Skip to content
Back to glossary
Kubernetes Tools

What is Rancher?

Rancher is a multi-cluster Kubernetes management platform from SUSE. Unified interface, centralised RBAC, on-premise or cloud deployment.

What Rancher does

Rancher is an open-source platform that simplifies managing multiple Kubernetes clusters from a single interface. Acquired by SUSE in 2020, Rancher remains open-source under Apache 2.0 and works on managed clusters (EKS, AKS, GKE, Hikube) as well as self-hosted clusters (RKE2, k3s, kubeadm). It targets organisations that operate several Kubernetes environments and need to centralise administration, authentication and security policies.

In practice, an operator opens a single Rancher web interface and sees the state of all their clusters: production, staging, dev, edge sites, customer clusters. They can deploy an application, apply RBAC, install a tool (Prometheus, ArgoCD, cert-manager) on any cluster without switching consoles.

Core features

Multi-cluster provisioning. Spin up a new Kubernetes cluster on AWS, Azure, vSphere, bare-metal or edge in a few clicks, with standardised configuration. Rancher uses RKE2 (its own security-hardened Kubernetes distribution) or k3s (lightweight distribution for the edge).

Centralised authentication. Native integration with Active Directory, LDAP, OIDC (Keycloak, Azure AD, Google Workspace). A single sign-in grants access to every cluster according to role permissions. For compliance-bound organisations, this is a major gain: centralised access audit, immediate revocation on departure.

Application catalogue. Library of pre-validated Helm charts (monitoring, logging, security, GitOps) deployable in one click to any cluster. Platform teams publish standardised internal charts for their product teams there.

Security and compliance. Security policies (Pod Security Standards, OPA Gatekeeper) applied uniformly across all clusters. Built-in CIS Kubernetes Benchmark scans. Exportable compliance reports.

RKE2 Kubernetes distribution. RKE2 is the official SUSE/Rancher Kubernetes distribution, focused on security (CIS Benchmark compliant, FIPS 140-2 available). Suited to regulated environments (public sector, finance, defence).

When Rancher becomes relevant

Rancher starts paying off from 3 or 4 Kubernetes clusters to manage. Below that, the effort of deploying and maintaining Rancher exceeds the gains. Above that, the absence of centralised management becomes unmanageable.

On Hidora engagements, we deploy Rancher for clients in these situations:

  • Multi-environment (isolated dev/staging/prod)
  • Edge computing (remote clusters in retail outlets, factories, branches)
  • Multi-tenant (one cluster per internal client or per subsidiary)
  • Hybrid (on-premise clusters + public cloud clusters)

Rancher vs alternatives

OpenShift (Red Hat): more complete, more opinionated, more expensive. Includes an integrated PaaS (Source-to-Image), a CI/CD chain (OpenShift Pipelines), and a service mesh (OpenShift Service Mesh based on Istio). Suited to organisations that want a vertically integrated platform with single enterprise support.

Tanzu Mission Control (VMware): VMware's commercial equivalent. Multi-cluster management, centralised policies. Suited to organisations already heavily invested in the VMware ecosystem.

Cloud-specific solutions (EKS Anywhere, AKS Arc): native integration with their origin cloud, but limited multi-cloud.

Rancher remains the most neutral and portable option for multi-cloud organisations or those with strict sovereignty requirements.

Related Hidora services

  • Managed Services: 24/7 operation of Rancher environments with centralised management of Hikube, on-premise and public-cloud clusters.
  • Consulting: multi-cluster architecture design, initial Rancher rollout, team training.
  • Kubernetes, GitOps, Platform Engineering: associated bricks in a multi-cluster strategy.