It is best practice to replicate the servers across multiple availability zones in case there is a failure in one, the other works.
Your architecture is not Highly Available.
Also, it is typically best to keep all related services for an application in the same VPC unless you have a particular reason to keep them separate and security is improved by putting your application in private subnets.
The recommended architecture would be:
- One VPC
- A public subnet in AZ-a
- A public subnet in AZ-b
- A load balancer connected to both public subnets
- A private subnet in AZ-a
- A private subnet in AZ-b
- Your web application running simultaneously in both private subnets
- Your database running in one of the private subnets