I have came across an often used architecture used for production server in SAP landscape with a large user base and concurrency.
This concept is to create a cluster of Central Instance and Database using two highly configured machine and then create N nos of application server in fronnt of it. Load balancing is done using the Logon Group method. Like this figure below
Both the cluster nodes have both the CI and DB installed, and at one time one node is running only one service, like node one normally runs the central instance, message server, enque etc..and the other node will run the database.
The idea is that if at any point of time if any of the server (cluster node) goes down the services will move to the other server (cluster node) and thus the service will remain uninterrupted.
But actually this is valid if and only if there is a problem in the server running DB service. and the DB service is moving to the other node, i.e. the server node running the Central Instance Service. But if the same happens to a the node running Central Instance, although the service moves to the the other node, the application servers need a bounce to reconnect in the Central Instance.
So the question is does this architecture is a right choice for high availability?