You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: deploy-manage/_snippets/ecloud-security.md
+3-1Lines changed: 3 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,9 @@
1
1
{{ecloud}} has built-in security. For example, HTTPS communications between {{ecloud}} and the internet, as well as inter-node communications, are secured automatically, and cluster data is encrypted at rest.
2
2
3
+
In both {{ech}} and {{serverless-full}}, you can also configure [IP filters](/deploy-manage/security/ip-filtering-cloud.md) to prevent unauthorized access to your deployments and projects.
4
+
3
5
In {{ech}}, you can augment these security features in the following ways:
4
-
* Configure [traffic filtering](/deploy-manage/security/traffic-filtering.md) to prevent unauthorized access to your deployments.
6
+
*[Configure private connectivity and apply VPC filtering](/deploy-manage/security/private-connectivity.md) to establish a secure connection for your {{ecloud}} deployments to communicate with other cloud services, and restrict traffic to deployments based on those private connections.
5
7
* Encrypt your deployment with a [customer-managed encryption key](/deploy-manage/security/encrypt-deployment-with-customer-managed-encryption-key.md).
6
8
*[Secure your settings](/deploy-manage/security/secure-settings.md) using {{es}} and {{kib}} keystores.
7
9
* Use the list of [{{ecloud}} static IPs](/deploy-manage/security/elastic-cloud-static-ips.md) to allow or restrict communications in your infrastructure.
Copy file name to clipboardExpand all lines: deploy-manage/autoscaling/trained-model-autoscaling.md
+9-35Lines changed: 9 additions & 35 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,11 +22,13 @@ There are two ways to enable autoscaling:
22
22
* through APIs by enabling adaptive allocations
23
23
* in {{kib}} by enabling adaptive resources
24
24
25
+
For {{serverless-short}} projects, trained model autoscaling is automatically enabled and cannot be disabled.
26
+
25
27
::::{important}
26
28
To fully leverage model autoscaling in {{ech}}, {{ece}}, and {{eck}}, it is highly recommended to enable [{{es}} deployment autoscaling](../../deploy-manage/autoscaling.md).
27
29
::::
28
30
29
-
Trained model autoscaling is available for {{serverless-short}}, {{ech}}, {{ece}}, and {{eck}} deployments. In serverless deployments, processing power is managed differently across Search, Observability, and Security projects, which impacts their costs and resource limits.
31
+
Trained model autoscaling is available for {{serverless-short}}, {{ech}}, {{ece}}, and {{eck}} deployments. In {{serverless-short}} projects, processing power is managed differently across Search, Observability, and Security projects, which impacts their costs and resource limits.
30
32
31
33
:::{admonition} Trained model auto-scaling for self-managed deployments
32
34
The available resources of self-managed deployments are static, so trained model autoscaling is not applicable. However, available resources are still segmented based on the settings described in this section.
@@ -54,10 +56,6 @@ You can enable adaptive allocations by using:
54
56
55
57
If the new allocations fit on the current {{ml}} nodes, they are immediately started. If more resource capacity is needed for creating new model allocations, then your {{ml}} node will be scaled up if {{ml}} autoscaling is enabled to provide enough resources for the new allocation. The number of model allocations can be scaled down to 0. They cannot be scaled up to more than 32 allocations, unless you explicitly set the maximum number of allocations to more. Adaptive allocations must be set up independently for each deployment and [{{infer}} endpoint](https://www.elastic.co/docs/api/doc/elasticsearch/group/endpoint-inference).
56
58
57
-
:::{note}
58
-
When you create inference endpoints on {{serverless-short}} using {{kib}}, adaptive allocations are automatically turned on, and there is no option to disable them.
59
-
:::
60
-
61
59
### Optimizing for typical use cases [optimizing-for-typical-use-cases]
62
60
63
61
You can optimize your model deployment for typical use cases, such as search and ingest. When you optimize for ingest, the throughput will be higher, which increases the number of {{infer}} requests that can be performed in parallel. When you optimize for search, the latency will be lower during search processes.
@@ -73,16 +71,16 @@ You can choose from three levels of resource usage for your trained model deploy
73
71
74
72
Refer to the tables in the [Model deployment resource matrix](#model-deployment-resource-matrix) section to find out the settings for the level you selected.
The image below shows the process of starting a trained model on an {{ech}} deployment. In {{serverless-short}} projects, the **Adaptive resources** toggle is not available when starting trained model deployments, as adaptive allocations are always enabled and cannot be disabled.
:alt: ELSER deployment with adaptive resources enabled.
78
78
:screenshot:
79
79
:width: 500px
80
80
:::
81
81
82
82
In {{serverless-full}}, Search projects are given access to more processing resources, while Security and Observability projects have lower limits. This difference is reflected in the UI configuration: Search projects have higher resource limits compared to Security and Observability projects to accommodate their more complex operations.
83
83
84
-
On {{serverless-short}}, adaptive allocations are automatically enabled for all project types. However, the "Adaptive resources" control is not displayed in {{kib}} for Observability and Security projects.
