This seems to be a common misconception about Docker being lightweight virtual machine” that is why some might expect similar behavior as VirtualBox or VMWare but just faster.
Docker does not use virtualization, so all processes run by the native host kernel just isolated from each other. Non-root user cannot kill processes inside container, but root can stop the entire container not only kill a process.
To distinguish between processes running inside container and others, run top then press shift+f and select the nsPID and nsUSER as shown in the attached screenshot.
Then you will see beside each process the namespace if it is running on the server directly this value most likely will be empty and if the process running inside a container you will see the namespace id for each container. (you can sort by the namespace to see processes in each container)
