diff --git a/404.html b/404.html index 342339795..195259289 100644 --- a/404.html +++ b/404.html @@ -10,7 +10,7 @@ - + diff --git a/assets/js/abc5e328.0f7a396e.js b/assets/js/abc5e328.0f7a396e.js new file mode 100644 index 000000000..99985053a --- /dev/null +++ b/assets/js/abc5e328.0f7a396e.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkredkubes_github_io=self.webpackChunkredkubes_github_io||[]).push([[2115],{2477:(e,n,s)=>{s.r(n),s.d(n,{assets:()=>d,contentTitle:()=>r,default:()=>h,frontMatter:()=>t,metadata:()=>i,toc:()=>c});var l=s(5893),o=s(1151);const t={slug:"create-netpols",title:"Configuring network policies",sidebar_label:"Create Network Policies"},r=void 0,i={id:"get-started/labs/create-netpols",title:"Configuring network policies",description:"In some cases you want to explicitly allow access to your application. This can be done by creating network policies. 2 types of network policies are supported:",source:"@site/docs/get-started/labs/create-netpols.md",sourceDirName:"get-started/labs",slug:"/get-started/labs/create-netpols",permalink:"/docs/get-started/labs/create-netpols",draft:!1,unlisted:!1,editUrl:"https://github.com/linode/linode.github.io/tree/main/docs/get-started/labs/create-netpols.md",tags:[],version:"current",frontMatter:{slug:"create-netpols",title:"Configuring network policies",sidebar_label:"Create Network Policies"},sidebar:"mainSidebar",previous:{title:"Using custom metrics",permalink:"/docs/get-started/labs/custom-metrics"},next:{title:"Use OpenTelemery",permalink:"/docs/get-started/labs/use-otel"}},d={},c=[{value:"Understanding Internal Ingress Network Policies",id:"understanding-internal-ingress-network-policies",level:2},{value:"Understanding Egress Network Policies",id:"understanding-egress-network-policies",level:2},{value:"Setting Up Network Policies for the Example Voting App: An Ingress Example",id:"setting-up-network-policies-for-the-example-voting-app-an-ingress-example",level:2},{value:"Build Images for the Application",id:"build-images-for-the-application",level:3},{value:"Create a Redis Cluster and a PostgreSQL Database",id:"create-a-redis-cluster-and-a-postgresql-database",level:3},{value:"Deploy the Vote App",id:"deploy-the-vote-app",level:3},{value:"Deploy the Worker App",id:"deploy-the-worker-app",level:3},{value:"Deploy the Result App",id:"deploy-the-result-app",level:3},{value:"Register Services for Exposure",id:"register-services-for-exposure",level:3},{value:"Vote",id:"vote",level:4},{value:"Result",id:"result",level:4},{value:"Create the Network Policies for the Example Voting App",id:"create-the-network-policies-for-the-example-voting-app",level:3},{value:"Postgres Database",id:"postgres-database",level:4},{value:"Redis",id:"redis",level:4},{value:"Test the Voting App",id:"test-the-voting-app",level:3},{value:"Setting Up Network Policies for apl-docs.net: An Egress Example",id:"setting-up-network-policies-for-apl-docsnet-an-egress-example",level:2},{value:"Register the Network Policy for apl-docs.net",id:"register-the-network-policy-for-apl-docsnet",level:3},{value:"Deploy Netshoot Pod",id:"deploy-netshoot-pod",level:3},{value:"Test the Egress Network Policy",id:"test-the-egress-network-policy",level:3}];function a(e){const n={a:"a",admonition:"admonition",code:"code",h2:"h2",h3:"h3",h4:"h4",li:"li",ol:"ol",p:"p",pre:"pre",ul:"ul",...(0,o.a)(),...e.components};return(0,l.jsxs)(l.Fragment,{children:[(0,l.jsx)(n.p,{children:"In some cases you want to explicitly allow access to your application. This can be done by creating network policies. 2 types of network policies are supported:"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Policies for ingress traffic inside the cluster."}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Policies for egress traffic to go outside of the cluster (to access external FQDNs)."}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h2,{id:"understanding-internal-ingress-network-policies",children:"Understanding Internal Ingress Network Policies"}),"\n",(0,l.jsx)(n.p,{children:"The internal ingress network policies allow you to:"}),"\n",(0,l.jsxs)(n.ul,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Deny all traffic to Pods (default mode)"}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Allow selected Workload Pods running on the cluster to access your Workload's Pods"}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Allow all traffic to the Pods of a Workload"}),"\n"]}),"\n"]}),"\n",(0,l.jsxs)(n.p,{children:[(0,l.jsx)(n.code,{children:"Deny all"})," and ",(0,l.jsx)(n.code,{children:"Allow all"})," we don't need to explain right?"]}),"\n",(0,l.jsx)(n.admonition,{type:"info",children:(0,l.jsxs)(n.p,{children:["The Ingress Network Policies rely on Pod labels. We require that a single label covers Pods for a given workload. We recommend to use the ",(0,l.jsx)(n.code,{children:"otomi.io/app: "})," label."]})}),"\n",(0,l.jsx)(n.p,{children:"To allow other Workloads in the cluster to access your Workload's Pods, follow these steps:"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Navigate to the ",(0,l.jsx)(n.code,{children:"Network Policies"})," page in the Console and click ",(0,l.jsx)(n.code,{children:"Create Netpol"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Name the network policy and select the ",(0,l.jsx)(n.code,{children:"ingress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label name and value for the Workload Pods to be accessed. E.g.: use the ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," label."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Select either ",(0,l.jsx)(n.code,{children:"AllowAll"})," or ",(0,l.jsx)(n.code,{children:"AllowOnly"})," mode."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["If you select ",(0,l.jsx)(n.code,{children:"AllowOnly"}),", specify the namespace (e.g., ",(0,l.jsx)(n.code,{children:"team-labs"}),"), and the selector label name and value for the Workload Pods to be accessed."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Add more rules if needed."}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h2,{id:"understanding-egress-network-policies",children:"Understanding Egress Network Policies"}),"\n",(0,l.jsx)(n.p,{children:"The egress network policies allow you to:"}),"\n",(0,l.jsxs)(n.ul,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Deny all traffic from the Pods of a Workload (default)"}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Allow all Pods within a namespace to access external FQDNs or IPs through an egress rule"}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.p,{children:"To allow your Workload's Pods to access external FQDNs or IPs, follow these steps:"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Navigate to the ",(0,l.jsx)(n.code,{children:"Network Policies"})," page in the Console and click ",(0,l.jsx)(n.code,{children:"Create Netpol"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Name the network policy and select the ",(0,l.jsx)(n.code,{children:"egress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Add the FQDN or IP to be accessed."