Cgroups are a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes.
Subsystems:
For example, this is how the freezer system looks for the default cgroup (all processes)
root@twickenham:~# cat /sys/fs/cgroup/freezer/cgroup.procs | wc -l
193
For a container:
root@twickenham:~# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
69f525bf26f5 debian "/bin/bash" 8 weeks ago Up 2 hours testdebian
root@twickenham:~# cat /sys/fs/cgroup/freezer/docker/69f525bf26f5f4c16ab631ac96a16c9acbc5b5f69a924f63b4fe4fd16fd96657/cgroup.procs
1840
1939
1940
root@twickenham:~# ps aux | grep -e 1840 -e 1939 -e 1940 root 1840 0.0 0.0 4032 3356 pts/0 Ss+ 15:30 0:00 /bin/bash
root 1939 0.0 0.0 13084 1048 ? Ss 15:41 0:00 nginx: master process nginx
systemd+ 1940 0.0 0.0 13508 2692 ? S 15:41 0:00 nginx: worker process
root 2077 0.0 0.0 6076 840 pts/0 S+ 17:22 0:00 grep -e 1840 -e 1939 -e 1940
# Inside the container
root@69f525bf26f5:/# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 4032 3352 pts/0 Ss 14:30 0:00 /bin/bash
root 10 0.0 0.0 13084 1048 ? Ss 14:41 0:00 nginx: master process
nginx 11 0.0 0.0 13508 2692 ? S 14:41 0:00 nginx: worker process
root 12 0.0 0.0 7648 2788 pts/0 R+ 16:10 0:00 ps aux