Skip to content
Neil Cresswell, CEO July 28, 2022 8 min read

Portainer vs Rancher vs OpenShift

This is a question we get asked almost daily by people looking for a Kubernetes management platform. So we've done the research and created a comparison table for Portainer vs Rancher vs OpenShift.

How does Portainer compare to Rancher? How about to OpenShift?

For a long time, the answer was "well, we are not really sure, as we don't use those tools day in, day out". But recently, we've spent considerable time deploying and understanding Rancher and OpenShift to discover their strengths, weaknesses (or functionality they don't attempt to provide), and seeing how we compare. We took a non-biased view of this assessment, as being biased doesn't help us to learn (and we hope you appreciate the transparency).

If I had to draw a similarity, Portainer is more like OpenShift than we are like Rancher, primarily due to the product strategy of OpenShift, which is to make the hard, easy. This is very similar to our goal of reducing toil and mental burden in the operation of Kubernetes. Rancher is basically a 1:1 technical translation of API to UI, and doesn't attempt to enable non-experts to operate the platform, and that's a totally acceptable strategy for their ideal customer profile.

Analysis

  • Build Environments

Straight off the bat, Portainer and Rancher/OpenShift serve two very different needs. Rancher and OpenShift are both tools that you use to CONSTRUCT yourself a Kubernetes cluster, one that is self-managed (be that on prem or in-cloud). Portainer as a company does not provide a Kubernetes distribution, and we have no mechanism to build an on-premises cluster in our app, so if this is your primary need, we won't help there, but we can help you to build Kubernetes clusters through Cloud Provider KaaS offerings, which arguably is the most operationally efficient way of using Kubernetes anyway.

Summary: Portainer helps you deploy managed Kubernetes clusters, which is our recommended way of consuming Kubernetes unless you have a large dedicated team of Kubernetes experts.

  • Multi-Cluster Management

Secondly, the biggest difference we can see between both Portainer & Rancher vs OpenShift is that OpenShift is not a multi-cluster manager. You use the OpenShift installer to build a (singular) OpenShift cluster against either on-premises equipment or in a select number of cloud provider IaaS offerings, and the cluster gets deployed with a Management UI for that cluster. There is no way to deploy any additional clusters and manage them from the one management UI. Of course, RedHat has an additional product that does this (Redhat Advanced Cluster Management for Kubernetes), but this requires a dedicated cluster to run it, and it's a licensed product. I guess if you can afford to pay for OpenShift, then paying an additional $800 per month for a dedicated management cluster and an extra license fee is probably okay.  Rancher and Portainer both let you (natively) deploy or import any number of existing environments under the one management server, which is great when you are operating at scale.

Summary: Portainer is a multi-cluster manager that is extremely lightweight and can provide centralized access control and governance at scale.

  • Platform vs Tool

It's important to note that all three products are aiming to be a complete "turn-key" platform to manage containerized applications, with the analogy "Kubernetes is the engine, we are the car" commonly used.

All three products aim to be much more than just an alternative to the Kubernetes Dashboard (or variants of it, like Mirantis Lens). In reality, all these products aim to provide a comprehensive Kubernetes management platform that includes an intuitive UI that guides less experienced users, an integrated GitOps capability, integrated monitoring/observability, and integrated alerting. Because of this, all three offer either native capability or integrations with 3rd party open source components (such as ArgoCD).

Portainer made a decision to integrate with the Kubernetes Metrics API, which gives a good level of observability, rather than requiring all users to deploy the resource-heavy Prometheus and Grafana. That said, there is nothing stopping you from using Prometheus and Grafana, or ArgoCD alongside Portainer.

Summary: if you want a quick view of resource usage of your apps, and can't spare the additional resource overhead, Portainer is your only choice here.

  • Ease of Use

Really though, the most impactful difference between the products is the target user. Portainer and OpenShift both provide a management experience that applies safe/secure best practices, and does so to ensure that non-experts can operate in an environment that they might not fully understand.

With Portainer, the admin can easily disable Portainer's applied defaults and customize them to suit the skills of the team, whereas with OpenShift the defaults are enforced. If the defaults don't suit you, then OpenShift will cause friction.

Rancher however takes a very different approach. Rancher's product appears to be tailored to Kubernetes experts, who are expected to know how to secure the platform and applications correctly. 

Summary: if you want a guided, intuitive, safe-by-default experience, with the ability for the admin to adjust the defaults, then choose Portainer.

Portainer vs Rancher vs OpenShift Comparison Table

Detailed below is the side-by-side, feature comparison for Portainer, Rancher, and OpenShift.

Technology moves fast, so we will rerun this assessment quarterly and update it as applicable.

Cluster Build

Capability

OpenShift

Rancher

Portainer

Create In-Cloud KaaS Clusters

No

Yes (AKS, GKE, EKS)

Yes (AKS, GKE, EKS, Civo, DoKS, Linode)

Create and Update In-Cloud (IaaS) Kubernetes Clusters

Yes, the initial cluster (using installer)

Yes

No

Create and Update On-Premises Kubernetes Clusters

Yes, the initial cluster (using installer)

Yes

No

 

Cluster Management

Capability

OpenShift

Rancher

Portainer

Import and Manage Existing Kubernetes Clusters

No, unless purchasing additional software (RHACM)

Yes

Yes

Can configure Cluster Internal Settings (APIServer etc)

Yes (via YAML)

Yes (via UI for RKE)

No

Can enable User authentication for Cluster

Yes

Yes

Yes

Can enable Groups within Cluster

Yes, manual management

Yes, with external management option

Yes, with external management option

Can create ServiceAccounts within Cluster

Yes

Yes

No

Can create Cluster RBAC Roles and Bindings

Yes (via YAML)

Yes, pre-defined and custom roles.

