Sail architecture map

Sail is a Spark-compatible distributed query engine, written entirely in Rust, built on top of Apache DataFusion. It is open source (github.com/lakehq/sail, Apache 2.0) and is a useful real-world reference for production Rust at scale.

The workspace has ~36 crates under crates/. They group into five layers.

The five layers

⌘ From the Sail codebase

Foundations. sail-common, sail-common-datafusion, sail-telemetry. Shared types, error enums, the Sail logical-plan spec (spec::Plan, spec::DataType), AppConfig loaded via Figment from YAML + env, and OpenTelemetry layers. This is where the "language of Sail" lives.

SQL + plan. sail-sql-parser (Chumsky parser combinators), sail-sql-analyzer, sail-sql-macro, sail-plan, sail-plan-lakehouse, sail-logical-plan, sail-logical-optimizer, sail-physical-plan, sail-physical-optimizer. Spark SQL parsing, name resolution, logical-to-physical lowering, optimizer rules. Built on Apache DataFusion 53.

Catalog. sail-catalog defines the CatalogProvider trait. Implementations: sail-catalog-memory, -glue, -hms, -iceberg, -onelake, -system, -unity. One trait, many backends. The CatalogManager holds an Arc<Mutex<…>> of name → provider.

Execution + I/O. sail-execution (driver/worker actor system), sail-data-source, sail-object-store, sail-iceberg, sail-delta-lake, sail-flight, sail-function, sail-python, sail-python-udf, sail-cache. Distributed task scheduling on Tokio actors, Arrow Flight transport, lakehouse format readers/writers, PyO3 bridge for Python UDFs.

Entry points. sail-session, sail-server, sail-spark-connect, sail-cli. Per-session state, the generic ServerBuilder for tonic gRPC servers (with health, reflection, tracing), the Spark Connect gRPC service, and the sail CLI binary.

The lint policy is the style guide

The most actionable signal for "how Sail code is written" is the workspace lint policy in the root Cargo.toml:

Cargo.toml (workspace)

[workspace.lints.clippy]
allow_attributes = "deny"
unwrap_used     = "deny"
expect_used     = "deny"
panic           = "deny"
dbg_macro       = "deny"
todo            = "deny"

Translation: no .unwrap(), no .expect(), no panic!(), no todo!(), no dbg!() in production code. Errors must be propagated explicitly. Even #[allow(...)] is denied — local overrides use #[expect(...)] instead, which fails to compile if the lint stops firing.

If you take one lesson from Sail and apply it to your own Rust projects, take this one.

Patterns you will see everywhere

Once you can name these, the codebase reads quickly.

Pattern	Where it shows up
`pub type XxxResult<T> = Result<T, XxxError>;`	Every crate's `error.rs`
`XxxError` is a `thiserror::Error` enum with `#[from]` conversions	Every crate's `error.rs`
`#[async_trait::async_trait]` on object-safe async traits	Anywhere a trait is used as `dyn` and has `async` methods
`Arc<dyn Trait>` for sharing trait implementations	`CatalogProvider`, data source, etc.
`Arc<Mutex<State>>` + private `fn state() -> Result<MutexGuard>` accessor	`CatalogManager`, session state
`Arc<str>` instead of `String` for shared immutable identifiers	Catalog names, namespace parts
`try_new(...) -> Result<Self, ...>` for fallible construction	Anywhere construction can fail
`new(...) -> Self` + `with_X(self) -> Self` for fluent infallible builders	Options structs
`dashmap::DashMap` for concurrent maps	Inside actors, registries
`lib.rs` and `mod.rs` are tiny — purely `mod` and `pub use`	Every crate

Reading order

If you want to start somewhere small and grow outward:

crates/sail-common/src/error.rs — the canonical thiserror pattern.
crates/sail-catalog/src/provider/namespace.rs — a clean domain type with From / TryFrom.
crates/sail-catalog/src/provider/mod.rs — the headline extension trait.
crates/sail-catalog-memory/src/provider.rs — one real implementor of that trait.
crates/sail-server/src/builder.rs — production tonic gRPC server builder.
crates/sail-spark-connect/src/server.rs — a real async gRPC handler.

The next four pages of this tour walk through the most teachable code in each of these areas.

What Sail is not, for honesty

Not a full Spark replacement (Spark compatibility is verified per-feature; check the README before quoting it).
Not a benchmark champion in every workload (verify any numbers against the latest published runs, not memory).
Not a Rust beginner project. Sail uses generics, async traits, macros, and DataFusion abstractions liberally. The tour reads selectively.