}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Add port number(s) and protocol if needed."}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.admonition,{type:"info",children:(0,l.jsx)(n.p,{children:"The egress rules are namespace wide. You cannot bind an egress policy to one Workload only."})}),"\n",(0,l.jsx)(n.h2,{id:"setting-up-network-policies-for-the-example-voting-app-an-ingress-example",children:"Setting Up Network Policies for the Example Voting App: An Ingress Example"}),"\n",(0,l.jsx)(n.h3,{id:"build-images-for-the-application",children:"Build Images for the Application"}),"\n",(0,l.jsxs)(n.p,{children:["Build the ",(0,l.jsx)(n.code,{children:"vote"}),", ",(0,l.jsx)(n.code,{children:"worker"})," and ",(0,l.jsx)(n.code,{children:"result"})," images from this ",(0,l.jsx)(n.a,{href:"https://github.com/linode/apl-example-app",children:"repo"}),". Use the Build feature to build the images with ",(0,l.jsx)(n.code,{children:"mode: Docker"}),". Set the ",(0,l.jsx)(n.code,{children:"path"})," to ",(0,l.jsx)(n.code,{children:"./vote/Dockerfile"})," for the Vote image (and ",(0,l.jsx)(n.code,{children:"./worker/Dockerfile"})," for the Worker and ",(0,l.jsx)(n.code,{children:"./result/Dockerfile"})," for Result)."]}),"\n",(0,l.jsx)(n.h3,{id:"create-a-redis-cluster-and-a-postgresql-database",children:"Create a Redis Cluster and a PostgreSQL Database"}),"\n",(0,l.jsxs)(n.p,{children:["Use the ",(0,l.jsx)(n.code,{children:"postgresql"})," and the ",(0,l.jsx)(n.code,{children:"redis"})," charts from the Catalog to create a Redis master-replica cluster and a PostgreSQL database. For this lab, Redis authentication needs to be turned off by setting ",(0,l.jsx)(n.code,{children:"auth.enabled=false"}),"."]}),"\n",(0,l.jsx)(n.h3,{id:"deploy-the-vote-app",children:"Deploy the Vote App"}),"\n",(0,l.jsxs)(n.p,{children:["Use the ",(0,l.jsx)(n.code,{children:"k8s-deployment"})," chart to deploy the vote app. Use the following values:"]}),"\n",(0,l.jsxs)(n.p,{children:["Name: ",(0,l.jsx)(n.code,{children:"vote"})]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-yaml",children:"containerPorts:\n - name: http\n containerPort: 80\n protocol: TCP\nenv:\n - name: REDIS_HOST\n value: -master\nreplicaCount: 1\n"})}),"\n",(0,l.jsx)(n.h3,{id:"deploy-the-worker-app",children:"Deploy the Worker App"}),"\n",(0,l.jsxs)(n.p,{children:["Use the ",(0,l.jsx)(n.code,{children:"k8s-deployment"})," chart to deploy the worker app. Use the following values:"]}),"\n",(0,l.jsxs)(n.p,{children:["Name: ",(0,l.jsx)(n.code,{children:"worker"})]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-yaml",children:"containerPorts:\n - name: http\n containerPort: 80\n protocol: TCP\nenv:\n - name: DATABASE_USER\n valueFrom:\n secretKeyRef:\n name: -app\n key: username\n - name: DATABASE_PASSWORD\n valueFrom:\n secretKeyRef:\n name: -app\n key: password\n - name: REDIS_HOST\n value: -master\n - name: DATABASE_HOST\n value: -rw\nreplicaCount: 1\n"})}),"\n",(0,l.jsx)(n.admonition,{type:"note",children:(0,l.jsx)(n.p,{children:"The worker pod will show an error \u201cWaiting for db\u201d in the logs. This is an expected error that will be resolved when all the steps in the lab are done."})}),"\n",(0,l.jsx)(n.h3,{id:"deploy-the-result-app",children:"Deploy the Result App"}),"\n",(0,l.jsxs)(n.p,{children:["Use the ",(0,l.jsx)(n.code,{children:"k8s-deployment"})," chart to deploy the result app. Use the following values:"]}),"\n",(0,l.jsxs)(n.p,{children:["Name: ",(0,l.jsx)(n.code,{children:"result"})]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-yaml",children:"containerPorts:\n - name: http\n containerPort: 80\n protocol: TCP\nenv:\n - name: DATABASE_USER\n valueFrom:\n secretKeyRef:\n name: -app\n key: username\n - name: DATABASE_PASSWORD\n valueFrom:\n secretKeyRef:\n name: -app\n key: password\n - name: DATABASE_HOST\n value: -rw\n - name: DATABASE_NAME\n value: \nreplicaCount: 1\n"})}),"\n",(0,l.jsx)(n.admonition,{type:"note",children:(0,l.jsx)(n.p,{children:"The result pod will show an error \u201cWaiting for db\u201d in the logs. This is an expected error that will be resolved when all the steps in the lab are done."})}),"\n",(0,l.jsx)(n.h3,{id:"register-services-for-exposure",children:"Register Services for Exposure"}),"\n",(0,l.jsx)(n.h4,{id:"vote",children:"Vote"}),"\n",(0,l.jsxs)(n.ul,{children:["\n",(0,l.jsxs)(n.li,{children:["Register the ",(0,l.jsx)(n.code,{children:"vote"})," service."]}),"\n",(0,l.jsxs)(n.li,{children:["Set exposure to ",(0,l.jsx)(n.code,{children:"External"}),"."]}),"\n"]}),"\n",(0,l.jsx)(n.h4,{id:"result",children:"Result"}),"\n",(0,l.jsxs)(n.ul,{children:["\n",(0,l.jsxs)(n.li,{children:["Register the ",(0,l.jsx)(n.code,{children:"result"})," service."]}),"\n",(0,l.jsxs)(n.li,{children:["Set exposure to ",(0,l.jsx)(n.code,{children:"External"}),"."]}),"\n"]}),"\n",(0,l.jsx)(n.h3,{id:"create-the-network-policies-for-the-example-voting-app",children:"Create the Network Policies for the Example Voting App"}),"\n",(0,l.jsx)(n.h4,{id:"postgres-database",children:"Postgres Database"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Create a new ",(0,l.jsx)(n.code,{children:"Network policy"})," and select the ",(0,l.jsx)(n.code,{children:"ingress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label value ",(0,l.jsx)(n.code,{children:""}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Select ",(0,l.jsx)(n.code,{children:"AllowOnly"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the namespace ",(0,l.jsx)(n.code,{children:"team-"}),", the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," and the selector label value ",(0,l.jsx)(n.code,{children:"worker"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the namespace ",(0,l.jsx)(n.code,{children:"team-"}),", the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," and the selector label value ",(0,l.jsx)(n.code,{children:"result"}),"."]}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h4,{id:"redis",children:"Redis"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Create a new ",(0,l.jsx)(n.code,{children:"Network policy"})," and select the ",(0,l.jsx)(n.code,{children:"ingress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label value ",(0,l.jsx)(n.code,{children:""}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Select ",(0,l.jsx)(n.code,{children:"AllowOnly"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the namespace ",(0,l.jsx)(n.code,{children:"team-"}),", the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," and the selector label value ",(0,l.jsx)(n.code,{children:"worker"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the namespace ",(0,l.jsx)(n.code,{children:"team-"}),", the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," and the selector label value ",(0,l.jsx)(n.code,{children:"vote"}),"."]