If cgroups are enabled, we pass the --cgroup-parent option to docker run to ensure that all processes for the container are placed into a cgroup under (for example) /sys/fs/cgroup/cpu/cgroups.hierarchy/container_id. Docker creates a cgroup there with the docker container id as the name and all of the processes in the container go into that cgroup.
container-executor has code in launch_docker_container_as_user() that then cherry-picks the PID of the docker container (usually the launch shell) and writes that into the /sys/fs/cgroup/cpu/cgroups.hierarchy/container_id/tasks file, effectively moving it from /sys/fs/cgroup/cpu/cgroups.hierarchy/container_id/docker_container_id to /sys/fs/cgroup/cpu/cgroups.hierarchy/container_id. So you end up with one process out of the container in the container_id cgroup, and the rest in the container_id/docker_container_id cgroup.
Since we are passing the --cgroup-parent to docker, there is no need to manually write the container pid to the tasks file - we can just remove the code that does this in the docker case.