From a93f2697134d08b7baf916a66148cfcec4143428 Mon Sep 17 00:00:00 2001
From: Fernando Giorgetti <fgiorget@redhat.com>
Date: Mon, 25 Mar 2024 16:42:12 -0300
Subject: [PATCH] Skupper container ingresses

---
 index.xml                                     |   4 +-
 posts/20240320-router-with-compose/index.html |   7 +
 .../images/scenario.png                       | Bin 0 -> 40095 bytes
 .../index.html                                | 399 ++++++++++++++++++
 .../resources/edgerouter.tar.gz               | Bin 0 -> 827 bytes
 .../resources/edgerouter/compose.yaml         |  30 ++
 .../edgerouter/config-proxy/skrouterd.json    |  41 ++
 .../edgerouter/config/skrouterd.json          |  61 +++
 .../resources/haproxy.tar.gz                  | Bin 0 -> 729 bytes
 .../resources/haproxy/compose.yaml            |  24 ++
 .../resources/haproxy/config/skrouterd.json   |  43 ++
 .../resources/netfilter.tar.gz                | Bin 0 -> 767 bytes
 .../resources/netfilter/compose.yaml          |  27 ++
 .../resources/netfilter/config/skrouterd.json |  43 ++
 .../resources/scenario.drawio                 |  64 +++
 posts/index.html                              |  11 +
 posts/index.xml                               | 104 ++++-
 sitemap.xml                                   |  49 ++-
 tags/compose/index.html                       | 173 ++++++++
 tags/compose/index.xml                        |  24 ++
 tags/compose/page/1/index.html                |  10 +
 tags/docker/index.html                        |  11 +
 tags/docker/index.xml                         |  14 +-
 tags/edge-router/index.html                   | 173 ++++++++
 tags/edge-router/index.xml                    |  24 ++
 tags/edge-router/page/1/index.html            |  10 +
 tags/edge/index.html                          | 173 ++++++++
 tags/edge/index.xml                           |  24 ++
 tags/edge/page/1/index.html                   |  10 +
 tags/haproxy/index.html                       | 173 ++++++++
 tags/haproxy/index.xml                        |  24 ++
 tags/haproxy/page/1/index.html                |  10 +
 tags/index.html                               |  60 ++-
 tags/index.xml                                |  86 +++-
 tags/iptables/index.html                      | 173 ++++++++
 tags/iptables/index.xml                       |  24 ++
 tags/iptables/page/1/index.html               |  10 +
 tags/netfilter/index.html                     | 173 ++++++++
 tags/netfilter/index.xml                      |  24 ++
 tags/netfilter/page/1/index.html              |  10 +
 tags/page/2/index.html                        |  82 ++++
 tags/podman/index.html                        |  11 +
 tags/podman/index.xml                         |  14 +-
 tags/skupper-router/index.html                |  11 +
 tags/skupper-router/index.xml                 |  14 +-
 tags/skupper/index.html                       |  11 +
 tags/skupper/index.xml                        |  14 +-
 47 files changed, 2406 insertions(+), 71 deletions(-)
 create mode 100644 posts/20240322-skupper-podman-ingresses/images/scenario.png
 create mode 100644 posts/20240322-skupper-podman-ingresses/index.html
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/edgerouter.tar.gz
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/edgerouter/compose.yaml
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/edgerouter/config-proxy/skrouterd.json
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/edgerouter/config/skrouterd.json
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/haproxy.tar.gz
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/haproxy/compose.yaml
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/haproxy/config/skrouterd.json
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/netfilter.tar.gz
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/netfilter/compose.yaml
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/netfilter/config/skrouterd.json
 create mode 100644 posts/20240322-skupper-podman-ingresses/resources/scenario.drawio
 create mode 100644 tags/compose/index.html
 create mode 100644 tags/compose/index.xml
 create mode 100644 tags/compose/page/1/index.html
 create mode 100644 tags/edge-router/index.html
 create mode 100644 tags/edge-router/index.xml
 create mode 100644 tags/edge-router/page/1/index.html
 create mode 100644 tags/edge/index.html
 create mode 100644 tags/edge/index.xml
 create mode 100644 tags/edge/page/1/index.html
 create mode 100644 tags/haproxy/index.html
 create mode 100644 tags/haproxy/index.xml
 create mode 100644 tags/haproxy/page/1/index.html
 create mode 100644 tags/iptables/index.html
 create mode 100644 tags/iptables/index.xml
 create mode 100644 tags/iptables/page/1/index.html
 create mode 100644 tags/netfilter/index.html
 create mode 100644 tags/netfilter/index.xml
 create mode 100644 tags/netfilter/page/1/index.html

diff --git a/index.xml b/index.xml
index 10ce8ca..4482fa8 100644
--- a/index.xml
+++ b/index.xml
@@ -6,13 +6,13 @@
         <generator>Hugo -- gohugo.io</generator>
         <language>en-us</language>
         <copyright>Fernando Giorgetti</copyright>
-        <lastBuildDate>Wed, 20 Mar 2024 09:14:27 -0300</lastBuildDate>
+        <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate>
         <atom:link href="https://fgiorgetti.github.io/index.xml" rel="self" type="application/rss+xml" />
         
         <item>
             <title>Posts</title>
             <link>https://fgiorgetti.github.io/posts/</link>
-            <pubDate>Wed, 20 Mar 2024 09:14:27 -0300</pubDate>
+            <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
             
             <guid>https://fgiorgetti.github.io/posts/</guid>
             <description></description>
diff --git a/posts/20240320-router-with-compose/index.html b/posts/20240320-router-with-compose/index.html
index 04e644a..0598fef 100644
--- a/posts/20240320-router-with-compose/index.html
+++ b/posts/20240320-router-with-compose/index.html
@@ -260,6 +260,13 @@ <h1 class="post-title">
 
         <div class="pagination__buttons">
             
+            <span class="button previous">
+                <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                    <span class="button__icon">←</span>
+                    <span class="button__text">Skupper service ingress through containers</span>
+                </a>
+            </span>
+            
 