}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h3,{id:"test-the-voting-app",children:"Test the Voting App"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Go to the external URL of the ",(0,l.jsx)(n.code,{children:"vote"})," application."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Click on ",(0,l.jsx)(n.code,{children:"Cats"})," or ",(0,l.jsx)(n.code,{children:"Dogs"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Now go to the external URL of the ",(0,l.jsx)(n.code,{children:"result"})," application."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"You should see the result of your vote."}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h2,{id:"setting-up-network-policies-for-apl-docsnet-an-egress-example",children:"Setting Up Network Policies for apl-docs.net: An Egress Example"}),"\n",(0,l.jsx)(n.h3,{id:"register-the-network-policy-for-apl-docsnet",children:"Register the Network Policy for apl-docs.net"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Navigate to the ",(0,l.jsx)(n.code,{children:"Network Policies"})," page in the Console and click ",(0,l.jsx)(n.code,{children:"Create Netpol"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Name the network policy ",(0,l.jsx)(n.code,{children:"apl-docs"})," and select the ",(0,l.jsx)(n.code,{children:"egress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the FQDN ",(0,l.jsx)(n.code,{children:"apl-docs.net"})," to be accessed."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add port number ",(0,l.jsx)(n.code,{children:"443"})," and protocol ",(0,l.jsx)(n.code,{children:"HTTPS"}),"."]}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h3,{id:"deploy-netshoot-pod",children:"Deploy Netshoot Pod"}),"\n",(0,l.jsx)(n.p,{children:"Deploy a Netshoot pod in your namespace within your Kubernetes cluster. You can do this using kubectl command:"}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-shell",children:"kubectl run -i --tty --rm netshoot --image nicolaka/netshoot -n team-labs\n"})}),"\n",(0,l.jsx)(n.admonition,{type:"info",children:(0,l.jsxs)(n.p,{children:["The ",(0,l.jsx)(n.a,{href:"https://github.com/nicolaka/netshoot",children:"Netshoot"})," pod is a network troubleshooting tool that includes a lot of network tools like ",(0,l.jsx)(n.code,{children:"curl"}),", ",(0,l.jsx)(n.code,{children:"dig"}),", ",(0,l.jsx)(n.code,{children:"nslookup"}),", ",(0,l.jsx)(n.code,{children:"ping"}),", ",(0,l.jsx)(n.code,{children:"traceroute"}),", etc."]})}),"\n",(0,l.jsx)(n.h3,{id:"test-the-egress-network-policy",children:"Test the Egress Network Policy"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsx)(n.li,{children:"Run the following command in the Netshoot pod:"}),"\n"]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-shell",children:"curl https://apl-docs.net\n"})}),"\n",(0,l.jsx)(n.p,{children:"You should see the HTML of the apl-docs.net website"}),"\n",(0,l.jsxs)(n.ol,{start:"2",children:["\n",(0,l.jsxs)(n.li,{children:["Run the following command to see the ",(0,l.jsx)(n.code,{children:"

Build, Deploy and Run applications at scale

"})," message:"]}),"\n"]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-shell",children:"curl https://apl-docs.net | grep -o '

.*

'\n"})}),"\n",(0,l.jsxs)(n.ol,{start:"3",children:["\n",(0,l.jsxs)(n.li,{children:["Type ",(0,l.jsx)(n.code,{children:"exit"})," to exit the Netshoot pod."]}),"\n"]}),"\n",(0,l.jsx)(n.p,{children:"When you exit the Netshoot pod, it will be removed from the cluster."})]})}function h(e={}){const{wrapper:n}={...(0,o.a)(),...e.components};return n?(0,l.jsx)(n,{...e,children:(0,l.jsx)(a,{...e})}):a(e)}},1151:(e,n,s)=>{s.d(n,{Z:()=>i,a:()=>r});var l=s(7294);const o={},t=l.createContext(o);function r(e){const n=l.useContext(t);return l.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function i(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(o):e.components||o:r(e.components),l.createElement(t.Provider,{value:n},e.children)}}}]); \ No newline at end of file diff --git a/assets/js/abc5e328.80c4ff65.js b/assets/js/abc5e328.80c4ff65.js deleted file mode 100644 index fc701d842..000000000 --- a/assets/js/abc5e328.80c4ff65.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkredkubes_github_io=self.webpackChunkredkubes_github_io||[]).push([[2115],{2477:(e,n,s)=>{s.r(n),s.d(n,{assets:()=>d,contentTitle:()=>r,default:()=>h,frontMatter:()=>t,metadata:()=>i,toc:()=>c});var l=s(5893),o=s(1151);const t={slug:"create-netpols",title:"Configuring network policies",sidebar_label:"Create Network Policies"},r=void 0,i={id:"get-started/labs/create-netpols",title:"Configuring network policies",description:"In some cases you want to explicitly allow access to your application. This can be done by creating network policies. 2 types of network policies are supported:",source:"@site/docs/get-started/labs/create-netpols.md",sourceDirName:"get-started/labs",slug:"/get-started/labs/create-netpols",permalink:"/docs/get-started/labs/create-netpols",draft:!1,unlisted:!1,editUrl:"https://github.com/linode/linode.github.io/tree/main/docs/get-started/labs/create-netpols.md",tags:[],version:"current",frontMatter:{slug:"create-netpols",title:"Configuring network policies",sidebar_label:"Create Network Policies"},sidebar:"mainSidebar",previous:{title:"Using custom metrics",permalink:"/docs/get-started/labs/custom-metrics"},next:{title:"Use OpenTelemery",permalink:"/docs/get-started/labs/use-otel"}},d={},c=[{value:"Understanding Internal Ingress Network Policies",id:"understanding-internal-ingress-network-policies",level:2},{value:"Understanding Egress Network Policies",id:"understanding-egress-network-policies",level:2},{value:"Setting Up Network Policies for the Example Voting App: An Ingress Example",id:"setting-up-network-policies-for-the-example-voting-app-an-ingress-example",level:2},{value:"Build Images for the Application",id:"build-images-for-the-application",level:3},{value:"Create a Redis Cluster and a PostgreSQL Database",id:"create-a-redis-cluster-and-a-postgresql-database",level:3},{value:"Deploy the Vote App",id:"deploy-the-vote-app",level:3},{value:"Deploy the Worker App",id:"deploy-the-worker-app",level:3},{value:"Deploy the Result App",id:"deploy-the-result-app",level:3},{value:"Register Services for Exposure",id:"register-services-for-exposure",level:3},{value:"Vote",id:"vote",level:4},{value:"Result",id:"result",level:4},{value:"Create the Network Policies for the Example Voting App",id:"create-the-network-policies-for-the-example-voting-app",level:3},{value:"Postgres Database",id:"postgres-database",level:4},{value:"Redis",id:"redis",level:4},{value:"Test the Voting App",id:"test-the-voting-app",level:3},{value:"Setting Up Network Policies for apl-docs.net: An Egress Example",id:"setting-up-network-policies-for-apl-docsnet-an-egress-example",level:2},{value:"Register the Network Policy for apl-docs.net",id:"register-the-network-policy-for-apl-docsnet",level:3},{value:"Deploy Netshoot Pod",id:"deploy-netshoot-pod",level:3},{value:"Test the Egress Network Policy",id:"test-the-egress-network-policy",level:3}];function a(e){const n={a:"a",admonition:"admonition",code:"code",h2:"h2",h3:"h3",h4:"h4",li:"li",ol:"ol",p:"p",pre:"pre",ul:"ul",...