30 open-source projects similar to portainer/portainer, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Portainer alternative.
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
Kubero is a self-hosted Platform as a Service (PaaS) that simplifies the deployment, scaling, and management of containerized applications on Kubernetes. It functions as an application manager, CI/CD orchestrator, and multi-tenant manager, allowing users to run workloads without writing manual configuration files. The platform distinguishes itself through automated image synthesis, transforming source code from Git repositories into deployable containers via buildpacks, Dockerfiles, or nixpacks. It implements a GitOps delivery model with automated pipelines that trigger builds on push events
Dockhand is a multi-host Docker manager and container management interface used to control the lifecycle of containers, images, volumes, and networks. It functions as a Docker Compose orchestrator and GitOps deployment tool, enabling the synchronization of application stacks directly from remote Git repositories. The project distinguishes itself as an enterprise Docker access controller, providing role-based access control and identity verification through OIDC, LDAP, and multi-factor authentication. It secures sensitive data using AES-256-GCM encryption for credentials at rest and handles na
Argo CD is a declarative, GitOps-based continuous delivery tool designed for Kubernetes. It functions as a centralized control plane that synchronizes application states from version-controlled repositories directly into target clusters, ensuring that the live environment consistently matches the desired configuration defined in Git. The platform distinguishes itself through its ability to manage multi-cluster deployments from a single interface, providing unified oversight across distinct computing environments. It employs a controller-based reconciliation loop to continuously monitor for co
Komodo is a remote server orchestrator and container deployment platform. It provides a centralized interface for managing multiple remote hosts through lightweight agents, coordinating Docker Swarm and Kubernetes clusters, and automating software delivery via integrated CI/CD pipelines. The system distinguishes itself with a TypeScript-based automation engine that executes typed scripts against the system API for complex operational workflows. It supports infrastructure-as-code through TOML-based declarative configuration synchronization and provides ephemeral build infrastructure that provi
Meshery is a service mesh management plane and cloud native infrastructure orchestrator. It provides a visual design-as-code environment for modeling microservices and infrastructure components through declarative blueprints, functioning as a centralized platform for designing, deploying, and managing service mesh infrastructure. The platform is distinguished by its ability to translate visual designs into active deployments and its use of gRPC-based adapters to integrate with diverse infrastructure providers. It features a multi-tenant architecture that manages shared workspaces and role-bas
Foreman is a lifecycle infrastructure management platform used for automating the provisioning, configuration, and monitoring of physical, virtual, and cloud servers. It serves as a central hub for managing the entire lifespan of a server, from initial deployment and operating system upgrades to decommissioning and auditing. The platform functions as a hybrid cloud manager and bare-metal provisioning tool, providing a unified interface to control virtual machine lifecycles across diverse hypervisors and public cloud providers. It automates hardware discovery and operating system deployment us
KubeSphere is a distributed operating system for cloud-native application management that provides a centralized control plane for Kubernetes clusters. It functions as a comprehensive DevOps portal, enabling teams to orchestrate containerized workloads, manage CI/CD pipelines, and enforce security policies across hybrid cloud, datacenter, and edge environments. The platform distinguishes itself through its multi-cluster federation capabilities and robust multi-tenancy model, which allow for logical resource isolation and granular access control across shared infrastructure. It integrates a mo
Flux is a Kubernetes GitOps delivery tool used to automate application deployments by synchronizing cluster state with configurations stored in Git, OCI, or Helm repositories. It functions as a set of controllers that monitor desired state in external sources and continuously reconcile the live cluster to match those definitions. The system distinguishes itself through a multi-cluster management plane that coordinates application delivery across fleets of remote clusters from a central hub. It provides a dedicated mechanism for automated image updates, which scans container registries for new
Dokploy is a self-hosted platform-as-a-service designed to simplify the deployment and management of containerized applications and databases. It provides a centralized control plane that decouples administrative management from application workloads, allowing users to oversee infrastructure across multiple server nodes through a unified web interface or a command-line tool. The platform distinguishes itself through an extensive library of pre-configured application templates, enabling the rapid deployment of databases, identity providers, and various productivity or development tools. It sup
