diff --git a/dockers/docker-base-buster/Dockerfile.j2 b/dockers/docker-base-buster/Dockerfile.j2
index 1959bb56cb7b..2d7bd887d2e8 100644
--- a/dockers/docker-base-buster/Dockerfile.j2
+++ b/dockers/docker-base-buster/Dockerfile.j2
@@ -64,7 +64,9 @@ RUN apt-get update &&        \
         net-tools            \
 # for arm arch: Installing j2cli dependency package MarkupSafe from source relies on weeksetuptools and wheel
         python-setuptools    \
-        python-wheel
+        python-wheel         \
+# for processing/handling json files in bash environment
+        jq
 
 # For templating
 RUN pip install j2cli
diff --git a/dockers/docker-base-stretch/Dockerfile.j2 b/dockers/docker-base-stretch/Dockerfile.j2
index f573e94b78d7..f563aee8d9ea 100644
--- a/dockers/docker-base-stretch/Dockerfile.j2
+++ b/dockers/docker-base-stretch/Dockerfile.j2
@@ -62,7 +62,9 @@ RUN apt-get update &&        \
         net-tools            \
 # for arm arch: Installing j2cli dependency package MarkupSafe from source relies on weeksetuptools and wheel
         python-setuptools    \
-        python-wheel
+        python-wheel         \
+# for processing json files in bash environment
+        jq
 
 # For templating
 RUN pip install j2cli
diff --git a/dockers/docker-sonic-telemetry/Dockerfile.j2 b/dockers/docker-sonic-telemetry/Dockerfile.j2
index d3b95c3b4002..b878266f1c6c 100644
--- a/dockers/docker-sonic-telemetry/Dockerfile.j2
+++ b/dockers/docker-sonic-telemetry/Dockerfile.j2
@@ -22,7 +22,7 @@ RUN apt-get clean -y      && \
     apt-get autoremove -y && \
     rm -rf /debs
 
-COPY ["start.sh", "telemetry.sh", "dialout.sh", "/usr/bin/"]
+COPY ["start.sh", "telemetry.sh", "dialout.sh", "telemetry_vars.j2", "/usr/bin/"]
 COPY ["supervisord.conf", "/etc/supervisor/conf.d/"]
 COPY ["files/supervisor-proc-exit-listener", "/usr/bin"]
 COPY ["critical_processes", "/etc/supervisor"]
diff --git a/dockers/docker-sonic-telemetry/telemetry.sh b/dockers/docker-sonic-telemetry/telemetry.sh
index b8f7fffb3ebb..18356e0945e2 100755
--- a/dockers/docker-sonic-telemetry/telemetry.sh
+++ b/dockers/docker-sonic-telemetry/telemetry.sh
@@ -2,36 +2,38 @@
 
 # Try to read telemetry and certs config from ConfigDB.
 # Use default value if no valid config exists
-X509=`sonic-cfggen -d -v "DEVICE_METADATA['x509']"`
-gnmi=`sonic-cfggen -d -v "TELEMETRY['gnmi']"`
-certs=`sonic-cfggen -d -v "TELEMETRY['certs']"`
+TELEMETRY_VARS=$(sonic-cfggen -d -t telemetry_vars.j2)
+TELEMETRY_VARS=${TELEMETRY_VARS//[\']/\"}
+X509=$(echo $TELEMETRY_VARS | jq -r '.x509')
+GNMI=$(echo $TELEMETRY_VARS | jq -r '.gnmi')
+CERTS=$(echo $TELEMETRY_VARS | jq -r '.certs')
 
 TELEMETRY_ARGS=" -logtostderr"
 export CVL_SCHEMA_PATH=/usr/sbin/schema
 
-if [ -n "$certs" ]; then
-    SERVER_CRT=`sonic-cfggen -d -v "TELEMETRY['certs']['server_crt']"`
-    SERVER_KEY=`sonic-cfggen -d -v "TELEMETRY['certs']['server_key']"`
+if [ -n "$CERTS" ]; then
+    SERVER_CRT=$(echo $CERTS | jq -r '.server_crt')
+    SERVER_KEY=$(echo $CERTS | jq -r '.server_key')
     if [ -z $SERVER_CRT  ] || [ -z $SERVER_KEY  ]; then
         TELEMETRY_ARGS+=" --insecure"
     else
         TELEMETRY_ARGS+=" --server_crt $SERVER_CRT --server_key $SERVER_KEY "
     fi
 
