Apache arrow support for ES|QL

[nik9000]

This adds support for Apache Arrow's streaming
format as a response from ES|QL. It triggers based on the Accept
header or a format request parameter.

This is neat because Arrow is an efficient format to read - as in the
processor has to do very little to take the data from the wire and put
it on the screen. Because Arrow is efficient folks are excited about
it and making it available in lots of tools. ES|QL could piggy back
on that. For example, to use ES|QL in a Jupyter Notebook with this PR
you'd do this:

import base64
import urllib3
import pyarrow as pa
import matplotlib.pyplot as plt
import pandas as pd
plt.close("all")
timeout = urllib3.Timeout(connect=2.0, read=300.0)
http = urllib3.PoolManager(timeout=timeout)

def basic(login, password):
  encoded = base64.b64encode((login + ':' + password).encode()).decode()
  return "Basic %s" % encoded

resp = http.request(
  "POST",
  "http://elastic:password@localhost:9200/_query?format=arrow",
  headers = {
    "authorization": basic("elastic", "password")
  },
  json = {
    "query": """
      FROM nyc_taxis 
    | WHERE trip_distance > 0 AND trip_distance < 100 AND fare_amount > 1
    | STATS min=MIN(fare_amount), avg=AVG(fare_amount), max=MAX(fare_amount) BY pickup_datetime=DATE_TRUNC(1 DAY, pickup_datetime)
    | EVAL LOG10(min), LOG10(max), LOG10(avg)
    | DROP min, max, avg
    | SORT pickup_datetime
    | LIMIT 100000"""
  })

if resp.status != 200:
  print("failed: %s" % resp.data)
else:
    with pa.ipc.open_stream(resp.data) as reader:
        df = reader.read_pandas()
        df.plot.line(x="pickup_datetime")

That's about a third ESQL and half ceremony. The last three lines are
super dense:

1. Convert from a stream of bytes into an arrow reader
2. Convert the reader into Pandaspandas
3. Plot the line using matplotlibmatplotlib

That's a little import antigravityantigravity. But that's great when
it works! And Kibana should be able to integrate with it. Probably not as
simply as Pandas but we can get it!

Arrow is kind of a perfect output format for ES|QL in that it's a
batched columnar format. The output from this PR looks like:

<SCHEMA>
<BATCH 0>
<BATCH 1>
<BATCH 2>
<BATCH 3>
...
<0xFFFFFFFF 0x00000000>

Each batch looks like:

<HEADER>
<VALIDITY 0>
<DATA 0>
<VALIDITY 1>
<DATA 1>
<VALIDITY 2>
<DATA 2>
<VALIDITY 3>
<LENGTH 3>
<DATA 3>

Dense data like int and long and double always have a VALIDITY and
DATA buffer. Variable length data like keywords have a VALIDITY, LENGTH,
and DATA buffer. This format is pretty close to ES|QL's own in memory
representation. It's close. And, the best part is that ES|QL's internal
response is also batched. We have batches, and, if we're very lucky, we
could integrate this with Pauseable Chunked Responses (#104851). It
should integrate perfectly. Should.

[nik9000]

We can't commit this. But I spent half a day messing with the security manager and gave up. We should be able to fix this.

[nik9000]

This'll want javadoc. But I think it's generally useful.

[nik9000]

I haven't double checked this, but I'm worried that this'll send a chunk over the wire no matter how big the reference is. If it's less than the sizeHint we should probably give the next one a chance.

[nik9000]

Arrow has some "interesting" code in the initialization. In an effort to be magic it looks around the in classpath and calls setAccessible on something. That something is public already, but the security manager still fails.

We can avoid the whole classpath scanning and reflection magic with some contained magic of our own - this stuff. But we need security manager privileges. So I moved this to it's own tiny jar.

Lastly, this replaces all the things arrow does with the Unsafe with a shim that does nothing. That's fine for how we're using it.

[nik9000]

#109873 finished this one.