Dockge is a web-based management interface for containerized applications that utilizes configuration files as the primary source of truth. It provides a centralized dashboard for orchestrating container stacks, allowing users to create, edit, and control services directly through a graphical interface rather than the command line. The platform distinguishes itself by offering a migration utility that converts manual container execution commands into structured configuration files. It supports the management of distributed infrastructure by connecting to multiple remote hosts from a single in
Crossplane is a Kubernetes-based control plane framework that functions as a cloud resource orchestrator and infrastructure-as-code platform. It enables the management of heterogeneous infrastructure by extending the Kubernetes API to provision and maintain external cloud services through declarative configuration. By utilizing custom resource controllers, it continuously reconciles the state of external infrastructure with defined desired states, ensuring consistent deployment and lifecycle management across multiple cloud providers. The platform distinguishes itself through its composition-
This project is a containerized build automation system and self-hosted DevOps platform provided as a Docker image. It serves as a distributed build orchestrator and a Dockerized continuous integration and delivery server, ensuring consistent execution environments across different infrastructure. The system distinguishes itself through a distributed execution model that separates a primary controller from multiple remote agents connected via SSH, TCP, or web sockets. It utilizes a modular extensibility framework that allows the core system functionality to be augmented through the installati
Graylog2-server is an open-source centralized log management system and aggregator. It functions as a log analysis platform designed to collect, index, and analyze log data from multiple sources within a centralized searchable index. The system provides capabilities for enterprise log aggregation and infrastructure monitoring. It enables the gathering of logs from various servers and applications to facilitate log data analysis and root cause troubleshooting across a network. The platform utilizes a distributed indexing pipeline and message-queue based ingestion to handle log streams. It inc
Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n
This is a role-based access control system for Laravel applications that manages user permissions and roles within a database. It provides a database permissions manager to assign specific abilities to users and roles, utilizing authorization gates to restrict access to routes and interface elements. The project features a wildcard permission system that uses pattern matching to grant broad access across multiple related permissions. It also supports team-scoped access control, allowing users to maintain different roles and permission levels across separate organizational contexts or teams.
NestJS Access Control is a role-based and attribute-based authorization framework designed for the NestJS ecosystem. It provides a declarative system for securing application routes and resources, allowing developers to enforce granular access policies through metadata-driven decorators. The framework distinguishes itself by supporting hierarchical role inheritance, which enables the resolution of complex permission sets by traversing parent and child role relationships. It also facilitates dynamic authorization management, allowing security rules to be loaded asynchronously from external dat
Platform is a framework for building back-office applications and administrative dashboards using Laravel. It functions as a schema-driven UI framework and CRUD generator that automatically constructs database management interfaces, input forms, and validation rules from programmatic model definitions. The project distinguishes itself through a comprehensive backend UI kit that supports advanced data capture, including geographic coordinate mapping, tabular JSON data matrices, and marketing metadata tracking. It features a robust role-based access control system for managing resource visibili
Devpush is a self-hosted Git-based PaaS that automates the deployment of containerized applications. It maps each Git branch to an isolated Docker environment, creating a multi-environment runtime where staging, production, and other workflows run in parallel with scoped configuration and encrypted variables. Deployments are triggered automatically by Git push events via a configured GitHub App, managing the full lifecycle from build to release with zero-downtime rollouts and instant rollback. The platform includes a built-in Let's Encrypt SSL manager that automatically provisions and renews
Lens is a multi-cluster management platform and desktop application for administering Kubernetes environments. It provides a graphical interface for deploying Helm charts, editing YAML manifests, and managing the lifecycle of pods and deployments. The project features an AI-powered cluster assistant that enables users to query cluster state, perform autonomous troubleshooting, and translate natural language requests into system commands. It also supports collaborative team access through shared spaces, utilizing encrypted cluster sharing and role-based access control to manage credentials and
Geeker-Admin is a Vue.js admin dashboard framework designed for building backend management interfaces. It utilizes Vue 3, TypeScript, and Vite to provide a foundation for creating data-driven administration panels. The framework features a configurable data table engine that generates complex grids automatically from predefined configuration objects. It incorporates a role-based access control system to restrict access to specific pages and interface elements based on user permissions. The system includes a centralized state management store for persistent global data and page state preserv
