"This task looked incredibly daunting on the face of it; we were running many thousands of instances in EC2, with new ones spinning up every day. In order to minimize downtime and operational complexity, it was essential that instances running in both EC2 and VPC seemed as if they were part of the same network. AWS does not provide a way of sharing security groups nor bridging private EC2 and VPC networks. The only way to communicate between the two private networks is to use the public address space."
That is essentially what Neti does, except instead of static mappings, its dynamic and software configurable (which is pretty much the only way to go when you're entire environment is virtual and the underlying network equipment is out of your control).
Using a VPN would still be an option. Why write essentially your own VPN (neti) instead of using an existing VPN solution? VPC is not the only VPN you can use on EC2.
That is essentially what Neti does, except instead of static mappings, its dynamic and software configurable (which is pretty much the only way to go when you're entire environment is virtual and the underlying network equipment is out of your control).