             
             <span class="button next">
diff --git a/posts/20240322-skupper-podman-ingresses/images/scenario.png b/posts/20240322-skupper-podman-ingresses/images/scenario.png
new file mode 100644
index 0000000000000000000000000000000000000000..2d1cc9844e656d9118a5244cd12a71c0e6f38f7d
GIT binary patch
literal 40095
zcmeFZ1z45awl|Knq!Nn;0qO3P?vj*_1uS4mN{4g_ixdO_X(<UokdPKhkrE`8mX;I{
z1pe<L_IB^HPu%Z2_kQO-&wuM?tvTQMjydNTzmaodgu0qMHU=pM0s;cIqJoSj0s<lo
z_`ZaW3jB1JCZ_^EuDNK+OCgl?k*^>iFbccM>bcr`T0!j~2y{Hs7vJc(Ic*$WT<LgZ
z=(xGTPEPEWP_VT#*xrTR0pbdD0nhCnEumIWh~>o?Zcc7qHclQkZa!@;AvzvOUQXZ#
z7auz>7r(*9c(66Z;gX=Lqc_yf4ot@_$H&eIkYd#1;-ce`0=}t09o#&DPftO9Q+{41
z;G3kAlO04CVy+AY=9S~)5n$)xhrgn%pslJx$1M$fw}aY3fDd_yg{>p}6=@r1M|+@0
zj*FX<{rnHmsRgzIJ41gV0pA0}6>NR6ei>U!Rdovk6)jV#dxEagJbd?ffOWvfxI>&>
zppFig+vH{Ef-f2Vz{LV=2f66xy67=?bhd;zUv!-h;*q7}lmv#t|MEy*@(^e^fPwX$
z^Hv>T3)|)E&`VxgJ-Dx=sOlvz>!sohmDRAdb#QWrPw*?XE1LG6^3Gr<8&yY3h#f%K
z((`gbyga-YYqIpZ=n>!&xahEUzMAK9T6l*R)ca~Hm%FoegIYpdE~#C->FVfc=L&WD
zW2c3qg9F6kQm~g4!OqT(9)BEW<!E=gyUQ_7z{dYT9p0h!H!Ows>Ow7DZ7#+N@?9<u
z-md_GTH9RB%*A>6#2$P#__D*r25jl*aq<3n*WdE-ikr@kjsU%1gm&@Z*Pn0=k%rj8
znSI5_%Xt87{ny|9jT_FtX~+K!IX6>JO&%pSWlm+sy8?VFijMaj)Y$;Ao&y<d=XS|*
zdoMN@h_gG?0%%JL0{>l%aB=mzLbQu5#MJ`MbO5+gPL5CqSBSH$JFrH$SmDb08&}~2
zEWs`|=avB8uyM7wyBg%`>}U&-cC>SZYlVZO12CVI9oQUVr|#$ib-hq43xFzIYoq{8
zbA<v3Q2EmUb4OQKNBds}NZLWI;R@;M=mhjSy1Cjx9e`P`fCyg%_;Sc^#DVoX!FO-(
zX$@Bxc1J5KVEgQFHUJ9F?quWT0-xLT!t6-_=FskH-E`bM+?)d3Qi1^83r0DCe;3!K
z1mTN^TxlPC)IWyN72*K>g#gCN)!7RG)Ya=emk_vAT`n$ucD{>=J$_dO?n`~P`9%x(
zE=3K#R6gt9Xu|>UuK*MnbBXVNy#BvXgTKTc*QFV9{~dhlj+XXd2VgzttiCX%zXR_a
zYv;@7lcM930v0XJNyi7cA!&Gvof}}pA3FZr7WiWaAe~=^pSR#Nt_WUq{J9O#_;mo+
zZ!J#tbMn7-z^D7QeZIh7I{x?=z8W}<EAr>t1BCm>_Qe8$zP|%*0Kt|}Kx?i5dZ}2y
zD4vH6)D@!T1cocPj0XUCfRvS^gX^W8=K|n)(Y|CnTx9@D?g|DJ39hPe4ga&&UyK3#
zwv!9g{M=5!dz>K_Zh(VyhiF1vE}RIw_s`k}_Hf~4w{~`Pa{?Y(J1YWn{i2J%KQ(o9
zFm-Z<*h5|5mcr!^<^xbe0U1FdA-Ed;s-Bm-zp@^GG!9pGzz$*sSavBFfF)1|YnAhs
z44`KhY`9`1Fa@6^zqBAf(EkUU_CKNaJe&ZQ;Cgzg_E)a%7oF$jy&UqZ(sN&#i~k(0
z=eaV9zia)))_(CY02mxBe{&jt1=wHk{I~r7$JXZGXpH|T6fXYD_AgT568a0N@L$^S
z{~V#f9l)RB0Ch)aAgbmR1pfSue1I4Si1pxV_)la5c5%800Ii^&aC!cPkNlq!)|DWx
z9H+qLwtf-Tl~(<#L05hML9+T=xA`{$x-h5bBK<WU`LFSsoAWY&2Va<UV3u>9{bTPB
z9|PD<AQb-F=mjvL7fb#7W{m3!ZodkF>pxIqE_d=v@IuGUZwGfI=5~%2wh!DKUE!JM
z?^cZ;-UU3i2RmCs0T%~P{@}d2`k$B62?+AwneJ7t2p@6j!GLd0U`tEDKV80fIrfSu
zFt_zN@!z9&Zho*m+@(60yTCsH3c#TMqpr(sIbTik+eZKId;YYZe|;t(82y#c7rXx(
zJ^0;`z@wIbW~?sr0_Tg=@n5x7+*kVeZ*VNX7^D9+iU5>c{^UCTMhsUWAJqOlv;XJW
z+<6`-1-7t-8!`vWs~F4@Vg+_P*Rj77(f!%ooKGlu)e8^lE|(x<<LU~pRsbp{2mJN$
z@L<31=Hd!<u!BH=5Zb|&-2zA}x#hqvE)XEE<(7lmTLV9VQWg-t$T^*-DeO*gZTx=$
zlgniA!W{n=6mnfk;ujF{@t<c!aQXadPx&rK{s%d=%Z&9e%qcuK0oMPwh7|sQ?IN*&
zTS~#dV-hbSm<!7S$nJvN-?10}?Saj|(^y=U1UN5CG`~4jc1}(nZUF%vE>0nCUU*3q
zF8^Opag`MO3W=+}{~$<QZtE9FNCD+Ypfm`0MTo11qqFU~{{Go#u))Cs_!T>d>BYxo
z!tpzRxPfX6+*$sTL|o;9ztx2PY+&r6mX`3u_Ai~t?`{TeVlMdoPvfrt1}OZ=AP4~-
z|4*Xlx{7CimHk!Ue~#?0(D;kYAb{kxE=v+XYGUJP?dSlull{F{>W@<ReT<4DycT#~
zx3~{+b@jR|bb#Gl9sdXdplssorFS{>yrB;?IDr}rkJNcn2Ci~&5nr_63in?S_*K2j
z#nH|Ay!Zl0=Px7jtMZ*I5GevjD(8m*e?9P0z;NDN3_HjA|3QH646y^d0+pIysBm-s
z6(0T-+He>Ge36!Pb_T<1msfNy>vsSq|8*)?wCp|A;gx29+NIg!;rpZ6;{uMA&e0Co
z_<sj|Zg{m0u05A#^}n6|Rf76oTR#tQ$|ZNf=zoQ&=fi(V&HnK_m!r?mH2&Ghzd8E&
zOT_X39ECIW7o)BKKTQ1Hq@O?jMeqM3Z1t7u{u?X#e}>mp-usK6zRG%kwbfUa@k*!u
z1IqY+l?lUT{EHC(PCeqP6!_=N>EB;@;Q3SK;kP5fU)cSZ8JFPY?*4Q5&GR=J^jkju
z|FH1jV(aGQ1aW2qoG|>v?q8`i{5f#@Z5!~{&#M_%J%EY(4@vg9uE73h$o^yV_`4VT
zr6~5l4|+m>0lhzI`v0HmtF!$(L2?=GzySp3^kpz2_!o!1|7&u6;1bZEo&5hmaDOr9
zuUXkuUii<#@k@jI&!h2+DgFn8aX2deS+M)>kKy3L`;*rH56JJg<m{Jx44$6B3%mcd
z<m_LS`<2f9Q^8*X<bR>y&%yC`ZZ=(|3cueW`_;#tKfSuOcJbiy1^8{jiv;Y(4$VUZ
zgj)!TGLqV!ChO@at_0nnu(Jr3+sGa@?VlkJYC`F1S--K?OPD?IsYUj{{Pqn8Chg>b
zcoT1qpC{HZ1uXqY#Zs8Irf(KuW%cpdy@KYZ8W~iz5(JhwMwHVZ)7+38hnZfW*@97y
zSQ0?Va_i%KwaZ8SKy3{P48252p$9`<e)yVs!A49MLl9W9Gy}ePVZlVn^#Wy>Tgsm*
zv<iw`zWxPh7uMv@hZW=_V!?`v#6~~B$s(}a$^+V(FFv@DL?Lds<*dhRW-q_guvWE%
zSxQul?Kl$~(4q+8Us6dTG}9Y?)ne2DW{wN6-o~?h)uzr|&@t*mXNhmAK8$L~M*_lj
zdFJ#|@7lcpLQZ59Vi0y~<P=&rp#nPSNeeZ}0FioAWa9(+I*59S7UFAS5S;*(Zr8<1
z;?RNN_|zb42+A<VZDbg8zqvF?Vu6LO>OC^`46xn;SNp}ltThZy*3~zmwZ6hd0b%7`
zV4L(RN`Xj1GZbLjTU@|HdO5bf_ZWo)z^tz+!pivk8uaf`y+=m?zo2JIY|+9`S>OBs
zlcTyDl`V|(lwX@knoB@8Ssc&B)Op99QuMXnb18RMSh4c{LSk-Hjn>)9kHt91msgg<
z?TL)B@6V?RAUwQ#ElidYyF>!-a+-T>IVx7E7P~p|o4KcsBN$4H_w!O-wIrcfh}llC
zNe8s!AQj+fNm<pkk3homPrg39lx->#Aet1lXE4G;$!pkP4O{T?)AB-xXS*#>50$_N
zX-3BT9>ju;Y+2;EE#&Hcno^&vVa4y~9X@v$%8u!mX&~xcYe=|OlNf;Q1rot}_LW78
zxszGdvNTJ^kB(Ctl{at0H<2466C&C$7(<7TB(k4rV#1`w9*Px%AO+4LU#@oQO;HQB
zN=#%STvN>wEku5SM6Zv~eoJ7Kt1|~vAw#y#$Q^-R4;#f>3YACV2ihW;xL-rJ3l&UJ
zscRzAC$W~D=lWW+*PzT<OmP0FF5?py%K*XvC&uk$O?u2Hl66QDAy|6#<0BAWTwMSa
z0Q&+HwF1Cgi&YDcqZ9%|%rstbR!vkAV}mwRB!1LHM64jyNj(^qp=N1@b}uhcpsH+Q
zr@SgiD^><LnEyRE;#FIx>+EYDPrXS4y{?yx)b%AnvW_I2E|taaRYvY$st~-I(}1Xm
zU^D90vQbvPZfk)GP;0R}8S+{M?`Ey^aiet9vr!uBNn}a6%NND*eST%RHwaL!PHwdv
z_}ZR(U8R{pr-@8GCwbC5Ia)gzYgy^XGG&*gf0{vx?zEtfj8k~vM**h514AQYId@{g
zjV4X-Q1aUk$oUvuXm8j^KNh!TLCci#y4o^iX}xjkis4!o4QScWa_?*6r-;{EbB4jo
zUmBCs(DXfPbfl`$o%Q{mG8?|XW&3*E%~k7hMnlA`dlL1{S$dqWpvc95ofm0qPrY1A
z=Ubp3pGctcu`)lQ=c{3*{GK%*P~>*2E$2g-MWkjEPH=u%2p;ZAQ+3-{gL&WmEeer|
zZV~MCRN0$MKJ#B!&9j4AlpV_0p(~V2ep<?1DiE|OBV*_GIsJz9>M=Ui-iH)uYSV=w
zJ7sCb@9i`;TZ*s|#<2j!7@|N`6QK^?fj(E^@|eu=Hz|B?smEK67FFK{D5P*6LR*en
zN-$Y22Zjwg%m7zf-f)HnZEHX#Y&H#4XS6J6c4U)>75dpo-s1#E8>s*#h0&6ZkiLg5
zj_LChC|aLE!hT@5*-}ZL8rWH{<zjUo)ybQWEi11Hlosu3+SwP8wQ-)xF?5SFJi`AX
zj*k_`1o^5&*LzEvNkEsV@+qe7oIw|!X%nDb6k3ReHMMU_2*1NI4$hg9hJl3-(w}HJ
zfVN}tZ0L}hn4k1y8-ikmTFVPL?&8!W0BGFP0QA_minK;(gm8dRFN!2A1~u%?HGMLH
z(ZT2y>qeiu<=3mq(O<pdQpE?+n4+MR*_o_!o3_jatW-j{^MdosZ9qk1cu=byqcTpm
zO8f3Ec?z@>j(SZd|8&iAKz$^<Vx?v^GWv_66XR4LxVSNqecpPJ>Bv4qkaRju^gfh4
zOznGT5E<OeqrL!m8AzH`pJ$BXN&(VA@R$bFKz<iH9Zih_xog7Vfm@MeaV8;mRW+{1
z3;ck9DsI>o3ql_h1C~$Ulj}^^clcJU{&PWZJcz_pMYkuBmZrDVu5^L=M~-7e0zrSy
zZa~q7CHJ^Z{npkC{a1|AncjvD3EhdY>u+hTkoEPRh4t<U7+m|}HM1b<{PYWaiQiU;
z-V1RvwgHkN$uoZMvT|;<h%*5^cUZf8dw{{1wN}n3>KvSZlCN!!c&jo%<p(JK)fWe4
z`Q~*|^Q2NyUh`nA!W`r;JpmsvZoLQTCOZIl+Wo|cb;s%G$dO@SAmx*3VqElLwWU{3
zgr?Pf^B2nrMtVOV@KvdxGWG*XhdVBK{4xuGw|nr=I~4WQYv@T#kTW|IQSVq_Ki@6m
zHiEEt#a~%qJbengG|uXPP3@8nBvc4OEW(B<+Hg<5z3?3^7`GL#g|*-A?hqiUhwniQ
zvG(j@OR?~#h3z*e2HbZBnLBG-8ff8CIKtDy$qI@wZezhB2f6b~)E;i=GCJL}qWMZN
zG}WB>7^^2DL2f@StC-ZO{@nSQp+rdoz?v`TIp7W@R6qa)BP?Qnc#$|r8CH!2OD$@z
zyBzjhHvp{R{h>|{N&VI}J(YOMSJqszmJ3psj~^Eyw3&0GEKEjg!O2yL9HgE*It%Rp
z@E~z%pRZaqq6Th^v-vB`$O44akAe`_=E{kZ;P+N=ZwNQHc$$E*r4Bt5X1M`F+?!FM
z9M|obJNNx?$c2>wo69zQdR#yVxZl?_EJQsQoXQG@d)X|FTE#anfg#@}9~oXbYHr|3
zepHN6WIVuT8%xxsZ?E8?gxNcwpR{7TZcP!`6W7YbcKRg;kKi`KZyaV=ObaLah`N^K
z@`(X__iK1AC}D-b5Nd-b$L}ttzmW!rLzG=F@HQhL4dlT?(1q`~)(C7|gX2R-w3<Dz
zV690+Bk{}VL>r*3l*c=2p$=b1qEH>r<s{nxiLSO_I2y2EiZ`Mi!56$4PzES`AF`WT
z9=-=G_%&P0_e%IiS}+vg3)WV0xq}M-BAJpP0ylN=M_?ODq!Ni9I7D7~J3}vLcvFnv
z19BVXpW>zfC~1U8x2alO%%PwGU!}Ghd#@gWnI11l*+pFcLN3H0FRXGzMRj22>p9zO
zmz2B#dFPm<Mw6va0K3SqMyd6?+;|c2exeeztTPKvh|$H_`clAi8Uf(=a5R=Uc)XQx
zi}VWXS;=r_=Z)7676Ax0zi$|@W__`!I3)l}MTuX%vEW~Vxfwjd&OvoAplv`D74XkG
zz@i}E7ltlpaMiuG&$?P>Ukec~0hWhD7M|8|!H>8c_$mvZ89l9F%xWvwLy&lnMZ#T$
ze*HQVIUe5Jt>pKr(e3P0{lhvf!^7GR_Vydr_Vy=Z@88=}1vDaL<T(^;mh1~7FpCHY
z>F6>Nph!te^Mr(k>a!4F_%&&&n71)@y?ZC)0ELp6Lm-O~bMu|v&dw#o02Tzb6<b^q
z(DxDNsc+gk5@_Ixl7xhh!vg~YsT9Jl>iqYIyWVIQX?7*Ck+HI}YU;3*O?eWa<KlLP
z<5D>-^-+)uIp2Qw;e)Cb1mf1$*=daxkmg+|!^6N(U~+nTiXBP7glE+3=Ue{@@;;T2
zRqw`lrFD34Fp{{bw~e;FKuQLZxVU(O{~6`oOtJP4X#%vdRN|C}%Y(FOywD-?-R*7t
z>oWn>lktxid06wGry3;<GG<wn3x4V8>48jCK|#{tIH4-^JftE{@@|IL@-!oU>@Kyn
zx6_I8^16}+M7;Stw^_P2KQqJ0Z{7FI{p9Goi_PaZeB4&Og$$}oR;w=%Gcq#98hr$k
z*o{{Y_BSRa#KoJL5R%sJ`{dTZz#3E~@9c+#P+U<!>Cc|w5OA0@9CbvKeSBOHjL(t<
z!-xydb6M&$-TYkd(c0NrkiuTAF_Lc;6BC1}l*l+M=rAQ1Zt8!c6Q0(i`q3IiEmJI7
zF@gR^U48wrpR%;;=Z{_Gh5fnFlNt9hmJwO;7(W&3zWkKLX1K1YieC1VP$2}dudgqV
zLG77fF|6e&y=v;~>gsBH5SxMJbiQhu%wA;WD?~+Iv(YkRVqP0{33c@Wc7Ok~Z;Bj>
z^&Z@;_jOI#KT8k}T+<^rExuO@1{k1dn}z36gQXof@!Hn^j?ezOC<TTh(F14aiO~}M
zO1t;T95u5-O{l_KuC<1|ofUvgTG4RG4`=4*KO(l!8r!nB<&^1%Oy&|{Jm+Rjdj0Cv
zo1g3BJeW9l*4mwB<>a&iq=ry12(pBtbX?5_mECM@*V=fjddtZ~Jvk>M2o-ctK<q}3
zG;-xo!a_oLQ6*Rk-RQYkSEHC}sgIsZ+<%(`Aa9V%qJx*1-|nfHVuw8hrHO^p@r$TR
zy6}^Gq5LYc`Y+Pb(lV#Y!NIb}`x{ynBu0EJTbV$#;vk#MZv2*(hGumYkCU5qhY^DE
zI7@>0t@$-WL&JlB00b73@6V9iw%LTU5lSCd*VN!*V_-1HD;;x!DyplSs;xedilEA-
z6XQ)ivcb5)xxYLZEE+}VN_YDM;QtcO{U18a|NH8Q?OY@wOG(0jT~jFG011ls!8eLm
z&Wk<U2v&-p83EK6%y&eyv}9WsJy|;9)d3iiK(CsE-H3VLJC=W!i}k*iG5e$$p#qy;
zZya@7`{Mg#UHg$2Pg?K4r{KXs*<T-*PB`N5^77J2c-2|8TIaU*Y2#Cwu`Mm6(TIp8
zP7mdc$0lWi&%w8iH|0vHV6KW!^FK=v0)~TRMMOj#fg4H%qFy`Y6nfVh@6C)9>oRKO
zgxobVGxNSKGQ_H!#F}Q>>}TI!oI$6ZUaa&Ou}VqU<J;6VN=ix!Egvd5z@4YWIdZ$B
zXkvm?RaI$&gM(Fn$Xc({s-GR-<&YvHBdarF7f5&^005jrx6CLd{6Hg7=|LGo9marI
zRHOHI@5QyXG=Vw@-I8Be`$A#o0cj~>5ef_;u}V-PSyRtU(BzrVnN~t!N(F@|W30A1
zgJ0L(9|VzSesVC6NWOkFd>(w`RpuJHP(pRKp~tHad&Kx`KRtV}zpfun@C}uy6T?O)
z(BSp`AL$|<4%+uAu>tkb!FQPr1EM|iM9342nU+GA!y~R6P@YLiD;oTe!bBFGv(pr$
zcY`AphmS4eTHo<v;7B)x(1<c3ZjADB4pYB7IjUx<Ni1KUnb~px^l1DCx;UlxQ9c3%
z_86dI2Y!BjLYl=JK&GE3I$Asm*l4+w&7&|hPp26aVMlu!lb`hT-3Q2iKXy={8x-Xg
z^V9@|DM&hKi9>4@Z=+)kuU!XM=ttnu@lQ4SBsWHi-ukW?_?S+4NNC7d)Akz;;GuBH
z99-|Sw3MSaG@f2RJ`)blI5xN?1-fQxD!$P3qycxjt4l%D=ZIW35+r9MA($jE6#=Te
zPvh~#uE^fG%oGzt0R^U}rgmJQk}_1{INfBhj6&3nVPhHyd7lJcAFDun`0!z>ZF6;|
zt%93g@0~qQrl-tF5)nNHcry)C+Jp0-OFB5Jw8e;QLokR%SdaX%-c3y7Wc_$X+NC9g
zv0x(VAF(d<s&#0HyPI}yWAdOYk*V!~yQyKjGt3=ryE8DU{C$^5`fYtZibf4)JzfC;
zT%WVkM%j)i5;yJZ4j`5r&2S6bm2pQTef{yCX?gbzAssMRr)l_ZN{^}oQu$puD&D#g
zWqJXY)BBR2`%^8yik3)7VG#4M%7w_hEq#BJ0Gdif_~vxS_{F0w^e#(!P9A}i(@MZH
z&F(C+2zt#Sn>0MUR%e9cbIi+VSdDdmv@9Bfkhx`QO4Ou|iu_^V$Fust(}Kyj!=gXH
z-$Lx(kLGDf(CC$D<;X;&lLsaBl^G?t6R3yg_#-(fiSWHMzW?H_`L|hlRHRoZnyv=)
z(l2#gNXs7Qu$Q%M5pv$sdyc{;-)SnPr+{qGS4LQnE$-uOJ{NMm)^i)rp!$C3(f2i4
z-y<xVW~uC!MxSqE&5j&pru8x1TJ*Wb_3o?fI2B1=hncV~-;LN9K%Y)$xN|6#kYN_`
zQN&z+pGx!}+YegE&@YrJ6}AA5gHQ-C(Gk;0=xXuh1{yl|+vboZ<T~#t#wFsL_S^GH
z21V9l(5koSfw%Xo8ERMdZ}_jnj*(Ne81ClE$9_AU?$u}1dE?rU8z>rG1_RAy92=91
zx)S5yKrKGJjAJP;+mIx9k%p;roXi_^(~8_U5fSd?V(Q+!`Lx876>XtH;>@wqyBvsw
zMtQKk9se*5Jxo@bQh!RIl*ufreEC5?naELw#Ay15cz&3D$;7vb*JPDeAKt$CPKK9v
zQmo6t<s{)hRp)}XzhBX>bR9RQWyo7(@V<%tLP?yE#-fYWXKkPW_dL4xZiZ+I0AFrl
z+P7)Nlw;y^4_P-fXsYeC7iXO(z~94v?wKAv(qx!Os2cfc8eee#Uiu1yz-<U&t=k%C
z^;2mYGnp$89F(xt@zQFvjG1wDi6Gk=ZpsHoJkiK<@6#*&In#>t^YnOgtj_lCW4YF2
zkIjK*Q&UmD9l<^}&!1w*=Bn=-mtCG?+kG@-D57jq^dN{s1eKPSBAEczvVa9<XmeN7
zJISE8I3fxq-OQXOxEDF=!zy%*sX`apYl+y!YCc{`z|AH9G~fN9FV&;y4czRdrlj)z
zcd%Ah>%;;hWt({AZ&P(h(o#}YjeYY4a%(iKekhh6j~QM*=C^{~?4RRw-QiuV&t)-F
zDJLeO@7({w5Lan#rM*UVoDp8Ni0$RT@8FEjl7fVY_>PGUI`mx8Y3A_wxUHuL!!=|!
zI~eW8&6_bAxy$82V;^%9UOrgQd{6A!bce%JQQi1+-z^l@)Td8n0GGS`?q<pYg~ysV
zLA$|M=~<A_H99kE$7EL8L6`l*L3{#sO=4UevCcXnfx!c04pil&LSb(nig>8KJsS{H
zKJITGk<?2}_qkIeImNTY#|h|3XCGous<;(IZ&*UOFDDzZ0}-YaidSG|gwIe_^`I2L
zKp5~<?WZSbTL)blwQjrg)th6em@b&ED-$R`c8Q{Pn}GOfu6IRiYip||D6|Zbn2gUZ
zAeqCoWq7YyXM_t=koPNMQ^U{5KEu@eHe7xAFbsujus6;!^mmlQJB>n&vL$xUMr16X
zlXGM=OJu)&AWoG!);leZu-E$Jj?XaYUU;W*$n>OytKO)3!lY1a2GgxUo?P4v*)Z8V
zWc706MiznX$H%5Kb3-D_zJ)ps1(n0ay0|c-<VO_})D?04vvXbIlXmyE%bfFxY~th#
zYx~)YUkfsC0jPU~jwwIt;HoFN9`Viavol8|Z*TC62c9C)&StCn1$5rqEAPBk1^7in
zj+?BPD~j7aSbq3z<4>vz37#$o7KEBQerX6zPG;z`b+ok&w;O*&BOO*qfs#`YOLZrX
zP8sybg15QUAkS%EZb`b!lt<(Rc9ef$N(MHOL)kldOF1GVv^%f~Qrva@;iOj`dSzTK
zIip&pcB`)FpWXSwEn;fhx+Ntg3k_Z~S368nhrLa+$h=8;BXDEQJ=^`qn?i1}`y6t4
zQi0`LP8Bb6CTu+&zblh}_8~V86P$0m!;wgmMCCeVI?A5DwLV_y84e2VG`6*qo?LW`
zFC}oSE{W~Wu4tJ%PRp#Y9@F0&n<TGZnai*}-dR)z!bsHmgZ04NU|RdPScZmVo?c$_
z8}&5`7LKvm(&0JKg#7ZVNFT?q<t^x}j^+4lUx#JNlp1DasWPK$Cs+r0cD24^!NPbW
zYdIb>nJt$SgKos=d^ngJjb98sU~k$3GK1RMsMbA_GyE^_b}cruI;%e|e<~$Yc?o$}
zc;f4{`Ni0%?%_4i*RSZYk0c`S@-(uI2utiLDGEy6XTE+&(;K(MU9FWX)w5S`X8+RQ
zm5_A@$yd6(p-&A<@K~f|NbmO3OrGT=M7+jB&5=stWs;~7wu9{P-qkKcHlGqybWH5F
zUj52)p9A(Nav|Y9wgQ^BZ58etq~xNW2xI~dQtgq1bG(Jq^#~7oG&h4w&C&vif>%Cu
z-SxJ;?QI2Ql@2sb3GkA)beL?YQAGNQ8jVG~Yaw5WU656?(<~wo{KxorL=)lf<GMD7
zY>%QzlqI(1Es#IoERrcRs*9ubQ7bX70ewj23ob2X+uxkV+-)1@+&xuzgZ+`2O@4ml
ziHxsm8gIw$(zXw11lz}X9~<Yy?V9vUR|I>iw~GD*am($=_sbb^6D(Xta~ahc(3lUH
zZx(}Xn!stFnzMoBFHg~ZD<T?n#JPT5vRSNga5pw%8HgmGq53;5qo}FY(~IRF?$Mrj
zvCr8S$@F8j<$$q>zRBKaG3zS#boj#NIdvd)Jd(O`?0qy0EitGho$pY+F}oOmD_JXe
zDwgP+73Tt)!mg!hpbNz$lB{=co*l|#5p-L<eXrCcbgr&vX7wFITuQe(WRF83Ve}sP
z^|7i4w4y$zKaWLALe_l;77-gVk8&pazFvnct_eR6kl|?34wOyR^>IGZLG}*K8u>X<
z;X}~&cA!Kb^XHdS5A9L|HjSigodJIws>m1$kx20edD0f_Zx5oyh3)4)#^TYH$5<sT
zr-1c_HI7{>_f!DMw9~n{XKh5jkw{f|uDXW6!}HOTsOFil8;0$tlJ*5At@tn98YMe>
zdpjVI@7XB@<y13_-S|yJDEp6{#WvW|%XfSnoBfA#^RTLzn7Oli_mUKrmT%GT2{=q4
zFZE~Q7w66^?<fdKwY`<tCDI+44i|TH9jc7Cocizt5Ds(sa?>tTS(#6OI8IfROZ@0U
zx7H1Eyr44UdOGN>0rOYx_LDPX6&653exJ{^m%#04@EXC31WX;YcTL}Q9y2ecY06%U
z$RG)8*REjKz3+rU%*{$k>2qB_vOs<?scv?0g>7HCH=bv|?w;kCMQ4l!kgpI6_#tvz
zDZ~y8s2?8rw(E+E8`bY~Jbc(N(BOs1YVwMJs4rdqJL$+^jidPbcs;&z9U`4_lHB$j
z9oWJmcu#F*>$@#N7%o*LpY1(b`-!pGvs~|Pq#x_!n3jFdZq8;Xt&=#T`o>g!TGh+N
zxAHsQ5D@i0H7fqTEH%6KsT6-#?RCm+?`=gKSmrk$3)`3T%T2{XLsrqgRP7#))7f4y
z(AX<CGO3{82MfzLw@U`YAHQ~+a>0V)e#GyLrLpKxDKsb*w#oe}?(H7yA*m;$a2s^?
zhN79R47LvO<a)~ASylc1Ld4b7br0v&TjIdmeK7@x%ikh868JD-8<RD-J_qY<U4yxy
z+ih>(mRr=5tqRx#S@%=U59Xo)(hHew3vU}9R`J9UurrFiOG$~2fgu+jlm6i3h_52W
zBNRi!1*BV|7Z&e-77YY4P~NQlQ!h{*3q-Q0I+V93b6DjKDh#=IdqX~D;Crp>Et~8O
zJu%;-=M~zDManruna|6Kf6@`y8hn#J*?yv4u2v@aJx$D4*m<Eh6v!>-f7ZDan&gHZ
z4q#wo2j*J55!@8<`HFRaq%0bjN({YU#J*s6^pSXl-T07TBTQQ_;4bGq{;}vL2EX9w
z+$SCGeAQ9z?(UvH4=eN{%3z8))?r``qUe76A#oHe5>R8t5A)4|%4N60CvsuqRZyO?
z>DoZQlOx#AD)W!;h6yHX>axLY^ni{Mlk(q>1WFw(os;-DF={rSO6bHMdU7;GG?_Nt
z^4WjZMamZCelo$QU8s%|iUCFScj>Wv*MhkLhT4{Cq~Z6-FwpI-kK+U09Ym=zL25Jd
zLdSDwq1&V1Tt)`j#=je=tmMi?lfK22=O9r!0|K^#v;Gtw`I3G58=gQ?Az0c0)R`Kh
zmdV#EEIK1O=Q?Al1`F;|VUh8xBtBRkppK%vLpq$);I(TG<mrerU;ENwK=d&SRCR2I
zo?p*bOFxqKFgM8*_2LF*3a1dsspe-kZ4yml)u&M#&8}|nJ0S(8OMhK@>fh{lB0+Uc
z76xjMr<Iq$WCqfFwwZX7d`u#CnJ3IT64oO?g#ZaK_V`=QUwczRo}bLVk>L>QHq*FS
z)bc5#GrrUgb(oy|V2+bii-2Fu=UdPK?VhdRl(FgDdo)vRccz%C@p-Wkx<f5ScGYGy
zA2h?n<xE`u6xQwi4MUYQZW8PM^l06)&H|J9!uJrYrr|F(M8O)%88JFhEb#^WzDIl8
zUloUM-JR{lyTgM8W3m%q?^7V;wA6b(GO*j@_;v=i0d`2>e8>i*L{?wF7TzoEI2d%=
