From fac6f1c379657c659d64c64a03a9ce30e7eec2a6 Mon Sep 17 00:00:00 2001
From: "Madhusudan.C.S" <madhusudancs@google.com>
Date: Tue, 14 Jun 2016 05:21:49 -0700
Subject: [PATCH] Add Google Cloud DNS auth scope to GCE VMs when they are
 started in a federation.

---
 cluster/gce/config-default.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/cluster/gce/config-default.sh b/cluster/gce/config-default.sh
index cd699021388..c0d0eaaa7d1 100755
--- a/cluster/gce/config-default.sh
+++ b/cluster/gce/config-default.sh
@@ -56,7 +56,12 @@ MASTER_TAG="${INSTANCE_PREFIX}-master"
 NODE_TAG="${INSTANCE_PREFIX}-minion"
 MASTER_IP_RANGE="${MASTER_IP_RANGE:-10.246.0.0/24}"
 CLUSTER_IP_RANGE="${CLUSTER_IP_RANGE:-10.244.0.0/14}"
-NODE_SCOPES="${NODE_SCOPES:-compute-rw,monitoring,logging-write,storage-ro}"
+if [[ "${FEDERATION:-}" == true ]]; then
+    NODE_SCOPES="${NODE_SCOPES:-compute-rw,monitoring,logging-write,storage-ro,https://www.googleapis.com/auth/ndev.clouddns.readwrite}"
+else
+    NODE_SCOPES="${NODE_SCOPES:-compute-rw,monitoring,logging-write,storage-ro}"
+fi
+
 
 # Extra docker options for nodes.
 EXTRA_DOCKER_OPTS="${EXTRA_DOCKER_OPTS:-}"