(0,o.a)(),...e.components};return(0,l.jsxs)(l.Fragment,{children:[(0,l.jsx)(n.p,{children:"In some cases you want to explicitly allow access to your application. This can be done by creating network policies. 2 types of network policies are supported:"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Policies for ingress traffic inside the cluster."}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Policies for egress traffic to go outside of the cluster (to access external FQDNs)."}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h2,{id:"understanding-internal-ingress-network-policies",children:"Understanding Internal Ingress Network Policies"}),"\n",(0,l.jsx)(n.p,{children:"The internal ingress network policies allow you to:"}),"\n",(0,l.jsxs)(n.ul,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Deny all traffic to Pods (default mode)"}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Allow selected Workload Pods running on the cluster to access your Workload's Pods"}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Allow all traffic to the Pods of a Workload"}),"\n"]}),"\n"]}),"\n",(0,l.jsxs)(n.p,{children:[(0,l.jsx)(n.code,{children:"Deny all"})," and ",(0,l.jsx)(n.code,{children:"Allow all"})," we don't need to explain right?"]}),"\n",(0,l.jsx)(n.admonition,{type:"info",children:(0,l.jsxs)(n.p,{children:["The Ingress Network Policies rely on Pod labels. We require that a single label covers Pods for a given workload. We recommend to use the ",(0,l.jsx)(n.code,{children:"otomi.io/app: "})," label."]})}),"\n",(0,l.jsx)(n.p,{children:"To allow other Workloads in the cluster to access your Workload's Pods, follow these steps:"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Navigate to the ",(0,l.jsx)(n.code,{children:"Network Policies"})," page in the Console and click ",(0,l.jsx)(n.code,{children:"Create Netpol"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Name the network policy and select the ",(0,l.jsx)(n.code,{children:"ingress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label name and value for the Workload Pods to be accessed. E.g.: use the ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," label."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Select either ",(0,l.jsx)(n.code,{children:"AllowAll"})," or ",(0,l.jsx)(n.code,{children:"AllowOnly"})," mode."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["If you select ",(0,l.jsx)(n.code,{children:"AllowOnly"}),", specify the namespace (e.g., ",(0,l.jsx)(n.code,{children:"team-labs"}),"), and the selector label name and value for the Workload Pods to be accessed."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Add more rules if needed."}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h2,{id:"understanding-egress-network-policies",children:"Understanding Egress Network Policies"}),"\n",(0,l.jsx)(n.p,{children:"The egress network policies allow you to:"}),"\n",(0,l.jsxs)(n.ul,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Deny all traffic from the Pods of a Workload (default)"}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Allow all Pods within a namespace to access external FQDNs or IPs through an egress rule"}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.p,{children:"To allow your Workload's Pods to access external FQDNs or IPs, follow these steps:"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Navigate to the ",(0,l.jsx)(n.code,{children:"Network Policies"})," page in the Console and click ",(0,l.jsx)(n.code,{children:"Create Netpol"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Name the network policy and select the ",(0,l.jsx)(n.code,{children:"egress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Add the FQDN or IP to be accessed."}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"Add port number(s) and protocol if needed."}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.admonition,{type:"info",children:(0,l.jsx)(n.p,{children:"The egress rules are namespace wide. You cannot bind an egress policy to one Workload only."})}),"\n",(0,l.jsx)(n.h2,{id:"setting-up-network-policies-for-the-example-voting-app-an-ingress-example",children:"Setting Up Network Policies for the Example Voting App: An Ingress Example"}),"\n",(0,l.jsx)(n.h3,{id:"build-images-for-the-application",children:"Build Images for the Application"}),"\n",(0,l.jsxs)(n.p,{children:["Build the ",(0,l.jsx)(n.code,{children:"Vote"}),", ",(0,l.jsx)(n.code,{children:"Worker"})," and ",(0,l.jsx)(n.code,{children:"Result"})," images from this ",(0,l.jsx)(n.a,{href:"https://github.com/linode/apl-example-app",children:"repo"}),". Use the Build feature to build the images with ",(0,l.jsx)(n.code,{children:"mode: Docker"}),". Set the ",(0,l.jsx)(n.code,{children:"path"})," to ",(0,l.jsx)(n.code,{children:"./vote/Dockerfile"})," for the Vote image (and ",(0,l.jsx)(n.code,{children:"./worker/Dockerfile"})," for the Worker and ",(0,l.jsx)(n.code,{children:"./result/Dockerfile"})," for Result)."]}),"\n",(0,l.jsx)(n.h3,{id:"create-a-redis-cluster-and-a-postgresql-database",children:"Create a Redis Cluster and a PostgreSQL Database"}),"\n",(0,l.jsxs)(n.p,{children:["Use the ",(0,l.jsx)(n.code,{children:"postgresql"})," and the ",(0,l.jsx)(n.code,{children:"redis"})," charts from the Catalog to create a Redis master-replica cluster and a PostgreSQL database. For this lab, Redis authentication needs to be turned off by setting ",(0,l.jsx)(n.code,{children:"auth.enabled=false"}),"."]}),"\n",(0,l.jsx)(n.h3,{id:"deploy-the-vote-app",children:"Deploy the Vote App"}),"\n",(0,l.jsxs)(n.p,{children:["Use the ",(0,l.jsx)(n.code,{children:"k8s-deployment"})," chart to deploy the vote app. Use the following values:"]}),"\n",(0,l.jsxs)(n.p,{children:["Name: ",(0,l.jsx)(n.code,{children:"vote"})]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-yaml",children:"containerPorts:\n - name: http\n containerPort: 80\n protocol: TCP\nenv:\n - name: REDIS_HOST\n value: -master\n"})}),"\n",(0,l.jsx)(n.h3,{id:"deploy-the-worker-app",children:"Deploy the Worker App"}),"\n",(0,l.jsxs)(n.p,{children:["Use the ",(0,l.jsx)(n.code,{children:"k8s-deployment"})," chart to deploy the worker app. Use the following values:"]}),"\n",(0,l.jsxs)(n.p,{children:["Name: ",(0,l.jsx)(n.code,{children:"worker"})]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-yaml",children:"containerPorts:\n - name: http\n containerPort: 80\n protocol: TCP\nenv:\n - name: DATABASE_USER\n valueFrom:\n secretKeyRef:\n name: -app\n key: username\n - name: DATABASE_PASSWORD\n valueFrom:\n secretKeyRef:\n name: -app\n key: password\n - name: REDIS_HOST\n value: -master\n - name: DATABASE_HOST\n value: -rw\n"})}),"\n",(0,l.jsx)(n.h3,{id:"deploy-the-result-app",children:"Deploy the Result App"}),"\n",(0,l.jsxs)(n.p,{children:["Use the ",(0,l.jsx)(n.code,{children:"k8s-deployment"})," chart to deploy the result app. Use the following values:"]}),"\n",(0,l.jsxs)(n.p,{children:["Name: ",(0,l.jsx)(n.code,{children:"result"})]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-yaml",children:"containerPorts:\n - name: http\n containerPort: 80\n protocol: TCP\nenv:\n - name: DATABASE_USER\n valueFrom:\n secretKeyRef:\n name: -app\n key: username\n - name: DATABASE_PASSWORD\n valueFrom:\n secretKeyRef:\n name: -app\n key: password\n - name: DATABASE_HOST\n value: -rw\n"})}),"\n",(0,l.jsx)(n.h3,{id:"register-services-for-exposure",children:"Register Services for Exposure"}),"\n",(0,l.jsx)(n.h4,{id:"vote",children:"Vote"}),"\n",(0,l.jsxs)(n.ul,{children:["\n",(0,l.jsxs)(n.li,{children:["Register the ",(0,l.jsx)(n.code,{children:"vote"})," service."]