zni1o5n8FgNc5L0;n9q24w$M$x&@H`7oSE$upEJGWezV2X%R9$qsdiIGS8kV(NZY+F
zvqrdJ%mxVK8Im|mW9B<!VFNSM0L<@|8bs(!t#a~SBlJ=PiUB{6$U8#Xf$EzD5S}9P
zc4NwL5)%_MesghhYRQremXMGy7$aa*M*t8@K$%M;8yRpf75~vqCzCg>*XuntJ91=U
zGG9emaj)(I_#tWrbv<SJ`n}Y!#vEXA4r|b^TDtIc^^@tdQz8b|)RdG6QRLdhWk&f`
zj?#ukzY}4DYP$&CmnIQnI%P)s0j%km8DqBxVRuROv=Ixejl&O=#j6bOahNcPiu+`{
zjP~i3o5hbw&Ky-0EH`9dzpwo=P%hhe@V*xIcKpo7BGbO^ZCsxu)^RfkG&Frf%>pfH
zuI!ki#HNXi&x(*}zTB&lKFgOBUkOdlv?ZCyZ~0B5zLdV!`cV)Hri6)Cr0`U;Kb4U4
z!i{<8_FTK?(H;}M%F_U#rhpNU{~#}h@#l}FO!I^@uidXF1E8amfjniR?cN)nA8ViE
zvMB9s%X~Dqu^TDUl7DD4xGO^?pBSDI3b=qs=at;>$FZ@v0P2{;#tO0T_s;>{oL0TW
z+YLaW$nYVjCi3kv+&Th$){LO@kRy+ieiVENcLR^VyW<K+)2KS<Dzs&SZ|A$AVUq_n
zog7D)_6;_VWs3PmJ@ndb8)jW4*22e6K~KSZI7mb6X3*?FDD1XMU)`TAv*_vh@LgB)
z86IU_2%fz}LscIRR^tS9b_uCzv*$L=M2#ayK)i|I!h_uBIMT7iT!_et^0AaCfjX{t
zX%=Cp{z0-kwebZpcx>pT+?J0#p?IuAuZQw-)g}r}8sF4{$jPGsz@opTr1RDn5*Ehr
zG<@UAghMIHxEjL-WTmH0jX<`*sQ>DA;fKU7n4+~~f;BgLzqza4?U#gJ#84Q~Yu|1W
zAZNA%{*{MpsZfj@-)%43IXn}<!rm@FT<&6dmhOY!7+VzvMKlyNZuBPHUE*jtypG@g
z<+<S`mHb9%`(UAlbXCt6vXjx%m{LQ59LW1mU8!_rqGG=9vZc`mN*<7{Z+hU^Hhv8f
zLv)Dt3jXAv!BR@bSHdB|k}XqQrOQ7ZoD;p<;q}Q!3UYg2IJz79F+T#AdMAIWFP#jV
zl=sG#+v!iQ+1K<EwqF{AfaDd{8jJ>GUbcADu=RvlR`sq%0g!HEI0||#0w#z#2gqZb
zf$~>vZSA8+2wp8KZ85iEdvYt3Oq_z+ZAZ%@V#$Kklz=bo8Fzfj{m=X!P`wWAa4FKv
zlQ9W0Jd(&kN0PlUcNC{w!milO0S~S}dTM=pt_R!X@<zd;0KF`6k_U=P_s{g%)eJL*
z-AMa3CfnXmuK7@s*^)((-XXQ0JYg55<>&uoKB#Qh-QSPPW>9s5dITuKWlNkQqF={u
zYlkhhE619k5=^Ktp49hIn3^DGZ7;mI4pAL;3zFP<ctiWO?I;ei?*dBEz0%YG6Yq+6
zv|vrCa)mfWOgYA)J1)ZlL9%b;IPNMD+{;hKYeeXtl$zyq%gG!>T^=rD(JeFE{rX`J
zuW=7ug6Ssu(Cg*Vl{}T1$wr@p&F=}x+7x)PY*-W&Ajhd%YLiccOHPADcaTeg*b>Cy
ztGZ5*b_fLWRXDIO{U_y3C)Zp*k7KR4h};(J%W)KtP04idhvmVNTScbueb=ztOZPg<
zJ-4}MU+2Y!yfi(LTq*=0j0Jf}X7)LL5&cQ%e5~nlc27tl{$tXQDXTB>_E|MeylTlY
zi|yMtSypLni!x(xsFWi`^h%U_0{Q-?7WH!OBhl48qrtK4*qfx&$Sn(@&$pHPQBM4_
zwu?v^rfumqXCv?#kPn}*=zcp6$7sE!YD^;J{Jcw<QsSsE8<*QVX_;0TJEQ7=rIp%O
zVX#ugp891yDQG2y=5EswZLHYLa@};bz2P$|=j{(vYR@enSS2r~{3rsduZgd2C0l4?
z5DT+5)&C%|wwjhmW>fWhWou@312~ciaro?=)#!q@4HI4^dWwe;il=*aLWG32-#Jn|
z8pmTDqt_{Wc8U}->NL4eF?ZPflmkhabgMP^czGy~N9|c%RPXriY+blG`_xH@;%DWv
znRbJ5bKKPa!Uz@FITM1oXRV6r$`W$wduuP7G5XOyjN~>mB`VLzA}DZ>V!YSPAtGtS
z>Xw#_Q{>1%Lc@7vOE5vtky&3~A0YeYUbWruPySRih0*198TDF^%`cg$Y8)m(A63)%
zBW#<RnrIs2BN`YMu%rFbMPcnQBBE?prG?Vlu~;j2!EOfQsxH*mzjc39$gW*3S5Q~X
zb{e9#qS>@*3&Te7q^DEdoBJrt%3fT9KZ5#1YB1l6Z>RhP_`%P^h^{^RKqYmj8)9O+
zG9j7dV4T2OpC!~VERq-vTH~$dZKSdBaf{urszAiT6%;Ieb6b+WFQ8BFt>nWfFYg~&
zI<T*`zDqG<tIXLlUruf{tFsnY;?rt69myGeA9|V>i}M`~-<Nzyuwa1aL-2=8@#ZbH
zkF^D{GKlTp*G6G=uaHBy#2=w=p(A#$DY#%=$ANmIJ(0J_42Z=GEo6GG>W0sX7c!)c
ztCT2i{KnOMmck2X<sIXW_X}{m=rM0o5yc?>2-#@(Gw*MXQb!C+Z)Ey=@2Xnr{k)6k
zW5Ah2PP^0CksFZRMic6u{PPV(TiJ=AbsWfzfK?9xM#Rw`jD|Z<;swi$QlpGR{IQ!0
zc@L_PLiR#L#ifjV^L;LJR2Jo<Q3+1phDNa$?oXj|hF8yP0%faiP_Z#S)pEc;eUm%h
zO_Um=p88(KS{pdPGnv}yr1F0>fPXE=yN~7r^>csxy?FM8LC=G4=?D@Ag;E&=e5}B!
zmIi`VhNzc}J~CtvF|UE(6HV6hA6Ce2$d1S}dyX%HO&pMO7uuh@w}-Sp^^NrM1x|dj
zp44cAMwB^BRxv;1vg(y*>8(qh&>TLmGg?^5E;U3K?VgmDP~=qR@UXVF21*YR>OX+v
znvl_O@XfJ_d156G=BP(l8nd2=1O<B!{2K;3-@W<1#s%5o1w6(r8X7#4FJk7A9YA0?
z<97f8&hY45UmDe6@Y_w@>d1W(O2}GTYG!N8Aoj}6zBHa+mGnV~)#UU<qy<8^$pgC7
zf`g+)Lu3@Rw}b2y?p5NuA9>1Fcpg7}nEICHi6WKp-UF#y3bWv$TVK&`em72E#`418
zOGu9E;Qp+<WZkKP3`2g5oS(StmGzL9F1SN1G@D8Gfb}ua_SS6M+|n>AqJekWJYdSB
z=oLS_FMq1N$lG*RX#4w=9KLzCTAV`W)CR&&j9as{$sKOaa?(021K{}e>ZZ?<!<70s
zLht2D6Z2%scLv*#zORjh2U`epJ$TljzAED+zq=}WN1XchZGz%^WjDZNZluTkf(w05
z$lO*x0bZqk@Qs_To}ONZu*!17lvcsr9B^=$%~b78P|0|>4;6u+|0d6?=an5t8hke>
z39gMAOmhD8?s4eY*w|ouTa6sFw^JbG4dl%?ZxQ)s%I+u)JQMTwx}g$(5GU0`pq3v>
zzehuR<8~}+sKfPgrk}F2{5w)NScj00u*vw*Idh40&rUUpdqxtL0k1%b%N#2;6A>zl
zi2VJ&P0&q)I@N5kAPhvs)Op#2W2lY*8|p32JjGK$p@;&MIh6Sj@Uapohc}yik1_f&
z+i0A?gZALc)!>}38ISw88W#uAgvQ<1s_lt+zEbHK7|68dELn4LR4B~S2>Nf6TYY#I
zydmPA73_iroT5+w)~D@o+hX9&_sv?L15imxsYa!h{n+>zEw3nni&cM16bTQ?g6(4m
z2j54y0*wO?@2RT3Vqm#zZWdpaZ5<H6S$3kbk{c>!XR|)INoEir+keBWeTDYX+rGWt
z0W|EBm>k?!Ps<hfbFAaPVt(YsW=?oa3hMT2{<#BtdZs`Xlo;Of#E;|Mcj{!;c;1E-
zu!eN@<BSakJ#A^44@dcKd&$?{`O#|)u`G&UYhSYnkj0QToJh-6%6vRss+X?<wbNS*
zD^AF4IbI}6Ts62+M|xUAWNsNp&T#Zu=12;s%V7Fu`sopNbhy2wg5K?icQWR7n^|V7
zA!MIQOt6=5D7Lm*eG}Pq#Xf1ga_Pk3br?b>`}9&WJjPh&(aPdlO*tn|XsFllCnCqs
z;<L+L%FDjbqx)ibgJgqb3{J>-ZiWoLu2q{J7+1?vZv!%Y=pC$+ojJ6h^%E2npZJFq
zQtS<DW)CCq57#ye>)e0>D8ZJz%NK{~HxYXz+%p-+_Lg07H``&!EeQp8w~j`XD{gu`
zVIFy~*h5$4@DZoR!9?C`<jZprcRT4(c4Op2+sF56zQE+>i)m~Xp<h|=<AvqBe?((Y
zg=NWdaMgrr9>BzGZ20&}&GTc4QtwM<gO#e{!lXJiG~$BhXgL6|inr1%=7n-pb%jZd
zuMW8F`GQs~BJ=GA<dzqFW9vwTzlJ}ff5RXU3%9Z#csn><T@{|AJgw64E5{&sNjDnz
zu=xR_8CLn>!Xa7hrcYQkYz-rKh(jgSme*&%d`y4L;>R{h;qv5-5o=I*^O^40WI<~u
zOzf$!AG7=C$q?VRzFFmN-R0p5ByOvoNBbM;T+YKbH|HKUoM4M(90c~hMSi{1;fFkK
zJeut3a)Lz8BlJiZ#9<QB<a_k!rLWtB&<p{_rw<W$r8!@zSIlYjZsU?S+L#B+zR52p
zL$Ecx8)5R$AY69hkq_kKXJTjlO2QumCcektDE!Xu^rXqIj1(uMZym@xDRA~AvZG<X
zFU)0cladA(8ARVTnNuYjZK;#iwVS8{eXc(^^*eh{#4$4y2hw?=tu|oiiaay*DvgsS
zw7~JUUPTy*O)9e2TCVsS>6iOk<3KhNMG0cckXzDa(vDLI8fb>P?;8YDL8e*>w6f$r
z=g;?NiV6aklZP9!wh6@IX@2-1gM)V^u|&yU`)AbD5KX*3rr14OiahzuG2=TXLhw@K
z#!GUCT!+S^THj;PI%H+0Q8MCXys3JPJa&WP@eSz5iMG1N%BKu9j%SiG$X&BdTZBEa
zAHwM&h88E0(F(d9IHt`<)U2%JBs^9!Pfd}lUGGFO^I&E>SG@52zRpJTF(iAG>P`ql
z3|_ZH+5_CWIV_jrGpSikn}nyr#Gv_m@Y2mEaJ+Zzixo=VbRCKm*t@19@i!PQOTDry
z+>kiBHUA|c|I?q>t@5orf9(A5a0J`+42F+?7OBx_lq;oTZ}vS#4aeQ+{P{z}2dyJ{
z`LJ1bq{h4!CnHY{W@h78<{j!U<;zvQcAn&8!Gw2hZf+0Y88B%ojpmhT)T|(5n`wOX
zo_|lYn`&9Ez*$|p&+j@hMT|4PE?bx{9UkLk+<;sS;y*m1LlD8O&DN{H)2p(f2K?G}
z7fh|a<td`-d;E`hVK<t$kdT^k6cen>V=G^;eS-Nex(jA@y!Egc?8?SJDzS^*IOflB
z_>B5?&2xS1rZ%G%No>9sxZ|VvAj6r>-q-*rpPzg9g}yOsdDd+cPrmB>!-uj=sJBON
z<^cs-F-5cO!^C2zE-(zk7}gFoIU1nFz4M{McC7s7P(goyu-n?BW<^X4$z*mdP(FRW
zlamUjGVBcG91`9=yR^x24?ULjyFkVrFM1HMzMesjW?rOu8p)_^8I5JS`i|#%w6Anu
z_9oZo)Fw$6XDBr;+dT~q8O1`54tL`m>yBk`JUyQbu5^O#U|8Eg$9^qcb92XyF#0Dk
zQT0(#q2#m11C;Og#ia&1<!z>`5Lb1W(X~P>79$}*)mvb7^ksOSax%C-!+3epF>b7H
z{uGmAUBr*5Mx1G|E=MS-zK`HIVSHj@=5xYb&j$lY`aRFv`dG*YN^NmfGWoHq-Kz`r
zD?yZ^wc+ln!t*24xRympI9@$g;VCIXFSLsuE%lqCBZWQ0ZtLl&=Q<qn&u&;SOj3^1
zyawp#<CeLT6OOI9DUqtDySbfrOBqU=O7$!0Cw}gey>Z_NGpcij*;}}8PB8Vk<qLT<
z*LcXG7GQDm9sdwXy;W%yomyV;x@}#kGM={6-vysZ)c0_J8aO+7`@B1W%X_%c^Fyum
zGRZ=53KE@xY$?{)=i(R&d%eH~2Q3NgX#XNnqh#&k?C;jYPRd%U*MMWPdXbE|lh6G&
zqIJSS(zM&{;>58g58pNF`Z@WZUZ-jZGJ`;{Q;J9yxLrbi__X$_gyDrc)7<su;Vm>E
zSQ(m_nOJl&H?0Cr!7<Xj9_|oOK5h#?pk?JHwlM0*g%l^f)so`SnaBr9cTX7g$~l>J
z$|6})cp{H&`fisF<hg>k?L&Tq=6-t`S;UW1JGTIw<H7FY>FxQ>$Cmn&OE=@&`{O~n
z=kmrXJ#ay+Mg(hOQA&A;wxcCC8J^YF$=X*_-WlwN&M(h*-fis>Uggam!}DT~r4Who
z?@*Pk%OJ}N!TV8}-x?J7#H={uMK-ck@_0ZiQ93wY%DRZbkzng{goXsXaLNVB-TEXH
zK~nTgm(h&1T!BGro$?`RBW_K{MBCl1Pb}!zJ=Q>evSNmBpK*(VS}p-&Zi0Pbp*sN)
zM8u(w%EF?2^S-l3Gwk@_n-qJj%;uMqf!LVA$K3;F!;B4H%AHOrEfYPYbV^AClYs*d
z%YYNB*-xc~v<S(3QxW`SZgJGjw6RKebR^D88VXtb%{gR888%33RcF^e1J`1>JhyHE
z<=30Bl;SeS)9D&bZ~dtR9j6;^QntFPsR0)x$cOSP&YFDjQoax7hMRA;HXh?djtr$f
zhZounYuL>*wI(>GCpiex?uvEBO-EAG@Zw<>JG5pBXnkXKQ=NF{r73rDy5QN{p5|Q8
ztH&Ry8HECZeq8e+<cH~G%&Na-xP{d}?c07b+T=NV^AX2sHv0ACTm>~Wl~t3k43pE|
ztHDqQkH9U25U(kjNh>#X)>tGvJG-r!rg}lXcT;Z>IWojU6LRrIr~M^b@!FlvT74_T
z4Mvzp;+b4PGBR>=N3?hC#{AHQl=vhI4C)>@w)`mk$nZS%$9)1?!wEH|y}1NrkYe45
zf4cNHW_^FX^l9KKg6qa73VN}mtp~Ugfz@Yh_ce+)Tt=zH9Dl|YXn=+bO|aRHPVYX;
zV;69F*V^6)+&DrhF|3yhDZP%6{PNI?jDGv3NC%2@C?a%dY<^VOjmvG2KhgFF18LIx
z$WMGbEuVVGvrlLB?)fu>ofePx*hA%!N0Z_Z&&~FAlAxEBh^gmjF<2*c#Rw%^Y~_gF
zrDs%?d5-Ac+w{oPStLs_kNl9XhW0J(!Xe%b9MdziDX%?Bjz$`%4<|wk+?Y?%8bd_w
zH9}CmX;sHup1!A<u};MVL0u%MV*@m;FkB#<N`!r(<ZAhaM%)}gb{76bDuOV2-)t*y
z|9W)<&vF_3K=XER`x+T#%Yi+@YHaCknSu}1m>|XgHq3(-1BYmf<d|D9N3q1S`Yn&#
zhi`tM7&2^jOufgi@EK-$7Qfm0GgMiUWm1j&PFR}2%Pi$&2lO56j^mGCy7ZVS$aiHa
ztciF+kwa#_$M<(>f4Ujt_3_bePG+;`X|Vjx&Wn2VeJojHqKu~O`nz&dYzgP*ZJn*H
z_Mh&cL|q4+8N1;IX0(zv8~sFVo1LeMtmkN&*+IJ7@PptHZ#AeZd4#fgK_!?xW$2cR
zu&t$Q`3>tD)KEEzvcv6ROfCGDp10)u_mV2SaXuf2wx!$O9fYj)TkEcUv6%(6pL?Kg
zv+a*aj^w9Hc;4$V!l()Ph6ButE5TpE8&w|!5AT!Z^O;1=yx81cp7nixH}mG}9sbrJ
zF4%V84p-PG^6&uX&28n1oI;(-d_ke5>EcmYeSv~I(yij$7WOZFm)AZ~f~v(Gi1Hq(
zn>i-Cl;6h>ks~yq8Db)!Y80OtYIk|c3*GU+FR`m8`(QOJ@zoUX%Urm8**ExAgtqcR
zpZq1zN-kmtGOTG6u{`(S!Bc~$ITJHOjM@ykIV$wJjFJc|ROB%)1827m@q%hHB+;>O
z<P~fLrD$$Rjni|t3{4Se`6NYG{_JEhoqzjtQeB35(9g~H`3F#aIGqOeLT^z%+zA6m
z6TN69uVmLv8F}I(>@y}rMA}B&m`tb+0+uLDLlTcdq}nlOfok4dVI2^TXL+aQZ~0OL
za3f*P%)Q=KXQbKkso$SN@Ayu}PyN<3M%q8Kb5!YNIkc6(wsaa5chT0U)(N!=PuTP{
zs8Fkpdg=}3Ta98>#^ic#?}H7@-Ck~9=+q71rs3O;9dwkhx?@qZHNx#a<lq<Bk7TqT
zUR)%WA@7vO3@D7PvWcml&cQc}1hGXj>%7PUZj3VOFz-j7;cKM#Sw1;O4++dgde7jR
zMUX6aqEy+t@X5>v=Bqj~Vci-{OB{@!^VJ{Q6N5;vDHosZ$H7c)un`=R5?n*8FT`hM
z{4BnOsGBq$s$vxsmhj@1Pf?VpE?4*JT3__JlE`Yh+s0Zjj^;7iMT)ex&Ep%%?S&Vw
z;aT?1gaowQVs$qTpb7PFJw-Y;gF-`rbBio{5o^nyrzXz|njEM7M14>3nqNZ$XWPPH
zjfza44R#0)V(x(CuT8k3%e`@3c}FsBVv;del@Lufnw!}F($nb&7q?YcR9G={WILPN
z+AwIBoGBC~!~%NfB;%#Rq$8V2gI)`D>5YQQzLgRyVeSNp_<-%Ua9p4^M%kAs&arQI
z+moErtmR-g({1Ux!b9crvOm5fX;U!aq5d_CVA<D*RoVLmXkvnQ)`WkGqh&|AfVI~t
z59r@Lh))0BnK3(VXnKe$AIW+%UP;g3DWFaS`}eH6lG)gVhr3~uB9!wJ6XE5mwh_X)
zEK1HXY_T3I@OuOdOspoZjkFEEbijdocJXF8cv|P_nBd#K3A|7Fv*-stFr_EVt&{VF
z+}0lgKU(*<QCm33q>8*1XCw!%rX0RDGFhnhge}6B%=<Gwo7bnuQo^sOT+b^apY*Vk
z8g;lc@Y2+jfZ2%n3G=<M+*~Bq(vtXbE|y;V4{?09!zmjJ##)))d;9rleZ94TWg@AH
z)(ZqLB19u-<)S3?^oW7;=osLT3Tm_i)W$hIz8L{IexxzU-uOqxbG_SMo{K7x5XB&7
zVf71_qucrskIT;16nq!gSG@!xHcYH77xLwCnhjY7SsLYRM@P6*FEln)`aO;EgACIr
zM#gU2e()IW?c94zs;x~@4_CcO^g!yH<(2&MHhO|mZx_(7!(=>fr=wg836*Ub?!~go
z=kCf1dHn>1^@F8?g*BbjyQ<H_y=NcZCY3sH3J7%8A5c~JPdfnrnEu@EQY^8kCoynX
z6r)w3X8t~@G)`X5d_MnsSGox9&LT&^&SFo5v){>g-KhqW*Pn;?{TS3==>XRNG7X8s
zrJvd7R93AZGwSN<&Qhz~r-@x?2}G&@E;zexez{ZB{(RLJ@Jrs;U>?9PEvB;CGFt9l
zOZ-`ZwfJt-g>3LT`!l^jOBS>Ba$;kN3E1}ZlY_0DAv6N}Bs9M8<lwqGtK(K#j_~T0
zy6Sx~2YcTjEEEb27X=ba)@SVF)pLlzZ#bN@#XRmV`aQmB7<KZq2d91Vb|MF;8Gh6X
zwzh%mBzEziyGfz;z42@bcV7I&dp-VeZ|@5W`b#mCTQeIJwe0#KbuLSo{WNT-KBw!~
z#eBTyzI`@4JbtNh_*zO<yE_$S-edh;5K86jLgF>0u7R@j%Gz+wDlK{I^*hd}^a%U{
zW5KONlWkK59{rlJMV-KbF!F89!#dzVsGG7Exa5mJYZKG~ZVRKU7cIh!TTU57yS&x5
zzC;JLc{0@&n~stQ{01%`K~yE30q|Q+nRL6pYq4Zxlyj|t$&6Es0{5|5FpH~_uHPpk
zVefpR<MF`bm}h}8?YhqK6RD%0IM=^)lI)pYFoH%O;?-tsQ&-N<O&E1Fb{#XBmXlZW
zSr7q;Dcq<m<VhWqGo%{n!=UdHNyxL59FQ$asNCGwgu8-nYdq{<9-`Ots+HGp2R?xk
zzsjqW>6*msGAu!z;sEXzVcVawNqc${JD+M|QcIpH%qJp!+myQTqCCXEoV@i~laqrH
z&W9eWw*35Kpe85ZNFunP@r)aS0o;N~%CVLe_dg{EPNZ6ZyCmQH+5nx%#Vvm%5a4XQ
zBlrK+^_5{&bzRqhhekQnK|(mBbV!MG9J)(NS}6r7NhwJWNQZQH3j$Koof3kCbV;X#
ze(T)#^S;;f{doN&7qRx*d#%0ZoMVnL&Zjae|NF{<v!9YhRe$eq0oHSm7|o3Y=JG~?
ze8Z<b+~b+S0LpiR@K+m|PdUF0j3brzfBsqA?9*nVV!PE$qZ{v|;Y00$&XxY{8MCBu
z$^<W%`dAKVGweo5^w!Cn;NXNyE^=tn^ghCzV93oS!@!V%Qdb0-O5(5t?)~1rli`aa
zXO@h?9D~jy5JNZ7B}cuP#Prs1tv?1g@r6=ebzNXWBf&k}mpSmshmcaE{m!5GSJgtS
z!<u<hE1(0cN)%<GA`=~2ZPEQ6Km(smhRx%_GUMy394;#vVuf_)ZTGl$7Xa3H$144$
zGK+(wcVMagKAq#)%Ob%n{)tT&Ne>Ok2xmjEe5h&m>s#ZZv6lPP&SU6GX%VXbENdsd
z=gcT~LpT;m3EZ(RQ~hQ5;79;n%;6u(_v)>54Y!k2l@i#29TRyZoPTQgg#ub4G0Qkr
zx|OWmC};9rn`Jg<Kh{6KZQEth;U>4cHBjRYF<AKG)=i(dHl(Ril*=C)18W<*(Ri!)
zPYQYU2;PwX1*M+bILF10_}a2C`r0#C<PoXs*G+73mgy3-0XL40=%U65tdH8DGFYop
zFj8%4JEC}KZ5%AB6)@0(%+>#Nqxjj}rolL<ieU{;R*nr?tnpq$@PV6RMz?VZ^vw_+
z4b9td<qG#K9W>PfU763ZSJmsJ!|KL0R=8Zo4bfJ^{4Ld9XFDq#4k^7wg#WTgXtD0p
zYhC~`yGnB;%deZ$HKR3_I3nAc;}>(`Psa}TQBgveql7a*n*H$T1Nq2MV?Y)+9m`B3
z3z%>Uqs++M&IkW71uN%T7@ajf9|<HBk?t?+Li6o=atlRR@c(cDfE0rt`*>u(u%Yz|
zU1eBh%tlGqiZes1@|>w$ublGF&B>_jtEf0e&9?F&rqPu&VVBpS=bi_n+y2i{XNo?X
zzE)hBw>S6gk3Lptc3dIr(t~F}vPDB!CV5QuFDb4_FYNQX9L|D~;kIz@${Wp+XHq)b
zB$k~YAZw>rl<y_yLU~p01#96xq3EBVglxQEuBzq_jtr(Sq45Y$O{MJ+Oc&VsP*Id*
zq&9BcE%<8gCumOf)0$BxMsu5r|C*~)=HB2^Ivv`&!*Oh9bGKK>S{Z?ov}yWO%$fbe
z%iF2Cd_b9?<RNy}oj|tl;k`%lzMjp0M@FfAlK;p^_3eepM56XCP1x^tHP4BhjjEbH
z9a+Env=qP;5)~7ZGTKl`u)$9UK(qy*NowhST=V*ubNG_3HHIt<Y<GG>Y(4mIQ0A|E
zqtK72NFE)mY^YvFr+MHPnWK7~GhO9eRW<JOSH=_aN_hR=#e>n9Ivp&X9bM{=$j3}e
zEXBssfZyGPH6JdV&D5w`puzuY^6k&B0c)`Qvuh@=7pLg3x_p7q?7I9i-o(Kwn+Uy4
z@xoeE<>5*Un=<shg@ze9M7_4|)h2aFrkV<k4@uXad?QrNlydEDEBs3M3`2OpN;;vH
zDJI+BQYn>rY9KfIwbDUpvWE5KHJ1{_m0FRi(=*WFG}l)t3Ahy3gMUG38)@_d*4R;S
zK%u#2xy9E_c*B8DNa^kYgX!?EBHmgK>QA@z`8po2AzTfMJ@4LeYZj?-#qa8ns{OW5
z8CGvq)M|kMD*ol=<=45ntI*F4O-)FbbU-xVgdM45h*ALkPRC58>GIy*T|CooOStR(
zDFVCdZwYX51LERH0^hyUZuyHV@Gm$(Cv)hgCrJX9RX{WRqzdEcpLubcX_o7RIo_YY
z5bsP_-|y2D=L5$i!No<(*VWug%~~g#_=78?l%p`hGSH0Yg<-7?5gv?#Ma`u6X(i2P
z$0e>0zkW1(@>Q6&eE@Pd+@H!Uqd~aUnO9U#TfUqVD5F4|os{K9u`871(RVJ=sNCqE
zHD=e>F=C;AOnh-J*4y3fu2E(nUcIN5Qug`Fb4kuxX0Fkd>x+YKldxK7zTH%b&14Y~
z$d{Ntw;Ta3w#46?I~eUj$75o=B;GI*LB^JooV`1lhj&>&GF%)okf6<8#&huP*LaNN
z@IRrF=LC{pbL;*5Hz;F^iq<QAFJl+j_1P}AVVz2bjNwhq>t*Q(N&zJg*tUXX%BI3t
zvPOo}YR@er{-}Y9M;>sRC?nc5!?bYgSErd35)iLFolx$O2_p+rMZKitykuea0{rbi
zN76-Ngk4_n7RIP~XpU;19v^oMedKex*k6F0jNS5*REDT|P#3UqFwcvQwBv0RU;uiw
zYSZh|Q)MvBZA}ts`TASf>QjRpYi2!cMLQ4qy!$T3*z8#XV8!Z~Imutjq8^;3V>3-8
zt9W~`xn@)dyHEmIm?>%&bf}{O9CfWBA^I4ZcOTU2f<6EJlT8>Q>_X8CjF3N*X3sB*
z2^t*L)|#UsBY@1?mDU9)V>T`8fI=((_s?xNo84Q5f6sKD`wfv_DkbgObBc>?tzN&b
zDh>_~-bZ$ET4Ane!bL@?1qB728;vV|Q@AT?$D8xoe#zf?2J~QLr5V@+_p|EWaF{gT
zuWeWd*pgu>Lq7fseHB|oqo|%F5-$(NF*iHw2^#7m>-}-^$d=U{1N1%i!<{Micoxl$
zhdewyEs6G)C<~G~mW&N9AbvD_iPQ#^8PduXAPp?iucmicYK_#&SIYPJJ;xSpu4y#j
z+*sxhBmHmTT0XafTA9B%yCh9IATt^tgF?Sx-Is^M&cN&yS=*aELqLUO>K=WscToEH
z%`bhBem*lAo>6KfKpMs*;6KN#%>{Q)@81TZihvW~(n-*ym83g37nk`@lWqZ?Vc$Rk
z`?f}ifnh0QiCGAO6TfVDWpg+c8zi=4qCN44JhAdI8xJQm18M{6TbY3Qz^D85Geu+y
z2z?IFrQM~0Le288^35mT{2bXW#Be>YY-xFGqoJXJi#A$2kN?krdn^5&-*e>&(Ifjm
zb}G1#;t~TPWUf06qOOMk8BX;o01fYsM`pthi(#<`l15VrgJ@S6I9NY%%$U$ph9nD9
zzO`AG94A1kNG0WT7h}*q6jgNVn&9y#AjilswTNKLYiq8qL&>~%PmfCVpZ@CIQ+S5i
zXT<NeGifO<E`FEE2DdW@LT}%Mm(uyzq6-HIcFivjmo1Kv1>psvL+K*qiHV8HV%{Ku
z(Ttdt59y{Q<3-O3vxY<SJRe5O$2px+`H!QO_+5+qqVjjR#ri<ly6_ksXnM8LZqf2E
zUt^=GIy}bzDeli&as!FmY;Cs^L_0-tR~+-(5^j!@U}}-T(BuC{#fbz=|J`tlc@;gl
zQozN*Qm$kG#&ULcwl3Oyyd-%D0#`P%1P@O>E;M>1zyXk#>?Vr>R=SZ4MxS3+ef}(`
zpnxOpbLo#FT;BXX`QGLyQDfClFB*GQBc|qKxP!s5uZgbdiPnauj}M1PTA~@C-Q0s?
z`%|F3N9+=a{fa~Tg&c3cLfh~ebi{<GZ5X0IzS*-rM}yrdg1|Ap(xVOPTwL9OkIpZl
zP5ZGYWjR&tq>%X6qt#$sW*u`(Ea|vEB>T>(F{M}^fj(xiP9}<J)==_bO_))k?E0?Y
zwyYDzXh6x6Ek_Lbo!xE6nM9x6U9~BJtJHz)&st5}{)!lSN~b~#@-zbt193YBD_)Em
z@C4A=dE5$)#Lkg4VHw&-X+Tv81VwvurlUa4M)*}WoN~B|C1y-ZPbQ;>LH@(f<Mlz0
z%foDcc?<-GTwo_a268|J49?XU6K`TmyApiRqLGc;NX1~uI<7jys8Yk!h1kAB^FX^K
