feat(gateway-api): allow header-based sticky session (ConsistentHash.Header)#746
Open
HR-Gabriel-Cornesse wants to merge 2 commits intoQovery:engine-publicfrom
Conversation
Allow clients that cannot persist cookies (e.g. MCP SDK clients keying off `Mcp-Session-Id`) to benefit from session affinity by letting users pick a request header to hash on. When `network.gateway_api.sticky_session_header` is set (and `network.gateway_api.enable_sticky_session` is true), the generated BackendTrafficPolicy uses `consistentHash.type: Header` instead of the default `Cookie`. The existing cookie-based behavior is unchanged when the setting is left unset (null), preserving backward compatibility for all current users. Use case: MCP servers (Model Context Protocol) need sticky routing on `Mcp-Session-Id` because their clients (n8n, Claude Desktop, MCP Inspector, etc.) do not implement HTTP cookie storage — they key sessions off a single request header per the MCP spec. Without header-based affinity, stateful MCP servers cannot scale past one replica behind Qovery's gateway. Applies to both HTTPRoute and GRPCRoute BackendTrafficPolicy templates.
erebe
force-pushed
the
engine-public
branch
4 times, most recently
from
32deea3 to
47c8a31
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a new service advanced setting
network.gateway_api.sticky_session_headerthat switches the generatedBackendTrafficPolicy.loadBalancer.consistentHashfromCookietoHeaderwhen set.The existing cookie-based affinity (
INGRESSCOOKIE_QOVERY) is the default and remains unchanged when the setting is unset (null) — fully backward compatible.Motivation
Cookie-based affinity is unusable for clients that cannot persist HTTP cookies:
Mcp-Session-Idheader per spec.fetch()/undiciwithout cookie jar support, soSet-Cookiefrom the ingress is simply dropped.The same applies to any HTTP client that uses bearer-token auth + a custom session header (common in gRPC + metadata, or internal microservices).
Changes
network_gateway_api_sticky_session_header: Option<String>toApplicationAdvancedSettings,ContainerAdvancedSettings, andHelmChartAdvancedSettingswith serde aliasnetwork.gateway_api.sticky_session_header.ApplicationAdvancedSettings::to_container_advanced_settings.ConsistentHash.Headerwhen the setting is non-empty, keep the existing Cookie branch otherwise.tests/helm/mod.rsstruct literals to include the new field (defaults toNone, no behavior change).Backward compatibility
Zero behavior change for existing users: the setting defaults to
None, which preserves the currentINGRESSCOOKIE_QOVERYcookie-based ConsistentHash.Test plan
cargo checkpasses (verified locally — 2m04s).cargo check --testspasses (verified locally — 1m18s, alltests/helm/mod.rsstruct literals compile).engine-public).network.gateway_api.sticky_session_header = "Mcp-Session-Id"on a 3-replica backend, verify successive requests with the same header value hit the same pod.