffic not found at $source, downloading from github and copying to $ctsTraffic" Invoke-WebRequest $(Get-CtsTrafficGitHubUri) -outfile $ctsTraffic return } if ($(Test-Path $source)) { Write-TraceLog "Copy-OrGetCtsTraffficExe: Ctstraffic found locally at $source, copying to $ctsTraffic" Copy-Item -Path $source -Destination $ctsTraffic -Force return } Write-TraceLog "Copy-OrGetCtsTraffficExe: Using existing ctstraffic from $ctsTraffic" } function Reset-Credential { $cred = @{} $cred["username"] = "" $cred["password"] = "" Set-TurnKeySdnInternalConfig -configType credential -config $cred } # SIG # Begin signature block # MIIoRgYJKoZIhvcNAQcCoIIoNzCCKDMCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBOlLD++Erg57HK # TWbMGdH8WAgoooT44mT5FYclOj9fyqCCDXYwggX0MIID3KADAgECAhMzAAAEBGx0 # Bv9XKydyAAAAAAQEMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjQwOTEyMjAxMTE0WhcNMjUwOTExMjAxMTE0WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQC0KDfaY50MDqsEGdlIzDHBd6CqIMRQWW9Af1LHDDTuFjfDsvna0nEuDSYJmNyz # NB10jpbg0lhvkT1AzfX2TLITSXwS8D+mBzGCWMM/wTpciWBV/pbjSazbzoKvRrNo # DV/u9omOM2Eawyo5JJJdNkM2d8qzkQ0bRuRd4HarmGunSouyb9NY7egWN5E5lUc3 # a2AROzAdHdYpObpCOdeAY2P5XqtJkk79aROpzw16wCjdSn8qMzCBzR7rvH2WVkvF # HLIxZQET1yhPb6lRmpgBQNnzidHV2Ocxjc8wNiIDzgbDkmlx54QPfw7RwQi8p1fy # 4byhBrTjv568x8NGv3gwb0RbAgMBAAGjggFzMIIBbzAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQU8huhNbETDU+ZWllL4DNMPCijEU4w # RQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEW # MBQGA1UEBRMNMjMwMDEyKzUwMjkyMzAfBgNVHSMEGDAWgBRIbmTlUAXTgqoXNzci # tW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3JsMGEG # CCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3J0 # MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAIjmD9IpQVvfB1QehvpC # Ge7QeTQkKQ7j3bmDMjwSqFL4ri6ae9IFTdpywn5smmtSIyKYDn3/nHtaEn0X1NBj # L5oP0BjAy1sqxD+uy35B+V8wv5GrxhMDJP8l2QjLtH/UglSTIhLqyt8bUAqVfyfp # h4COMRvwwjTvChtCnUXXACuCXYHWalOoc0OU2oGN+mPJIJJxaNQc1sjBsMbGIWv3 # cmgSHkCEmrMv7yaidpePt6V+yPMik+eXw3IfZ5eNOiNgL1rZzgSJfTnvUqiaEQ0X # dG1HbkDv9fv6CTq6m4Ty3IzLiwGSXYxRIXTxT4TYs5VxHy2uFjFXWVSL0J2ARTYL # E4Oyl1wXDF1PX4bxg1yDMfKPHcE1Ijic5lx1KdK1SkaEJdto4hd++05J9Bf9TAmi # u6EK6C9Oe5vRadroJCK26uCUI4zIjL/qG7mswW+qT0CW0gnR9JHkXCWNbo8ccMk1 # sJatmRoSAifbgzaYbUz8+lv+IXy5GFuAmLnNbGjacB3IMGpa+lbFgih57/fIhamq # 5VhxgaEmn/UjWyr+cPiAFWuTVIpfsOjbEAww75wURNM1Imp9NJKye1O24EspEHmb # DmqCUcq7NqkOKIG4PVm3hDDED/WQpzJDkvu4FrIbvyTGVU01vKsg4UfcdiZ0fQ+/ # V0hf8yrtq9CkB8iIuk5bBxuPMIIHejCCBWKgAwIBAgIKYQ6Q0gAAAAAAAzANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5WjB+MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQg # Q29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC # CgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4BjgaBEm6f8MMHt03 # a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe0t+bU7IKLMOv2akr # rnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato88tt8zpcoRb0Rrrg # OGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v++MrWhAfTVYoonpy # 4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDstrjNYxbc+/jLTswM9 # sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN91/w0FK/jJSHvMAh # dCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4jiJV3TIUs+UsS1Vz8k # A/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmhD+kjSbwYuER8ReTB # w3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbiwZeBe+3W7UvnSSmn # Eyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8HhhUSJxAlMxdSlQy90 # lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaIjAsCAwEAAaOCAe0w # ggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTlUAXTgqoXNzcitW2o # ynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBa # BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsG # AQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MIGfBgNV # HSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcCARYzaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnljcHMuaHRtMEAGCCsG # AQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5AF8AcwB0AGEAdABl # AG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oalmOBUeRou09h0ZyKb # C5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0epo/Np22O/IjWll11l # hJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1HXeUOeLpZMlEPXh6 # I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtYSWMfCWluWpiW5IP0 # wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInWH8MyGOLwxS3OW560 # STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZiWhub6e3dMNABQam # ASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMdYzaXht/a8/jyFqGa # J+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7fQccOKO7eZS/sl/ah # XJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKfenoi+kiVH6v7RyOA # 9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOppO6/8MO0ETI7f33Vt # Y5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZOSEXAQsmbdlsKgEhr # /Xmfwb1tbWrJUnMTDXpQzTGCGiYwghoiAgEBMIGVMH4xCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNp # Z25pbmcgUENBIDIwMTECEzMAAAQEbHQG/1crJ3IAAAAABAQwDQYJYIZIAWUDBAIB # BQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEO # MAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIFCPogm1iFZ45CI5z7iXBHNp # DKqOwJ7NpaVz+Lxm5hv6MEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8A # cwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEB # BQAEggEATaP8PLpMcHEvV0pcXUE2UXSwJ3haBQCk0MAsCsLbIVYGqpscb+jg/OFC # 9ckWNMSTVcyOh8RQZy3ytwy4Ua5EahKifTbEoCrGjNVhkwjo7eII3tr2PG8vwKin # in/CAuU13HBNZQwJFi2ywiybGfQ/5omlotDXrBCv9PB2khoYUX0scqbo7Xc1wTxT # dfI/iI+AFEVrwCeNTk47dm9WU7GrtMLuAVRndtM7HbI3dCeGTy1Z+4D8TxqHgJ41 # XVgGFnMFBdhBINfbJlk3pp3262DejqMs6g3xSe8wiq62ab/CNE+4M8nBawFbiCFj # XK/dpT2GCsHTsOr/UFrgxwfuOVjGnKGCF7AwghesBgorBgEEAYI3AwMBMYIXnDCC # F5gGCSqGSIb3DQEHAqCCF4kwgheFAgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFaBgsq # hkiG9w0BCRABBKCCAUkEggFFMIIBQQIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFl # AwQCAQUABCC5E0k+mf8wQ4W/YOchjphkiB4dFyB4HXGLpkCa3WXyFwIGZ7/AxHxB # GBMyMDI1MDMyMDIwMTEyNi41MjZaMASAAgH0oIHZpIHWMIHTMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQLEyRNaWNyb3NvZnQgSXJl # bGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJzAlBgNVBAsTHm5TaGllbGQgVFNTIEVT # Tjo2NTFBLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAg # U2VydmljZaCCEf4wggcoMIIFEKADAgECAhMzAAAB9ZkJlLzxxlCMAAEAAAH1MA0G # CSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u # MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRp # b24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMB4XDTI0 # MDcyNTE4MzEwMVoXDTI1MTAyMjE4MzEwMVowgdMxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9w # ZXJhdGlvbnMgTGltaXRlZDEnMCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOjY1MUEt # MDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNl # MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzO90cFQTWd/WP84IT7JM # IW1fQL61sdfgmhlfT0nvYEb2kvkNF073ZwjveuSWot387LjE0TCiG93e6I0HzIFQ # BnbxGP/WPBUirFq7WE5RAsuhNfYUL+PIb9jJq3CwWxICfw5t/pTyIOHjKvo1lQOT # WZypir/psZwEE7y2uWAPbZJTFrKen5R73x2Hbxy4eW1DcmXjym2wFWv10sBH40aj # Jfe+OkwcTdoYrY3KkpN/RQSjeycK0bhjo0CGYIYa+ZMAao0SNR/R1J1Y6sLkiCJO # 3aQrbS1Sz7l+/qJgy8fyEZMND5Ms7C0sEaOvoBHiWSpTM4vc0xDLCmc6PGv03CtW # u2KiyqrL8BAB1EYyOShI3IT79arDIDrL+de91FfjmSbBY5j+HvS0l3dXkjP3Hon8 # b74lWwikF0rzErF0n3khVAusx7Sm1oGG+06hz9XAy3Wou+T6Se6oa5LDiQgPTfWR # /j9FNk8Ju06oSfTh6c03V0ulla0Iwy+HzUl+WmYxFLU0PiaXsmgudNwVqn51zr+B # i3XPJ85wWuy6GGT7nBDmXNzTNkzK98DBQjTOabQXUZ884Yb9DFNcigmeVTYkyUXZ # 6hscd8Nyq45A3D3bk+nXnsogK1Z7zZj6XbGft7xgOYvveU6p0+frthbF7MXv+i5q # cD9HfFmOq4VYHevVesYb6P0CAwEAAaOCAUkwggFFMB0GA1UdDgQWBBRV4Hxb9Uo0 # oHDwJZJe22ixe2B1ATAfBgNVHSMEGDAWgBSfpxVdAF5iXYP05dJlpxtTNRnpcjBf # BgNVHR8EWDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3Bz # L2NybC9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcmww # bAYIKwYBBQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRwOi8vd3d3Lm1pY3Jvc29m # dC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0El # MjAyMDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsGAQUF # BwMIMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAgEAcwxmVPaA9xHf # fuom0TOSp2hspuf1G0cHW/KXHAuhnpW8/Svlq5j9aKI/8/G6fGIQMr0zlpau8jy8 # 3I4zclGdJjl5S02SxDlUKawtWvgf7ida06PgjeQM1eX4Lut4bbPfT0FEp77G76hh # ysXxTJNHv5y+fwThUeiiclihZwqcZMpa46m+oV6igTU6I0EnneotMqFs0Q3zHgVV # r4WXjnG2Bcnkip42edyg/9iXczqTBrEkvTz0UlltpFGaQnLzq+No8VEgq0UG7W1E # LZGhmmxFmHABwTT6sPJFV68DfLoC0iB9Qbb9VZ8mvbTV5JtISBklTuVAlEkzXi9L # IjNmx+kndBfKP8dxG/xbRXptQDQDaCsS6ogLkwLgH6zSs+ul9WmzI0F8zImbhnZh # UziIHheFo4H+ZoojPYcgTK6/3bkSbOabmQFf95B8B6e5WqXbS5s9OdMdUlW1gTI1 # r5u+WAwH2KG7dxneoTbf/jYl3TUtP7AHpyck2c0nun/Q0Cycpa9QUH/Dy01k6tQo # mNXGjivg2/BGcgZJ0Hw8C6KVelEJ31xLoE21m9+NEgSKCRoFE1Lkma31SyIaynbd # YEb8sOlZynMdm8yPldDwuF54vJiEArjrcDNXe6BobZUiTWSKvv1DJadR1SUCO/Od # 21GgU+hZqu+dKgjKAYdeTIvi9R2rtLYwggdxMIIFWaADAgECAhMzAAAAFcXna54C # m0mZAAAAAAAVMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UE # CBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z # b2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZp # Y2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0yMTA5MzAxODIyMjVaFw0zMDA5MzAxODMy # MjVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH # EwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNV # BAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMIICIjANBgkqhkiG9w0B # AQEFAAOCAg8AMIICCgKCAgEA5OGmTOe0ciELeaLL1yR5vQ7VgtP97pwHB9KpbE51 # yMo1V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64NmeFRiMMtY0Tz3cywBAY # 6GB9alKDRLemjkZrBxTzxXb1hlDcwUTIcVxRMTegCjhuje3XD9gmU3w5YQJ6xKr9 # cmmvHaus9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl3GoPz130/o5Tz9bshVZN # 7928jaTjkY+yOSxRnOlwaQ3KNi1wjjHINSi947SHJMPgyY9+tVSP3PoFVZhtaDua # Rr3tpK56KTesy+uDRedGbsoy1cCGMFxPLOJiss254o2I5JasAUq7vnGpF1tnYN74 # kpEeHT39IM9zfUGaRnXNxF803RKJ1v2lIH1+/NmeRd+2ci/bfV+AutuqfjbsNkz2 # K26oElHovwUDo9Fzpk03dJQcNIIP8BDyt0cY7afomXw/TNuvXsLz1dhzPUNOwTM5 # TI4CvEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLiMxhy16cg8ML6EgrXY28MyTZk # i1ugpoMhXV8wdJGUlNi5UPkLiWHzNgY1GIRH29wb0f2y1BzFa/ZcUlFdEtsluq9Q # BXpsxREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6HXtqPnhZyacaue7e3Pmri # Lq0CAwEAAaOCAd0wggHZMBIGCSsGAQQBgjcVAQQFAgMBAAEwIwYJKwYBBAGCNxUC # BBYEFCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQWBBSfpxVdAF5iXYP05dJl # pxtTNRnpcjBcBgNVHSAEVTBTMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIB # FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9y # eS5odG0wEwYDVR0lBAwwCgYIKwYBBQUHAwgwGQYJKwYBBAGCNxQCBAweCgBTAHUA # YgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU # 1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2Ny # bC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIw # MTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0w # Ni0yMy5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1VffwqreEsH2cBMSRb4Z5yS/yp # b+pcFLY+TkdkeLEGk5c9MTO1OdfCcTY/2mRsfNB1OW27DzHkwo/7bNGhlBgi7ulm # ZzpTTd2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pvvinLbtg/SHUB2RjebYIM # 9W0jVOR4U3UkV7ndn/OOPcbzaN9l9qRWqveVtihVJ9AkvUCgvxm2EhIRXT0n4ECW # OKz3+SmJw7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWKNsIdw2FzLixre24/LAl4 # FOmRsqlb30mjdAy87JGA0j3mSj5mO0+7hvoyGtmW9I/2kQH2zsZ0/fZMcm8Qq3Uw # xTSwethQ/gpY3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+c23Kjgm9swFXSVRk2XPX # fx5bRAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFUa2pFEUep8beuyOiJXk+d0tBMdrVX # VAmxaQFEfnyhYWxz/gq77EFmPWn9y8FBSX5+k77L+DvktxW/tM4+pTFRhLy/AsGC # onsXHRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1ZyvgDbjmjJnW4SLq8CdCPSWU # 5nR0W2rRnj7tfqAxM328y+l7vzhwRNGQ8cirOoo6CGJ/2XBjU02N7oJtpQUQwXEG # ahC0HVUzWLOhcGbyoYIDWTCCAkECAQEwggEBoYHZpIHWMIHTMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQLEyRNaWNyb3NvZnQgSXJl # bGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJzAlBgNVBAsTHm5TaGllbGQgVFNTIEVT # Tjo2NTFBLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAg # U2VydmljZaIjCgEBMAcGBSsOAwIaAxUAJsAKu48NbR5YRg3WSBQCyjzdkvaggYMw # gYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYD # VQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQsF # AAIFAOuGlb0wIhgPMjAyNTAzMjAxMzI1MTdaGA8yMDI1MDMyMTEzMjUxN1owdzA9 # BgorBgEEAYRZCgQBMS8wLTAKAgUA64aVvQIBADAKAgEAAgIWmwIB/zAHAgEAAgIS # wjAKAgUA64fnPQIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAow # CAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBCwUAA4IBAQCo7Ygqnfq/ # 0aiRf7ZEK6F6NaeKGok6V2kQoEQm4crz0MfOBpWevrQ4kgaL7IlOMQVNnr4DdVFx # eC0EBiNb/rqxVmhPFHaNeOtVZGFAlNm1iOjEbDJm0q1SSlfPwNTzSOW8GTjHXrOw # IkFQmNzGOTHbjKx1QAhWZZx78G6o4eSDlNznVYKeVcxbP1yvZJlUNUC7qHtQlcey # QWDlahDlWJO4MCW+hcTL3MMpAZtrwqvKCsIROCyzpZcaJCBzwnK6MP3rnQsq+Ape # 40+n6EZawva0FpQKN7tNHkaXRbHqSIRt8RayNZJuSjhLM4vNEU+Gl+/TXQfx5TfY # fOUpvVoFnWF6MYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgT # Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m # dCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENB # IDIwMTACEzMAAAH1mQmUvPHGUIwAAQAAAfUwDQYJYIZIAWUDBAIBBQCgggFKMBoG # CSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgD7pF/TmB # 0e2pvLEdJQYkRCjYPg/26llqDUYX0LUZfgwwgfoGCyqGSIb3DQEJEAIvMYHqMIHn # MIHkMIG9BCDB1vLSFwh09ISu4kdEv4/tg9eR1Yk8w5x7j5GThqaPNTCBmDCBgKR+ # MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMT # HU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB9ZkJlLzxxlCMAAEA # AAH1MCIEIFFaqXJHmRXVw6AWhp+04VjUyYO0IAWbxvj4gEl+IwR3MA0GCSqGSIb3 # DQEBCwUABIICAAaIE++miqL/SX9mT173UIVDSU40CVcUh57QcY+8EAYtTJx0Wo9M # PF3qLq1aNiZBSU5uOsL0YGsqQQ0rCAEeEkcMT6khyI8t59yeSbq4u3R7TmOQLXaJ # SGfXK0Qtn5gw2L0PDGMruwApnlnjj665FUAcQEBddakryceGT4YBARED1MMfjtQc # 6mUJ561W0kGKENdmQEgj+N+PdhxzjNoACMr4TJJuVMIjHYv51vK2qRAev1Uz9Qbv # bgQEOGlM2wazCOOOmIbxak9WWjL38Tg3P8gSSe8jw2u8FiaempzwLR+KAx/mG+UZ # ztrpsukn+6ZCfePCBdy4BKAes7KJbahg4rjahF74egs4NLRqnHMUN3BzM1sPhWIQ # tJZxaCuvgrOM5tFM6Bt0XB2xRX7b7PLRhHpmykjHM2qsxj8Q1cUf8aBqKK/2LT7U # KAhMCCBfCHykFr0qL7MD3VKMK0g2pfbjT3mPSwBLfgQdO7ky4N3WDoR5n3WOKEJu # xwr6gaKtsM0uJlkJqovyiSUEs0OzNN7BabRY6fcNbcLS9WFcjw7Qa62vRy5vzqX5 # E/azTikws6C2m9gwSJt+0IkNnB9yecoXa0awIaKLab6nh6zX59Bpc27c7+O0Tb87 # v9T9FeUQNU+oYUppPxXdDPxhfueGDoue0M565ZfCcuofbVV8Rdwji+A1 # SIG # End signature block |