What would you like to be added:
Remove the idleTimeout field from the SessionPersistence API defined in GEP-1619.
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
spec:
rules:
- backendRefs:
- name: my-svc
sessionPersistence:
sessionName: my-session
absoluteTimeout: 1h
idleTimeout: 10m # this fieldWhy this is needed:
For context, I originally added idleTimeout to GEP-1619 as a newer GEP contributor. It seemed like a reasonable addition at the time. Idle timeouts are a common concept in session management, but after surveying the ecosystem more broadly, no implementation has picked it up. I think it should be removed before the API moves to Standard channel.
No Gateway API implementation has implemented idleTimeout in experimental. It isn't supported across the implementations I surveyed (Envoy Gateway, Istio, NGINX Gateway Fabric, kgateway, Contour, Traefik, HAProxy Ingress, Cilium, and GKE). No implementation or user has explicitly requested the field either.
At the dataplane level, the picture is mixed. Some dataplanes have server-side mechanisms that could theoretically support idle timeout: HAProxy has maxidle and NGINX has sticky learn with timeout=, both of which track session activity in server-side memory. However, Envoy-based dataplanes have no path to implementing it. The key challenge is that HTTP cookies have no native idle timeout mechanism (Max-Age/Expires are absolute, not idle-based), so implementations that want idle timeout must maintain server-side state, which is additional complexity beyond what the current cookie-based model requires.
There isn't enough signal from the implementation ecosystem that this field is needed. Keeping it in the API creates confusion for users who configure it and get silently ignored behavior. The door is open to adding idleTimeout back in a future GEP if implementations specifically request it and demonstrate reasonable approaches, but I think removing it now acknowledges that the field is ahead of what the ecosystem is ready to deliver.
What would you like to be added:
Remove the
idleTimeoutfield from theSessionPersistenceAPI defined in GEP-1619.Why this is needed:
For context, I originally added idleTimeout to GEP-1619 as a newer GEP contributor. It seemed like a reasonable addition at the time. Idle timeouts are a common concept in session management, but after surveying the ecosystem more broadly, no implementation has picked it up. I think it should be removed before the API moves to Standard channel.
No Gateway API implementation has implemented
idleTimeoutin experimental. It isn't supported across the implementations I surveyed (Envoy Gateway, Istio, NGINX Gateway Fabric, kgateway, Contour, Traefik, HAProxy Ingress, Cilium, and GKE). No implementation or user has explicitly requested the field either.At the dataplane level, the picture is mixed. Some dataplanes have server-side mechanisms that could theoretically support idle timeout: HAProxy has
maxidleand NGINX hassticky learnwithtimeout=, both of which track session activity in server-side memory. However, Envoy-based dataplanes have no path to implementing it. The key challenge is that HTTP cookies have no native idle timeout mechanism (Max-Age/Expiresare absolute, not idle-based), so implementations that want idle timeout must maintain server-side state, which is additional complexity beyond what the current cookie-based model requires.There isn't enough signal from the implementation ecosystem that this field is needed. Keeping it in the API creates confusion for users who configure it and get silently ignored behavior. The door is open to adding
idleTimeoutback in a future GEP if implementations specifically request it and demonstrate reasonable approaches, but I think removing it now acknowledges that the field is ahead of what the ecosystem is ready to deliver.