z^B3_?D{12^7IhiFMl1?pd_tnJyi|tEt&el#&aq|V`@1gfG#%a5GQw!MF89fFd|sj1
zPG6p|bYA{vzC^meRNi-U0}Z&Lyl2BHFSiq^3zv+Z<GYLYwo%Ju=f_9KGftfZ`M258
zE_Zbwf0T?m-qVxf4o>U!Ep5Z`uUPU=lsq#<Q$-VnNTxp8(^^nw|1F5d0?Bd~U03`~
z?exr0PZHZKrehp?2b^N|gNdAP4EMRnNAdE){#T#83lzc}2)xNMXb581b>i9>qQy@;
z9UWKkl^*azZ&_|Aivzhv9Z8}^eBb50K{G58wQntXy*uXkTGtR$hj-5f<Eu8BOPlAV
ziEPs)G1{vHU)?i4LtObRIn$48*$nzjJh`WGn4yr^YxI}cRjia8YI^N#=q&mCOFwxP
z1lkV!h5T<acQzrO46VUPTsF%BGPc)D2b+72P(>O|JjEXvS$nItG9p((XO{6hFH+)F
zGvp}~PIC(W{L+1fEEScZX_K1~dghNHPWP|&I9izkT>a!knF%=|g0q57QZK;fI++1m
z`&smTQbmRkL<<FLzdcK*#qlZfz`<*?Ux%Xa`i;iAA}L`qo0STD#)NE#DVo8N+H(RY
z$L0?WIz@1jZ8dIinhg4wEE`_$pWI_CUrb3eMKs0r-^FI}JJmX#(CsJf^q!lOrK>m?
zZAFrM3-x0jTxjUyW=@R*_6l?-Tj5ty<_;xD;`W10$6I!C22(#Ww0h0D)Q$~^pO~(h
z(pN<z5oi#NR>1KGNAn$dw#sc@-N$KPV_fOR7_&Z<i|!f3C?^`DKMO$U_VyYX7&NM+
z3JzOrjb;DToropGuHd<c**D1N_s0j24ab1o^jv|=>%$^_2!eqkn*ce-=c;8E^D|b|
zmsHQBJVi#q<&x!8c?RbZ?odvl+>-Q<RNZCkV?nK=WLQKOip%0Ts!LvikzASbQ1OI#
zYA|!s+~$~rxS{wdD@opj(u*sJ;P&msOXA^Aj5v&ra3(w>$D8wqv}hQ{DQ${-`D-~>
z!kj+Y-YoIuYQ4G_nr$m=>fU;5u}n`Td(C35OsD(%ZS8DqY=-YWc)~&@U}vRTNIaJ3
zC{C$yylh@eHbLZD+aM{B$?;##1fd(z%GJqCf_oIONGn+&j~^XV3_#f34gSE&p_<Vl
zVPTsQ$)=)wC`%)MEUgumw81j+2g}7ZU6111$E>xFjL~_fjJ)QWcMDv(%XJoWN|f&+
z0iCZgn13_6Ih6lzOxB}!b{R~;>HQ?LMs*Fr8>SP~3TJ7EtBHKi@JVtE6T@W{q`S>M
zreWJWgv8|2W8c_|Q~!YzB@;D6xJ<UI;f;*>F;)pCms3Ka7`t<SEPK|ws-kKC4XS#e
z6qi9pM@M(i(b3&=ZcNL#3&QR+8IOQK0uZ-f8yFc$oF5<OL^-8o<nFyCCD|eGw2;Q5
z=yMA}>`^=_u2MK5bu8|vfJ9X1JFq!Yqtkg_voNY2B1*ISMdVFnzR1y8&dH^laWZpg
zHP*5O`^R_8?NrrJ!X!%2qV&W_^e60W&TP@vaPzuZH`or$q8!H*e&<$(6f}nM%g0Ig
z)#?%kr-R)K=hV-(hkRM%1gu7=u88fuH67i)l#Mr9Ewu+0KI^ul?~QBL@V0=rNJTKZ
zo<du$jU7H`Np6&?+7+s__5Go~I?cyn$Dy0UCl}h?HLsG<xLYzccHA}J=V^d01N=S4
zp=I~2X}4seKVRh#s^eukPdI|K>+FXwWqpRZre!g4IxlOL0*z=&>E({mR?-H6vjt{^
z8pz$=2?%?VwdiQ8+dPG&Omr+FZUu$@|0^=XV73f)DVg#vcc$2VNuIGTeZ|{C8QWYr
zw0pF?uN_Vdw#(ofu6}Wl<C~gluGzL%=(GzUqC~cF3KD!|c!j^C872YB0!gN}Bw4-u
zoUKHpZxOK|An<BIPuo4Umov^VAVt7_<(B~^EF{&{T-%{jH_5vPFRuz*gq5SnfmFVU
z;imYQZG!&EoJ)e>ZsF}y+ji=Q3tIj#nvx6L50%eBGRxWIWFMQ2a<b`KH8Mai2Ki{b
zp;P&cyb0ooLp(g@&5NuB@~u<0In{uym=8B=jYvZwnH)BdwZ<E#%|cOzClGdL+6Xz+
zL*WzfBz;&c8dgh|NGWU6RJL7G-qzRI2lTHXiGN`9TA2|z-e}TiH&W`snZWl{aLL@h
z5U5JY7K)hvjQln!M;#(~7+|KdV5!f~Z0}-vW&%cS5i*y4Fh(j%%obW{ua2(zs;jC<
zjOukiG0?cPRR1)7z#dHv7A-C}!(_gcHEauEO;8(?G8bk(E{W~W`v&>18PBv4YGJ2c
zQv{8*q2slpBT2`2Hg*hv*E*A-til9-sIBNxkw~WS9_2)%sam-|PAYp^qK!4JkGi6b
zS%}caJ}|HObk=y_RS0(1;zy3^yVGD=MqHcf!kGMZM4c7`wj)gWHDG|^muM9kWC{`B
z%WzF)?h`vadaqgGJGQk2f)@Jx(049EXdwT`1m=M#i#hooB|~ii%$U4{5%>Hc4Ak6t
znI<<Lxk`iEPv^NK6i7Cv0=@)saMd^^FpS1s^B}dNI1=2@;^aJf9k_}pOdnkg^>Cvi
z5^4*;<rLY|50r4hv|^+>Eb8p0UhmBbBqt|-9U3A4h8kaMZNH5bY3AzJ)qVQZ2{afn
zz`KLCVhL!g+iuUPG9>&mhy@k3C}Lt_zJGp2_2kX3<h<+ErvCPJbdbpXEnZ?ZiIK&8
z#G%B<|Fjb?F9^(lH9JQwDH}Y0*M|hnPAPMJX6DtvJz#6Hm}JdaSkPfUOzIuhGB5<;
z5h`RD&W)AMhDvU4Z-<|5e?$7otA9a5);lisY>nqS0jz<Ps%FO*NU$UFPDkSMRWyz9
z*v&)%YDn2!E`Uk&j$Araq^LNOfCkntXKrp@Ra4Ue7?v?W<eH}#Cx`YOlyFCXZoRDr
z;<uZuovu!|^#SdFB40W5^Q#{gdvkRipYBsqz6U7&3ixJU5;twh)5;H^B)0^R8A@0I
z#5s|`5FnsA{y*{@UrHKaQIX7Ri3PH?V4ye30V;&oPEJI>LAYR?Bc-AF@E?^>PMN9i
zZ%n`{MwL8(iyFvhJpu=eosJ*h8(pj~fB$ap>A?b60NLJ02|w|FWkYYmoWXO60t&b=
z@!ntVpI^?ldc%4nDDD9JjbA`Y25fUA0rJQLN}dNaD-uGHVo0y&Tn=T`;0>@jWRTQ`
z@_Nv@HoOB5{ik_MM*~Qx06UpV)+Qx3E-nsDAP|8;;CBBB94;xj2z2}qN#cmx>w`87
zSTTW+kWiZVTSE_ez>ALnWs^COP_bwi5CGeOP?Hv~W$?evYz-6m5)&UENgIOW$$fpg
z{jONMa0N7sFz|38x3{;Nc?v|JStlhq2Y@n2{QhDKm5BR3sav#lwQ>?yj+)&J=ocWK
z{k>lLt5K@QS?jPs30NBl1%<FJ@&p7_aZwkqQoA+zR?iz&%=N_==ozxRBdLTS`Y;ZC
zjnL4?z|?{wlxh&K3+1f!vp1*!ZgD8R^%`5CE~dSMKG>0UO@&6v-rgP^31qA!%nUXn
zfV2SGe2jl8Ll9T9KyVf09ytLdUZAIihK>XlI2cfDLK=<=&E!<c_+}5F$|Cz(c+WCU
z$PxIZ0DjGedX>jY7j8VLVsFx#lY|@>NzLj3hgnl7|La%DX!6*(R_oD>gDM3RH4NEf
z(nR*BYG`bpeEsanK(C122mw1Wu`7&-q4mOivPcsyW^tZs7UTN+WK;rWJpvd4nE(Pg
zoAsK1lMDP7$A79;u!h}lhCZ2>QhjArRaKPnsYr(nk=y{ZJQzQ5?&GEar7k_JRW=lX
z@o+#n`?(V21tc7TMDbEH#EvI5b1?Zxl?uFYp5$_Wz{SHO&VFe~O(Le*vR0hOQ$uOE
z{TF1K-9fk{vQ3lQyEBy-f4EGVFCV~IhvrLk*@@mee6PwzQwcP{6N{@q0x7x8SQa`^
z-bC#$H2EFeS&&&iPrhZ=XFSMlX%VyWWtOTFe+X*h&ouQ5Td4EjBhDU=9*aBZp1X!N
z6@@5A$t!->EsbSdS2s7ZG13QflNsHBlaJ#_-%iDJ%s=rKg5>v$>1csi$M=<z6A{tD
zqojNJ-FdP}$vL!)Smw(rguH~uJI794Fos#R3vhVSgd8&t?P9GD0sM(!hD!+u<{#Sr
z{xKqzSyW2#R-hS5J|p4KN+;bYfSv)Z6!A`=nyIz^r0vP;Rs8^35YYH9iNL}1zYmzS
zN}*~dPm$#2Y{v9*HA-S72ti9rJ6Z9JijYQB5*UpfftLe6ifTc^ewu??!q@m~UT7#b
zn@$n@^9tP<o6+Yooa<QfiNQg9nGk|@zy_D~5b=7C59|LV?=SCy-Ty<8M%A!g75_O4
zqZ-nJ%e0ka<LQL4^6_J0c<g5E1{>JmC=5_K{fS%E+v_)D^bgpOurm!>8*#>GQFmds
zyVS>ATDPe}jxfm~7Z}Nf)rs9!*LHWK0Xm4&IqifHRjIC@!DGw!?Ccoc1tZSHkyZ?b
zWfMSMw2aC4^Zno_g>0*ocMZ<#N_ncOdO^voUCPU*c=+Ggmccf_Ri_`uKRrK(d9u2y
z;y+z%@qW0$d5>1yc%F){8xy(4sZ$wp@7_I_`7(Gb0?v_n!r`^VDWB1DG#*JY26s-e
zH{n|R{k=)MJj?hv@0HVJX*MgwG*|BKGH-2NT_g#tcnLs&<k8CPIkwsNDnq7kwqNK^
z8nch|<M{wXx$&Ra@BZuUmFmd({3~ZMGkW0RA!Ai;LT{R@Ou*lIcjm9U3GP&W5{%L;
z^t=|B#*!gSb-_7qc$P#Z{-0msW$NVTynK`+Y5VLodMH8}yB2}|{Js=lPEHPe1u3cB
z1E{Tt8Cg7Qpk&=GWgM<Dg!AO=qBpJwXKmi)Ky0vO)UPLeEo1#{=7pH>=&fT^$JmiR
zcBC}UrL?5gIJt_Vcpo>B;xToc_?tF+#+ogc{G(<fJ7$i%wt3wn@vPcqKV@Nr5Lwu2
z^*zd9=wYybUk-P2tWUHlee9Yr^V?s(GYVGYn@S{Dz?6zUdG&+H2%br^c%(RYc4tk5
zf1gDn`t*9RBr}mh9LI5N94<QD>-zy&Y!>v$IVsOj@bg8^M&>jt$OIFT@%i8i63s8V
zPHxsTli$>b9yx1Dzd-i_C-3(VBqI{f7(=Fz<b(n}rhDGxZA|y;X`x~A%sz|9gLzF|
zI05{bAHVVu84wVps|{I$`MP+YAz+;bOaBbC%%Oeu%%)mqRQigGxtnD=`zga)#@$D*
z)wYB|Yi6&Wr+gW?yL*BfqLcLh9>OHL`+C1=^mduhuj<7bzaY86&D9360l{zcZ+p&n
zz`WKf8E#kgDotL+TJY1!DMc`U<!6>#Da*?GngXl08SkjG{nj%{YeOAzb;k}`b4mm?
zAoxH>Id-x+S`QN{%<w7^s1e^S`=mmF`LXr**xBAJ@|5;HC$L3uoiTQaWUY~We@Xqy
zdhPVH!-Cy4s;FlEC@=F1M5~VjxRF(jSeY}Y920rhUv?`#h0GN-WOYfGrdv`(wlxX{
zMGV+eS}wi$@hXv4CC)M4IGOOG!`lED%RSZ6v6}E36}w3D#HP4I9PIJfQ!eIe^$-7V
zxnsgJiVRE9AQEPkDnUsBF{Jy_+j{fvMVY%;u^u-^y+54z>8uy|smKk$L;K^pqe6E`
zhCz?)U%<=H&)?rJ%=}C~5=?Hg1<00m+_;Q=KwoMLiAm}OlD){sAZ-3HDQJEP`pLT{
zez$Hj^^T_Y>>WsT7&Um3X5X_*CMuqZ)LZu6V^E9|Jq{BXrQv%K(SMw+)v@Ta68^AE
zeFfmd5yo#poE6H!DL#oegeOG{<o$*F_wA&+j0nqpfvZ6ui@x&Fi{o%6$Rq9O72s+)
z)w&p$r=9)e!rye%Llya5ddK6lT*Uol8sAHEs&8H4B#}im52Go9WKEp9$qM=cvH1Ve
zarez%I)~B|jB*Dhtd98??2UqSG9uzw6r9S}`=3U|OPP^F>*qflg$$%{n1i77Vh-~S
zJ9HPnX0@%3aPV11Evl?_t=EN7k7f?7Ir%VaC{<|GZF{2IgzF9#0gq>u&a0)?x91pd
zkNY2jlx+7GW+e8VSXSk`;6Y3t9)GAPDR~qnbk*l$%gV)7(F)C!`o0y1WBcS}h;I)`
zXhmcZRKXYGL-S-@l;r*z-thBj$S4gB;@2Q|TkY=cN#<YID6#Y8XV}Fp2R@r36*V;z
zd4H=;Mnp!J_kJz5Tx&iIetK}x_P6EC;ijF?SK}?0Rl?@Lw~sySeGPPPqPu~GSOd7p
zALWL112}Yy(04_T?qx{ytx!2OF9Z9tmze-l9}Z*6n>gXf5ngD0>+QZ<UO&g%NBHQ)
z$cc*8QQzRhn)|;DrVKnkfY;qw5Y3#q`7TgQ2@+y(r>o3*AGBC63z^h3`{3sH-!Q;y
zJY37ZKLxanx;t=dffm!7eQv+s$QVQ)c^7`A5wJVhQzlrp(qe^s1wH+Z+uzBc#&Ta~
z!0}+QMJ}-lq^I{O7*CN&V<I0$FSWYe;7^T1c{okKj2WF1)X3{!>n|JiwBNEY2KY$N
z!M&jR%}F5e2-Xa=97(SP1aT1Ga|C8``H@*Xoo&25=oD-2(TJWtCw-vpeMu9oAI0&=
zul1*AUcAQRl)1&T$Ldy^R^xw7c^<Grb|fXOc>fp$C9!5;n$S19;<i5@^iVvK?xo@b
z9#nP*a-a8;*k{NLM6Z;jTS3}oi4C<APa&t)QYiBLR-h_34OjR3bCUT?Q8D~SoqbYF
zp-%q_Cb_YhxyAG*NGB7o!^mSv@Ac8ko-{4pI@De8_W3f_-BEu?{BF&}nO1tjLstF+
zwe6}}0>_FcBS93AU8rnq?{*BLVz9yQ2x&^~)<=(|M@pT48X>}vmj!cOq<WWhj~h#r
zBPhJ{k+hf4{Ofm2n{iQ0B7$I_w!gty<dtsp*n&GpKW_d3JP3I(uoSyw6c%YSM8h6p
z8vBYNJ=l&kq-zcZou4UK45uLgh2_@(dnNxU+;r&B!ONtHVK~B)wWe_`R(XCi)6bzX
zCL(<|PUNQ4^mf4c-FOZ&@z(?GBMuYqy*k03S3f=*NKs<)u9<m(?L0s(-!TGx-J=|q
zej-YOI$X|mb~xx>Lr`I;iF5zUE*HC*=jpgSCxq;C%&$@W7~@Bx;x)No^W1;wuE9&7
z33SiJo+~Lrj{6{|Hv8=jh%Gm2PqrBu-g}_q)~~djD8uONfSKhddY<VpZc{M7KSCwh
z{hUCiU${;a8z`lJslTCXx0=6}R$AFQ*CXGKizy5hdT)e7OGqU+6vilV8<Ks{uzF7f
zyOITy&quTD+1<C`4E?@@C0av@%W2#&b}T{HmX~no&GXzxNA-ldw|~Ot1%^687#WcL
zE&MksGKxOUY<_6Cd`SEX7?)YS>-zS{W(-(w^SNvc_4N>4P!;}O(a!AV;NV%q3zSWM
ztSI*d*DC4*R^v-salU};{|a@h^;aIGxZLCJoC*mp1=g}#Q5kQ7FxSmRAAPZHy_ALV
z&0C6WqM?x-pgtp@#Wwvq<RKS+ecu2R9WrRZ9=2e$E=Od_KWxo>xP^e-`JW)`Q7&#?
z1K!S=4o6KdQv2M%&=@`XH4E0zqf~F^e<Cl8rc-C_$ZqM+J3?`usH>O=yIt!HPiA}u
zaUaE)?lLKRa+tvoSL+wA5A<MVGK2GXKFa<ES-gB~u0A>Onr%!dBDiGcPDO>w@w!V)
zw~vACFrW56(Vixx&%$iW)j}M#q?uEN!`P~yJIlP(+|G3rwV%D$3jWmwes3ktS~HdP
z0IG2E5jP^~zy2a>s&H8_(#tlS$bEOIt&P>P$f>^1V*a9}hurj^JtRo^5qgP*p-7Je
zg<x$W?3B9Hwzkl}nYvVJuR4)NY%b-tzhjZPwl~X(8^P&I>F_PN0Yq^Do3XDUO7;YX
z)?<|wKv~OrH`AWepr-3C#iOnZ&$U3!Ux818^Uw)96E~3R8HlAOb?gm14AgR&M_cpq
zxIW>{B<gdo2}@*eSrETH{nqyx{dRV&HQz6d_N0&g?Q&7_+7c=flVyxCLuR=p<VK%N
zKC<z+*(t5O63)N6e>D+6WtkMtVMmA)paZf86*Arj+z@(M_)OnQ(?P5KqI`+FW>5o2
zQp#BmP*GN8oS!^a*3x8BvEmCbhI~2u$R0zbH07JRgxKlS<Mnv$q0+6VyN!Ydr&tkB
ziFL6%y7*5DhVMpts*9cJFy!bs5$|I$ytf6F@^h1Jkdf@>hHXw)j$_|Dp#ReFC<d{I
zP8ZDv&WmFDg4JNjAe=Q~18O0MwC#Mg6#o9aCOH3A2|b~lI6TM}v?uR5u5i}RTWA>r
zzZjtd>ey$R_u1~&E-NrSJ+iSPGT@OOj~)RI6~ZM+<1+}nh(uBT-@ZQsu;)RvrG8{@
zGwkfB;8K!-s0xgymk6;yv>K&w1Ci&++dJ#aH{Za^#ZbWG`tPQR=C28Zu~U``l;`Ah
z)IL3euRJR)D?4@WQz;~CEL&NzDCG~~F>xJ7Y`As(Iji(TD8VTBx?qHbrlqQ|BbpUO
zYLPc(>n`Hgzdped<yHvZ;gG{%PhLx(BbU6_cplV*WgL*Gi!K90kA3$oVQ*tF5mT#b
zkcXM->FPcRjZag-VWdE(7XuCHzv7@cysg@#tGO?@^2JmQ4(9gQZjz-QAS;#TQ5!qm
z<fbpPb#RsetE@!g;9FsoClqy(o74ghpCJxx`1{iBzPkfxeaFNg_9LYSK?$R+Wmo*{
zXW$=pb64phkTAHkfty$W*^r9RG~fOwr&T$I@SpV_M;6yCV6HXFz@g}Y1OWNtNk(PH
z6oaH-`1tr2FPB<dcx~|?(M4N96ijWWN~RV|N=isNGD7<-zK8Al3I|9|^sQ8vWQ&c`
zPj&0ySVH?m4w}C;f5=!izn&fSeF2Gs+Ub~YC7JrpP8xzPU&4gR6T|y+O*nMc{P~UI
z8!=j<6;K7~F_3)d&soLb|I9~Btrtq%+A6v9)xGP4BM}J154{TG*_58We`aCxYw45q
zXw<;q;3%Fq4L#DFq2hWSg3%}o18A3{Fw%YADKyy4_6Xx69l!GB8OTXowzw=kD3z6z
zs56wLC!s@CZpjq*-Gbi=)zxjerw}mry}9R)Uw*G@cZT(AGpeXE><PPU_(XDO&CB3q
zc4SuKs4H0pgssjFxessg^jSDL9od7!cRTXJm>Ciqffjk|*nHGO_Wb#C@=!6tnC>c~
znOkR!0AqUOslh1-7YIgmN8qfYcQ)9D`}7+dR^_VaX8I<u=(RD|@gg}^C0D0*eq%lh
z!Z)Ys(eWU+`gWpQ41!C}<Kt(+HLP@}9tyoRX({DbH4209=E`V2g%>4QxJ-^QqWuiB
z0ImDA=t1i;+W|+8G>SNW*)C{$F_K2%mGP9TGJOLkjv=(<bCLx3L@6t2%6qBKSRrgR
z$>>nG@EaMpq80CqUg-Ph9UZ=uPQ7mX9*&ib8<c~gWwz0>Y@hs2QkRl9t4m7QDzy9h
z8l>rw<Zi#dAAJNEl;Ch*mKzZrln4V<>m}d8oA>w0rq*D4|5pzLj1Mh`E5;8ej6<$|
z10YW>2W@{_SFN=oeG^G%4oOZFR)BXMN7=C7=@){Mia1hZFfhvn^><)jam41VI50By
z*q%YsY0$PX{mmhgyY(@L6j@C;M+iZKLlV_LqkgEB%qD))U#@}ULNdV3&d#TvBTp=*
zPX9YA4{hyBFam}|B2AOU-+D>lwOC2R!*N7U$7Dz!aDiXlrR}~%z;Y#@U8snH^Jtut
z4g%m;MWGF;aZFESwESq_T`}+?P85>&T+Te+^tx=;Y(w!l*+}<DI3K`7Agy>(-})tD
zvC8R@)jx<SHHe{5g9wL&<MvM;6N(Q%&hXA~s*YMH9rC}LbKL|ms(RC52fp?bb!_~A
zA|j95vzY~8((^`FM<=MV^lEAi%w-Ytiyu8Wq$3<=oyDxjcioE9x+4y%#{n@T6A%II
z$i7%n8$RPn#Q^|tt_2FpOLsZ><e6#t%*cwDZOv^-mLb};28C<P0P7U{vUJ7V0rCY)
zFa8&UfjTm%Qf``$NaiBthIUeWtgV2J!Yu{7g&!CBv_ijYtBdI_$Zei}Q?J((1j$w1
zsD}6NJx9OYXo9>*LNSVBlXH7FU75JvzB3zwj6qm|H4(M#Sc_SE;PgAJy93Yl1?s7#
z(X#!4Z~!q8*2Ek^j})#g=1(|;Dm*a&TzUU@lAwNJvdkKHiS~`0WkwdC8|1muuk8;D
zEx7_xY?Wv`s$>X*Kk{RlnD^Q(FSr#2X5RI$eh8LoZ6r(FZmUmQ9|4D|`uPsf6Hj#>
z0`TFlzqsTVdp~9>gn=8+l77kPig{57GuZvUz}MWg8Q2$)#2Ulby>qv}$}&iDxd2b@
zb01JL$>a>^o}!T&sGRCe{LGbxb6LfRzxC*Wb3|vWi~sIwHip6@G?>{qn&UN}OJP$)
z-DhI~E;+RYqtIfY_?kPKG4*R9YL)nN6m@>^=k~hEzOrRn)J`W>I)_s5r40y0(FOAW
z{S{h|155X#POK(uCbDNyVQ#^BkdwlwM2E~6SYz$jh)7w!ipVs>RC_g7>$JYUUg3M&
zd7A>lxp5~>Gu+SbcGq<8;s(;@ce6@+?oIhdJxxKUuMrqn{}2YpOvr(-QajV5nynOm
z+Zr1{3VcV-X&ArMG2iN5dM^Sm0MM=X{LW{sGfT?Ks9{t0WnsB;CKu}b7*2G^==&+!
zt7J_e)24RTh|a2C^ctj7bidxKPi1`Y$`I~^y0u|%tVV{l_tr!!oku~2nl|llq=!lC
z?Vh8NdM7?t!&g-hu%#;wS}rnzopG0?)o_30ltwtX4)gGLkxa#7;=`<5%eALM<SL@7
zC86!;ql_84SJcPeleVIkzNC^oNx&qm>8Xil_hB&gyG}rBi9~aunQ0fl{CP(NyXMzS
z-rWZe4Aw@vySr)CGDI6WM*~%Gx`@zoC_tgNV5p}z&2?`z&YJgLX%;Wzy@1Ct-2gmZ
z;!oiXBcy42Ao3=;mk`Bf^WM%+D$As$sY<aT8npsN8MMef$;7L8{n2p~K*NN<8(weK
zPt2f_kdQF-qz@`9YVWZTeU*Da7feB8(7aucs`BJu>Zxh@`P_56nEq9ns1)z3sr*(@
zQ5f6W789ZPaZP0GddVAnUf%(7TuDPY5dtpn3J?&UD30X~U?HCjp>N2hxVxAZ+Dm%J
ze&lF6tHN{tNByV*yF`ELkTnucu-E=fOJBdicex`tGM^%SRD>tPWmEYtu%WmB=|Ohx
z7vX!kqy`b4Y&HbpGH^93qNtog^@zgpYoY9IP)k$rw)e4iX*YlsuZ-!Ir}6Bv+Vncz
zGN<W@jU~nx5_&Z^*&GU0Fe!?rAB86+J$v)flNs03+eDymCCc}dfqeuXba#0mL@MkE
z!^CY$*UiKi*mQ0@XVOfAKFM|uW0r+Vw*YVJ9s8f0H~s3q7La6587Qj{T`x2cAn-4)
z(@sQV(WN%sL5UY7@uy*1nxu8a9U0Am@wPrNFfai?JH1Grjcc`t(Hpw=fKQ1i&M$P?
zA8v?HvEt=o&vs(O3t)^!*}hS-ipE+QtB%q$Mpv;jMg<a%Qh5U4=1b<^o6QZeu1{f`
zL-xDJowR?T0_ZaU_ONpvz>tO=X~Yipsq=rJOZX_*9OS`e>aiUBgj=<b!WrpK#K7Tq
zHubcre#!Soy648ng80BqXlJRC$Deff#p=KCHyN7LG6_Nn11x14@OMYO=`KY)7nadB
zS{R3O8%+omSR@Y&25S|y?1|{XQ{23Ei17UrlmR{;AWS}{3h^?Gz7GVqHVOVf2z@l9
z1}7$`;m*N#+=ppq<)%2DT2<04i5;-!==+PZ(m9na=P5*V$G_nrQ06ewHR4gq3{f09
zVRz`mW?KQVQ~?**k(TuP!{+BQy%g!D8*)>})e+6AqJgy?tSl@%u}JK5;9pjMBZE^j
zV;Cyzu<&JS9766KPJX@?r!GhzcCig|bOFabz+B*nPz|FT-2p*jSlb{e=0I_g1yiU-
zp(HyB;;jf$mKxwSSeGW@=gXk0Xm1@7iKaUWx?YQIKEIC_K<aX5h1jbi{2fT@nxroV
zaUrpiF!ZYo?|r8z@vEY<I{<%6H)?pDZ9kq99Mgv?_f#{*7a|{sOo!b=aFW`ad93sm
z=ZX=?1@ljhWsp07d`GU<E~G`c;!S3^>7V1Ieb7=6<Tfj~J4%Boc(O^`q|SNLupB}a
zF)!tRlr~`<6G+n&l0>8xhV3?<gU}<298Tu##B+~^F*2%m^976F*In`%q4n&me=7BC
zhMFz`ob{FGO4DvW6@D~#MlA%obQJw|jg}}+zuqBC%My=hY&}`wlbEpV`S7608o*}C
zs~TrM{8j)N_+-r=3!#IO*CfOH9*OI8tgMl&JY!U$aet?<sypBMwuzyO8yRU`y`go=
z&c>Fq06Jtj{c#V468N*;*nWn>y?6ny@I5dpN%-5_BflVDUE%qjV>&omoE$?Qh3?S&
zz=)z*RF`N(YDOg+Bi@G{ejd2T0DU-WQ7%BS0CFXf(Z{P1Js_OC)yB(I@Q%g}aD~Ee
zgEsyUieH*_14p0c`kWjKuXtkL;vs|;FIlZ?8T1klfP9xPF{L|;*@}Y1yx3}3gXl=P
zuDLOInURa|Ycg{3C~)LAH{|76`2moND${$v@l0`Bk}d8Ovi{gken!s!H2(d2yj`uM
z<xtuj$k{q*(VPQ<VWTGKx|p!Dv*-SPnKMTh#$lI<AAklDEi5!n<-)98pAq3r{WjUk
zVvj@zvMqpGjK2@XbHYPfh0`Mil6L7gjb~O?Rvbd_J+Qk5dsRr}^-sxVU_pF?475Kw
z!3Y3F;cXLWa_a)CnHv-bbzDDnV59DDajR*94w@`1?u#>}dmbvW!}}}bphky>DFUoP
z`jyt*#%3ofYd~{m`p39>o$J^&<5@Gr0~Uu@-opub^d2B1a?6w5$C#)GQ_i0<PTB+?
z-+VgDl=>+PFZIO&X&s6dn_92*s}2DpX>z6X$e@GQBwOQGY`?$)e>3zmdAoGp=VW;L
zW$GK!*{!`T_ht`L+cxPF=Q)D@4*+?|c@qLvzyfJvzy8C>M=!t>dtOS}5nvNC9Q&Lm
zMbL-FP$O#VxZ7@=JxO=JGt(oF-hSYJM5jT54k})3Iw%^r3R+gM2cB?5-vbabW+Ey0
zm}^C}&s6TbUi%xLt1tA69_eP8#}Fh*jY=c`J?T;Spt4-T>E+RCc?<4)f!UYys-1ga
z0~$3&fDd&k-I?7yhZ>yX#@{2sAVT3DM;Ke@{V1qTcvo(99~j{^f|9-ou)e2?nbHS_
z#=Keq{;cZm1^goI8q)DRjvNNkS5#aZpnb3Y>3_TxXyQOU878w&t_FGN<1Wl9^S~w1
zenrgetG}e~HyvSaqt8PrFDs4eM>^&~h>H#~^{)d_7|rGh0!P*#ECeKLH?dzHOrg;p
zsQ>IRdAM6Ib7ZdTfn#0;h};z*wX6WKMD9vsT{0Lww$b~-q26s*uO5`3pujZ@EwBe~
zXu1D$z>@37q{m_)H;8Dbx51JAiVdE=xa0(#bQTJ3>|Y`QZ8V{0wuXDn0KC|D^t(>I
z2JLeP$Pp+MUSncn%26BD+AM<)tXXZnXgM%or#?+b6|_ER7Cd)iy6<xYhQJ{{aCptu
z9mWUr;O^_NgCsXV@;xM4@FfS@hg$4eN!^(tPsp0V&~K(`hz#nDhD5vJ(?z3$-~Zp*
zW@9PEzUL$AmQRv*-b=$#mC1`cy3hDFQKS9ef0?HYJ0av9*2keH3;0VUC@qQ8MFqBr
zM`e^8xi(~i5y_jL5W)lr@`pk(q<^M@QSF}M{O5I4EyO{mgF}KOQRRZlT8-_PCTji9
z@V5Sdalp@@Ffe~}y7KEaQt*XvU0O;6Y8Xiz>N{Xdz9K|zNt!gY!fjI2FsMs}%l`a}
ZZb<uLDB#T-GBof{5uqkqA#E1;{{WEuBvk+a

