My current setup is actually 4 machines:
On all 4 I run the management node.
On the first nodes (1,2) I run web apps + management node
On the other nodes (3,4) data/management/and sql nodes.
Web servers connect via load balanced ip on the sql nodes so they always see one active. Works for me.