elastic · eedugon · Feb 25, 2025 · Feb 12, 2025 · Feb 12, 2025 · Feb 12, 2025
@@ -1,28 +1,49 @@
 ---
-applies:
-  ece: all
+applies_to:
+  deployment:
+    ece: all
 ---
 
 # Elastic Cloud Enterprise [Elastic-Cloud-Enterprise-overview]
 
 {{ece}} (ECE) is an Elastic self-managed solution for deploying, orchestrating, and managing {{es}} clusters at scale. It provides a centralized platform that allows organizations to run {{es}}, {{kib}}, and other {{stack}} components across multiple machines.
 
-Refer to [](./cloud-enterprise/ece-overview.md) for a detailed introduction to ECE, including its features, use cases, and architecture.
-
 ::::{tip}
 If you are looking for a solution to orchestrate and manage {{es}} clusters natively on Kubernetes, consider using [Elastic Cloud on Kubernetes (ECK)](./cloud-on-k8s.md) instead of ECE. ECK enables you to orchestrate Elastic Stack applications seamlessly on Kubernetes, leveraging it as the underlying platform for deployment, scaling, and lifecycle management.
 ::::
 
-% should we use a L2 heading here or just continue?
+ECE evolves from the Elastic hosted Cloud SaaS offering into a standalone product. You can deploy ECE on public or private clouds, virtual machines, or your own premises.
+
+With {{ece}}, you can:
+
+* Host your regulated or sensitive data on your internal network.
+* Reuse your existing investment in on-premise infrastructure and reduce total cost.
+* Maximize the hardware utilization for the various clusters.
+* Centralize the management of multiple Elastic deployments across teams or geographies.
+
+Refer to [](./cloud-enterprise/ece-architecture.md) for details about the ECE platform architecture and the technologies used.
+
+## ECE features
+
+- **Automated scaling & orchestration**: Handles cluster provisioning, scaling, and upgrades automatically.
+- **High availability & resilience**: Ensures uptime through multiple Availability Zones, data replication, and automated restore and snapshot.
+- **Centralized monitoring & logging**: Provides insights into cluster performance, resource usage, and logs.
+- **Single Sign-On (SSO) & role-based access aontrol (RBAC)**: Allows organizations to manage access and security policies.
+- **API & UI management**: Offers a web interface and API to create and manage clusters easily.
+- **Air-gapped installations**: Support for off-line installations.
+- **Microservices architecture**: All services are containerized through Docker.
+
+Check the [glossary](https://www.elastic.co/guide/en/elastic-stack-glossary/current/terms.html) to get familiar with the terminology for ECE as well as other Elastic products and solutions.
+
 ## Section overview
 
 This section focuses on deploying ECE and orchestrating and configuring {{es}} clusters, also referred to as `deployments`.
 
-In ECE, a deployment is a managed {{stack}} environment that provides users with an {{es}} cluster along with supporting components such as {{kib}} and other optional services like APM and Fleet.
+In ECE, a deployment is a managed {{stack}} environment that provides users with an {{es}} cluster along with supporting components such as {{kib}} and other optional services like APM and {{fleet}}.
 
 This section covers the following tasks:
 
-* [Deploy ECE](./cloud-enterprise/deploy-an-orchestrator.md)
+* [Deploy ECE orchestrator](./cloud-enterprise/deploy-an-orchestrator.md)
     - [Prepare the environment](./cloud-enterprise/prepare-environment.md)
     - [Install ECE](./cloud-enterprise/install.md)
     - [Air gapped installations](./cloud-enterprise/air-gapped-install.md)
@@ -37,11 +58,15 @@ This section covers the following tasks:
 
 Other sections of the documentation also include important tasks related to ECE:
 
-* [Secure your ECE installation](../security/secure-your-elastic-cloud-enterprise-installation.md)
-* [Users and roles](../users-roles/cloud-enterprise-orchestrator.md)
-* [Manage snapshot repositories](../tools/snapshot-and-restore.md)
-* [Manage licenses](../license/manage-your-license-in-ece.md)
-* [ECE platform maintenance operations](../maintenance/ece.md)
+* Platform security and management:
+  * [Secure your ECE installation](../security/secure-your-elastic-cloud-enterprise-installation.md)
+  * [Users and roles](../users-roles/cloud-enterprise-orchestrator.md)
+  * [ECE platform maintenance operations](../maintenance/ece.md)
+  * [Manage licenses](../license/manage-your-license-in-ece.md)
+
+* Deployments security and management:
+  * [Secure your deployments](../security/secure-your-cluster-deployment.md)
+  * [Manage snapshot repositories](../tools/snapshot-and-restore.md)
 
 ## How ECE differs from Elastic Cloud and other orchestrators
 

@@ -1,13 +1,16 @@
 ---
-applies:
-  ece: all
+applies_to:
+  deployment:
+    ece: all
 mapped_pages:
   - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-configuring-ece.html
   - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-administering-ece.html
 ---
 
 # Configure ECE [ece-configuring-ece]
 
+⚠️ **This page is a work in progress.** ⚠️
+
 Now that you have Elastic Cloud Enterprise up and running, take a look at some of the additional features that you can configure:
 
 * [System deployment configuration](system-deployments-configuration.md) - Best practices for ECE system deployments to ensure a highly available and resilient setup.