Yes, pre-defined roles. Roles assigned to users via UI

Applies secure defaults

Yes

No (except Rancher Federal)

Yes

Can change/deactivate secure defaults

No

No

Yes

Can set Pod security policies

Yes (via proprietary SCC)

Yes (using PSP - deprecated)

Yes (via OPA)

Configure Node Settings

Yes (via YAML)

Yes (via YAML)

No

View Node Status (health, conditions, events, taints, images, pods, resources, logs)

Yes

Yes

Partial (no conditions, images, logs)

Kubernetes API Proxy (can use KubeCTL)

Yes, after generating kubeconfig using oc client

Yes by downloading Kubeconfig from UI

Yes by downloading Kubeconfig from UI

 

Multi-Cluster Management

Capability

OpenShift

Rancher

Portainer

Multi-Cluster Management from a single management instance

No, unless purchasing additional software (RHACM)

Yes

Yes`

Centralized User Management

N/A

Yes

Yes

Centralized Group Management

N/A

Yes

Yes

Centralized Access Control

N/A

Yes

Yes

Centralized RBAC

N/A

Yes

Yes

 

Namespaces

Capability

OpenShift

Rancher

Portainer

Create/Delete namespaces

Yes (via YAML)

Yes (via UI and YAML)

Yes (via UI and YAML)

Assign Users / Groups Role based access to namespaces

Yes (via YAML)

Yes (via UI)

Yes (via UI)

Can Set and apply NetworkPolicies to Namespaces

Yes

Yes

No

Can set CPU/RAM Resource Quotas in Namespaces

Yes

Yes

Yes

Can set advanced resource quotas (disk, load balancers) in Namespaces

No

Yes

Yes

 

Deployments

Capability

OpenShift

Rancher

Portainer

Create Pods

Y

N

N

Create Deployment / ReplicaSet

Y

Y

Y

Create DaemonSet

Y

Y

Y

Create StatefulSet

Y

Y

Y

Create CronJob

Y

Y

N

Create Jobs

Y

Y

N

No-Code UI based Deployment

Y

Y

Y

Simplified UI Deployment (minimal Kube-Specific Lingo, minimal questions)

Y

N

Y

Create Deployments from YAML

Y

Y

Y

Create Deployments from HELM

Y

Y

Y

Create Deployments from YAML with Kustomize

N

Y

N

Create Deployments from Docker Compose Files

N

N

Y

Create Stacks of Applications

Y (App Grouping)

N

Y (Stacks)

Support Setting HealthChecks (Readiness, Liveness, Startup Probes)

Y

Y

N

Support ConfigMaps and Secrets

Y

Y

Y

Support Images from Private Registries

Y (image pull secret)

Y (image pull secret)

Y (centrally managed)

Support Setting Resource Limits

Y

Y

Y

Support Setting Rollout (Scaling and Update) Strategy

Y

Y

N

Support configuring Pod Autoscaler

Y

Y

Y

Support Setting Labels and Annotations

Y

Y

N

Monitor Performance

Prometheus

Prometheus

Metrics Server

View Events

Y

Y

Y

Connect to Console

Y

Y

Y

View Logs

Y

Y

Y

View YAML

Y

Y

Y

Set and View Alerts (via AlertManager)

Y

N

N

Marketplace Templates

Y

Y

Y

Custom Deployment Templates

Y (BuildConfigs)

No

Y (Custom Templates)

Can install Operators/CRDs

Yes

Yes

No (unless via HELM)

Multi-Cluster Deployments

No, unless purchasing additional software (RHACM)

Yes (Fleet)

Yes (EdgeStacks)

 

Storage

Capability

OpenShift

Rancher

Portainer

Can Create Persistent Volumes

Yes (via UI and YAML)

Yes (via UI and YAML)

Yes (via UI and YAML)

Can Create Persistent Volume Claims

Yes (via UI and YAML)

Yes (via UI and YAML)

Yes (via UI and YAML)

Can take Volume Snapshots

Yes

No

No

 

Networking

Capability

OpenShift

Rancher

Portainer

Define Services and map to deployments

Y

Y

Y

Define Ingress HTTP & HTTPS pass-through Routes

Y

Y

Y

Define Ingress HTTPS Routes (ingress termination)

Y

N

N

Publish Service via Load Balancer

N

Y

Y

 

Integrations

Capability

OpenShift

Rancher

Portainer

Centralized Logging

Yes

Yes (Banzai)

No

Metrics API

Prometheus

Prometheus

Metrics Server

Observability Stack

Yes (Prometeus & Grafana)

Yes (Prometeus & Grafana)

No

Alerting

Yes (AlertManager

Yes (AlertManager)

No

ServiceMesh

Yes

Yes

No

Serverless API

Yes (kNative)

No

No

CI Tooling (Image Builds)

Yes

No

No

CD Tooling

Yes

No

No

GitOps Tooling

Yes (ArgoCD)

Yes (Native)

Yes (Native)

Multi-Cluster CD Tooling

No, unless purchasing additional software (RHACM)

Yes, Fleet

Partial (Edge stacks, one time deploy)

Cluster Backups

Yes

Yes

No

OPA Gatekeeper

Yes

Yes

Yes

Security Scanning

No

Yes

No

 

avatar

Neil Cresswell, CEO

Neil brings more than twenty years’ experience in advanced technology including virtualization, storage and containerization.

COMMENTS