♻️ Switch to official FRR images; disable NHT

We're now using an official image for FRR.
Also, by default, BGPD will accept routes only if their
next-hop is reachable. This relies on a mechanism called
NHT (Next Hop Tracking). However, when we receive routes
from Kubernetes clusters, the peers usually advertise
addresses that we are not directly connected to. This
causes these addresses to be filtered out (unless the
route reflector is running on the same VPC or Layer 2
network as the Kubernetes nodes). To accept these routes
anyway, we basically disable NHT, by considering that
nodes are reachable if we can reach them through our
default route.

compose/frr-route-reflector/conf/zebra.conf

@@ -1,2 +1,3 @@
 hostname frr
+ip nht resolve-via-default
 log stdout

compose/frr-route-reflector/docker-compose.yaml

@@ -2,30 +2,36 @@ version: "3"
 
 services:
   bgpd:
-    image: ajones17/frr:662
+    image: frrouting/frr:v8.2.2
     volumes:
     - ./conf:/etc/frr
     - ./run:/var/run/frr
     network_mode: host
-    entrypoint: /usr/lib/frr/bgpd -f /etc/frr/bgpd.conf --log=stdout --log-level=debug --no_kernel
+    cap_add:
+    - NET_ADMIN
+    - SYS_ADMIN
+    entrypoint: /usr/lib/frr/bgpd -f /etc/frr/bgpd.conf --log=stdout --log-level=debug --no_kernel --no_zebra
     restart: always
 
   zebra:
-    image: ajones17/frr:662
+    image: frrouting/frr:v8.2.2
     volumes:
     - ./conf:/etc/frr
     - ./run:/var/run/frr
     network_mode: host
+    cap_add:
+    - NET_ADMIN
+    - SYS_ADMIN
     entrypoint: /usr/lib/frr/zebra -f /etc/frr/zebra.conf --log=stdout --log-level=debug
     restart: always
 
   vtysh:
-    image: ajones17/frr:662
+    image: frrouting/frr:v8.2.2
     volumes:
     - ./conf:/etc/frr
     - ./run:/var/run/frr
     network_mode: host
-    entrypoint: vtysh -c "show ip bgp"
+    entrypoint: vtysh
 
   chmod:
     image: alpine