Privileged containers should be avoided

Hello Team,

We have Elasticsearch containers in AKS where initial container has "Privileged= True" which is against our security policy. But, init container is failing with "Privileged=False", can someone please help how can we resolve this? Can Init container work with "Privileged= False" security context?

1 Like

Hi, I just faced exactly same problem.
I am looking forward to a solution!

If the init container in question is the sysctl which sets the Virtual Memory. You should be able to set the virtual memory at the AKS host/node level then disable/remove this init container entirely.