Elasticsearch 6.3 X-PACK SQL Overview

版權聲明：本文爲博主原創文章，未經博主允許不得轉載。 https://blog.csdn.net/huochen1994/article/details/81364507

Elasticsearch 6.3 X-PACK SQL Overview

Elasticsearch SQL aims to provide a powerful yet lightweight SQL interface to Elasticsearch

寫在前面

However the backing engine itself is Elasticsearch for which Elasticsearch SQL was purposely created hence why features or concepts that are not available, or cannot be mapped correctly, in SQL appear in Elasticsearch SQL. Last but not least, Elasticsearch SQL tries to obey the principle of least suprise, though as all things in the world, everything is relative.

Elasticsearch終究是Elasticsearch，不能夠完全兼容SQL。開發者們儘量準守principle of least suprise(最小驚嚇原則)來開發Elasticsearch SQL。

Overview

X-PACK SQL支持以REST API、SQL CLI客戶端以及JDBC的形式連接Elasticsearch。

Mapping concepts across SQL and Elasticsearch

SQL	Elasticsearch
column	field
row	document
table	index
schema	implicit
database	cluster

SQL REST API

支持txt,json,yaml,smile,cbor,csv

1. Format is txt

   POST /_xpack/sql?format=txt
   {
     "query": "SELECT date, domain FROM sinadpool_nginx* LIMIT 5"
   }

             date          |           domain            
   ------------------------+-----------------------------
   2018-08-02T00:00:00.000Z|wgw.city.sina.com.cn
   2018-08-02T00:00:00.000Z|php.weather.sina.com.cn
   2018-08-02T00:00:00.000Z|vip.stock.finance.sina.com.cn
   2018-08-02T00:00:00.000Z|guba.sina.com.cn
   2018-08-02T00:00:00.000Z|i.search.sina.com.cn

2. Format is json

   POST /_xpack/sql
   {
     "query": "SELECT * FROM sinadpool_nginx* LIMIT 1"
   }

   {
     "columns": [
       {
         "name": "date",
         "type": "date"
       },
       {
         "name": "domain",
         "type": "keyword"
       }
     ],
     "rows": [
       [
         "2018-08-02T00:00:00.000Z",
         "stock2.finance.sina.com.cn"
       ]
     ]
   }

SQL Translate API

將SQL語句轉換爲Elasticsearch查詢語法

POST /_xpack/sql/translate
{
    "query": "SELECT * FROM library ORDER BY page_count DESC",
    "fetch_size": 10
}

SQL CLI

$ ./bin/elasticsearch-sql-cli https://some.server:9200

SQL JDBC

這部分未進一步探索，因爲這個功能是收費的

<dependency>
  <groupId>org.elasticsearch.plugin</groupId>
  <artifactId>jdbc</artifactId>
  <version>6.3.2</version>
</dependency>

存在的問題

1. SQL不支持’-‘字符，需要轉義

   POST /_xpack/sql?format=txt
   {
   "query": "SELECT date, domain FROM \"sinadpool_nginx-2018.08.02\" LIMIT 5"
   }

2. SQL Translate API 不支持索引不存在的查詢條件

3. 暫不支持JOIN

4. 對較爲複雜的SQL解析有問題
   以下結果一致，且與預期查詢結果不一致

   POST /_xpack/sql/translate
   {
     "query": "select * from (select domain, count(1) as C from sinadpool_nginx* where date='2018-08-01' group by domain) a order by C LIMIT 10"
   }

   POST /_xpack/sql/translate
   {
     "query": "select domain, count(1) as C from sinadpool_nginx* where date='2018-08-01' group by domain LIMIT 10"
   }

Reference

SQL Access