85
-
86
84
## Model deployment resource matrix [model-deployment-resource-matrix]
87
85
88
86
The used resources for trained model deployments depend on three factors:
@@ -100,10 +98,6 @@ If you use a self-managed cluster or ECK, vCPUs level ranges are derived from th
100
98
101
99
The following tables show you the number of allocations, threads, and vCPUs available in ECE and ECH when adaptive resources are enabled or disabled.
102
100
103
-
::::{note}
104
-
On {{serverless-short}}, adaptive allocations are automatically enabled for all project types. However, the "Adaptive resources" control is not displayed in {{kib}} for Observability and Security projects.
105
-
::::
106
-
107
101
### Ingest optimized
108
102
109
103
In case of ingest-optimized deployments, we maximize the number of model allocations.
@@ -152,16 +146,6 @@ In case of ingest-optimized deployments, we maximize the number of model allocat
152
146
153
147
:::
154
148
155
-
:::{tab-item} {{serverless-short}}
156
-
157
-
| Level | Allocations | Threads | VCUs |
158
-
| --- | --- | --- | --- |
159
-
| Low | Exactly 2 | 1 | 16 |
160
-
| Medium | Exactly 32 | 1 | 256 |
161
-
| High | 512 for Search<br> No static allocations for Security and Observability<br> | 1 | 4096 for Search<br> No static allocations for Security and Observability<br> |
162
-
163
-
:::
164
-
165
149
::::
166
150
167
151
### Search optimized
@@ -188,9 +172,9 @@ In case of search-optimized deployments, we maximize the number of threads. The
188
172
189
173
| Level | Allocations | Threads | VCUs |
190
174
| --- | --- | --- | --- |
191
-
| Low | 0 to 1 dynamically |Always 2 | 0 to 16 dynamically |
192
-
| Medium |1 to 2 (if threads=16), dynamically | Maximum (for example, 16) | 8 to 256 dynamically |
193
-
| High |1 to 32 (if threads=16), dynamically<br> 1 to 128 for Security and Observability<br> |Maximum (for example, 16) | 8 to 4096 for Search<br> 8 to 1024 for Security and Observability<br> |
175
+
| Low | 0 to 1 dynamically | 2 | 0 to 16 dynamically |
176
+
| Medium |0 to 2 dynamically for Search and Observatibility<br> 1 to 2 dynamically for Security | 4 | 0 to 256 dynamically for Search and Observatibility<br> 8 to 256 dynamically for Security|
177
+
| High |0 to 32 dynamically for Search and Observatibility<br> 1 to 128 dynamically for Security<br> |8 | 0 to 4096 dynamically for Search<br> 0 to 1024 dynamically for Observability<br>8 to 1014 dynamically for Security|
194
178
195
179
:::
196
180
@@ -212,14 +196,4 @@ In case of search-optimized deployments, we maximize the number of threads. The
212
196
213
197
:::
214
198
215
-
:::{tab-item} {{serverless-short}}
216
-
217
-
| Level | Allocations | Threads | VCUs |
218
-
| --- | --- | --- | --- |
219
-
| Low | 1 statically | Always 2 | 16 |
220
-
| Medium | 2 statically (if threads=16) | Maximum (for example, 16) | 256 |
221
-
| High | 32 statically (if threads=16) for Search<br> No static allocations for Security and Observability<br> | Maximum (for example, 16) | 4096 for Search<br> No static allocations for Security and Observability<br> |
When installing the {{stack}}, you must use the same version across the entire stack. For example, if you are using {{es}} {{stack-version}}, you install Beats {{stack-version}}, APM Server {{stack-version}}, {{es}} Hadoop {{stack-version}}, {{kib}} {{stack-version}}, and Logstash {{stack-version}}.
1
+
When installing the {{stack}}, you must use the same version across the entire stack. For example, if you are using {{es}} {{version.stack}}, you install Beats {{version.stack}}, APM Server {{version.stack}}, {{es}} Hadoop {{version.stack}}, {{kib}} {{version.stack}}, and Logstash {{version.stack}}.
2
2
3
-
If you’re upgrading an existing installation, see [](/deploy-manage/upgrade.md) for information about how to ensure compatibility with {{stack-version}}.
3
+
If you’re upgrading an existing installation, see [](/deploy-manage/upgrade.md) for information about how to ensure compatibility with {{version.stack}}.
Copy file name to clipboardExpand all lines: deploy-manage/deploy/cloud-enterprise/working-with-deployments.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -57,7 +57,7 @@ From the deployment main page, you can quickly access the following configuratio
57
57
From the **Deployment > Security** view, you can manage security settings, authentication, and access controls. Refer to [Secure your clusters](../../../deploy-manage/users-roles/cluster-or-deployment-auth.md) for more details on security options for your deployments.
58
58
59
59
*[Reset the `elastic` user password](../../users-roles/cluster-or-deployment-auth/manage-elastic-user-cloud.md)
60
-
*[Set up traffic filters](../../security/traffic-filtering.md) to restrict traffic to your deployment
60
+
*[Set up IP filters](../../security/ip-filtering-ece.md) to restrict traffic to your deployment
61
61
* Configure {{es}} keystore settings, also known as [secure settings](../../security/secure-settings.md)
62
62
* Configure trust relationships for [remote clusters](../../remote-clusters/ece-enable-ccs.md)
0 commit comments