DinD (docker in docker) not working with Centos7.8, docker 19.03.8 and gitlab-runner 12.10.1

I am running gitlab-runner-12.10.1-1.x86_64 on CentOS 7.8 with docker-19.03.8

This is the config in /etc/gitlab-runner/config.toml

concurrent = 2
check_interval = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "ansible-ci.domain.com"
  url = "https://my.gitlabhost.com"
  token = "XXXXXXXXXXXXXXXX"
  executor = "docker"
  [runners.custom_build_dir]
  [runners.docker]
    tls_verify = false
    image = "docker:19.03.8"
    privileged = true
    disable_cache = false
    volumes = ["/certs/client", "/cache"]
  [runners.cache]
    [runners.cache.s3]
    [runners.cache.gcs]

and this is my .gitlab-ci.yml

image: docker:19.03.8

variables:
  DOCKER_DRIVER: overlay2
  DOCKER_TLS_CERTDIR: ""

services:
  - docker:19.03.8-dind

before_script:
  - docker info

build:
  stage: build
  script:
    - docker build -t my-docker-image .

I get this error when executing gitlab-runner exec docker build as user gitlab-runner (user gitlab-runner is in group docker):

$ gitlab-runner exec docker build
Runtime platform                                    arch=amd64 os=linux pid=1518 revision=ce065b93 version=12.10.1
WARNING: You most probably have uncommitted changes. 
WARNING: These changes will not be tested.         
Running with gitlab-runner 12.10.1 (ce065b93)
Preparing the "docker" executor
Using Docker executor with image docker:19.03.8 ...
Starting service docker:19.03.8-dind ...
Pulling docker image docker:19.03.8-dind ...
Using docker image sha256:7799c84f00cd5b6d6c537ef3e0211866e35f09cfcfca6f979c9df1098e55b365 for docker:19.03.8-dind ...
Waiting for services to be up and running...

*** WARNING: Service runner--project-0-concurrent-0-b3eb34ff7afd48ab-docker-0 probably didn't start properly.

Health check error:
start service container: Error response from daemon: Cannot link to a non running container: /runner--project-0-concurrent-0-b3eb34ff7afd48ab-docker-0 AS /runner--project-0-concurrent-0-b3eb34ff7afd48ab-docker-0-wait-for-service/service (docker.go:1333:0s)

Service container logs:
2020-05-05T20:12:21.460212551Z mount: permission denied (are you root?)
2020-05-05T20:12:21.460237900Z Could not mount /sys/kernel/security.
2020-05-05T20:12:21.460263180Z AppArmor detection and --privileged mode might break.
2020-05-05T20:12:21.461420121Z mount: permission denied (are you root?)

*********

Pulling docker image docker:19.03.8 ...
Using docker image sha256:5cfd4d13e0a8e4b9681447772c9df4864ac5d935abced4535f2ff670a73f2939 for docker:19.03.8 ...
Preparing environment
Running on runner--project-0-concurrent-0 via ansible-ci.domain.com...
Getting source from Git repository
Fetching changes...
Initialized empty Git repository in /builds/project-0/.git/
Created fresh repository.
From /home/gitlab-runner/debug/ansible-role-xrdp
 * [new branch]      master     -> origin/master
Checking out 8a818ce3 as master...

Skipping Git submodules setup
Restoring cache
Downloading artifacts
Running before_script and script
$ docker info
errors pretty printing info
Client:
 Debug Mode: false

Server:
ERROR: error during connect: Get http://docker:2375/v1.40/info: dial tcp: lookup docker on 10.1.0.1:53: no such host
Running after_script
Uploading artifacts for failed job
ERROR: Job failed: exit code 1
FATAL: exit code 1                                 

ip 10.1.0.1 which is referenced in the error message lookup docker on 10.1.0.1:53 no such host is the dns server configured in /etc/resolv.conf in the server running the gitlab-runner.

I have tried many different combinations using DOCKER_HOST but none worked.

Any idea about what could be the problem?