}),"\n",(0,l.jsxs)(n.li,{children:["Set exposure to ",(0,l.jsx)(n.code,{children:"External"}),"."]}),"\n"]}),"\n",(0,l.jsx)(n.h4,{id:"result",children:"Result"}),"\n",(0,l.jsxs)(n.ul,{children:["\n",(0,l.jsxs)(n.li,{children:["Register the ",(0,l.jsx)(n.code,{children:""})," service."]}),"\n",(0,l.jsxs)(n.li,{children:["Set exposure to ",(0,l.jsx)(n.code,{children:"External"}),"."]}),"\n"]}),"\n",(0,l.jsx)(n.h3,{id:"create-the-network-policies-for-the-example-voting-app",children:"Create the Network Policies for the Example Voting App"}),"\n",(0,l.jsx)(n.h4,{id:"postgres-database",children:"Postgres Database"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Create a new ",(0,l.jsx)(n.code,{children:"Netpol"})," and select the ",(0,l.jsx)(n.code,{children:"ingress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label value ",(0,l.jsx)(n.code,{children:""}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Select ",(0,l.jsx)(n.code,{children:"AllowOnly"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the namespace ",(0,l.jsx)(n.code,{children:""}),", the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," and the selector label value ",(0,l.jsx)(n.code,{children:""}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the namespace ",(0,l.jsx)(n.code,{children:""}),", the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," and the selector label value ",(0,l.jsx)(n.code,{children:""}),"."]}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h4,{id:"redis",children:"Redis"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Create a new ",(0,l.jsx)(n.code,{children:"Netpol"})," and select the ",(0,l.jsx)(n.code,{children:"ingress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the selector label value ",(0,l.jsx)(n.code,{children:""}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Select ",(0,l.jsx)(n.code,{children:"AllowOnly"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the namespace ",(0,l.jsx)(n.code,{children:""}),", the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," and the selector label value ",(0,l.jsx)(n.code,{children:""}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the namespace ",(0,l.jsx)(n.code,{children:""}),", the selector label name ",(0,l.jsx)(n.code,{children:"otomi.io/app"})," and the selector label value ",(0,l.jsx)(n.code,{children:""}),"."]}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h3,{id:"test-the-voting-app",children:"Test the Voting App"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Go to the external URL of the ",(0,l.jsx)(n.code,{children:"vote"})," application."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Click on ",(0,l.jsx)(n.code,{children:"Cats"})," or ",(0,l.jsx)(n.code,{children:"Dogs"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Now go to the external URL of the ",(0,l.jsx)(n.code,{children:"result"})," application."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsx)(n.p,{children:"You should see the result of your vote."}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h2,{id:"setting-up-network-policies-for-apl-docsnet-an-egress-example",children:"Setting Up Network Policies for apl-docs.net: An Egress Example"}),"\n",(0,l.jsx)(n.h3,{id:"register-the-network-policy-for-apl-docsnet",children:"Register the Network Policy for apl-docs.net"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Navigate to the ",(0,l.jsx)(n.code,{children:"Network Policies"})," page in the Console and click ",(0,l.jsx)(n.code,{children:"Create Netpol"}),"."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Name the network policy ",(0,l.jsx)(n.code,{children:"apl-docs"})," and select the ",(0,l.jsx)(n.code,{children:"egress"})," rule type."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add the FQDN ",(0,l.jsx)(n.code,{children:"apl-docs.net"})," to be accessed."]}),"\n"]}),"\n",(0,l.jsxs)(n.li,{children:["\n",(0,l.jsxs)(n.p,{children:["Add port number ",(0,l.jsx)(n.code,{children:"443"})," and protocol ",(0,l.jsx)(n.code,{children:"HTTPS"}),"."]}),"\n"]}),"\n"]}),"\n",(0,l.jsx)(n.h3,{id:"deploy-netshoot-pod",children:"Deploy Netshoot Pod"}),"\n",(0,l.jsx)(n.p,{children:"Deploy a Netshoot pod in your namespace within your Kubernetes cluster. You can do this using kubectl command:"}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-shell",children:"kubectl run -i --tty --rm netshoot --image nicolaka/netshoot -n team-labs\n"})}),"\n",(0,l.jsx)(n.admonition,{type:"info",children:(0,l.jsxs)(n.p,{children:["The ",(0,l.jsx)(n.a,{href:"https://github.com/nicolaka/netshoot",children:"Netshoot"})," pod is a network troubleshooting tool that includes a lot of network tools like ",(0,l.jsx)(n.code,{children:"curl"}),", ",(0,l.jsx)(n.code,{children:"dig"}),", ",(0,l.jsx)(n.code,{children:"nslookup"}),", ",(0,l.jsx)(n.code,{children:"ping"}),", ",(0,l.jsx)(n.code,{children:"traceroute"}),", etc."]})}),"\n",(0,l.jsx)(n.h3,{id:"test-the-egress-network-policy",children:"Test the Egress Network Policy"}),"\n",(0,l.jsxs)(n.ol,{children:["\n",(0,l.jsx)(n.li,{children:"Run the following command in the Netshoot pod:"}),"\n"]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-shell",children:"curl https://apl-docs.net\n"})}),"\n",(0,l.jsx)(n.p,{children:"You should see the HTML of the apl-docs.net website"}),"\n",(0,l.jsxs)(n.ol,{start:"2",children:["\n",(0,l.jsxs)(n.li,{children:["Run the following command to see the ",(0,l.jsx)(n.code,{children:"

Build, Deploy and Run applications at scale

"})," message:"]}),"\n"]}),"\n",(0,l.jsx)(n.pre,{children:(0,l.jsx)(n.code,{className:"language-shell",children:"curl https://apl-docs.net | grep -o '

.*

