Comment 22 for bug 1939723

Hello,

Now I haven't any openstack cluster for testing, nikhil please help me test it.

Step for reproduce and testing:
1. Create a VM (get neutron port_id, example xxxxx)
2. Check port_id in OVN northbound DB:
ovn-nbctl --no-leader-only lsp-list neutron-<neutron-network-id>
https://ibb.co/d7D9VT4
--> port_id in OVN is yyyyy

2. ovn-nbctl --no-leader-only list port_group neutron_pg_drop | grep yyyyy
--> port yyyyy in port_group neutron_pg_drop

3. Disable port security
4. ovn-nbctl --no-leader-only list port_group neutron_pg_drop | grep yyyyy
--> port yyyyy removed from port_group neutron_pg_drop

5. Remove NB & SB DB
6. Run command neutron-ovn-db-sync-util to resync from neutron to NB database
neutron-ovn-db-sync-util --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --ovn-neutron_sync_mode repair
- Restart ovn-controller in all controller and compute
7. ovn-nbctl --no-leader-only list port_group neutron_pg_drop | grep yyyyy
--> port yyyyy appear in port_group neutron_pg_drop
--> Can't access to this VM (VM still active but can't ping or access to IP)

After this patch, in step 7: port yyyyy not appear in port_group neutron_pg_drop