This project is a React admin dashboard boilerplate designed for building backend administrative interfaces. It provides a pre-configured development stack that integrates a Redux state management framework, a role-based access control system, and a standardized Axios HTTP client wrapper. The system includes a mock API development environment that serves fake data through a local server to decouple frontend development from backend availability. It uses Vite for module bundling and provides a component-library based UI for constructing management interfaces. The platform covers a broad range
SpringBoot-Shiro-Vue is a permission management framework and role-based access control system. It provides a backend implemented with Spring Boot and a frontend built with Vue.js to manage user roles and map them to specific interface and API access rights. The project utilizes a token-based authentication system to verify user identities and enable stateless communication between the frontend and backend. It implements granular UI permission control to show or hide specific buttons and interface elements based on the current user's assigned access rights. The framework covers API security
This project is a business intelligence suite and SQL data visualization platform used for data analysis, reporting, and monitoring. It provides a web application for exploring datasets and building interactive dashboards, complemented by a web-based SQL query editor for analyzing raw data from connected stores. The platform features a semantic data layer to define standardized metrics and dimensions, ensuring consistent data interpretation across reports. It includes a security framework with role-based access control to manage user permissions and authentication across shared dashboards. T
Devtron is a Kubernetes management platform and CI/CD orchestrator designed to unify application lifecycles and infrastructure operations across multiple clusters from a single interface. It serves as a centralized dashboard for orchestrating workloads, managing security, and providing observability for Kubernetes environments. The platform distinguishes itself with a no-code workflow engine for automating container builds and software delivery pipelines, alongside a visual GitOps deployment tool for managing declarative applications and reconciling configuration drift. Its capability surfac
This project is a self-hosted question and answer platform and knowledge management system. It provides a centralized repository for documented answers and community discussions used to support users and resolve technical issues. The system functions as a plugin-based community forum, utilizing a modular extension system to add custom features and tools. It employs a decoupled architecture with a RESTful API backend to separate business logic from the user interface. The platform covers several domain areas including internal knowledge management, customer help centers, and community Q&A hos
vue-framework-wz is a Vue.js admin dashboard framework and modular frontend boilerplate designed for building administrative interfaces. It provides an enterprise UI component library and a role-based access control system to manage user logins and restrict access to protected administrative routes. The framework features a command-line tool for managing optional plugin dependencies to optimize bundle size. It includes an automated navigation system that generates multi-level sidebars, breadcrumbs, and tabbed browsing interfaces based on the application routing configuration. The project cov
LoopBack Next is a Node.js API framework used for building REST and multi-protocol APIs. It functions as an OpenAPI server implementation that can either generate machine-readable specifications from code or produce implementation controllers and models from existing specifications. The framework distinguishes itself through a central dependency injection container and a repository-pattern data access layer. This architecture decouples application logic from component construction and persistent storage, allowing for a pluggable system where data sources and business logic are isolated throug
Frappe is a Python-based low-code web framework used for building data-driven business applications. It functions as a full-stack meta-framework that integrates a Python backend with a JavaScript frontend, providing a development environment for rapid application prototyping and deployment. The framework employs a model-driven architecture that automatically generates database schemas, REST API endpoints, and administrative interfaces based on defined metadata. This system is complemented by a command-line scaffolding tool for creating standardized project directory structures and boilerplate
This project is a Spring Boot administrative framework and enterprise backend boilerplate designed for building management systems. It provides a foundation for enterprise-level applications using a reactive programming model and non-blocking data access patterns. The framework includes a reactive CRUD system for database operations and a role-based access control system to manage user accounts and administrative permissions. It further distinguishes itself with a centralized data dictionary for maintaining standardized labels and values across application modules. The system's broader capab