-    CA_CRT=`sonic-cfggen -d -v "TELEMETRY['certs']['ca_crt']"`
+    CA_CRT=$(echo $CERTS | jq -r '.ca_crt')
     if [ ! -z $CA_CRT ]; then
         TELEMETRY_ARGS+=" --ca_crt $CA_CRT"
     fi
 elif [ -n "$X509" ]; then
-    SERVER_CRT=`sonic-cfggen -d -v "DEVICE_METADATA['x509']['server_crt']"`
-    SERVER_KEY=`sonic-cfggen -d -v "DEVICE_METADATA['x509']['server_key']"`
+    SERVER_CRT=$(echo $X509 | jq -r '.server_crt')
+    SERVER_KEY=$(echo $X509 | jq -r '.server_key')
     if [ -z $SERVER_CRT  ] || [ -z $SERVER_KEY  ]; then
         TELEMETRY_ARGS+=" --insecure"
     else
         TELEMETRY_ARGS+=" --server_crt $SERVER_CRT --server_key $SERVER_KEY "
     fi
 
-    CA_CRT=`sonic-cfggen -d -v "DEVICE_METADATA['x509']['ca_crt']"`
+    CA_CRT=$(echo $X509 | jq -r '.ca_crt')
     if [ ! -z $CA_CRT ]; then
         TELEMETRY_ARGS+=" --ca_crt $CA_CRT"
     fi
@@ -40,19 +42,20 @@ else
 fi
 
 # If no configuration entry exists for TELEMETRY, create one default port
-if [ -z "$gnmi" ]; then
-    sonic-db-cli CONFIG_DB hset "TELEMETRY|gnmi" port 8080
+if [ -z "$GNMI" ]; then
+    PORT=8080
+    sonic-db-cli CONFIG_DB hset "TELEMETRY|gnmi" port $PORT
+else
+    PORT=$(echo $GNMI | jq -r '.port')
 fi
-
-PORT=`sonic-cfggen -d -v "TELEMETRY['gnmi']['port']"`
 TELEMETRY_ARGS+=" --port $PORT"
 
-CLIENT_AUTH=`sonic-cfggen -d -v "TELEMETRY['gnmi']['client_auth']"`
+CLIENT_AUTH=$(echo $GNMI | jq -r '.client_auth')
 if [ -z $CLIENT_AUTH ] || [ $CLIENT_AUTH == "false" ]; then
     TELEMETRY_ARGS+=" --allow_no_client_auth"
 fi
 
-LOG_LEVEL=`sonic-cfggen -d -v "TELEMETRY['gnmi']['log_level']"`
+LOG_LEVEL=$(echo $GNMI | jq -r '.log_level')
 if [ ! -z $LOG_LEVEL ]; then
     TELEMETRY_ARGS+=" -v=$LOG_LEVEL"
 else
diff --git a/dockers/docker-sonic-telemetry/telemetry_vars.j2 b/dockers/docker-sonic-telemetry/telemetry_vars.j2
new file mode 100644
index 000000000000..687781e1b9b2
--- /dev/null
+++ b/dockers/docker-sonic-telemetry/telemetry_vars.j2
@@ -0,0 +1,5 @@
+{
+    "certs": "{% if "certs" in TELEMETRY.keys() %}{{ TELEMETRY["certs"] }}{% endif %}",
+    "gnmi" : "{% if "gnmi" in TELEMETRY.keys() %}{{ TELEMETRY["gnmi"] }}{% endif %}",
+    "x509" : "{% if "x509" in DEVICE_METADATA.keys() %}{{ DEVICE_METADATA["x509"] }}{% endif %}"
+}