We set-up the whole ArcGIS Enterprise 10.5 in Azure on VM's - two separate environments - for Production and for Staging. Open the image in a new tab to see this better.
In Azure, we have two SQL-Server VM's, two ArcGIS Server VM's, and two VM's for Portal. We also have two multi-user VM's to support ArcGIS Desktop. The servers' OS 2012 R2, the RDP's are 2016. We are running SQL Server 13.0.4446.0.
The file shares are mixed on-premise and Azure storage shares - all networked in the organization's WAN. We have our main GIS data share located on one of the ArcGIS Server VM's where extra storage was added. It functions like any other share drive, but is faster in the Azure environment. On premise non-Azure workstations utilize that also, as well as connect to SDE, but latency makes it slow so most users of Desktop use the RDP's.
The integration with non-Azure networked servers using ADFS with SSO is developing - we are in the middle of this conversion. In our staging environment, this went smoothly.
The Azure experience is very much the same feel and function as working with on-premise servers, when managed through the multi-user VM used for ArcGIS Desktop apps - these are desktops and have everything there - Microsoft Office, FME, Adobe, etc. essentially, ArcGIS plus all the support tools.
Because it is all connected inside the firewall, for the user, and the administrators, it is just understanding the addressing and permissions settings. Sometimes the addressing just has to be a certain way for making connections.
Portal being the control mechanism for users takes adjustment - some aspects of the user-set up process had to be adjusted.
We begin with setting up a new user, assigning them to their appropriate user-groups using Active Directory; The user is assigned to a given user-group to give them the correct permissions. We set up the user first in the Active Directory GIS user-group, then we pick them off the list that is generated in Portal, to add them to Portal, which gives them the appropriate read-write permissions. We have limited "Level 2" users - most are read-only.
We set up the databases in SQL Server first. We set-up several SDEs (enabled geodatabases) of those databases in SQL-Server using the tools in the ArcGIS Desktop interface.
I have one running in my own shop that is not Azure, and see little difference in the management using ArcGIS Desktop comparing non-Azure to Azure.
The upgrade path, has been craggy on the 10.5 to 10.5.1, as when we used Cloudbuilder back in January, initially in Azure, we had issues and this required manual intervention with Esri Support on the line. We did a teardown and reinstall two more times.
The key is getting Azure setup optimally ahead of deployment.
We hear that Cloudbuilder has been improved in its latest iteration. Because we had a "broken" Cloudbuilder implementation, we were told by Esri Support that we cannot use Cloudbuilder for the upgrades. We have a lot of content out there that we now must preserve.
The joy of Azure is the capability to do a lot of testing, then wadding up and throwing in the trash what does not work and rebuilding the improved version, leveraging what you learned the first time, and the second...and maybe the third!
As with ArcGIS architecture strategy in general, there are many variations.
Recommend starting with doing your system architecture diagram "on paper" (or whiteboard) (or Visio or some sort of visual tool) and use design strategies in the WIKI for the latest greatest info.
As of this writing, we have a functional enterprise ArcGIS 10.5 running in our production environment. We have an upgraded one (10.5.1) in our staging environment. That was painful, that upgrade. Web adaptor settings, security certificates, and other issues arose for our sysadmin who is not a GIS guy, but now has a lot more experience than he did when we began this adventure.
Our GIS users love all of this functionality, and are leveraging it more and more, especially the Portal. We do SDE updates and the Portal maps are always kept up to date. Pretty much run of the mill data updating going on at present, but, more integration with data warehouse and other "fancier" streams - all coming ahead.
After visiting with a couple of the Azure Team in San Diego, I got the impression that we were pushing the envelope on some of what we are doing.
Good luck with your Azure ArcGIS adventures!