Logo
  • About the documentation
  • Introduction
  • Getting Started
  • Configuration reference
  • Operations and administration
  • Extending Envoy for custom use cases
  • API
    • Supported API versions
    • v3 API reference
      • Bootstrap
      • Listeners
      • Clusters
      • HTTP route management
      • Extensions
        • Access log extension filters
        • Access log formatters
        • Access loggers
        • Cluster
        • Common
        • Compression
        • Config validators
        • Contrib extensions
        • DNS resolver
        • Endpoint
        • Filters
        • Grpc credentials
        • Health check event sinks
        • Health checkers
        • HTTP early header mutation
        • Custom response policies
        • HTTP header formatters
        • HTTP header validators
        • HTTP original IP detection
        • HTTP stateful session
        • Injected credentials
        • Geolocation providers
        • HTTP tracers
        • Internal redirect predicates
        • Path matcher
        • Path rewriter
        • Quic extensions
        • Rate limit descriptors
        • RBAC
        • RBAC matchers
        • Request ID
        • Resource monitors
        • Retry predicates
        • Stat sinks
        • String Matcher
        • Transport sockets
        • Upstream configuration
        • WASM
        • Watchdog
        • Load balancing policies
        • Cluster specifier
      • Admin
      • Envoy data
      • Services
      • Common messages
      • Common messages (XDS)
      • Types
    • xDS REST and gRPC protocol
    • Well Known Client Features
  • FAQ
  • Version history
envoy
  • API
  • v3 API reference
  • Extensions
  • HTTP stateful session
  • Cookie based stateful session extension (proto)
  • View page source

Cookie based stateful session extension (proto)

extensions.http.stateful_session.cookie.v3.CookieBasedSessionState

[extensions.http.stateful_session.cookie.v3.CookieBasedSessionState proto]

This extension allows the session state to be tracked via cookies.

This extension first encodes the address of the upstream host selected by the load balancer into a set-cookie response header with the cookie configuration. when new requests are incoming, this extension will try to parse the specific upstream host address by the cookie name. If the address parsed from the cookie corresponds to a valid upstream host, this upstream host will be selected first. See stateful session filter.

For example, if the cookie name is set to sticky-host, envoy will prefer 1.2.3.4:80 as the upstream host when the request contains the following header:

cookie: sticky-host="MS4yLjMuNDo4MA=="

When processing the upstream response, if 1.2.3.4:80 is indeed the final choice the extension does nothing. If 1.2.3.4:80 is not the final choice, the new selected host will be used to update the cookie (via the set-cookie response header).

This extension has the qualified name envoy.http.stateful_session.cookie

Note

This extension is functional but has not had substantial production burn time, use only with this caveat.

This extension has an unknown security posture and should only be used in deployments where both the downstream and upstream are trusted.

Tip

This extension extends and can be used with the following extension category:

  • envoy.http.stateful_session

This extension must be configured with one of the following type URLs:

  • type.googleapis.com/envoy.extensions.http.stateful_session.cookie.v3.CookieBasedSessionState

{
  "cookie": {...}
}
cookie

(type.http.v3.Cookie, REQUIRED) The cookie configuration used to track session state.

Previous Next

© Copyright 2016-2025, Envoy Project Authors.

Built with Sphinx using a theme provided by Read the Docs.