2 files changed, 5 insertions, 9 deletions

diff --git a/roles/openshift_logging/tasks/generate_configmaps.yaml b/roles/openshift_logging/tasks/generate_configmaps.yaml
index f9f9ee79f..b24a7c342 100644
--- a/roles/openshift_logging/tasks/generate_configmaps.yaml
+++ b/roles/openshift_logging/tasks/generate_configmaps.yaml
@@ -6,16 +6,11 @@
       when: es_logging_contents is undefined
       changed_when: no
 
-    - copy:
-        src: elasticsearch.yml
-        dest: "{{mktemp.stdout}}/elasticsearch.yml"
-      when: es_config_contents is undefined
-      changed_when: no
-
-    - lineinfile:
+    - template:
+        src: elasticsearch.yml.j2
         dest: "{{mktemp.stdout}}/elasticsearch.yml"
-        regexp: '^openshift\.operations\.allow_cluster_reader(.)*$'
-        line: "\nopenshift.operations.allow_cluster_reader: {{openshift_logging_es_ops_allow_cluster_reader | lower}}"
+      vars:
+        - allow_cluster_reader: "{{openshift_logging_es_ops_allow_cluster_reader | lower | default('false')}}"
       when: es_config_contents is undefined
       changed_when: no
 
diff --git a/roles/openshift_logging/files/elasticsearch.yml b/roles/openshift_logging/templates/elasticsearch.yml.j2
index 4eff30e61..dad78b844 100644
--- a/roles/openshift_logging/files/elasticsearch.yml
+++ b/roles/openshift_logging/templates/elasticsearch.yml.j2
@@ -42,6 +42,7 @@ openshift.searchguard:
   keystore.path: /etc/elasticsearch/secret/admin.jks
   truststore.path: /etc/elasticsearch/secret/searchguard.truststore
 
+openshift.operations.allow_cluster_reader: {{allow_cluster_reader | default ('false')}}
 
 path:
   data: /elasticsearch/persistent/${CLUSTER_NAME}/data