Kubernetes runners can't run docker-in-docker

I'm not sure what's going on, because Auto Deploy does run on k8s and runs docker commands, but if you configure .gitlab-ci.yml in a standard way, it fails on k8s clusters.

build:
  stage: build
  image: docker:latest
  services:
    - docker:dind
  script:
    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
    - docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_BUILD_REF_NAME" .
    - docker push "$CI_REGISTRY_IMAGE:$CI_BUILD_REF_NAME"
  only:
    - branches

Running with gitlab-ci-multi-runner 9.2.0 (adfc387)
  on justanotherdemo-gitlab-runner-2954958969-1q9ct (a1b186f2)
Using Kubernetes namespace: gitlab
Using Kubernetes executor with image docker:latest ...
Waiting for pod gitlab/runner-a1b186f2-project-30-concurrent-0wvd8k to be running, status is Pending
Running on runner-a1b186f2-project-30-concurrent-0wvd8k via justanotherdemo-gitlab-runner-2954958969-1q9ct...
Cloning repository...
Cloning into '/markpundsack/hello'...
Checking out 1765da8e as master...
Skipping Git submodules setup
Checking cache for default...
Successfully extracted cache
$ docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?). Using system default: https://index.docker.io/v1/
ERROR: Job failed: error executing remote command: command terminated with non-zero exit code: Error executing in Docker Container: 1