@@ -1,6 +1,7 @@
 ---
-applies:
-  ece: all
+applies_to:
+  deployment:
+    ece: all
 ---
 # Deploy an orchestrator
 
@@ -32,10 +33,20 @@ This section provides step-by-step guidance on:
 
 ## Additional topics
 
-Once ECE is deployed, you may need to configure security, manage snapshots, or perform maintenance tasks. Refer to the following sections for more details:  
+After deploying ECE platform, you may need to configure your own proxy certificates, security, snapshot repositories, or perform maintenance tasks. Refer to the following sections for more details:  
 
 * [Secure your ECE installation](../../security/secure-your-elastic-cloud-enterprise-installation.md)
 * [Users and roles](../../users-roles/cloud-enterprise-orchestrator.md)
 * [Manage snapshot repositories](../../tools/snapshot-and-restore.md)
 * [Manage licenses](../../license/manage-your-license-in-ece.md)
 * [ECE platform maintenance operations](../../maintenance/ece.md)
+
+To start orchestrating your {{es}} clusters, refer to [](./working-with-deployments.md).
+
+## Advanced tasks
+
+The following tasks are only needed on certain circumstances:
+
+* Migrate ECE to Podman hosts
+* Migrate ECE on Podman hosts to SELinux enforce
+* Change allocator disconnect timeout
@@ -1,8 +1,10 @@
 ---
-applies:
-  ece: all
+applies_to:
+  deployment:
+    ece: all
 mapped_pages:
   - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-architecture.html
+  - https://www.elastic.co/guide/en/cloud-enterprise/current/ece-containerization.html
 ---
 
 # Service-oriented architecture [ece-architecture]
@@ -17,7 +19,6 @@ Elastic Cloud Enterprise has a service-oriented architecture that lets you:
 :alt: Elastic Cloud Enterprise high level architecture
 :::
 
-
 ## Control plane [ece_control_plane]
 
 The *control plane* of ECE include the following management services:
@@ -67,3 +68,19 @@ Provide web and API access for administrators to manage and monitor the ECE inst
 
 * Advertise the memory capacity of the underlying host machine to ZooKeeper so that the Constructor can make an informed decision on where to deploy.
 
+## Services as Docker containers [ece-containerization]
+
+Services are deployed as Docker containers, which simplifies the operational effort and makes it easy to provision similar environments for development and staging. Using Docker containers has the following advantages:
+
+* **Shares of resources**
+
+    Each cluster node is run within a Docker container to make sure that all of the nodes have access to a guaranteed share of host resources. This mitigates the *noisy neighbor effect* where one busy deployment can overwhelm the entire host. The CPU resources are relative to the size of the Elasticsearch cluster they get assigned to. For example, a cluster with 32GB of RAM gets assigned twice as many CPU resources as a cluster with 16GB of RAM.
+
+* **Better security**
+
+    On the assumption that any cluster can be compromised, containers are given no access to the platform. The same is true for the services: each service can read or write only those parts of the system state that are relevant to it. Even if some services are compromised, the attacker won’t get hold of the keys to the rest of them and will not compromise the whole platform.
+
+* **Secure communication through Stunnel**
+
+    Docker containers communicate securely with one another through Transport Layer Security, provided by [Stunnel](https://www.stunnel.org/) (as not all of the services or components support TLS natively). Tunneling all traffic between containers makes sure that it is not possible to eavesdrop, even when someone else has access to the underlying cloud or network infrastructure.
+
diff --git a/deploy-manage/deploy/cloud-enterprise/ece-overview.md b/deploy-manage/deploy/cloud-enterprise/ece-overview.md
@@ -120,10 +120,7 @@ toc:
           - file: deploy/elastic-cloud/restrictions-known-problems.md
       - file: deploy/cloud-enterprise.md
         children:
-          - file: deploy/cloud-enterprise/ece-overview.md
-            children:
-              - file: deploy/cloud-enterprise/ece-architecture.md
-              - file: deploy/cloud-enterprise/ece-containerization.md
+          - file: deploy/cloud-enterprise/ece-architecture.md
           - file: deploy/cloud-enterprise/deploy-an-orchestrator.md
             children:
               - file: deploy/cloud-enterprise/prepare-environment.md