'\n"})}),"\n",(0,l.jsxs)(n.ol,{start:"3",children:["\n",(0,l.jsxs)(n.li,{children:["Type ",(0,l.jsx)(n.code,{children:"exit"})," to exit the Netshoot pod."]}),"\n"]}),"\n",(0,l.jsx)(n.p,{children:"When you exit the Netshoot pod, it will be removed from the cluster."})]})}function h(e={}){const{wrapper:n}={...(0,o.a)(),...e.components};return n?(0,l.jsx)(n,{...e,children:(0,l.jsx)(a,{...e})}):a(e)}},1151:(e,n,s)=>{s.d(n,{Z:()=>i,a:()=>r});var l=s(7294);const o={},t=l.createContext(o);function r(e){const n=l.useContext(t);return l.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function i(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(o):e.components||o:r(e.components),l.createElement(t.Provider,{value:n},e.children)}}}]); \ No newline at end of file diff --git a/assets/js/runtime~main.f63bf739.js b/assets/js/runtime~main.1b452322.js similarity index 99% rename from assets/js/runtime~main.f63bf739.js rename to assets/js/runtime~main.1b452322.js index 79643ed30..399ff9a56 100644 --- a/assets/js/runtime~main.f63bf739.js +++ b/assets/js/runtime~main.1b452322.js @@ -1 +1 @@ -(()=>{"use strict";var e,f,c,a,d,b={},t={};function r(e){var f=t[e];if(void 0!==f)return f.exports;var c=t[e]={id:e,loaded:!1,exports:{}};return b[e].call(c.exports,c,c.exports,r),c.loaded=!0,c.exports}r.m=b,r.c=t,e=[],r.O=(f,c,a,d)=>{if(!c){var b=1/0;for(i=0;i=d)&&Object.keys(r.O).every((e=>r.O[e](c[o])))?c.splice(o--,1):(t=!1,d0&&e[i-1][2]>d;i--)e[i]=e[i-1];e[i]=[c,a,d]},r.n=e=>{var f=e&&e.__esModule?()=>e.default:()=>e;return r.d(f,{a:f}),f},c=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,r.t=function(e,a){if(1&a&&(e=this(e)),8&a)return e;if("object"==typeof e&&e){if(4&a&&e.__esModule)return e;if(16&a&&"function"==typeof e.then)return e}var d=Object.create(null);r.r(d);var b={};f=f||[null,c({}),c([]),c(c)];for(var t=2&a&&e;"object"==typeof t&&!~f.indexOf(t);t=c(t))Object.getOwnPropertyNames(t).forEach((f=>b[f]=()=>e[f]));return b.default=()=>e,r.d(d,b),d},r.d=(e,f)=>{for(var c in f)r.o(f,c)&&!r.o(e,c)&&Object.defineProperty(e,c,{enumerable:!0,get:f[c]})},r.f={},r.e=e=>Promise.all(Object.keys(r.f).reduce(((f,c)=>(r.f[c](e,f),f)),[])),r.u=e=>"assets/js/"+({48:"98c047c6",53:"935f2afb",117:"62e5798c",256:"bd8a3d8f",263:"8dc82fcd",411:"80cc8fc2",439:"db2fd2f7",443:"9824b3d7",537:"c9644b78",634:"0d519d5d",670:"31647fbf",681:"ca2bccd7",725:"fd458deb",767:"df2434c5",912:"1d911987",965:"d53aaf7f",1020:"ffd636c4",1113:"4380e181",1164:"6ef6f599",1177:"a40f2921",1195:"1830c2e3",1241:"e2cc03cb",1254:"443e3a65",1280:"58e1910b",1313:"bf0e2243",1390:"96d3f3ac",1391:"9cb4274e",1470:"f9528352",1515:"f34c6cc5",1573:"a722ee7a",1576:"c3a9c637",1591:"09735fc0",1730:"69fd0b9a",1809:"04608aca",1854:"be94a9c8",1872:"c42226db",1902:"8ef33b61",1913:"c9ff9b08",2020:"7f5d7fca",2032:"9d29764e",2036:"54cc2d4c",2098:"00210a32",2115:"abc5e328",2144:"aa3203ff",2237:"1f668492",2280:"5ce65c80",2370:"afd24866",2430:"188da18d",2477:"80f670fe",2615:"d8a040d1",2668:"d9893b92",2704:"10959509",2717:"397109c3",2722:"14bc3799",2780:"3c110fea",2930:"2b4f9f78",3063:"cba11a7e",3126:"17a7c5fe",3237:"1df93b7f",3272:"052260a8",3418:"3fd50427",3544:"cd151fd5",3576:"13689ae4",3599:"80b07506",3611:"d1409995",3635:"1f918bbd",3942:"5f4e8093",4011:"feda9f98",4019:"090174e7",4234:"1a23fb22",4247:"43db5d1f",4321:"6d553b82",4368:"a94703ab",4385:"8afa6453",4390:"49dc3d1d",4473:"1d3542c3",4559:"5c5eecab",4576:"612b9100",4584:"8b7dda8f",4655:"2a3fc902",4717:"d76c6a89",4722:"e7ee1f4e",4778:"399357cc",4791:"a3cca685",4892:"0f09c0c1",4986:"219ad9fa",5018:"871ddaf7",5033:"ca4242f5",5112:"b3921f18",5195:"3379d6c0",5290:"98242336",5616:"c5c74bfd",5720:"646a49d4",5775:"46a4fdf9",5786:"2e429803",5824:"81e06d7e",5827:"20b057c1",5920:"b04270fa",5935:"2f447487",5940:"385dd0a0",5949:"6a5c8ca2",5996:"9a6fbba2",6096:"0c3fdeeb",6128:"83b70ecd",6299:"48f8b5b9",6306:"e65ca800",6535:"9184e37b",6576:"bcbdbf75",6781:"6340fb34",6866:"a6a14297",6888:"af9df136",6907:"f4935766",6932:"5bcba466",6935:"a1e5de72",7159:"d1254c3d",7282:"1dcded0d",7360:"b4e198bf",7376:"a375f470",7386:"28c78037",7444:"af8b4e82",7578:"1db000ad",7638:"c0f9889b",7674:"270f6692",7702:"7e13be3f",7787:"d248c736",7878:"386e030b",7896:"9ed16ae1",7918:"17896441",7920:"1a4e3797",7973:"46be4bcd",7984:"a47e2810",8028:"c4d36760",8036:"490175b0",8129:"30f4d83c",8344:"1afc8419",8383:"246b758f",8392:"0be2dc55",8506:"9899ea6d",8518:"a7bd4aaa",8607:"2df7e88d",8696:"541249eb",8760:"88cad7e1",8852:"9b2db8ea",8897:"af477ebb",9063:"11153061",9091:"6ebb893e",9153:"ed3faf6d",9216:"5cb822a3",9237:"bde17074",9661:"5e95c892",9683:"7ea98ab3",9717:"2548183b",9742:"c3394322",9832:"0097d0fa",9836:"dc5f95d0"}[e]||e)+"."+{48:"57409454",53:"88cdb7d2",117:"dc20ac70",256:"d210cd9c",263:"aec43c6f",411:"c867d2c5",439:"b28f5f13",443:"d514fedc",537:"899eeb3a",634:"7b757be2",670:"bf725030",681:"f4f3f019",725:"bd5ea6ac",767:"4ebfc7f2",912:"3c470e49",965:"0767a5b4",1020:"9fc69dd5",1113:"b81e78ce",1164:"5e58f0a5",1177:"6fb51f8a",1195:"d70a4c78",1241:"579eebb9",1254:"53108c0f",1280:"784f2607",1313:"1952483c",1390:"a3b90106",1391:"5c063f04",1426:"707aef92",1470:"20ca772b",1515:"43eaeb40",1573:"b2cc64d6",1576:"d0cdcfe6",1591:"5416ccfd",1730:"0bb5703c",1772:"a30dfd8b",1809:"098d20f1",1854:"6b4ad9b2",1872:"202182e1",1902:"f1d400a3",1913:"539b3b7b",2020:"acf09ccc",2032:"2c452c49",2036:"ba5c0abe",2098:"b72a3ef6",2115:"80c4ff65",2144:"2b17ed2d",2237:"b7ea2058",2280:"0bdc9df4",2370:"f1feb680",2430:"1f928026",2477:"093f0106",2615:"42c42e4d",2668:"bc6abf89",2704:"bd581f38",2717:"9f850d24",2722:"1b1256ea",2780:"1bd9c4cd",2930:"9a047a8e",3063:"b991afbe",3126:"617de7ad",3237:"bce1c66c",3272:"f40f2de8",3418:"a5098121",3544:"29a2287a",3576:"cd96fab9",3599:"f3cc872e",3611:"cd7954f0",3635:"adcf53f4",3942:"2dabe2c9",4011:"a9a61aa3",4019:"88496ef5",4234:"68b4c56c",4247:"679e6dbe",4321:"3745d4a5",4368:"e58383c9",4385:"69ce04d7",4390:"f191441e",4473:"bcc95119",4559:"a45fe330",4576:"21c1299d",4584:"29560a5d",4655:"92856cb7",4717:"fe41aa5b",4722:"983d17e7",4778:"99555cf3",4791:"314bc0e3",4892:"8a038dcd",4986:"69fb53e7",5018:"6a938ed7",5033:"a9676278",5112:"8b8a1b7f",5195:"7c82b839",5290:"7ef7031f",5616:"c67da531",5720:"f6beac8d",5775:"f93a791b",5786:"96bf2866",5824:"f664eaae",5827:"6d9de8bf",5920:"7329cd3a",5935:"f6ec24be",5940:"85b4d4b3",5949:"6b8c5711",5996:"8b3f342b",6096:"6571ccc6",6128:"f5b32dda",6299:"7f2d0e72",6306:"ade2adf7",6535:"68f1898f",6576:"dc287203",6781:"8c5bc192",6866:"4c2e22cc",6888:"2b585b44",6907:"ad258e6f",6932:"13ce2cdd",6935:"7de1563e",6945:"bfc572ea",7159:"67d03583",7282:"c7ef1626",7360:"04ddb3db",7376:"20082051",7386:"ff0b2b0a",7444:"494e5744",7578:"f9bf6bcb",7638:"2144e89a",7674:"5c2cdf73",7702:"080b68c4",7787:"dc3feb87",7878:"19a189b5",7896:"e1b49827",7918:"723e23a3",7920:"3ce85a9e",7973:"61fa8068",7984:"0896103b",8028:"e67117c5",8036:"a62c642b",8129:"574c795b",8344:"a883b7cd",8383:"1650d1b0",8392:"9080d564",8506:"4d17247f",8518:"e964aaea",8607:"25958a3b",8696:"89c82b02",8760:"0bbf8092",8852:"b4bde40b",8894:"ced69189",8897:"d3937ba5",9063:"1e2d95c4",9091:"98b73abc",9153:"90d2345f",9216:"41f9b8c7",9237:"b41b1f82",9661:"ad7630aa",9683:"6a7963f0",9717:"1bd3b3c4",9742:"fb014f32",9832:"c95816fc",9836:"3c562619"}[e]+".js",r.miniCssF=e=>{},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),r.o=(e,f)=>Object.prototype.hasOwnProperty.call(e,f),a={},d="redkubes-github-io:",r.l=(e,f,c,b)=>{if(a[e])a[e].push(f);else{var t,o;if(void 0!