Also, RBAC was an integral part of OpenShift since many swimming cap walmart releases while there are some people who use Kubernetes without RBAC security. That s okay for a small dev/test setup, but in real life, you want to have some level of permissions - swimming caps at target even if it s sometimes hard to learn and comprehend (because it is at first). In OpenShift you actually don t have a choice and you have to use it and learn it on the way as you deploy more and more apps on it.
Helm is so much better , but its current architecture (Tiller component installed as Pod with huge permissions) isn t compatible swimming caps at walmart with more strict security polices in OpenShift.So which one is better you may ask? Personally, I think HAproxy in OpenShift is much more mature, although doesn t have as much features as some Ingress implementations. On Kubernetes however you can use different enhancements - my favorite one is an integration with cert-manager that allows you to automate management of SSL certificates.
Red Hat created OpenShift long before Kubernetes project was found and from the start, it was a PaaS platform. By switching from their custom solution (they used something they called gears instead of containers) swimming caps walmart to Kubernetes it became easier to bring more features and one of the most exciting is integrated Jenkins. There are multiple CI/CD software solutions available, but Jenkins is still the biggest, most universal, generic and mature solution.
A good example would be network policies that close your project for external traffic so that is isolated and secure by default - if you want to permit some kind of traffic you would do so by creating additional policies explicitly. In a similar way you could provide default quotas or LimitRange objects and make your new projects pre-configured according to your organization rules.