literal 0
HcmV?d00001

diff --git a/posts/20240322-skupper-podman-ingresses/index.html b/posts/20240322-skupper-podman-ingresses/index.html
new file mode 100644
index 0000000..823e59c
--- /dev/null
+++ b/posts/20240322-skupper-podman-ingresses/index.html
@@ -0,0 +1,399 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="ie=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+<meta name="author" content="">
+<meta name="description" content="Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine." />
+<meta name="keywords" content="software, skupper, skupper-router, podman, docker, compose, netfilter, iptables, edge, edge-router, haproxy" />
+<meta name="robots" content="noodp" />
+<meta name="theme-color" content="" />
+<link rel="canonical" href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/" />
+
+
+    <title>
+        
+            Skupper service ingress through containers :: Fernando Giorgetti - about me  — Software engineering topics
+        
+    </title>
+
+
+
+<link href="https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css" rel="stylesheet"
+    type="text/css">
+
+
+
+<link rel="stylesheet" href="/main.4e5c639214707eff609bb55fe49e183dee42258a73bc90e4cc7b0a84f900798a.css">
+
+
+
+    <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
+    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+    <link rel="manifest" href="/site.webmanifest">
+    <link rel="mask-icon" href="/safari-pinned-tab.svg" color="">
+    <link rel="shortcut icon" href="/favicon.ico">
+    <meta name="msapplication-TileColor" content="">
+
+
+<meta itemprop="name" content="Skupper service ingress through containers">
+<meta itemprop="description" content="Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine."><meta itemprop="datePublished" content="2024-03-22T16:19:33-03:00" />
+<meta itemprop="dateModified" content="2024-03-22T16:19:33-03:00" />
+<meta itemprop="wordCount" content="542">
+<meta itemprop="keywords" content="skupper,skupper-router,podman,docker,compose,netfilter,iptables,edge,edge-router,haproxy," />
+<meta name="twitter:card" content="summary"/>
+<meta name="twitter:title" content="Skupper service ingress through containers"/>
+<meta name="twitter:description" content="Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine."/>
+
+
+
+    <meta property="og:title" content="Skupper service ingress through containers" />
+<meta property="og:description" content="Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine." />
+<meta property="og:type" content="article" />
+<meta property="og:url" content="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/" /><meta property="article:section" content="posts" />
+<meta property="article:published_time" content="2024-03-22T16:19:33-03:00" />
+<meta property="article:modified_time" content="2024-03-22T16:19:33-03:00" /><meta property="og:site_name" content="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+    <meta property="article:published_time" content="2024-03-22 16:19:33 -0300 -03" />
+
+
+
+
+
+
+
+
+
+
+    </head>
+
+    
+        <body>
+    
+    
+        <div class="container">
+            <header class="header">
+    <span class="header__inner">
+        <a href="/" style="text-decoration: none;">
+    <div class="logo">
+        
+            <span class="logo__mark">></span>
+            <span class="logo__text">giorgetti.com.br</span>
+            <span class="logo__cursor" style=
+                  "
+                   
+                   ">
+            </span>
+        
+    </div>
+</a>
+
+
+        <span class="header__right">
+            
+                <nav class="menu">
+    <ul class="menu__inner"><li><a href="/">Home</a></li><li><a href="/posts">Writings</a></li><li><a href="/tags">Tags</a></li>
+    </ul>
+</nav>
+
+                <span class="menu-trigger">
+                    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+                        <path d="M0 0h24v24H0z" fill="none"/>
+                        <path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/>
+                    </svg>
+                </span>
+            
+                <div>
+                    &nbsp; <a href="https://github.com/fgiorgetti" target="_blank" rel="noopener" title="Github"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M9 19c-5 1.5-5-2.5-7-3m14 6v-3.87a3.37 3.37 0 0 0-.94-2.61c3.14-.35 6.44-1.54 6.44-7A5.44 5.44 0 0 0 20 4.77 5.07 5.07 0 0 0 19.91 1S18.73.65 16 2.48a13.38 13.38 0 0 0-7 0C6.27.65 5.09 1 5.09 1A5.07 5.07 0 0 0 5 4.77a5.44 5.44 0 0 0-1.5 3.78c0 5.42 3.3 6.61 6.44 7A3.37 3.37 0 0 0 9 18.13V22"></path></svg></a> &nbsp;&nbsp; <a href="https://www.linkedin.com/in/fernandogiorgetti" target="_blank" rel="noopener" title="Linkedin"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M16 8a6 6 0 0 1 6 6v7h-4v-7a2 2 0 0 0-2-2 2 2 0 0 0-2 2v7h-4v-7a6 6 0 0 1 6-6z"></path><rect x="2" y="9" width="4" height="12"></rect><circle cx="4" cy="4" r="2"></circle></svg></a> &nbsp;
+                </div>
+        </span>
+    </span>
+</header>
+
+
+            <div class="content">
+                
+  <main class="post">
+
+    <div class="post-info">
+      <p>
+        <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-clock">
+          <circle cx="12" cy="12" r="10"></circle>
+          <polyline points="12 6 12 12 16 14"></polyline>
+        </svg>
+        3 minutes
+
+        
+      </p>
+    </div>
+
+    <article>
+      <h1 class="post-title">
+        <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">Skupper service ingress through containers</a>
+      </h1>
+
+      
+
+      
+        <hr />
+        <aside id="toc">
+          <div class="toc-title">Table of Contents</div>
+          <nav id="TableOfContents">
+  <ul>
+    <li><a href="#introduction">Introduction</a></li>
+    <li><a href="#scenarios">Scenarios</a>
+      <ul>
+        <li><a href="#1-netfilter">1. Netfilter</a></li>
+        <li><a href="#2-edge-router">2. Edge-router</a></li>
+        <li><a href="#3-haproxy">3. HAProxy</a></li>
+      </ul>
+    </li>
+    <li><a href="#artifacts-for-evaluation">Artifacts for evaluation</a></li>
+    <li><a href="#validating-each-scenario">Validating each scenario</a></li>
+    <li><a href="#conclusion">Conclusion</a></li>
+  </ul>
+</nav>
+        </aside>
+        <hr />
+
+      
+
+      <div class="post-content">
+        <h2 id="introduction">Introduction</h2>
+<p>In order to evaluate some strategies for dealing with service ingresses,
+when running the skupper-router with Podman or Docker, I have used this simple
+scenario below:</p>
+<p><img src="images/scenario.png" alt=""></p>
+<p>The router component is connect to the host network, which avoids restarts
+when extra ports need to be bound.</p>
+<p>In this topology, the <em>my-service</em> workload is reachable from the container&rsquo;s
+host machine.</p>
+<p>It is exposed through the <em>skupper-router</em> container, which is binding
+port <em>8080</em> on the host machine.</p>
+<p>Another container named <em>my-service</em> (for illustration only) is also created
+and it can be connected to multiple other container (bridge) networks, in order
+to provide a stable name resolution to other containers connected to those container networks.</p>
+<p>This extra container is also listening to port 8080 (in all its interfaces) and
+it has the <em>my-service</em> alias on all container networks it is connected with.</p>
+<p>To enable name resolution inside the container network, I have explored three initial
+scenarios that allow traffic reaching the <em>my-service</em> container on port <em>8080</em> to
+actually reach the exposed workload through the <em>skupper-router</em>, which is actually
+listening port 8888.</p>
+<h2 id="scenarios">Scenarios</h2>
+<ol>
+<li>Netfilter rules to redirect packets to the appropriate target</li>
+<li>An edge-router that exposes tcpListeners to the appropriate addresses</li>
+<li>HA proxy as a reverse-proxy</li>
+</ol>
+<h3 id="1-netfilter">1. Netfilter</h3>
+<p>Using Netfilter, we can simply add rules to redirect incoming packets reaching the
+service port (8080) to the <em>skupper_router</em> ingress IP and Port, forcing the traffic to
+go through the router, which is important for observability.</p>
+<p>This is extremely simple and the fastest choice.</p>
+<h3 id="2-edge-router">2. Edge-router</h3>
+<p>An edge-router can also be used, as we just need to expose a tcpListener bound to the
+service port (8080) and it will use the connector address to ensure data reaches the
+target workload.</p>
+<p>This approach has an extra benefit as you don&rsquo;t need to expose the service to the
+container&rsquo;s host network, because it does not need a target IP and Port. On the other
+hand we introduce an extra hop.</p>
+<h3 id="3-haproxy">3. HAProxy</h3>
+<p>The HAProxy can be configured as a reverse proxy, forwarding packets to the router
+ingress IP and Port. In the end it is similar to the Netfilter approach, but it requires
+an extra hop processing the packets as well, so this is possibly the least recommended
+choice.</p>
+<h2 id="artifacts-for-evaluation">Artifacts for evaluation</h2>
+<p>You can download and evaluate each of the approaches through the following links.
+These samples can be run using <code>docker compose</code> or <code>podman-compose</code>.</p>
+<p><a href="netfilter.tar.gz">1. Netfilter</a></p>
+<p><a href="edgerouter.tar.gz">2. Edge-Router</a></p>
+<p><a href="haproxy.tar.gz">3. HAProxy</a></p>
+<h2 id="validating-each-scenario">Validating each scenario</h2>
+<table>
+<thead>
+<tr>
+<th>Container engine</th>
+<th>Deploy</th>
+<th>Teardown</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td>Podman</td>
+<td>podman-compose up -d</td>
+<td>podman-compose down</td>
+</tr>
+<tr>
+<td>Docker</td>
+<td>docker compose up -d</td>
+<td>docker compose down</td>
+</tr>
+</tbody>
+</table>
+<p>For each scenario, you can validate that you&rsquo;re able to access the target service through
+Host&rsquo;s port 8080 as well as through the container&rsquo;s bridge network (<em>sample_sample1</em>) via my-service:8080.</p>
+<p>Here is how:</p>
+<ol>
+<li>Access through the host</li>
+</ol>
+<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>curl http://0.0.0.0:8080
+</span></span></code></pre></div><ol start="2">
+<li>Access through the container&rsquo;s bridge network</li>
+</ol>
+<p>First adjust the value of the CONTAINER variable to the container engine being used (podman or docker).</p>
+<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>CONTAINER<span style="color:#f92672">=</span>podman
+</span></span><span style="display:flex;"><span><span style="color:#e6db74">${</span>CONTAINER<span style="color:#e6db74">}</span> run --rm --network sample_sample1 curlimages/curl http://my-service:8080
+</span></span></code></pre></div><h2 id="conclusion">Conclusion</h2>
+<p>If requiring a host&rsquo;s IP/Port to be exposed is not a problem, the Netfilter approach
+seems like the best fit.</p>
+<p>But in case exposing only into the container&rsquo;s network without exposing it through the host
+is a requirement, then Edge-router is the only choice that can be used.</p>
+
+      </div>
+    </article>
+
+    <hr />
+
+    <div class="post-info">
+      
+    <p>
+        <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-tag meta-icon"><path d="M20.59 13.41l-7.17 7.17a2 2 0 0 1-2.83 0L2 12V2h10l8.59 8.59a2 2 0 0 1 0 2.82z"></path><line x1="7" y1="7" x2="7" y2="7"></line></svg>
+
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/skupper/">skupper</a></span>
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/skupper-router/">skupper-router</a></span>
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/podman/">podman</a></span>
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/docker/">docker</a></span>
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/compose/">compose</a></span>
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/netfilter/">netfilter</a></span>
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/iptables/">iptables</a></span>
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/edge/">edge</a></span>
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/edge-router/">edge-router</a></span>
+        <span class="tag"><a href="https://fgiorgetti.github.io/tags/haproxy/">haproxy</a></span>
+        
+    </p>
+
+      
+
+      <p>
+        <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-file-text">
+          <path d="M14 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8z"></path>
+          <polyline points="14 2 14 8 20 8"></polyline>
+          <line x1="16" y1="13" x2="8" y2="13"></line>
+          <line x1="16" y1="17" x2="8" y2="17"></line>
+          <polyline points="10 9 9 9 8 9"></polyline>
+        </svg>
+        542 Words
+      </p>
+
+      <p>
+        <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-calendar">
+          <rect x="3" y="4" width="18" height="18" rx="2" ry="2"></rect>
+          <line x1="16" y1="2" x2="16" y2="6"></line>
+          <line x1="8" y1="2" x2="8" y2="6"></line>
+          <line x1="3" y1="10" x2="21" y2="10"></line>
+        </svg>
+        
+          2024-03-22 16:19 -0300
+        
+
+         
+          
+        
+      </p>
+    </div>
+
+    
+    <div class="pagination">
+        
+        <div class="pagination__title">
+            <span class="pagination__title-h">Read other posts</span>
+            <hr />
+        </div>
+        
+
+        <div class="pagination__buttons">
+            
+
+            
+            <span class="button next">
+                <a href="https://fgiorgetti.github.io/posts/20240320-router-with-compose/">
+                    <span class="button__text">Running skupper-router containers with compose</span>
+                    <span class="button__icon">→</span>
+                </a>
+            </span>
+            
+        </div>
+    </div>
+
+
+    
+      
+        <div id="comments">
+          <div id="disqus_thread"></div>
+<script type="application/javascript">
+    window.disqus_config = function () {
+    
+    
+    
+    };
+    (function() {
+        if (["localhost", "127.0.0.1"].indexOf(window.location.hostname) != -1) {
+            document.getElementById('disqus_thread').innerHTML = 'Disqus comments not available by default when the website is previewed locally.';
+            return;
+        }
+        var d = document, s = d.createElement('script'); s.async = true;
+        s.src = '//' + "giorgetti" + '.disqus.com/embed.js';
+        s.setAttribute('data-timestamp', +new Date());
+        (d.head || d.body).appendChild(s);
+    })();
+</script>
+<noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
+<a href="https://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
+        </div>
+      
+    
+
+    
+
+  </main>
+
+            </div>
+
+            
+                <footer class="footer">
+    
+    
+</footer>
+
+            
+        </div>
+
+        
+
+
+
+<script type="text/javascript" src="/bundle.min.bb2c6bc3ed452ca4759660e4020811f248bc2320081559e8a32d8b0092773852941133639d35e8370d03d3ddaa750b1edd6b343c5bd22a55d5bdeae8f648f49b.js" integrity="sha512-uyxrw&#43;1FLKR1lmDkAggR8ki8IyAIFVnooy2LAJJ3OFKUETNjnTXoNw0D092qdQse3Ws0PFvSKlXVvero9kj0mw=="></script>
+
+
+
+    </body>
+</html>
diff --git a/posts/20240322-skupper-podman-ingresses/resources/edgerouter.tar.gz b/posts/20240322-skupper-podman-ingresses/resources/edgerouter.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..0b39fe8a3e548253af8cd4ba3f445b2e94a19042
GIT binary patch
literal 827
zcmV-B1H}9viwFP!000001MOH#bJ{Qv=FG2PxHbkEW61c_PLiJ5rcKjBr;}k6dvR23
z$(3aS>GZ!>l6g2L4tW^*h`!9kwsxgmX{FsyKoA0FnE>8x><UO?=(_4@4_#DzF43_2
z1B9GDa#XwR^zDA5<?hU*0<u(K-fA_*Az?fOQKh#{{*MCI@%I@WlW+&y;4$%cW#Ezg
z7&s>W`@m-W(@FjvbiSvI)?q^hc+l@x#lP1>&MN*$23|>r^8BMZjBmpWkN>x3OCtZT
z(9VP3K3KK<T)k;I3EEz(4LB7A9W9Aj07^!v96&BsS$+jk#NOlCn-D&O+-yOrw4L@!
z>z97JI4HXmkyHS^&nb#yZCdT-bi*!_zDgnL=)bZ!VO)v(?qFz_M4UydVe51=hV;r}
zW9u32I`_D%17JPOY2hdD9`5(tN`X&_58fd<M6VYv>W`;QL-j04a1d}v(>v@vXf{WT
zQt$<P{B$hAtcdwIQm%W45><0rX;sZiqQ+S*`&LdU;V>pMJ+@zVDUi|S<T4Y4QLT|h
zg81tAZr{)>thOmndzNpvv(qo<CugIh)3cMZaiI8eafCQ${MCld=0&slr&HjI#zy_O
z63%AxT3O(u_#d)m{U0D_VEErYP!<0=S>P7_XZMD~HUD!Z|LdXQ!0^Al;EDWiUBjwa
zpr#*nF+hKNQD4?(_3Q-9p8)S@B1CbtGs^cI_Ou^HWVnODeYlnX<AkNqnd3OB)yB5`
z?-uU=`R{-7`fu|8UZ9eb*Gh4mM9^HMmei96ES+RYBCnD8=J529BQXx8_KytDJA`!?
zD&3N5j0x51Qx;`$KAM8n>MS^h*9GC1x-CUFS{vw;a7JUGV%h!Eah@!WWw!Y6R;GpO
zK}zhUedh?H^RFLI<S=Uum<f(Ys(=)HzN?;is?iFufNMP0niRw}<CBr9exB|ln+wTW
zD@o^sTpQq{eAU<TT30t`aR2QZ7y9Mf*1omWmePqB4sLB(8WK7q)bHvSE29Y~QxZW4
zfhQAyEHoC55*ZuaNtNP)8Fii4<+fRLVPV`eHORogz`(%3z`(%3z`)?|$8RJl5~~0x
F002k0t5pC1

literal 0
HcmV?d00001

diff --git a/posts/20240322-skupper-podman-ingresses/resources/edgerouter/compose.yaml b/posts/20240322-skupper-podman-ingresses/resources/edgerouter/compose.yaml
new file mode 100644
index 0000000..76b3483
--- /dev/null
+++ b/posts/20240322-skupper-podman-ingresses/resources/edgerouter/compose.yaml
@@ -0,0 +1,30 @@
+name: sample
+services:
+  skupper-router:
+    image: quay.io/skupper/skupper-router:main
+    volumes:
+      - ./config:/etc/skupper-router/config:z
+    environment:
+      QDROUTERD_CONF: "/etc/skupper-router/config/skrouterd.json"
+      QDROUTERD_CONF_TYPE: "json"
+    extra_hosts:
+      - host.docker.internal:host-gateway
+    network_mode: host
+  my-service:
+    container_name: my-service
+    image: quay.io/skupper/skupper-router:main
+    volumes:
+      - ./config-proxy:/etc/skupper-router/config:z
+    environment:
+      QDROUTERD_CONF: "/etc/skupper-router/config/skrouterd.json"
+      QDROUTERD_CONF_TYPE: "json"
+    extra_hosts:
+      - host.docker.internal:host-gateway
+    networks:
+      - sample1
+  my-service-workload:
+    image: nginxinc/nginx-unprivileged:stable-alpine
+    ports:
+      - 8888:8080
+networks:
+  sample1:
diff --git a/posts/20240322-skupper-podman-ingresses/resources/edgerouter/config-proxy/skrouterd.json b/posts/20240322-skupper-podman-ingresses/resources/edgerouter/config-proxy/skrouterd.json
new file mode 100644
index 0000000..e620c70
--- /dev/null
+++ b/posts/20240322-skupper-podman-ingresses/resources/edgerouter/config-proxy/skrouterd.json
@@ -0,0 +1,41 @@
+[
+    [
+        "router",
+        {
+            "id": "my-service",
+            "mode": "edge",
+            "helloMaxAgeSeconds": "3"
+        }
+    ],
+    [
+        "connector",
+        {
+            "host": "host.docker.internal",
+            "port": 45671,
+            "role": "edge"
+        }
+    ],
+    [
+        "tcpListener",
+        {
+            "name": "my-service:8080",
+            "port": 8080,
+            "address": "my-service:8080"
+        }
+    ],
+    [
+        "address",
+        {
+            "prefix": "mc",
+            "distribution": "multicast"
+        }
+    ],
+    [
+        "log",
+        {
+            "module": "ROUTER_CORE",
+            "enable": "error+"
+        }
+    ]
+]
+
diff --git a/posts/20240322-skupper-podman-ingresses/resources/edgerouter/config/skrouterd.json b/posts/20240322-skupper-podman-ingresses/resources/edgerouter/config/skrouterd.json
new file mode 100644
index 0000000..b1be0b7
--- /dev/null
+++ b/posts/20240322-skupper-podman-ingresses/resources/edgerouter/config/skrouterd.json
@@ -0,0 +1,61 @@
+[
+    [
+        "router",
+        {
+            "id": "east",
+            "mode": "interior",
+            "helloMaxAgeSeconds": "3"
+        }
+    ],
+    [
+        "listener",
+        {
+            "name": "edges",
+            "host": "0.0.0.0",
+            "port": 45671,
+            "role": "edge"
+        }
+    ],
+    [
+        "listener",
+        {
+            "name": "mesh-of-edges",
+            "host": "0.0.0.0",
+            "port": 35671,
+            "role": "inter-edge"
+        }
+    ],
+    [
+        "tcpListener",
+        {
+            "name": "my-service:8080@0.0.0.0:8080",
+            "host": "0.0.0.0",
+            "port": 8080,
+            "address": "my-service:8080"
+        }
+    ],
+    [
+        "tcpConnector",
+        {
+            "name": "my-service:8080-to-localhost:8888",
+            "host": "localhost",
+            "port": 8888,
+            "address": "my-service:8080"
+        }
+    ],
+    [
+        "address",
+        {
+            "prefix": "mc",
+            "distribution": "multicast"
+        }
+    ],
+    [
+        "log",
+        {
+            "module": "ROUTER_CORE",
+            "enable": "error+"
+        }
+    ]
+]
+
diff --git a/posts/20240322-skupper-podman-ingresses/resources/haproxy.tar.gz b/posts/20240322-skupper-podman-ingresses/resources/haproxy.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..3bb1e0a17deb88f060bb9d93d02bac37f4b9b3fc
GIT binary patch
literal 729
zcmV;~0w(<*iwFP!000001MQYyZ`v>rz<K6VM7*vE2?VI}w5si<No&hk_b^Qra+7Q7
z;n<nuQ0TPpKHCX2O-Z{-&}y51NDy-8`;+sXbB$8Y7RzpHhq#i_V4!}z(ZH?#u4sAw
z&~^L1JM_Jl>-9#y-?9d~3~EK53B)a{broaAV-QVxPs#sMuFLv|j9%e*H{0Mj_3!yZ
zS%1Ih^-TR=f?EBv8E3fw9y#ALMz`cc6?iBcx}pA_?~iKrA9?*j%W}8m|55()`hRO%
zlHyy@DeB+ZTi^M)zS43WbpopcC=(SOElF4eN`|R4ARks;ehq}M6SO#p;WNnn7G+Ai
z-&t$@(pMLI^^ioEe#Dso`dC~PCE9zkv@_sy973?~?z?YYM}PF62N5xug<MnW)Ws>|
zN~~7aBq)kFWZ4FPf0WH3qZC5Ho}Z2_m`zxShzdQ}mo(+H)@sU1vc;@cYa0_vIb7j|
zwjI_(iez;;zRU$?RBPl!;81O`C;bu@H~W-3GAH^mPR_oZA5W%-XOrW)bD-$5Py)^w
zfAhd+`=Z@`?Ka&Rck@3<Sq9D$C1l$^o|^yOXjpsy8}!|tng1_=nlpiwp(G{HE?Yhe
z<i^itd71*Zi}N7Rt$-60OYI*yS~{3@OO<X-H9?qa^*JMXQdm>imQ%iF1YHneZP`k6
ztF?j7F=sRZDpt!s9TiP{B)j<Zoov@;BemC<&PEH<^RMG$Y35FYg1BLPHdO~%V5!+D
zZ&xParf0C)76PwBDb;P=SWVfC&nD;7lY{a2!|8h&gc`De^5{e?oB?<AAxaUcjNdZ6
z%JVGB<`q5`f}^Q2QBl}vQQfp-B;W=u?<Hs}^Ms-3UZyn0bb)Eu)faY7Q;z4DKnzhJ
zdq>Vr8<7-K(2LaRQVBqvGCGBJHTp8{;NKmq27|$1Fc=I5gTY`h7z_r3!C){L46nv-
LVYUoP04M+erbT9d

