I am using elasticsearch on version 7.17.7 we deploy to kubernetes using helm charts, it happens that our containers are marked vulnerable because they don't have a read only root file system and the containers are privileged. The main thing is the sysctl container that need this type of permissions in order to be able to initialize the other containers and set the vm.max_map_count.
my questions are:
can I do this in any other way without having a privileged container?
can I set a readonly root file system for elasticsearch?
if yes, how?
Thanks for the help