Docker was designed to be very easy to get started on your laptop with one IP address and it looks like some people are getting stuck in that model.
I agree that if you are running on AWS VPC or some other overlay you should just use VPC for container networking. You shouldn't overlay your overlay. But there isn't any tooling that I know of to do that.
Everyone I know who runs Docker runs it in a virtual machine manager that has a built-in DHCP server and provide multiple virtual interfaces to the virtual machine. Certainly both VirtualBox and VMWare do.
Even if one runs a Docker bridge in his development VM, that doesn't one must do so in production as well.
Are we in this mess because production engineers don't understand networking?
I agree that if you are running on AWS VPC or some other overlay you should just use VPC for container networking. You shouldn't overlay your overlay. But there isn't any tooling that I know of to do that.