literal 0
HcmV?d00001

diff --git a/posts/20240322-skupper-podman-ingresses/resources/haproxy/compose.yaml b/posts/20240322-skupper-podman-ingresses/resources/haproxy/compose.yaml
new file mode 100644
index 0000000..d6dbb26
--- /dev/null
+++ b/posts/20240322-skupper-podman-ingresses/resources/haproxy/compose.yaml
@@ -0,0 +1,24 @@
+name: sample
+services:
+  skupper-router:
+    image: quay.io/skupper/skupper-router:main
+    volumes:
+      - ./config:/etc/skupper-router/config:z
+    environment:
+      QDROUTERD_CONF: "/etc/skupper-router/config/skrouterd.json"
+      QDROUTERD_CONF_TYPE: "json"
+    network_mode: host
+  my-service:
+    image: quay.io/fgiorgetti/skupper-service-proxy
+    environment:
+      PORT_MAPPING: "8080:host.docker.internal:8080"
+    networks:
+      - sample1
+    extra_hosts:
+      - host.docker.internal:host-gateway
+  my-service-workload:
+    image: nginxinc/nginx-unprivileged:stable-alpine
+    ports:
+      - 8888:8080
+networks:
+  sample1:
diff --git a/posts/20240322-skupper-podman-ingresses/resources/haproxy/config/skrouterd.json b/posts/20240322-skupper-podman-ingresses/resources/haproxy/config/skrouterd.json
new file mode 100644
index 0000000..b5320f1
--- /dev/null
+++ b/posts/20240322-skupper-podman-ingresses/resources/haproxy/config/skrouterd.json
@@ -0,0 +1,43 @@
+[
+    [
+        "router",
+        {
+            "id": "east",
+            "mode": "interior",
+            "helloMaxAgeSeconds": "3"
+        }
+    ],
+    [
+        "tcpListener",
+        {
+            "name": "my-service:8080@0.0.0.0:8080",
+            "host": "0.0.0.0",
+            "port": 8080,
+            "address": "my-service:8080"
+        }
+    ],
+    [
+        "tcpConnector",
+        {
+            "name": "my-service:8080-to-localhost:8888",
+            "host": "localhost",
+            "port": 8888,
+            "address": "my-service:8080"
+        }
+    ],
+    [
+        "address",
+        {
+            "prefix": "mc",
+            "distribution": "multicast"
+        }
+    ],
+    [
+        "log",
+        {
+            "module": "ROUTER_CORE",
+            "enable": "error+"
+        }
+    ]
+]
+
diff --git a/posts/20240322-skupper-podman-ingresses/resources/netfilter.tar.gz b/posts/20240322-skupper-podman-ingresses/resources/netfilter.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..a3a3130534c81cea6ae0ce3ddd6228330d837640
GIT binary patch
literal 767
zcmV<b0s#FViwFP!000001MQYyZ`v>rz<K6VM7*vE2_%5>G}N-G(n=X)nx?5jZelVI
z$Icvw!lr%q*$$*>O2#Tdr)~Zrkw16#-T8dy5Xct@bI96_lVJ<`o+qzP-?Pit9Sz6r
z*>=~pdmXo7JKc`kZy4U`T)HPqIbep-SVV}j2=Y3;L-M~AQsh6NWPzenY=fud-*X+2
zf7f$5I{(kXqx`2!Ml<moT3=F1j$%V5xaYcc`FC7V?0NpXeaGvF{P$h44GjAz)(`NX
z=l@gF5aj=oR-XOVS@Gt3ai`=cZ23kDf|QqZlq9Ahlrlub1Y)tO^3M=sdIi?Q2)=`2
zw}q+H?zRf8AL{Prtm+aEk~b*jko?Lo0%B!7-k2$5D-=L~U=Qq<wxxdR;gLsFL?Om(
zb*kcoGAWiLD-sZf45sNGd%qRUIVA)JoIX7qlT#DZ0AT65KM>T#RA|*jB{*VKyRo$a
zB@8amTFo6)T?$2Z8M@6lqC{zAn4>^$v4eIojp}WR9hqUZjMMA)v(a>ZemxykjY9%%
zb0x?aWiKAtY~D1Rf4WRhM!EmT2~DB30Wm(VjYIvv<MoRE-|5No-|N|Z-T$8h*=Kws
z1#yC5b6fJMFE)O<%#s8$Gd~Y}RSGBuk<k8{fsKV|d#lo}sKx*hrM{v#i}TqereSSA
zGW<5=L1oxZ^i63)vO<iK7!tl4{`Mj-;tNs5<5!|w>nEvv#I*L#FrR&#jKnne8lo2N
zC|l0uLFOB>cZ%1gPPlIkcH4rZ!j%PL@D5;XCXB8(b>U2|r?dIha5A|ZzZPD|F6&E^
zR!D;-WR^Nb3BaZPyY;WMpn2XL^&Eg?F1ql&a6FpLhZk3u;|Fi1!w<PjYtF!2S}e`C
z*8%y`i~tuwZ5}L$DZRlIgb!ARM2M^r3EJw$%t*q}3Sk(*&=<8PdaVg?f(TTD<Y`oL
xK%Pn};$}J6ZJ7SQ+lDn7jYgx<Xfzs)Mx)VaG#ZUYqtR%N#!pwjhM@o`00012dFKEC

literal 0
HcmV?d00001

diff --git a/posts/20240322-skupper-podman-ingresses/resources/netfilter/compose.yaml b/posts/20240322-skupper-podman-ingresses/resources/netfilter/compose.yaml
new file mode 100644
index 0000000..04227ee
--- /dev/null
+++ b/posts/20240322-skupper-podman-ingresses/resources/netfilter/compose.yaml
@@ -0,0 +1,27 @@
+name: sample
+services:
+  skupper-router:
+    image: quay.io/skupper/skupper-router:main
+    volumes:
+      - ./config:/etc/skupper-router/config:z
+    environment:
+      QDROUTERD_CONF: "/etc/skupper-router/config/skrouterd.json"
+      QDROUTERD_CONF_TYPE: "json"
+    network_mode: host
+  my-service:
+    image: quay.io/fgiorgetti/skupper-firewall-proxy
+    environment:
+      PORT_MAPPING: "8080:host.docker.internal:8080"
+    networks:
+      - sample1
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    extra_hosts:
+      - host.docker.internal:host-gateway
+  my-service-workload:
+    image: nginxinc/nginx-unprivileged:stable-alpine
+    ports:
+      - 8888:8080
+networks:
+  sample1:
diff --git a/posts/20240322-skupper-podman-ingresses/resources/netfilter/config/skrouterd.json b/posts/20240322-skupper-podman-ingresses/resources/netfilter/config/skrouterd.json
new file mode 100644
index 0000000..b5320f1
--- /dev/null
+++ b/posts/20240322-skupper-podman-ingresses/resources/netfilter/config/skrouterd.json
@@ -0,0 +1,43 @@
+[
+    [
+        "router",
+        {
+            "id": "east",
+            "mode": "interior",
+            "helloMaxAgeSeconds": "3"
+        }
+    ],
+    [
+        "tcpListener",
+        {
+            "name": "my-service:8080@0.0.0.0:8080",
+            "host": "0.0.0.0",
+            "port": 8080,
+            "address": "my-service:8080"
+        }
+    ],
+    [
+        "tcpConnector",
+        {
+            "name": "my-service:8080-to-localhost:8888",
+            "host": "localhost",
+            "port": 8888,
+            "address": "my-service:8080"
+        }
+    ],
+    [
+        "address",
+        {
+            "prefix": "mc",
+            "distribution": "multicast"
+        }
+    ],
+    [
+        "log",
+        {
+            "module": "ROUTER_CORE",
+            "enable": "error+"
+        }
+    ]
+]
+
diff --git a/posts/20240322-skupper-podman-ingresses/resources/scenario.drawio b/posts/20240322-skupper-podman-ingresses/resources/scenario.drawio
new file mode 100644
index 0000000..bb8a6a1
--- /dev/null
+++ b/posts/20240322-skupper-podman-ingresses/resources/scenario.drawio
@@ -0,0 +1,64 @@
+<mxfile host="app.diagrams.net" modified="2024-03-25T14:55:09.054Z" agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" etag="8fIlOPkyyxCm-wkH5HAG" version="24.0.8" type="device">
+  <diagram name="Page-1" id="fqjJIMyGEyLriEQkknpv">
+    <mxGraphModel dx="700" dy="350" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
+      <root>
+        <mxCell id="0" />
+        <mxCell id="1" parent="0" />
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-2" value="my-service:8080" style="sketch=0;pointerEvents=1;shadow=0;dashed=0;html=1;strokeColor=none;labelPosition=center;verticalLabelPosition=bottom;verticalAlign=top;outlineConnect=0;align=center;shape=mxgraph.office.servers.physical_host;fillColor=#2072B8;" vertex="1" parent="1">
+          <mxGeometry x="130" y="116.5" width="27" height="52" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-14" value="Podman host" style="points=[[0,0],[0.25,0],[0.5,0],[0.75,0],[1,0],[1,0.25],[1,0.5],[1,0.75],[1,1],[0.75,1],[0.5,1],[0.25,1],[0,1],[0,0.75],[0,0.5],[0,0.25]];outlineConnect=0;gradientColor=none;html=1;whiteSpace=wrap;fontSize=12;fontStyle=0;container=1;pointerEvents=0;collapsible=0;recursiveResize=0;shape=mxgraph.aws4.group;grIcon=mxgraph.aws4.group_on_premise;strokeColor=#7D8998;fillColor=none;verticalAlign=top;align=left;spacingLeft=30;fontColor=#5A6C86;dashed=0;" vertex="1" parent="1">
+          <mxGeometry x="305" y="50" width="445" height="230" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-31" value="" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="u_xR3J-K0KoO75LIoVnP-14">
+          <mxGeometry x="15" y="165" width="195" height="60" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-20" value="Port 8080" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" vertex="1" parent="u_xR3J-K0KoO75LIoVnP-14">
+          <mxGeometry x="95" y="170" width="50" height="50" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-24" value="" style="group" vertex="1" connectable="0" parent="u_xR3J-K0KoO75LIoVnP-14">
+          <mxGeometry x="235" y="50" width="180" height="160" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-25" value="&lt;blockquote style=&quot;margin: 0 0 0 40px; border: none; padding: 0px;&quot;&gt;my-service&amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&amp;nbsp;&lt;br&gt;&lt;br&gt;&lt;/blockquote&gt;" style="rounded=1;whiteSpace=wrap;html=1;align=right;" vertex="1" parent="u_xR3J-K0KoO75LIoVnP-24">
+          <mxGeometry width="180" height="160" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-26" value="" style="shape=image;verticalLabelPosition=bottom;labelBackgroundColor=default;verticalAlign=top;aspect=fixed;imageAspect=0;image=https://www.justinleegrant.com/assets/img/2021/podman.png;" vertex="1" parent="u_xR3J-K0KoO75LIoVnP-24">
+          <mxGeometry x="20" y="16" width="56.25" height="56" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-27" value="&lt;font style=&quot;font-size: 8px;&quot;&gt;8080&lt;/font&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;" vertex="1" parent="u_xR3J-K0KoO75LIoVnP-24">
+          <mxGeometry x="108" y="50.00327731092436" width="30" height="30" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-28" value="Bridge networks:&lt;span style=&quot;background-color: initial; white-space: pre;&quot;&gt;&#x9;&lt;/span&gt;&lt;span style=&quot;background-color: initial; white-space: pre;&quot;&gt;&#x9;&lt;/span&gt;&lt;br&gt;- network1&lt;br&gt;- networkN" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="u_xR3J-K0KoO75LIoVnP-24">
+          <mxGeometry x="20" y="90" width="150" height="50" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-30" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=1;entryY=0.5;entryDx=0;entryDy=0;" edge="1" parent="u_xR3J-K0KoO75LIoVnP-14" source="u_xR3J-K0KoO75LIoVnP-27" target="u_xR3J-K0KoO75LIoVnP-20">
+          <mxGeometry relative="1" as="geometry">
+            <Array as="points">
+              <mxPoint x="358" y="140" />
+              <mxPoint x="225" y="140" />
+              <mxPoint x="225" y="195" />
+            </Array>
+          </mxGeometry>
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-32" value="Host network" style="text;html=1;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="u_xR3J-K0KoO75LIoVnP-14">
+          <mxGeometry x="25" y="180" width="60" height="30" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-15" value="" style="group" vertex="1" connectable="0" parent="1">
+          <mxGeometry x="335" y="100" width="180" height="85" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-3" value="&lt;blockquote style=&quot;margin: 0 0 0 40px; border: none; padding: 0px;&quot;&gt;skupper-router&amp;nbsp; &amp;nbsp;&lt;br&gt;&lt;br&gt;&lt;/blockquote&gt;" style="rounded=1;whiteSpace=wrap;html=1;align=right;" vertex="1" parent="u_xR3J-K0KoO75LIoVnP-15">
+          <mxGeometry width="180" height="85" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-9" value="" style="shape=image;verticalLabelPosition=bottom;labelBackgroundColor=default;verticalAlign=top;aspect=fixed;imageAspect=0;image=https://www.justinleegrant.com/assets/img/2021/podman.png;" vertex="1" parent="u_xR3J-K0KoO75LIoVnP-15">
+          <mxGeometry x="20" y="8.5" width="56.25" height="56" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-19" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;" edge="1" parent="1" source="u_xR3J-K0KoO75LIoVnP-3" target="u_xR3J-K0KoO75LIoVnP-2">
+          <mxGeometry relative="1" as="geometry" />
+        </mxCell>
+        <mxCell id="u_xR3J-K0KoO75LIoVnP-22" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" edge="1" parent="1" source="u_xR3J-K0KoO75LIoVnP-20" target="u_xR3J-K0KoO75LIoVnP-3">
+          <mxGeometry relative="1" as="geometry" />
+        </mxCell>
+      </root>
+    </mxGraphModel>
+  </diagram>
+</mxfile>
diff --git a/posts/index.html b/posts/index.html
index 0c03ea8..71e1365 100644
--- a/posts/index.html
+++ b/posts/index.html
@@ -127,6 +127,17 @@ <h1>Posts</h1>
 
                 <ul class="posts-list">
                     
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
                         <li class="post-item">
                             <a href="https://fgiorgetti.github.io/posts/20240320-router-with-compose/">
                                 <span class="post-title">Running skupper-router containers with compose</span>
diff --git a/posts/index.xml b/posts/index.xml
index 820cf32..4685ac1 100644
--- a/posts/index.xml
+++ b/posts/index.xml
@@ -6,9 +6,111 @@
         <generator>Hugo -- gohugo.io</generator>
         <language>en-us</language>
         <copyright>Fernando Giorgetti</copyright>
-        <lastBuildDate>Wed, 20 Mar 2024 09:14:27 -0300</lastBuildDate>
+        <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate>
         <atom:link href="https://fgiorgetti.github.io/posts/index.xml" rel="self" type="application/rss+xml" />
         
+        <item>
+            <title>Skupper service ingress through containers</title>
+            <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+            <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+            
+            <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+            <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+            <content type="html"><![CDATA[<h2 id="introduction">Introduction</h2>
+<p>In order to evaluate some strategies for dealing with service ingresses,
+when running the skupper-router with Podman or Docker, I have used this simple
+scenario below:</p>
+<p><img src="images/scenario.png" alt=""></p>
+<p>The router component is connect to the host network, which avoids restarts
+when extra ports need to be bound.</p>
+<p>In this topology, the <em>my-service</em> workload is reachable from the container&rsquo;s
+host machine.</p>
+<p>It is exposed through the <em>skupper-router</em> container, which is binding
+port <em>8080</em> on the host machine.</p>
+<p>Another container named <em>my-service</em> (for illustration only) is also created
+and it can be connected to multiple other container (bridge) networks, in order
+to provide a stable name resolution to other containers connected to those container networks.</p>
+<p>This extra container is also listening to port 8080 (in all its interfaces) and
+it has the <em>my-service</em> alias on all container networks it is connected with.</p>
+<p>To enable name resolution inside the container network, I have explored three initial
+scenarios that allow traffic reaching the <em>my-service</em> container on port <em>8080</em> to
+actually reach the exposed workload through the <em>skupper-router</em>, which is actually
+listening port 8888.</p>
+<h2 id="scenarios">Scenarios</h2>
+<ol>
+<li>Netfilter rules to redirect packets to the appropriate target</li>
+<li>An edge-router that exposes tcpListeners to the appropriate addresses</li>
+<li>HA proxy as a reverse-proxy</li>
+</ol>
+<h3 id="1-netfilter">1. Netfilter</h3>
+<p>Using Netfilter, we can simply add rules to redirect incoming packets reaching the
+service port (8080) to the <em>skupper_router</em> ingress IP and Port, forcing the traffic to
+go through the router, which is important for observability.</p>
+<p>This is extremely simple and the fastest choice.</p>
+<h3 id="2-edge-router">2. Edge-router</h3>
+<p>An edge-router can also be used, as we just need to expose a tcpListener bound to the
+service port (8080) and it will use the connector address to ensure data reaches the
+target workload.</p>
+<p>This approach has an extra benefit as you don&rsquo;t need to expose the service to the
+container&rsquo;s host network, because it does not need a target IP and Port. On the other
+hand we introduce an extra hop.</p>
+<h3 id="3-haproxy">3. HAProxy</h3>
+<p>The HAProxy can be configured as a reverse proxy, forwarding packets to the router
+ingress IP and Port. In the end it is similar to the Netfilter approach, but it requires
+an extra hop processing the packets as well, so this is possibly the least recommended
+choice.</p>
+<h2 id="artifacts-for-evaluation">Artifacts for evaluation</h2>
+<p>You can download and evaluate each of the approaches through the following links.
+These samples can be run using <code>docker compose</code> or <code>podman-compose</code>.</p>
+<p><a href="netfilter.tar.gz">1. Netfilter</a></p>
+<p><a href="edgerouter.tar.gz">2. Edge-Router</a></p>
+<p><a href="haproxy.tar.gz">3. HAProxy</a></p>
+<h2 id="validating-each-scenario">Validating each scenario</h2>
+<table>
+<thead>
+<tr>
+<th>Container engine</th>
+<th>Deploy</th>
+<th>Teardown</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td>Podman</td>
+<td>podman-compose up -d</td>
+<td>podman-compose down</td>
+</tr>
+<tr>
+<td>Docker</td>
+<td>docker compose up -d</td>
+<td>docker compose down</td>
+</tr>
+</tbody>
+</table>
+<p>For each scenario, you can validate that you&rsquo;re able to access the target service through
+Host&rsquo;s port 8080 as well as through the container&rsquo;s bridge network (<em>sample_sample1</em>) via my-service:8080.</p>
+<p>Here is how:</p>
+<ol>
+<li>Access through the host</li>
+</ol>
+<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>curl http://0.0.0.0:8080
+</span></span></code></pre></div><ol start="2">
+<li>Access through the container&rsquo;s bridge network</li>
+</ol>
+<p>First adjust the value of the CONTAINER variable to the container engine being used (podman or docker).</p>
+<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>CONTAINER<span style="color:#f92672">=</span>podman
+</span></span><span style="display:flex;"><span><span style="color:#e6db74">${</span>CONTAINER<span style="color:#e6db74">}</span> run --rm --network sample_sample1 curlimages/curl http://my-service:8080
+</span></span></code></pre></div><h2 id="conclusion">Conclusion</h2>
+<p>If requiring a host&rsquo;s IP/Port to be exposed is not a problem, the Netfilter approach
+seems like the best fit.</p>
+<p>But in case exposing only into the container&rsquo;s network without exposing it through the host
+is a requirement, then Edge-router is the only choice that can be used.</p>
+]]></content>
+        </item>
+        
         <item>
             <title>Running skupper-router containers with compose</title>
             <link>https://fgiorgetti.github.io/posts/20240320-router-with-compose/</link>
diff --git a/sitemap.xml b/sitemap.xml
index 7acd976..17819ab 100644
--- a/sitemap.xml
+++ b/sitemap.xml
@@ -2,34 +2,55 @@
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
   xmlns:xhtml="http://www.w3.org/1999/xhtml">
   <url>
+    <loc>https://fgiorgetti.github.io/tags/compose/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
+  </url><url>
     <loc>https://fgiorgetti.github.io/tags/docker/</loc>
-    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
   </url><url>
-    <loc>https://fgiorgetti.github.io/tags/docker-compose/</loc>
-    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+    <loc>https://fgiorgetti.github.io/tags/edge/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
+  </url><url>
+    <loc>https://fgiorgetti.github.io/tags/edge-router/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
   </url><url>
     <loc>https://fgiorgetti.github.io/</loc>
-    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
   </url><url>
-    <loc>https://fgiorgetti.github.io/tags/podman/</loc>
-    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+    <loc>https://fgiorgetti.github.io/tags/haproxy/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
   </url><url>
-    <loc>https://fgiorgetti.github.io/tags/podman-compose/</loc>
-    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+    <loc>https://fgiorgetti.github.io/tags/iptables/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
   </url><url>
-    <loc>https://fgiorgetti.github.io/posts/</loc>
-    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+    <loc>https://fgiorgetti.github.io/tags/netfilter/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
   </url><url>
-    <loc>https://fgiorgetti.github.io/posts/20240320-router-with-compose/</loc>
-    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+    <loc>https://fgiorgetti.github.io/tags/podman/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
+  </url><url>
+    <loc>https://fgiorgetti.github.io/posts/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
   </url><url>
     <loc>https://fgiorgetti.github.io/tags/skupper/</loc>
-    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
+  </url><url>
+    <loc>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
   </url><url>
     <loc>https://fgiorgetti.github.io/tags/skupper-router/</loc>
-    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
   </url><url>
     <loc>https://fgiorgetti.github.io/tags/</loc>
+    <lastmod>2024-03-22T16:19:33-03:00</lastmod>
+  </url><url>
+    <loc>https://fgiorgetti.github.io/tags/docker-compose/</loc>
+    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+  </url><url>
+    <loc>https://fgiorgetti.github.io/tags/podman-compose/</loc>
+    <lastmod>2024-03-20T09:14:27-03:00</lastmod>
+  </url><url>
+    <loc>https://fgiorgetti.github.io/posts/20240320-router-with-compose/</loc>
     <lastmod>2024-03-20T09:14:27-03:00</lastmod>
   </url><url>
     <loc>https://fgiorgetti.github.io/tags/kubernetes/</loc>
diff --git a/tags/compose/index.html b/tags/compose/index.html
new file mode 100644
index 0000000..433ee27
--- /dev/null
+++ b/tags/compose/index.html
@@ -0,0 +1,173 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="ie=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+<meta name="author" content="">
+<meta name="description" content="" />
+<meta name="keywords" content="software" />
+<meta name="robots" content="noodp" />
+<meta name="theme-color" content="" />
+<link rel="canonical" href="https://fgiorgetti.github.io/tags/compose/" />
+
+
+    <title>
+        
+            compose :: Fernando Giorgetti - about me  — Software engineering topics
+        
+    </title>
+
+
+
+<link href="https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css" rel="stylesheet"
+    type="text/css">
+
+
+
+<link rel="stylesheet" href="/main.4e5c639214707eff609bb55fe49e183dee42258a73bc90e4cc7b0a84f900798a.css">
+
+
+
+    <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
+    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+    <link rel="manifest" href="/site.webmanifest">
+    <link rel="mask-icon" href="/safari-pinned-tab.svg" color="">
+    <link rel="shortcut icon" href="/favicon.ico">
+    <meta name="msapplication-TileColor" content="">
+
+
+<meta itemprop="name" content="compose">
+<meta itemprop="description" content="Software Engineer and Open source passionate user.">
+<meta name="twitter:card" content="summary"/>
+<meta name="twitter:title" content="compose"/>
+<meta name="twitter:description" content="Software Engineer and Open source passionate user."/>
+
+
+
+    <meta property="og:title" content="compose" />
+<meta property="og:description" content="Software Engineer and Open source passionate user." />
+<meta property="og:type" content="website" />
+<meta property="og:url" content="https://fgiorgetti.github.io/tags/compose/" /><meta property="og:site_name" content="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+
+<link rel="alternate" type="application/rss+xml" href="https://fgiorgetti.github.io/tags/compose/index.xml" title="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+    </head>
+
+    
+        <body>
+    
+    
+        <div class="container">
+            <header class="header">
+    <span class="header__inner">
+        <a href="/" style="text-decoration: none;">
+    <div class="logo">
+        
+            <span class="logo__mark">></span>
+            <span class="logo__text">giorgetti.com.br</span>
+            <span class="logo__cursor" style=
+                  "
+                   
+                   ">
+            </span>
+        
+    </div>
+</a>
+
+
+        <span class="header__right">
+            
+                <nav class="menu">
+    <ul class="menu__inner"><li><a href="/">Home</a></li><li><a href="/posts">Writings</a></li><li><a href="/tags">Tags</a></li>
+    </ul>
+</nav>
+
+                <span class="menu-trigger">
+                    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+                        <path d="M0 0h24v24H0z" fill="none"/>
+                        <path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/>
+                    </svg>
+                </span>
+            
+                <div>
+                    &nbsp; <a href="https://github.com/fgiorgetti" target="_blank" rel="noopener" title="Github"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M9 19c-5 1.5-5-2.5-7-3m14 6v-3.87a3.37 3.37 0 0 0-.94-2.61c3.14-.35 6.44-1.54 6.44-7A5.44 5.44 0 0 0 20 4.77 5.07 5.07 0 0 0 19.91 1S18.73.65 16 2.48a13.38 13.38 0 0 0-7 0C6.27.65 5.09 1 5.09 1A5.07 5.07 0 0 0 5 4.77a5.44 5.44 0 0 0-1.5 3.78c0 5.42 3.3 6.61 6.44 7A3.37 3.37 0 0 0 9 18.13V22"></path></svg></a> &nbsp;&nbsp; <a href="https://www.linkedin.com/in/fernandogiorgetti" target="_blank" rel="noopener" title="Linkedin"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M16 8a6 6 0 0 1 6 6v7h-4v-7a2 2 0 0 0-2-2 2 2 0 0 0-2 2v7h-4v-7a6 6 0 0 1 6-6z"></path><rect x="2" y="9" width="4" height="12"></rect><circle cx="4" cy="4" r="2"></circle></svg></a> &nbsp;
+                </div>
+        </span>
+    </span>
+</header>
+
+
+            <div class="content">
+                
+    
+    
+    <main class="posts">
+        <h1>compose</h1>
+
+        
+
+        
+            <div class="posts-group">
+                <div class="post-year">2024</div>
+
+                <ul class="posts-list">
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                </ul>
+            </div>
+        
+    <div class="pagination">
+    <div class="pagination__buttons">
+        
+        
+    </div>
+</div>
+
+    </main>
+
+            </div>
+
+            
+                <footer class="footer">
+    
+    
+</footer>
+
+            
+        </div>
+
+        
+
+
+
+<script type="text/javascript" src="/bundle.min.bb2c6bc3ed452ca4759660e4020811f248bc2320081559e8a32d8b0092773852941133639d35e8370d03d3ddaa750b1edd6b343c5bd22a55d5bdeae8f648f49b.js" integrity="sha512-uyxrw&#43;1FLKR1lmDkAggR8ki8IyAIFVnooy2LAJJ3OFKUETNjnTXoNw0D092qdQse3Ws0PFvSKlXVvero9kj0mw=="></script>
+
+
+
+    </body>
+</html>
diff --git a/tags/compose/index.xml b/tags/compose/index.xml
new file mode 100644
index 0000000..8d29cf3
--- /dev/null
+++ b/tags/compose/index.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
+  <channel>
+    <title>compose on Fernando Giorgetti - about me</title>
+    <link>https://fgiorgetti.github.io/tags/compose/</link>
+    <description>Recent content in compose on Fernando Giorgetti - about me</description>
+    <generator>Hugo -- gohugo.io</generator>
+    <language>en-us</language>
+    <copyright>Fernando Giorgetti</copyright>
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/compose/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
+  </channel>
+</rss>
diff --git a/tags/compose/page/1/index.html b/tags/compose/page/1/index.html
new file mode 100644
index 0000000..f1bdd1b
--- /dev/null
+++ b/tags/compose/page/1/index.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en-us">
+  <head>
+    <title>https://fgiorgetti.github.io/tags/compose/</title>
+    <link rel="canonical" href="https://fgiorgetti.github.io/tags/compose/">
+    <meta name="robots" content="noindex">
+    <meta charset="utf-8">
+    <meta http-equiv="refresh" content="0; url=https://fgiorgetti.github.io/tags/compose/">
+  </head>
+</html>
diff --git a/tags/docker/index.html b/tags/docker/index.html
index 99342bb..ecea3da 100644
--- a/tags/docker/index.html
+++ b/tags/docker/index.html
@@ -127,6 +127,17 @@ <h1>docker</h1>
 