==c)for(var n=document.getElementsByTagName("script"),i=0;i{t.onerror=t.onload=null,clearTimeout(s);var d=a[e];if(delete a[e],t.parentNode&&t.parentNode.removeChild(t),d&&d.forEach((e=>e(c))),f)return f(c)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:t}),12e4);t.onerror=l.bind(null,t.onerror),t.onload=l.bind(null,t.onload),o&&document.head.appendChild(t)}},r.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.p="/",r.gca=function(e){return e={10959509:"2704",11153061:"9063",17896441:"7918",98242336:"5290","98c047c6":"48","935f2afb":"53","62e5798c":"117",bd8a3d8f:"256","8dc82fcd":"263","80cc8fc2":"411",db2fd2f7:"439","9824b3d7":"443",c9644b78:"537","0d519d5d":"634","31647fbf":"670",ca2bccd7:"681",fd458deb:"725",df2434c5:"767","1d911987":"912",d53aaf7f:"965",ffd636c4:"1020","4380e181":"1113","6ef6f599":"1164",a40f2921:"1177","1830c2e3":"1195",e2cc03cb:"1241","443e3a65":"1254","58e1910b":"1280",bf0e2243:"1313","96d3f3ac":"1390","9cb4274e":"1391",f9528352:"1470",f34c6cc5:"1515",a722ee7a:"1573",c3a9c637:"1576","09735fc0":"1591","69fd0b9a":"1730","04608aca":"1809",be94a9c8:"1854",c42226db:"1872","8ef33b61":"1902",c9ff9b08:"1913","7f5d7fca":"2020","9d29764e":"2032","54cc2d4c":"2036","00210a32":"2098",abc5e328:"2115",aa3203ff:"2144","1f668492":"2237","5ce65c80":"2280",afd24866:"2370","188da18d":"2430","80f670fe":"2477",d8a040d1:"2615",d9893b92:"2668","397109c3":"2717","14bc3799":"2722","3c110fea":"2780","2b4f9f78":"2930",cba11a7e:"3063","17a7c5fe":"3126","1df93b7f":"3237","052260a8":"3272","3fd50427":"3418",cd151fd5:"3544","13689ae4":"3576","80b07506":"3599",d1409995:"3611","1f918bbd":"3635","5f4e8093":"3942",feda9f98:"4011","090174e7":"4019","1a23fb22":"4234","43db5d1f":"4247","6d553b82":"4321",a94703ab:"4368","8afa6453":"4385","49dc3d1d":"4390","1d3542c3":"4473","5c5eecab":"4559","612b9100":"4576","8b7dda8f":"4584","2a3fc902":"4655",d76c6a89:"4717",e7ee1f4e:"4722","399357cc":"4778",a3cca685:"4791","0f09c0c1":"4892","219ad9fa":"4986","871ddaf7":"5018",ca4242f5:"5033",b3921f18:"5112","3379d6c0":"5195",c5c74bfd:"5616","646a49d4":"5720","46a4fdf9":"5775","2e429803":"5786","81e06d7e":"5824","20b057c1":"5827",b04270fa:"5920","2f447487":"5935","385dd0a0":"5940","6a5c8ca2":"5949","9a6fbba2":"5996","0c3fdeeb":"6096","83b70ecd":"6128","48f8b5b9":"6299",e65ca800:"6306","9184e37b":"6535",bcbdbf75:"6576","6340fb34":"6781",a6a14297:"6866",af9df136:"6888",f4935766:"6907","5bcba466":"6932",a1e5de72:"6935",d1254c3d:"7159","1dcded0d":"7282",b4e198bf:"7360",a375f470:"7376","28c78037":"7386",af8b4e82:"7444","1db000ad":"7578",c0f9889b:"7638","270f6692":"7674","7e13be3f":"7702",d248c736:"7787","386e030b":"7878","9ed16ae1":"7896","1a4e3797":"7920","46be4bcd":"7973",a47e2810:"7984",c4d36760:"8028","490175b0":"8036","30f4d83c":"8129","1afc8419":"8344","246b758f":"8383","0be2dc55":"8392","9899ea6d":"8506",a7bd4aaa:"8518","2df7e88d":"8607","541249eb":"8696","88cad7e1":"8760","9b2db8ea":"8852",af477ebb:"8897","6ebb893e":"9091",ed3faf6d:"9153","5cb822a3":"9216",bde17074:"9237","5e95c892":"9661","7ea98ab3":"9683","2548183b":"9717",c3394322:"9742","0097d0fa":"9832",dc5f95d0:"9836"}[e]||e,r.p+r.u(e)},(()=>{var e={1303:0,532:0};r.f.j=(f,c)=>{var a=r.o(e,f)?e[f]:void 0;if(0!==a)if(a)c.push(a[2]);else if(/^(1303|532)$/.test(f))e[f]=0;else{var d=new Promise(((c,d)=>a=e[f]=[c,d]));c.push(a[2]=d);var b=r.p+r.u(f),t=new Error;r.l(b,(c=>{if(r.o(e,f)&&(0!==(a=e[f])&&(e[f]=void 0),a)){var d=c&&("load"===c.type?"missing":c.type),b=c&&c.target&&c.target.src;t.message="Loading chunk "+f+" failed.\n("+d+": "+b+")",t.name="ChunkLoadError",t.type=d,t.request=b,a[1](t)}}),"chunk-"+f,f)}},r.O.j=f=>0===e[f];var f=(f,c)=>{var a,d,b=c[0],t=c[1],o=c[2],n=0;if(b.some((f=>0!==e[f]))){for(a in t)r.o(t,a)&&(r.m[a]=t[a]);if(o)var i=o(r)}for(f&&f(c);n{"use strict";var e,f,c,a,d,b={},t={};function r(e){var f=t[e];if(void 0!==f)return f.exports;var c=t[e]={id:e,loaded:!1,exports:{}};return b[e].call(c.exports,c,c.exports,r),c.loaded=!0,c.exports}r.m=b,r.c=t,e=[],r.O=(f,c,a,d)=>{if(!c){var b=1/0;for(i=0;i=d)&&Object.keys(r.O).every((e=>r.O[e](c[o])))?c.splice(o--,1):(t=!1,d0&&e[i-1][2]>d;i--)e[i]=e[i-1];e[i]=[c,a,d]},r.n=e=>{var f=e&&e.__esModule?()=>e.default:()=>e;return r.d(f,{a:f}),f},c=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,r.t=function(e,a){if(1&a&&(e=this(e)),8&a)return e;if("object"==typeof e&&e){if(4&a&&e.__esModule)return e;if(16&a&&"function"==typeof e.then)return e}var d=Object.create(null);r.r(d);var b={};f=f||[null,c({}),c([]),c(c)];for(var t=2&a&&e;"object"==typeof t&&!~f.indexOf(t);t=c(t))Object.getOwnPropertyNames(t).forEach((f=>b[f]=()=>e[f]));return b.default=()=>e,r.d(d,b),d},r.d=(e,f)=>{for(var c in f)r.o(f,c)&&!r.o(e,c)&&Object.defineProperty(e,c,{enumerable:!0,get:f[c]})},r.f={},r.e=e=>Promise.all(Object.keys(r.f).reduce(((f,c)=>(r.f[c](e,f),f)),[])),r.u=e=>"assets/js/"+({48:"98c047c6",53:"935f2afb",117:"62e5798c",256:"bd8a3d8f",263:"8dc82fcd",411:"80cc8fc2",439:"db2fd2f7",443:"9824b3d7",537:"c9644b78",634:"0d519d5d",670:"31647fbf",681:"ca2bccd7",725:"fd458deb",767:"df2434c5",912:"1d911987",965:"d53aaf7f",1020:"ffd636c4",1113:"4380e181",1164:"6ef6f599",1177:"a40f2921",1195:"1830c2e3",1241:"e2cc03cb",1254:"443e3a65",1280:"58e1910b",1313:"bf0e2243",1390:"96d3f3ac",1391:"9cb4274e",1470:"f9528352",1515:"f34c6cc5",1573:"a722ee7a",1576:"c3a9c637",1591:"09735fc0",1730:"69fd0b9a",1809:"04608aca",1854:"be94a9c8",1872:"c42226db",1902:"8ef33b61",1913:"c9ff9b08",2020:"7f5d7fca",2032:"9d29764e",2036:"54cc2d4c",2098:"00210a32",2115:"abc5e328",2144:"aa3203ff",2237:"1f668492",2280:"5ce65c80",2370:"afd24866",2430:"188da18d",2477:"80f670fe",2615:"d8a040d1",2668:"d9893b92",2704:"10959509",2717:"397109c3",2722:"14bc3799",2780:"3c110fea",2930:"2b4f9f78",3063:"cba11a7e",3126:"17a7c5fe",3237:"1df93b7f",3272:"052260a8",3418:"3fd50427",3544:"cd151fd5",3576:"13689ae4",3599:"80b07506",3611:"d1409995",3635:"1f918bbd",3942:"5f4e8093",4011:"feda9f98",4019:"090174e7",4234:"1a23fb22",4247:"43db5d1f",4321:"6d553b82",4368:"a94703ab",4385:"8afa6453",4390:"49dc3d1d",4473:"1d3542c3",4559:"5c5eecab",4576:"612b9100",4584:"8b7dda8f",4655:"2a3fc902",4717:"d76c6a89",4722:"e7ee1f4e",4778:"399357cc",4791:"a3cca685",4892:"0f09c0c1",4986:"219ad9fa",5018:"871ddaf7",5033:"ca4242f5",5112:"b3921f18",5195:"3379d6c0",5290:"98242336",5616:"c5c74bfd",5720:"646a49d4",5775:"46a4fdf9",5786:"2e429803",5824:"81e06d7e",5827:"20b057c1",5920:"b04270fa",5935:"2f447487",5940:"385dd0a0",5949:"6a5c8ca2",5996:"9a6fbba2",6096:"0c3fdeeb",6128:"83b70ecd",6299:"48f8b5b9",6306:"e65ca800",6535:"9184e37b",6576:"bcbdbf75",6781:"6340fb34",6866:"a6a14297",6888:"af9df136",6907:"f4935766",6932:"5bcba466",6935:"a1e5de72",7159:"d1254c3d",7282:"1dcded0d",7360:"b4e198bf",7376:"a375f470",7386:"28c78037",7444:"af8b4e82",7578:"1db000ad",7638:"c0f9889b",7674:"270f6692",7702:"7e13be3f",7787:"d248c736",7878:"386e030b",7896:"9ed16ae1",7918:"17896441",7920:"1a4e3797",7973:"46be4bcd",7984:"a47e2810",8028:"c4d36760",8036:"490175b0",8129:"30f4d83c",8344:"1afc8419",8383:"246b758f",8392:"0be2dc55",8506:"9899ea6d",8518:"a7bd4aaa",8607:"2df7e88d",8696:"541249eb",8760:"88cad7e1",8852:"9b2db8ea",8897:"af477ebb",9063:"11153061",9091:"6ebb893e",9153:"ed3faf6d",9216:"5cb822a3",9237:"bde17074",9661:"5e95c892",9683:"7ea98ab3",9717:"2548183b",9742:"c3394322",9832:"0097d0fa",9836:"dc5f95d0"}[e]||e)+"."