By nature, containers should not have or need access to system calls on a node. Disallowing this is considered best practice.
Make sure any Kubernetes workload configurations that have 'sysctls' arguments do not have kernel level calls specified. For more information, see the Kubernetes documentation.
References:
https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/
https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/