                 <ul class="posts-list">
                     
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
                         <li class="post-item">
                             <a href="https://fgiorgetti.github.io/posts/20240320-router-with-compose/">
                                 <span class="post-title">Running skupper-router containers with compose</span>
diff --git a/tags/docker/index.xml b/tags/docker/index.xml
index 682e51f..7c757e1 100644
--- a/tags/docker/index.xml
+++ b/tags/docker/index.xml
@@ -7,7 +7,19 @@
     <generator>Hugo -- gohugo.io</generator>
     <language>en-us</language>
     <copyright>Fernando Giorgetti</copyright>
-    <lastBuildDate>Wed, 20 Mar 2024 09:14:27 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/docker/index.xml" rel="self" type="application/rss+xml" />
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/docker/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
     <item>
       <title>Running skupper-router containers with compose</title>
       <link>https://fgiorgetti.github.io/posts/20240320-router-with-compose/</link>
diff --git a/tags/edge-router/index.html b/tags/edge-router/index.html
new file mode 100644
index 0000000..b031169
--- /dev/null
+++ b/tags/edge-router/index.html
@@ -0,0 +1,173 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="ie=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+<meta name="author" content="">
+<meta name="description" content="" />
+<meta name="keywords" content="software" />
+<meta name="robots" content="noodp" />
+<meta name="theme-color" content="" />
+<link rel="canonical" href="https://fgiorgetti.github.io/tags/edge-router/" />
+
+
+    <title>
+        
+            edge-router :: Fernando Giorgetti - about me  — Software engineering topics
+        
+    </title>
+
+
+
+<link href="https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css" rel="stylesheet"
+    type="text/css">
+
+
+
+<link rel="stylesheet" href="/main.4e5c639214707eff609bb55fe49e183dee42258a73bc90e4cc7b0a84f900798a.css">
+
+
+
+    <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
+    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+    <link rel="manifest" href="/site.webmanifest">
+    <link rel="mask-icon" href="/safari-pinned-tab.svg" color="">
+    <link rel="shortcut icon" href="/favicon.ico">
+    <meta name="msapplication-TileColor" content="">
+
+
+<meta itemprop="name" content="edge-router">
+<meta itemprop="description" content="Software Engineer and Open source passionate user.">
+<meta name="twitter:card" content="summary"/>
+<meta name="twitter:title" content="edge-router"/>
+<meta name="twitter:description" content="Software Engineer and Open source passionate user."/>
+
+
+
+    <meta property="og:title" content="edge-router" />
+<meta property="og:description" content="Software Engineer and Open source passionate user." />
+<meta property="og:type" content="website" />
+<meta property="og:url" content="https://fgiorgetti.github.io/tags/edge-router/" /><meta property="og:site_name" content="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+
+<link rel="alternate" type="application/rss+xml" href="https://fgiorgetti.github.io/tags/edge-router/index.xml" title="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+    </head>
+
+    
+        <body>
+    
+    
+        <div class="container">
+            <header class="header">
+    <span class="header__inner">
+        <a href="/" style="text-decoration: none;">
+    <div class="logo">
+        
+            <span class="logo__mark">></span>
+            <span class="logo__text">giorgetti.com.br</span>
+            <span class="logo__cursor" style=
+                  "
+                   
+                   ">
+            </span>
+        
+    </div>
+</a>
+
+
+        <span class="header__right">
+            
+                <nav class="menu">
+    <ul class="menu__inner"><li><a href="/">Home</a></li><li><a href="/posts">Writings</a></li><li><a href="/tags">Tags</a></li>
+    </ul>
+</nav>
+
+                <span class="menu-trigger">
+                    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+                        <path d="M0 0h24v24H0z" fill="none"/>
+                        <path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/>
+                    </svg>
+                </span>
+            
+                <div>
+                    &nbsp; <a href="https://github.com/fgiorgetti" target="_blank" rel="noopener" title="Github"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M9 19c-5 1.5-5-2.5-7-3m14 6v-3.87a3.37 3.37 0 0 0-.94-2.61c3.14-.35 6.44-1.54 6.44-7A5.44 5.44 0 0 0 20 4.77 5.07 5.07 0 0 0 19.91 1S18.73.65 16 2.48a13.38 13.38 0 0 0-7 0C6.27.65 5.09 1 5.09 1A5.07 5.07 0 0 0 5 4.77a5.44 5.44 0 0 0-1.5 3.78c0 5.42 3.3 6.61 6.44 7A3.37 3.37 0 0 0 9 18.13V22"></path></svg></a> &nbsp;&nbsp; <a href="https://www.linkedin.com/in/fernandogiorgetti" target="_blank" rel="noopener" title="Linkedin"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M16 8a6 6 0 0 1 6 6v7h-4v-7a2 2 0 0 0-2-2 2 2 0 0 0-2 2v7h-4v-7a6 6 0 0 1 6-6z"></path><rect x="2" y="9" width="4" height="12"></rect><circle cx="4" cy="4" r="2"></circle></svg></a> &nbsp;
+                </div>
+        </span>
+    </span>
+</header>
+
+
+            <div class="content">
+                
+    
+    
+    <main class="posts">
+        <h1>edge-router</h1>
+
+        
+
+        
+            <div class="posts-group">
+                <div class="post-year">2024</div>
+
+                <ul class="posts-list">
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                </ul>
+            </div>
+        
+    <div class="pagination">
+    <div class="pagination__buttons">
+        
+        
+    </div>
+</div>
+
+    </main>
+
+            </div>
+
+            
+                <footer class="footer">
+    
+    
+</footer>
+
+            
+        </div>
+
+        
+
+
+
+<script type="text/javascript" src="/bundle.min.bb2c6bc3ed452ca4759660e4020811f248bc2320081559e8a32d8b0092773852941133639d35e8370d03d3ddaa750b1edd6b343c5bd22a55d5bdeae8f648f49b.js" integrity="sha512-uyxrw&#43;1FLKR1lmDkAggR8ki8IyAIFVnooy2LAJJ3OFKUETNjnTXoNw0D092qdQse3Ws0PFvSKlXVvero9kj0mw=="></script>
+
+
+
+    </body>
+</html>
diff --git a/tags/edge-router/index.xml b/tags/edge-router/index.xml
new file mode 100644
index 0000000..a212fc1
--- /dev/null
+++ b/tags/edge-router/index.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
+  <channel>
+    <title>edge-router on Fernando Giorgetti - about me</title>
+    <link>https://fgiorgetti.github.io/tags/edge-router/</link>
+    <description>Recent content in edge-router on Fernando Giorgetti - about me</description>
+    <generator>Hugo -- gohugo.io</generator>
+    <language>en-us</language>
+    <copyright>Fernando Giorgetti</copyright>
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/edge-router/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
+  </channel>
+</rss>
diff --git a/tags/edge-router/page/1/index.html b/tags/edge-router/page/1/index.html
new file mode 100644
index 0000000..ef406b8
--- /dev/null
+++ b/tags/edge-router/page/1/index.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en-us">
+  <head>
+    <title>https://fgiorgetti.github.io/tags/edge-router/</title>
+    <link rel="canonical" href="https://fgiorgetti.github.io/tags/edge-router/">
+    <meta name="robots" content="noindex">
+    <meta charset="utf-8">
+    <meta http-equiv="refresh" content="0; url=https://fgiorgetti.github.io/tags/edge-router/">
+  </head>
+</html>
diff --git a/tags/edge/index.html b/tags/edge/index.html
new file mode 100644
index 0000000..fce07a4
--- /dev/null
+++ b/tags/edge/index.html
@@ -0,0 +1,173 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="ie=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+<meta name="author" content="">
+<meta name="description" content="" />
+<meta name="keywords" content="software" />
+<meta name="robots" content="noodp" />
+<meta name="theme-color" content="" />
+<link rel="canonical" href="https://fgiorgetti.github.io/tags/edge/" />
+
+
+    <title>
+        
+            edge :: Fernando Giorgetti - about me  — Software engineering topics
+        
+    </title>
+
+
+
+<link href="https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css" rel="stylesheet"
+    type="text/css">
+
+
+
+<link rel="stylesheet" href="/main.4e5c639214707eff609bb55fe49e183dee42258a73bc90e4cc7b0a84f900798a.css">
+
+
+
+    <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
+    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+    <link rel="manifest" href="/site.webmanifest">
+    <link rel="mask-icon" href="/safari-pinned-tab.svg" color="">
+    <link rel="shortcut icon" href="/favicon.ico">
+    <meta name="msapplication-TileColor" content="">
+
+
+<meta itemprop="name" content="edge">
+<meta itemprop="description" content="Software Engineer and Open source passionate user.">
+<meta name="twitter:card" content="summary"/>
+<meta name="twitter:title" content="edge"/>
+<meta name="twitter:description" content="Software Engineer and Open source passionate user."/>
+
+
+
+    <meta property="og:title" content="edge" />
+<meta property="og:description" content="Software Engineer and Open source passionate user." />
+<meta property="og:type" content="website" />
+<meta property="og:url" content="https://fgiorgetti.github.io/tags/edge/" /><meta property="og:site_name" content="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+
+<link rel="alternate" type="application/rss+xml" href="https://fgiorgetti.github.io/tags/edge/index.xml" title="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+    </head>
+
+    
+        <body>
+    
+    
+        <div class="container">
+            <header class="header">
+    <span class="header__inner">
+        <a href="/" style="text-decoration: none;">
+    <div class="logo">
+        
+            <span class="logo__mark">></span>
+            <span class="logo__text">giorgetti.com.br</span>
+            <span class="logo__cursor" style=
+                  "
+                   
+                   ">
+            </span>
+        
+    </div>
+</a>
+
+
+        <span class="header__right">
+            
+                <nav class="menu">
+    <ul class="menu__inner"><li><a href="/">Home</a></li><li><a href="/posts">Writings</a></li><li><a href="/tags">Tags</a></li>
+    </ul>
+</nav>
+
+                <span class="menu-trigger">
+                    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+                        <path d="M0 0h24v24H0z" fill="none"/>
+                        <path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/>
+                    </svg>
+                </span>
+            
+                <div>
+                    &nbsp; <a href="https://github.com/fgiorgetti" target="_blank" rel="noopener" title="Github"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M9 19c-5 1.5-5-2.5-7-3m14 6v-3.87a3.37 3.37 0 0 0-.94-2.61c3.14-.35 6.44-1.54 6.44-7A5.44 5.44 0 0 0 20 4.77 5.07 5.07 0 0 0 19.91 1S18.73.65 16 2.48a13.38 13.38 0 0 0-7 0C6.27.65 5.09 1 5.09 1A5.07 5.07 0 0 0 5 4.77a5.44 5.44 0 0 0-1.5 3.78c0 5.42 3.3 6.61 6.44 7A3.37 3.37 0 0 0 9 18.13V22"></path></svg></a> &nbsp;&nbsp; <a href="https://www.linkedin.com/in/fernandogiorgetti" target="_blank" rel="noopener" title="Linkedin"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M16 8a6 6 0 0 1 6 6v7h-4v-7a2 2 0 0 0-2-2 2 2 0 0 0-2 2v7h-4v-7a6 6 0 0 1 6-6z"></path><rect x="2" y="9" width="4" height="12"></rect><circle cx="4" cy="4" r="2"></circle></svg></a> &nbsp;
+                </div>
+        </span>
+    </span>
+</header>
+
+
+            <div class="content">
+                
+    
+    
+    <main class="posts">
+        <h1>edge</h1>
+
+        
+
+        
+            <div class="posts-group">
+                <div class="post-year">2024</div>
+
+                <ul class="posts-list">
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                </ul>
+            </div>
+        
+    <div class="pagination">
+    <div class="pagination__buttons">
+        
+        
+    </div>
+</div>
+
+    </main>
+
+            </div>
+
+            
+                <footer class="footer">
+    
+    
+</footer>
+
+            
+        </div>
+
+        
+
+
+
+<script type="text/javascript" src="/bundle.min.bb2c6bc3ed452ca4759660e4020811f248bc2320081559e8a32d8b0092773852941133639d35e8370d03d3ddaa750b1edd6b343c5bd22a55d5bdeae8f648f49b.js" integrity="sha512-uyxrw&#43;1FLKR1lmDkAggR8ki8IyAIFVnooy2LAJJ3OFKUETNjnTXoNw0D092qdQse3Ws0PFvSKlXVvero9kj0mw=="></script>
+
+
+
+    </body>
+</html>
diff --git a/tags/edge/index.xml b/tags/edge/index.xml
new file mode 100644
index 0000000..4c42c0f
--- /dev/null
+++ b/tags/edge/index.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
+  <channel>
+    <title>edge on Fernando Giorgetti - about me</title>
+    <link>https://fgiorgetti.github.io/tags/edge/</link>
+    <description>Recent content in edge on Fernando Giorgetti - about me</description>
+    <generator>Hugo -- gohugo.io</generator>
+    <language>en-us</language>
+    <copyright>Fernando Giorgetti</copyright>
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/edge/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
+  </channel>
+</rss>
diff --git a/tags/edge/page/1/index.html b/tags/edge/page/1/index.html
new file mode 100644
index 0000000..bbe0c31
--- /dev/null
+++ b/tags/edge/page/1/index.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en-us">
+  <head>
+    <title>https://fgiorgetti.github.io/tags/edge/</title>
+    <link rel="canonical" href="https://fgiorgetti.github.io/tags/edge/">
+    <meta name="robots" content="noindex">
+    <meta charset="utf-8">
+    <meta http-equiv="refresh" content="0; url=https://fgiorgetti.github.io/tags/edge/">
+  </head>
+</html>
diff --git a/tags/haproxy/index.html b/tags/haproxy/index.html
new file mode 100644
index 0000000..f088bd8
--- /dev/null
+++ b/tags/haproxy/index.html
@@ -0,0 +1,173 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="ie=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+<meta name="author" content="">
+<meta name="description" content="" />
+<meta name="keywords" content="software" />
+<meta name="robots" content="noodp" />
+<meta name="theme-color" content="" />
+<link rel="canonical" href="https://fgiorgetti.github.io/tags/haproxy/" />
+
+
+    <title>
+        
+            haproxy :: Fernando Giorgetti - about me  — Software engineering topics
+        
+    </title>
+
+
+
+<link href="https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css" rel="stylesheet"
+    type="text/css">
+
+
+
+<link rel="stylesheet" href="/main.4e5c639214707eff609bb55fe49e183dee42258a73bc90e4cc7b0a84f900798a.css">
+
+
+
+    <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
+    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+    <link rel="manifest" href="/site.webmanifest">
+    <link rel="mask-icon" href="/safari-pinned-tab.svg" color="">
+    <link rel="shortcut icon" href="/favicon.ico">
+    <meta name="msapplication-TileColor" content="">
+
+
+<meta itemprop="name" content="haproxy">
+<meta itemprop="description" content="Software Engineer and Open source passionate user.">
+<meta name="twitter:card" content="summary"/>
+<meta name="twitter:title" content="haproxy"/>
+<meta name="twitter:description" content="Software Engineer and Open source passionate user."/>
+
+
+
+    <meta property="og:title" content="haproxy" />
+<meta property="og:description" content="Software Engineer and Open source passionate user." />
+<meta property="og:type" content="website" />
+<meta property="og:url" content="https://fgiorgetti.github.io/tags/haproxy/" /><meta property="og:site_name" content="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+
+<link rel="alternate" type="application/rss+xml" href="https://fgiorgetti.github.io/tags/haproxy/index.xml" title="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+    </head>
+
+    
+        <body>
+    
+    
+        <div class="container">
+            <header class="header">
+    <span class="header__inner">
+        <a href="/" style="text-decoration: none;">
+    <div class="logo">
+        
+            <span class="logo__mark">></span>
+            <span class="logo__text">giorgetti.com.br</span>
+            <span class="logo__cursor" style=
+                  "
+                   
+                   ">
+            </span>
+        
+    </div>
+</a>
+
+
+        <span class="header__right">
+            
+                <nav class="menu">
+    <ul class="menu__inner"><li><a href="/">Home</a></li><li><a href="/posts">Writings</a></li><li><a href="/tags">Tags</a></li>
+    </ul>
+</nav>
+
+                <span class="menu-trigger">
+                    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+                        <path d="M0 0h24v24H0z" fill="none"/>
+                        <path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/>
+                    </svg>
+                </span>
+            
+                <div>
+                    &nbsp; <a href="https://github.com/fgiorgetti" target="_blank" rel="noopener" title="Github"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M9 19c-5 1.5-5-2.5-7-3m14 6v-3.87a3.37 3.37 0 0 0-.94-2.61c3.14-.35 6.44-1.54 6.44-7A5.44 5.44 0 0 0 20 4.77 5.07 5.07 0 0 0 19.91 1S18.73.65 16 2.48a13.38 13.38 0 0 0-7 0C6.27.65 5.09 1 5.09 1A5.07 5.07 0 0 0 5 4.77a5.44 5.44 0 0 0-1.5 3.78c0 5.42 3.3 6.61 6.44 7A3.37 3.37 0 0 0 9 18.13V22"></path></svg></a> &nbsp;&nbsp; <a href="https://www.linkedin.com/in/fernandogiorgetti" target="_blank" rel="noopener" title="Linkedin"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M16 8a6 6 0 0 1 6 6v7h-4v-7a2 2 0 0 0-2-2 2 2 0 0 0-2 2v7h-4v-7a6 6 0 0 1 6-6z"></path><rect x="2" y="9" width="4" height="12"></rect><circle cx="4" cy="4" r="2"></circle></svg></a> &nbsp;
+                </div>
+        </span>
+    </span>
+</header>
+
+
+            <div class="content">
+                
+    
+    
+    <main class="posts">
+        <h1>haproxy</h1>
+
+        
+
+        
+            <div class="posts-group">
+                <div class="post-year">2024</div>
+
+                <ul class="posts-list">
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                </ul>
+            </div>
+        
+    <div class="pagination">
+    <div class="pagination__buttons">
+        
+        
+    </div>
+</div>
+
+    </main>
+
+            </div>
+
+            
+                <footer class="footer">
+    
+    
+</footer>
+
+            
+        </div>
+
+        
+
+
+
+<script type="text/javascript" src="/bundle.min.bb2c6bc3ed452ca4759660e4020811f248bc2320081559e8a32d8b0092773852941133639d35e8370d03d3ddaa750b1edd6b343c5bd22a55d5bdeae8f648f49b.js" integrity="sha512-uyxrw&#43;1FLKR1lmDkAggR8ki8IyAIFVnooy2LAJJ3OFKUETNjnTXoNw0D092qdQse3Ws0PFvSKlXVvero9kj0mw=="></script>
+
+
+
+    </body>
+</html>
diff --git a/tags/haproxy/index.xml b/tags/haproxy/index.xml
new file mode 100644
index 0000000..483d4e7
--- /dev/null
+++ b/tags/haproxy/index.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
+  <channel>
+    <title>haproxy on Fernando Giorgetti - about me</title>
+    <link>https://fgiorgetti.github.io/tags/haproxy/</link>
+    <description>Recent content in haproxy on Fernando Giorgetti - about me</description>
+    <generator>Hugo -- gohugo.io</generator>
+    <language>en-us</language>
+    <copyright>Fernando Giorgetti</copyright>
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/haproxy/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
+  </channel>
+</rss>
diff --git a/tags/haproxy/page/1/index.html b/tags/haproxy/page/1/index.html
new file mode 100644
index 0000000..16c8f29
--- /dev/null
+++ b/tags/haproxy/page/1/index.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en-us">
+  <head>
+    <title>https://fgiorgetti.github.io/tags/haproxy/</title>
+    <link rel="canonical" href="https://fgiorgetti.github.io/tags/haproxy/">
+    <meta name="robots" content="noindex">
+    <meta charset="utf-8">
+    <meta http-equiv="refresh" content="0; url=https://fgiorgetti.github.io/tags/haproxy/">
+  </head>
+</html>
diff --git a/tags/index.html b/tags/index.html
index 51f5090..cbe7d1e 100644
--- a/tags/index.html
+++ b/tags/index.html
@@ -132,7 +132,7 @@ <h1>Tags</h1>
                                 <span class="post-title">skupper-router</span>
                                 <span class="post-day">
                                     
-                                        Mar 20
+                                        Mar 22
                                     
                                 </span>
                             </a>
@@ -143,103 +143,95 @@ <h1>Tags</h1>
                                 <span class="post-title">skupper</span>
                                 <span class="post-day">
                                     
-                                        Mar 20
+                                        Mar 22
                                     
                                 </span>
                             </a>
                         </li>
                     
                         <li class="post-item">
-                            <a href="https://fgiorgetti.github.io/tags/podman-compose/">
-                                <span class="post-title">podman-compose</span>
+                            <a href="https://fgiorgetti.github.io/tags/podman/">
+                                <span class="post-title">podman</span>
                                 <span class="post-day">
                                     
-                                        Mar 20
+                                        Mar 22
                                     
                                 </span>
                             </a>
                         </li>
                     
                         <li class="post-item">
-                            <a href="https://fgiorgetti.github.io/tags/podman/">
-                                <span class="post-title">podman</span>
+                            <a href="https://fgiorgetti.github.io/tags/netfilter/">
+                                <span class="post-title">netfilter</span>
                                 <span class="post-day">
                                     
-                                        Mar 20
+                                        Mar 22
                                     
                                 </span>
                             </a>
                         </li>
                     
                         <li class="post-item">
-                            <a href="https://fgiorgetti.github.io/tags/docker-compose/">
-                                <span class="post-title">docker-compose</span>
+                            <a href="https://fgiorgetti.github.io/tags/iptables/">
+                                <span class="post-title">iptables</span>
                                 <span class="post-day">
                                     
