This is still geli+zfs, and not native zfs encryption that was recently presented in OpenZFS Developer Summit [0].

[0] https://www.youtube.com/watch?v=frnLiXclAMo

Correct, it is full disk encryption instead of dataset encryption.

But on the other hand, if you install 11.0 from installer and chose Auto(ZFS) with EncryptedZFS and MBR(GPT) then you will get a GeliBoot installation. There is no boot pool anymore, instead the early boot stages decrypt the root zpool to load the rest of the boatloader, which then decrypts the pool to load the kernel. With bootloader-selectable boot environments.

...and I meant BIOS(GPT). Hmpf.

But you don't use the installer with "cloud" / VPS providers. It's usually more like cloning a VM image where the system is already installed.