Expose docker containers to vpc network
It sounds like you also need to disable Source/Destination IP Check on the instance hosting the containers (and you need the static route in the VPC route table, pointing to that instance by id). VPC network infrastructure drops IP traffic with IP addresses that don't make sense based on what the infrastructure knows internally about IP addresses associated with each instance. This setting changes that functionality on instances where you apply it. If you have a NAT instance, you'll notice this is already done for that instance, otherwise it wouldn't be able to route external traffic to/from other instances.
http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ApiReference-cmd-ModifyInstanceAttribute.html
This is also on Instance Actions in the console.