-                                        Mar 20
+                                        Mar 22
                                     
                                 </span>
                             </a>
                         </li>
                     
                         <li class="post-item">
-                            <a href="https://fgiorgetti.github.io/tags/docker/">
-                                <span class="post-title">docker</span>
+                            <a href="https://fgiorgetti.github.io/tags/haproxy/">
+                                <span class="post-title">haproxy</span>
                                 <span class="post-day">
                                     
-                                        Mar 20
+                                        Mar 22
                                     
                                 </span>
                             </a>
                         </li>
                     
                         <li class="post-item">
-                            <a href="https://fgiorgetti.github.io/tags/kubernetes/">
-                                <span class="post-title">kubernetes</span>
+                            <a href="https://fgiorgetti.github.io/tags/edge-router/">
+                                <span class="post-title">edge-router</span>
                                 <span class="post-day">
                                     
-                                        Mar 19
+                                        Mar 22
                                     
                                 </span>
                             </a>
                         </li>
                     
-                </ul>
-            </div>
-        
-            <div class="posts-group">
-                <div class="post-year">2022</div>
-
-                <ul class="posts-list">
-                    
                         <li class="post-item">
-                            <a href="https://fgiorgetti.github.io/tags/ansible/">
-                                <span class="post-title">ansible</span>
+                            <a href="https://fgiorgetti.github.io/tags/edge/">
+                                <span class="post-title">edge</span>
                                 <span class="post-day">
                                     
-                                        Nov 17
+                                        Mar 22
                                     
                                 </span>
                             </a>
                         </li>
                     
                         <li class="post-item">
-                            <a href="https://fgiorgetti.github.io/tags/golang/">
-                                <span class="post-title">golang</span>
+                            <a href="https://fgiorgetti.github.io/tags/docker/">
+                                <span class="post-title">docker</span>
                                 <span class="post-day">
                                     
-                                        Aug 23
+                                        Mar 22
                                     
                                 </span>
                             </a>
                         </li>
                     
                         <li class="post-item">
-                            <a href="https://fgiorgetti.github.io/tags/fsnotify/">
-                                <span class="post-title">fsnotify</span>
+                            <a href="https://fgiorgetti.github.io/tags/compose/">
+                                <span class="post-title">compose</span>
                                 <span class="post-day">
                                     
-                                        Aug 23
+                                        Mar 22
                                     
                                 </span>
                             </a>
diff --git a/tags/index.xml b/tags/index.xml
index c132a72..320693b 100644
--- a/tags/index.xml
+++ b/tags/index.xml
@@ -7,47 +7,83 @@
     <generator>Hugo -- gohugo.io</generator>
     <language>en-us</language>
     <copyright>Fernando Giorgetti</copyright>
-    <lastBuildDate>Wed, 20 Mar 2024 09:14:27 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/index.xml" rel="self" type="application/rss+xml" />
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>compose</title>
+      <link>https://fgiorgetti.github.io/tags/compose/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/tags/compose/</guid>
+      <description></description>
+    </item>
+    
     <item>
       <title>docker</title>
       <link>https://fgiorgetti.github.io/tags/docker/</link>
-      <pubDate>Wed, 20 Mar 2024 09:14:27 -0300</pubDate>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
       
       <guid>https://fgiorgetti.github.io/tags/docker/</guid>
       <description></description>
     </item>
     
     <item>
-      <title>docker-compose</title>
-      <link>https://fgiorgetti.github.io/tags/docker-compose/</link>
-      <pubDate>Wed, 20 Mar 2024 09:14:27 -0300</pubDate>
+      <title>edge</title>
+      <link>https://fgiorgetti.github.io/tags/edge/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
       
-      <guid>https://fgiorgetti.github.io/tags/docker-compose/</guid>
+      <guid>https://fgiorgetti.github.io/tags/edge/</guid>
       <description></description>
     </item>
     
     <item>
-      <title>podman</title>
-      <link>https://fgiorgetti.github.io/tags/podman/</link>
-      <pubDate>Wed, 20 Mar 2024 09:14:27 -0300</pubDate>
+      <title>edge-router</title>
+      <link>https://fgiorgetti.github.io/tags/edge-router/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
       
-      <guid>https://fgiorgetti.github.io/tags/podman/</guid>
+      <guid>https://fgiorgetti.github.io/tags/edge-router/</guid>
       <description></description>
     </item>
     
     <item>
-      <title>podman-compose</title>
-      <link>https://fgiorgetti.github.io/tags/podman-compose/</link>
-      <pubDate>Wed, 20 Mar 2024 09:14:27 -0300</pubDate>
+      <title>haproxy</title>
+      <link>https://fgiorgetti.github.io/tags/haproxy/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
       
-      <guid>https://fgiorgetti.github.io/tags/podman-compose/</guid>
+      <guid>https://fgiorgetti.github.io/tags/haproxy/</guid>
+      <description></description>
+    </item>
+    
+    <item>
+      <title>iptables</title>
+      <link>https://fgiorgetti.github.io/tags/iptables/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/tags/iptables/</guid>
+      <description></description>
+    </item>
+    
+    <item>
+      <title>netfilter</title>
+      <link>https://fgiorgetti.github.io/tags/netfilter/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/tags/netfilter/</guid>
+      <description></description>
+    </item>
+    
+    <item>
+      <title>podman</title>
+      <link>https://fgiorgetti.github.io/tags/podman/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/tags/podman/</guid>
       <description></description>
     </item>
     
     <item>
       <title>skupper</title>
       <link>https://fgiorgetti.github.io/tags/skupper/</link>
-      <pubDate>Wed, 20 Mar 2024 09:14:27 -0300</pubDate>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
       
       <guid>https://fgiorgetti.github.io/tags/skupper/</guid>
       <description></description>
@@ -56,12 +92,30 @@
     <item>
       <title>skupper-router</title>
       <link>https://fgiorgetti.github.io/tags/skupper-router/</link>
-      <pubDate>Wed, 20 Mar 2024 09:14:27 -0300</pubDate>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
       
       <guid>https://fgiorgetti.github.io/tags/skupper-router/</guid>
       <description></description>
     </item>
     
+    <item>
+      <title>docker-compose</title>
+      <link>https://fgiorgetti.github.io/tags/docker-compose/</link>
+      <pubDate>Wed, 20 Mar 2024 09:14:27 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/tags/docker-compose/</guid>
+      <description></description>
+    </item>
+    
+    <item>
+      <title>podman-compose</title>
+      <link>https://fgiorgetti.github.io/tags/podman-compose/</link>
+      <pubDate>Wed, 20 Mar 2024 09:14:27 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/tags/podman-compose/</guid>
+      <description></description>
+    </item>
+    
     <item>
       <title>kubernetes</title>
       <link>https://fgiorgetti.github.io/tags/kubernetes/</link>
diff --git a/tags/iptables/index.html b/tags/iptables/index.html
new file mode 100644
index 0000000..cc51b32
--- /dev/null
+++ b/tags/iptables/index.html
@@ -0,0 +1,173 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="ie=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+<meta name="author" content="">
+<meta name="description" content="" />
+<meta name="keywords" content="software" />
+<meta name="robots" content="noodp" />
+<meta name="theme-color" content="" />
+<link rel="canonical" href="https://fgiorgetti.github.io/tags/iptables/" />
+
+
+    <title>
+        
+            iptables :: Fernando Giorgetti - about me  — Software engineering topics
+        
+    </title>
+
+
+
+<link href="https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css" rel="stylesheet"
+    type="text/css">
+
+
+
+<link rel="stylesheet" href="/main.4e5c639214707eff609bb55fe49e183dee42258a73bc90e4cc7b0a84f900798a.css">
+
+
+
+    <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
+    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+    <link rel="manifest" href="/site.webmanifest">
+    <link rel="mask-icon" href="/safari-pinned-tab.svg" color="">
+    <link rel="shortcut icon" href="/favicon.ico">
+    <meta name="msapplication-TileColor" content="">
+
+
+<meta itemprop="name" content="iptables">
+<meta itemprop="description" content="Software Engineer and Open source passionate user.">
+<meta name="twitter:card" content="summary"/>
+<meta name="twitter:title" content="iptables"/>
+<meta name="twitter:description" content="Software Engineer and Open source passionate user."/>
+
+
+
+    <meta property="og:title" content="iptables" />
+<meta property="og:description" content="Software Engineer and Open source passionate user." />
+<meta property="og:type" content="website" />
+<meta property="og:url" content="https://fgiorgetti.github.io/tags/iptables/" /><meta property="og:site_name" content="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+
+<link rel="alternate" type="application/rss+xml" href="https://fgiorgetti.github.io/tags/iptables/index.xml" title="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+    </head>
+
+    
+        <body>
+    
+    
+        <div class="container">
+            <header class="header">
+    <span class="header__inner">
+        <a href="/" style="text-decoration: none;">
+    <div class="logo">
+        
+            <span class="logo__mark">></span>
+            <span class="logo__text">giorgetti.com.br</span>
+            <span class="logo__cursor" style=
+                  "
+                   
+                   ">
+            </span>
+        
+    </div>
+</a>
+
+
+        <span class="header__right">
+            
+                <nav class="menu">
+    <ul class="menu__inner"><li><a href="/">Home</a></li><li><a href="/posts">Writings</a></li><li><a href="/tags">Tags</a></li>
+    </ul>
+</nav>
+
+                <span class="menu-trigger">
+                    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+                        <path d="M0 0h24v24H0z" fill="none"/>
+                        <path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/>
+                    </svg>
+                </span>
+            
+                <div>
+                    &nbsp; <a href="https://github.com/fgiorgetti" target="_blank" rel="noopener" title="Github"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M9 19c-5 1.5-5-2.5-7-3m14 6v-3.87a3.37 3.37 0 0 0-.94-2.61c3.14-.35 6.44-1.54 6.44-7A5.44 5.44 0 0 0 20 4.77 5.07 5.07 0 0 0 19.91 1S18.73.65 16 2.48a13.38 13.38 0 0 0-7 0C6.27.65 5.09 1 5.09 1A5.07 5.07 0 0 0 5 4.77a5.44 5.44 0 0 0-1.5 3.78c0 5.42 3.3 6.61 6.44 7A3.37 3.37 0 0 0 9 18.13V22"></path></svg></a> &nbsp;&nbsp; <a href="https://www.linkedin.com/in/fernandogiorgetti" target="_blank" rel="noopener" title="Linkedin"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M16 8a6 6 0 0 1 6 6v7h-4v-7a2 2 0 0 0-2-2 2 2 0 0 0-2 2v7h-4v-7a6 6 0 0 1 6-6z"></path><rect x="2" y="9" width="4" height="12"></rect><circle cx="4" cy="4" r="2"></circle></svg></a> &nbsp;
+                </div>
+        </span>
+    </span>
+</header>
+
+
+            <div class="content">
+                
+    
+    
+    <main class="posts">
+        <h1>iptables</h1>
+
+        
+
+        
+            <div class="posts-group">
+                <div class="post-year">2024</div>
+
+                <ul class="posts-list">
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                </ul>
+            </div>
+        
+    <div class="pagination">
+    <div class="pagination__buttons">
+        
+        
+    </div>
+</div>
+
+    </main>
+
+            </div>
+
+            
+                <footer class="footer">
+    
+    
+</footer>
+
+            
+        </div>
+
+        
+
+
+
+<script type="text/javascript" src="/bundle.min.bb2c6bc3ed452ca4759660e4020811f248bc2320081559e8a32d8b0092773852941133639d35e8370d03d3ddaa750b1edd6b343c5bd22a55d5bdeae8f648f49b.js" integrity="sha512-uyxrw&#43;1FLKR1lmDkAggR8ki8IyAIFVnooy2LAJJ3OFKUETNjnTXoNw0D092qdQse3Ws0PFvSKlXVvero9kj0mw=="></script>
+
+
+
+    </body>
+</html>
diff --git a/tags/iptables/index.xml b/tags/iptables/index.xml
new file mode 100644
index 0000000..6b02fbd
--- /dev/null
+++ b/tags/iptables/index.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
+  <channel>
+    <title>iptables on Fernando Giorgetti - about me</title>
+    <link>https://fgiorgetti.github.io/tags/iptables/</link>
+    <description>Recent content in iptables on Fernando Giorgetti - about me</description>
+    <generator>Hugo -- gohugo.io</generator>
+    <language>en-us</language>
+    <copyright>Fernando Giorgetti</copyright>
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/iptables/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
+  </channel>
+</rss>
diff --git a/tags/iptables/page/1/index.html b/tags/iptables/page/1/index.html
new file mode 100644
index 0000000..9e2795e
--- /dev/null
+++ b/tags/iptables/page/1/index.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en-us">
+  <head>
+    <title>https://fgiorgetti.github.io/tags/iptables/</title>
+    <link rel="canonical" href="https://fgiorgetti.github.io/tags/iptables/">
+    <meta name="robots" content="noindex">
+    <meta charset="utf-8">
+    <meta http-equiv="refresh" content="0; url=https://fgiorgetti.github.io/tags/iptables/">
+  </head>
+</html>
diff --git a/tags/netfilter/index.html b/tags/netfilter/index.html
new file mode 100644
index 0000000..5fd4b7e
--- /dev/null
+++ b/tags/netfilter/index.html
@@ -0,0 +1,173 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="ie=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+<meta name="author" content="">
+<meta name="description" content="" />
+<meta name="keywords" content="software" />
+<meta name="robots" content="noodp" />
+<meta name="theme-color" content="" />
+<link rel="canonical" href="https://fgiorgetti.github.io/tags/netfilter/" />
+
+
+    <title>
+        
+            netfilter :: Fernando Giorgetti - about me  — Software engineering topics
+        
+    </title>
+
+
+
+<link href="https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.5.0/css/flag-icon.min.css" rel="stylesheet"
+    type="text/css">
+
+
+
+<link rel="stylesheet" href="/main.4e5c639214707eff609bb55fe49e183dee42258a73bc90e4cc7b0a84f900798a.css">
+
+
+
+    <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
+    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+    <link rel="manifest" href="/site.webmanifest">
+    <link rel="mask-icon" href="/safari-pinned-tab.svg" color="">
+    <link rel="shortcut icon" href="/favicon.ico">
+    <meta name="msapplication-TileColor" content="">
+
+
+<meta itemprop="name" content="netfilter">
+<meta itemprop="description" content="Software Engineer and Open source passionate user.">
+<meta name="twitter:card" content="summary"/>
+<meta name="twitter:title" content="netfilter"/>
+<meta name="twitter:description" content="Software Engineer and Open source passionate user."/>
+
+
+
+    <meta property="og:title" content="netfilter" />
+<meta property="og:description" content="Software Engineer and Open source passionate user." />
+<meta property="og:type" content="website" />
+<meta property="og:url" content="https://fgiorgetti.github.io/tags/netfilter/" /><meta property="og:site_name" content="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+
+<link rel="alternate" type="application/rss+xml" href="https://fgiorgetti.github.io/tags/netfilter/index.xml" title="Fernando Giorgetti - about me" />
+
+
+
+
+
+
+
+    </head>
+
+    
+        <body>
+    
+    
+        <div class="container">
+            <header class="header">
+    <span class="header__inner">
+        <a href="/" style="text-decoration: none;">
+    <div class="logo">
+        
+            <span class="logo__mark">></span>
+            <span class="logo__text">giorgetti.com.br</span>
+            <span class="logo__cursor" style=
+                  "
+                   
+                   ">
+            </span>
+        
+    </div>
+</a>
+
+
+        <span class="header__right">
+            
+                <nav class="menu">
+    <ul class="menu__inner"><li><a href="/">Home</a></li><li><a href="/posts">Writings</a></li><li><a href="/tags">Tags</a></li>
+    </ul>
+</nav>
+
+                <span class="menu-trigger">
+                    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+                        <path d="M0 0h24v24H0z" fill="none"/>
+                        <path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/>
+                    </svg>
+                </span>
+            
+                <div>
+                    &nbsp; <a href="https://github.com/fgiorgetti" target="_blank" rel="noopener" title="Github"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M9 19c-5 1.5-5-2.5-7-3m14 6v-3.87a3.37 3.37 0 0 0-.94-2.61c3.14-.35 6.44-1.54 6.44-7A5.44 5.44 0 0 0 20 4.77 5.07 5.07 0 0 0 19.91 1S18.73.65 16 2.48a13.38 13.38 0 0 0-7 0C6.27.65 5.09 1 5.09 1A5.07 5.07 0 0 0 5 4.77a5.44 5.44 0 0 0-1.5 3.78c0 5.42 3.3 6.61 6.44 7A3.37 3.37 0 0 0 9 18.13V22"></path></svg></a> &nbsp;&nbsp; <a href="https://www.linkedin.com/in/fernandogiorgetti" target="_blank" rel="noopener" title="Linkedin"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M16 8a6 6 0 0 1 6 6v7h-4v-7a2 2 0 0 0-2-2 2 2 0 0 0-2 2v7h-4v-7a6 6 0 0 1 6-6z"></path><rect x="2" y="9" width="4" height="12"></rect><circle cx="4" cy="4" r="2"></circle></svg></a> &nbsp;
+                </div>
+        </span>
+    </span>
+</header>
+
+
+            <div class="content">
+                
+    
+    
+    <main class="posts">
+        <h1>netfilter</h1>
+
+        
+
+        
+            <div class="posts-group">
+                <div class="post-year">2024</div>
+
+                <ul class="posts-list">
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                </ul>
+            </div>
+        
+    <div class="pagination">
+    <div class="pagination__buttons">
+        
+        
+    </div>
+</div>
+
+    </main>
+
+            </div>
+
+            
+                <footer class="footer">
+    
+    
+</footer>
+
+            
+        </div>
+
+        
+
+
+
+<script type="text/javascript" src="/bundle.min.bb2c6bc3ed452ca4759660e4020811f248bc2320081559e8a32d8b0092773852941133639d35e8370d03d3ddaa750b1edd6b343c5bd22a55d5bdeae8f648f49b.js" integrity="sha512-uyxrw&#43;1FLKR1lmDkAggR8ki8IyAIFVnooy2LAJJ3OFKUETNjnTXoNw0D092qdQse3Ws0PFvSKlXVvero9kj0mw=="></script>
+
+
+
+    </body>
+</html>
diff --git a/tags/netfilter/index.xml b/tags/netfilter/index.xml
new file mode 100644
index 0000000..557fb25
--- /dev/null
+++ b/tags/netfilter/index.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
+  <channel>
+    <title>netfilter on Fernando Giorgetti - about me</title>
+    <link>https://fgiorgetti.github.io/tags/netfilter/</link>
+    <description>Recent content in netfilter on Fernando Giorgetti - about me</description>
+    <generator>Hugo -- gohugo.io</generator>
+    <language>en-us</language>
+    <copyright>Fernando Giorgetti</copyright>
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/netfilter/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
+  </channel>
+</rss>
diff --git a/tags/netfilter/page/1/index.html b/tags/netfilter/page/1/index.html
new file mode 100644
index 0000000..b500d32
--- /dev/null
+++ b/tags/netfilter/page/1/index.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en-us">
+  <head>
+    <title>https://fgiorgetti.github.io/tags/netfilter/</title>
+    <link rel="canonical" href="https://fgiorgetti.github.io/tags/netfilter/">
+    <meta name="robots" content="noindex">
+    <meta charset="utf-8">
+    <meta http-equiv="refresh" content="0; url=https://fgiorgetti.github.io/tags/netfilter/">
+  </head>
+</html>
diff --git a/tags/page/2/index.html b/tags/page/2/index.html
index d340a42..8af7e7d 100644
--- a/tags/page/2/index.html
+++ b/tags/page/2/index.html
@@ -122,6 +122,88 @@ <h1>Tags</h1>
         
 
         
+            <div class="posts-group">
+                <div class="post-year">2024</div>
+
+                <ul class="posts-list">
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/tags/podman-compose/">
+                                <span class="post-title">podman-compose</span>
+                                <span class="post-day">
+                                    
+                                        Mar 20
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/tags/docker-compose/">
+                                <span class="post-title">docker-compose</span>
+                                <span class="post-day">
+                                    
+                                        Mar 20
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/tags/kubernetes/">
+                                <span class="post-title">kubernetes</span>
+                                <span class="post-day">
+                                    
+                                        Mar 19
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                </ul>
+            </div>
+        
+            <div class="posts-group">
+                <div class="post-year">2022</div>
+
+                <ul class="posts-list">
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/tags/ansible/">
+                                <span class="post-title">ansible</span>
+                                <span class="post-day">
+                                    
+                                        Nov 17
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/tags/golang/">
+                                <span class="post-title">golang</span>
+                                <span class="post-day">
+                                    
+                                        Aug 23
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/tags/fsnotify/">
+                                <span class="post-title">fsnotify</span>
+                                <span class="post-day">
+                                    
+                                        Aug 23
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
+                </ul>
+            </div>
+        
             <div class="posts-group">
                 <div class="post-year">2021</div>
 
diff --git a/tags/podman/index.html b/tags/podman/index.html
index a7b2f31..e7cabbe 100644
--- a/tags/podman/index.html
+++ b/tags/podman/index.html
@@ -127,6 +127,17 @@ <h1>podman</h1>
 
                 <ul class="posts-list">
                     
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
                         <li class="post-item">
                             <a href="https://fgiorgetti.github.io/posts/20240320-router-with-compose/">
                                 <span class="post-title">Running skupper-router containers with compose</span>
diff --git a/tags/podman/index.xml b/tags/podman/index.xml
index 659cd9b..a36a70c 100644
--- a/tags/podman/index.xml
+++ b/tags/podman/index.xml
@@ -7,7 +7,19 @@
     <generator>Hugo -- gohugo.io</generator>
     <language>en-us</language>
     <copyright>Fernando Giorgetti</copyright>
-    <lastBuildDate>Wed, 20 Mar 2024 09:14:27 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/podman/index.xml" rel="self" type="application/rss+xml" />
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/podman/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
     <item>
       <title>Running skupper-router containers with compose</title>
       <link>https://fgiorgetti.github.io/posts/20240320-router-with-compose/</link>
diff --git a/tags/skupper-router/index.html b/tags/skupper-router/index.html
index b5ea649..87a5b48 100644
--- a/tags/skupper-router/index.html
+++ b/tags/skupper-router/index.html
@@ -127,6 +127,17 @@ <h1>skupper-router</h1>
 
                 <ul class="posts-list">
                     
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
                         <li class="post-item">
                             <a href="https://fgiorgetti.github.io/posts/20240320-router-with-compose/">
                                 <span class="post-title">Running skupper-router containers with compose</span>
diff --git a/tags/skupper-router/index.xml b/tags/skupper-router/index.xml
index efe6671..1fb2d6f 100644
--- a/tags/skupper-router/index.xml
+++ b/tags/skupper-router/index.xml
@@ -7,7 +7,19 @@
     <generator>Hugo -- gohugo.io</generator>
     <language>en-us</language>
     <copyright>Fernando Giorgetti</copyright>
-    <lastBuildDate>Wed, 20 Mar 2024 09:14:27 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/skupper-router/index.xml" rel="self" type="application/rss+xml" />
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/skupper-router/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
     <item>
       <title>Running skupper-router containers with compose</title>
       <link>https://fgiorgetti.github.io/posts/20240320-router-with-compose/</link>
diff --git a/tags/skupper/index.html b/tags/skupper/index.html
index c252d58..c6da755 100644
--- a/tags/skupper/index.html
+++ b/tags/skupper/index.html
@@ -127,6 +127,17 @@ <h1>skupper</h1>
 
                 <ul class="posts-list">
                     
+                        <li class="post-item">
+                            <a href="https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/">
+                                <span class="post-title">Skupper service ingress through containers</span>
+                                <span class="post-day">
+                                    
+                                        Mar 22
+                                    
+                                </span>
+                            </a>
+                        </li>
+                    
                         <li class="post-item">
                             <a href="https://fgiorgetti.github.io/posts/20240320-router-with-compose/">
                                 <span class="post-title">Running skupper-router containers with compose</span>
diff --git a/tags/skupper/index.xml b/tags/skupper/index.xml
index 01f8fc0..4f1883f 100644
--- a/tags/skupper/index.xml
+++ b/tags/skupper/index.xml
@@ -7,7 +7,19 @@
     <generator>Hugo -- gohugo.io</generator>
     <language>en-us</language>
     <copyright>Fernando Giorgetti</copyright>
-    <lastBuildDate>Wed, 20 Mar 2024 09:14:27 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/skupper/index.xml" rel="self" type="application/rss+xml" />
+    <lastBuildDate>Fri, 22 Mar 2024 16:19:33 -0300</lastBuildDate><atom:link href="https://fgiorgetti.github.io/tags/skupper/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Skupper service ingress through containers</title>
+      <link>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</link>
+      <pubDate>Fri, 22 Mar 2024 16:19:33 -0300</pubDate>
+      
+      <guid>https://fgiorgetti.github.io/posts/20240322-skupper-podman-ingresses/</guid>
+      <description>Introduction In order to evaluate some strategies for dealing with service ingresses, when running the skupper-router with Podman or Docker, I have used this simple scenario below:
+The router component is connect to the host network, which avoids restarts when extra ports need to be bound.
+In this topology, the my-service workload is reachable from the container&amp;rsquo;s host machine.
+It is exposed through the skupper-router container, which is binding port 8080 on the host machine.</description>
+    </item>
+    
     <item>
       <title>Running skupper-router containers with compose</title>
       <link>https://fgiorgetti.github.io/posts/20240320-router-with-compose/</link>