+{48:"57409454",53:"88cdb7d2",117:"dc20ac70",256:"d210cd9c",263:"aec43c6f",411:"c867d2c5",439:"b28f5f13",443:"d514fedc",537:"899eeb3a",634:"7b757be2",670:"bf725030",681:"f4f3f019",725:"bd5ea6ac",767:"4ebfc7f2",912:"3c470e49",965:"0767a5b4",1020:"9fc69dd5",1113:"b81e78ce",1164:"5e58f0a5",1177:"6fb51f8a",1195:"d70a4c78",1241:"579eebb9",1254:"53108c0f",1280:"784f2607",1313:"1952483c",1390:"a3b90106",1391:"5c063f04",1426:"707aef92",1470:"20ca772b",1515:"43eaeb40",1573:"b2cc64d6",1576:"d0cdcfe6",1591:"5416ccfd",1730:"0bb5703c",1772:"a30dfd8b",1809:"098d20f1",1854:"6b4ad9b2",1872:"202182e1",1902:"f1d400a3",1913:"539b3b7b",2020:"acf09ccc",2032:"2c452c49",2036:"ba5c0abe",2098:"b72a3ef6",2115:"0f7a396e",2144:"2b17ed2d",2237:"b7ea2058",2280:"0bdc9df4",2370:"f1feb680",2430:"1f928026",2477:"093f0106",2615:"42c42e4d",2668:"bc6abf89",2704:"bd581f38",2717:"9f850d24",2722:"1b1256ea",2780:"1bd9c4cd",2930:"9a047a8e",3063:"b991afbe",3126:"617de7ad",3237:"bce1c66c",3272:"f40f2de8",3418:"a5098121",3544:"29a2287a",3576:"cd96fab9",3599:"f3cc872e",3611:"cd7954f0",3635:"adcf53f4",3942:"2dabe2c9",4011:"a9a61aa3",4019:"88496ef5",4234:"68b4c56c",4247:"679e6dbe",4321:"3745d4a5",4368:"e58383c9",4385:"69ce04d7",4390:"f191441e",4473:"bcc95119",4559:"a45fe330",4576:"21c1299d",4584:"29560a5d",4655:"92856cb7",4717:"fe41aa5b",4722:"983d17e7",4778:"99555cf3",4791:"314bc0e3",4892:"8a038dcd",4986:"69fb53e7",5018:"6a938ed7",5033:"a9676278",5112:"8b8a1b7f",5195:"7c82b839",5290:"7ef7031f",5616:"c67da531",5720:"f6beac8d",5775:"f93a791b",5786:"96bf2866",5824:"f664eaae",5827:"6d9de8bf",5920:"7329cd3a",5935:"f6ec24be",5940:"85b4d4b3",5949:"6b8c5711",5996:"8b3f342b",6096:"6571ccc6",6128:"f5b32dda",6299:"7f2d0e72",6306:"ade2adf7",6535:"68f1898f",6576:"dc287203",6781:"8c5bc192",6866:"4c2e22cc",6888:"2b585b44",6907:"ad258e6f",6932:"13ce2cdd",6935:"7de1563e",6945:"bfc572ea",7159:"67d03583",7282:"c7ef1626",7360:"04ddb3db",7376:"20082051",7386:"ff0b2b0a",7444:"494e5744",7578:"f9bf6bcb",7638:"2144e89a",7674:"5c2cdf73",7702:"080b68c4",7787:"dc3feb87",7878:"19a189b5",7896:"e1b49827",7918:"723e23a3",7920:"3ce85a9e",7973:"61fa8068",7984:"0896103b",8028:"e67117c5",8036:"a62c642b",8129:"574c795b",8344:"a883b7cd",8383:"1650d1b0",8392:"9080d564",8506:"4d17247f",8518:"e964aaea",8607:"25958a3b",8696:"89c82b02",8760:"0bbf8092",8852:"b4bde40b",8894:"ced69189",8897:"d3937ba5",9063:"1e2d95c4",9091:"98b73abc",9153:"90d2345f",9216:"41f9b8c7",9237:"b41b1f82",9661:"ad7630aa",9683:"6a7963f0",9717:"1bd3b3c4",9742:"fb014f32",9832:"c95816fc",9836:"3c562619"}[e]+".js",r.miniCssF=e=>{},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),r.o=(e,f)=>Object.prototype.hasOwnProperty.call(e,f),a={},d="redkubes-github-io:",r.l=(e,f,c,b)=>{if(a[e])a[e].push(f);else{var t,o;if(void 0!==c)for(var n=document.getElementsByTagName("script"),i=0;i{t.onerror=t.onload=null,clearTimeout(s);var d=a[e];if(delete a[e],t.parentNode&&t.parentNode.removeChild(t),d&&d.forEach((e=>e(c))),f)return f(c)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:t}),12e4);t.onerror=l.bind(null,t.onerror),t.onload=l.bind(null,t.onload),o&&document.head.appendChild(t)}},r.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.p="/",r.gca=function(e){return e={10959509:"2704",11153061:"9063",17896441:"7918",98242336:"5290","98c047c6":"48","935f2afb":"53","62e5798c":"117",bd8a3d8f:"256","8dc82fcd":"263","80cc8fc2":"411",db2fd2f7:"439","9824b3d7":"443",c9644b78:"537","0d519d5d":"634","31647fbf":"670",ca2bccd7:"681",fd458deb:"725",df2434c5:"767","1d911987":"912",d53aaf7f:"965",ffd636c4:"1020","4380e181":"1113","6ef6f599":"1164",a40f2921:"1177","1830c2e3":"1195",e2cc03cb:"1241","443e3a65":"1254","58e1910b":"1280",bf0e2243:"1313","96d3f3ac":"1390","9cb4274e":"1391",f9528352:"1470",f34c6cc5:"1515",a722ee7a:"1573",c3a9c637:"1576","09735fc0":"1591","69fd0b9a":"1730","04608aca":"1809",be94a9c8:"1854",c42226db:"1872","8ef33b61":"1902",c9ff9b08:"1913","7f5d7fca":"2020","9d29764e":"2032","54cc2d4c":"2036","00210a32":"2098",abc5e328:"2115",aa3203ff:"2144","1f668492":"2237","5ce65c80":"2280",afd24866:"2370","188da18d":"2430","80f670fe":"2477",d8a040d1:"2615",d9893b92:"2668","397109c3":"2717","14bc3799":"2722","3c110fea":"2780","2b4f9f78":"2930",cba11a7e:"3063","17a7c5fe":"3126","1df93b7f":"3237","052260a8":"3272","3fd50427":"3418",cd151fd5:"3544","13689ae4":"3576","80b07506":"3599",d1409995:"3611","1f918bbd":"3635","5f4e8093":"3942",feda9f98:"4011","090174e7":"4019","1a23fb22":"4234","43db5d1f":"4247","6d553b82":"4321",a94703ab:"4368","8afa6453":"4385","49dc3d1d":"4390","1d3542c3":"4473","5c5eecab":"4559","612b9100":"4576","8b7dda8f":"4584","2a3fc902":"4655",d76c6a89:"4717",e7ee1f4e:"4722","399357cc":"4778",a3cca685:"4791","0f09c0c1":"4892","219ad9fa":"4986","871ddaf7":"5018",ca4242f5:"5033",b3921f18:"5112","3379d6c0":"5195",c5c74bfd:"5616","646a49d4":"5720","46a4fdf9":"5775","2e429803":"5786","81e06d7e":"5824","20b057c1":"5827",b04270fa:"5920","2f447487":"5935","385dd0a0":"5940","6a5c8ca2":"5949","9a6fbba2":"5996","0c3fdeeb":"6096","83b70ecd":"6128","48f8b5b9":"6299",e65ca800:"6306","9184e37b":"6535",bcbdbf75:"6576","6340fb34":"6781",a6a14297:"6866",af9df136:"6888",f4935766:"6907","5bcba466":"6932",a1e5de72:"6935",d1254c3d:"7159","1dcded0d":"7282",b4e198bf:"7360",a375f470:"7376","28c78037":"7386",af8b4e82:"7444","1db000ad":"7578",c0f9889b:"7638","270f6692":"7674","7e13be3f":"7702",d248c736:"7787","386e030b":"7878","9ed16ae1":"7896","1a4e3797":"7920","46be4bcd":"7973",a47e2810:"7984",c4d36760:"8028","490175b0":"8036","30f4d83c":"8129","1afc8419":"8344","246b758f":"8383","0be2dc55":"8392","9899ea6d":"8506",a7bd4aaa:"8518","2df7e88d":"8607","541249eb":"8696","88cad7e1":"8760","9b2db8ea":"8852",af477ebb:"8897","6ebb893e":"9091",ed3faf6d:"9153","5cb822a3":"9216",bde17074:"9237","5e95c892":"9661","7ea98ab3":"9683","2548183b":"9717",c3394322:"9742","0097d0fa":"9832",dc5f95d0:"9836"}[e]||e,r.p+r.u(e)},(()=>{var e={1303:0,532:0};r.f.j=(f,c)=>{var a=r.o(e,f)?e[f]:void 0;if(0!==a)if(a)c.push(a[2]);else if(/^(1303|532)$/.test(f))e[f]=0;else{var d=new Promise(((c,d)=>a=e[f]=[c,d]));c.push(a[2]=d);var b=r.p+r.u(f),t=new Error;r.l(b,(c=>{if(r.o(e,f)&&(0!==(a=e[f])&&(e[f]=void 0),a)){var d=c&&("load"===c.type?"missing":c.type),b=c&&c.target&&c.target.src;t.message="Loading chunk "+f+" failed.\n("+d+": "+b+")",t.name="ChunkLoadError",t.type=d,t.request=b,a[1](t)}}),"chunk-"+f,f)}},r.O.j=f=>0===e[f];var f=(f,c)=>{var a,d,b=c[0],t=c[1],o=c[2],n=0;if(b.some((f=>0!==e[f]))){for(a in t)r.o(t,a)&&(r.m[a]=t[a]);if(o)var i=o(r)}for(f&&f(c);n