It is possible to set a FIP IP address from another FIP pool that is not assigned to the TKGI cluster or even to set an existing IP address from another FIP pool and it will be double used.

With this behavior it's possible to run a service in another cluster.

Example:
TKGI Cluster A = FIP Pool A
TKGI Cluster B = FIP Pool B

TKGI Cluster B is able to set and assign an IP Address from FIP Pool A in the deployment and make a service reachable in TKGI Cluster A.

This is expected behaviour since cluster will accept the load balancer IP given by the user, it does not have the possibility to check that this address is used elsewhere.

The only way around this issue would be to write an admission controller that checks any statically configured IP against an allowed list. Or just block the user from defining an IP.