The domain controller must contact the input machine itself to enter the domain. And you don’t have it in the cloud of reverse routing (there is a connection with both, but there is no connection between the cloud and the machine). Use a VPN and set up the connection as expected and not through.

Ping needed in both directions

I tried to add computers to the domain by registering the external IP address of the controller in their DNS

and in the screenshot (where nslookup) it is clear that you have registered for crocodent.ru not an external, but an internal address 10.129.0.5
, it is not surprising that it does not respond by name.
write in dns 84.201.143.141 instead of 10.129.0.5

Use domain names, not IPs.

a domain controller is deployed on the Yandex cloud

Contact the person who made the controller. You need to check its settings and specify what settings are needed for clients.

As mentioned above, the PC entered into the domain and the domain controller must see each other. The SRV record for the controller must be correct, because the controller will be searched for by this record by a request from the PC. Of course, within the same network, this problem does not arise. These conditions must be met in your case, otherwise it will not work.

Hello .
It's really better to chew than to carry any Mui Ne.
This is me about all the pseudo-smart people who wrote it.
If the case, then in the network settings - there must be one network (subnet) everywhere. Write it down yourself. For example 192.168.100.4 - in the domain, 192.168.100.5 - on the PC you enter.
And don't forget about DNS, put it in manually. It should already be in the status of your domain - online. You can see it in the server manager.
Then ping back and forth and if the ping passes, then immediately drag the PC to the domain. If they are on different subnets, then it will not work.