The only document which vaguely matches what you are looking for is the mgmt interface configuration guide: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200868-Configuring-Firepower-Threat-Defense-FT.html
Just to make sure I understand your setup correctly. You want to have two central FMC appliances located in your DC and manage your FTD devices over a WAN connection and in case this connection fails you want to utilize your L3VPN that is available at every site.
First thing that comes to mind is that you will need to register the FTD devices with one address / dns entry. Since you cant (or atleast I would think it would be somewhat too complicated) use your FTD public ip address and NAT the management interface you will need to have a IPSEC connection to your DC going through the FTD device if you really want to use this inband path (going through FTD) to manage it and have another route pointing to your L3VPN. In case the ipsec connection goes down you would have to redraw the route to let your L3 switch route traffic for the management connection over your L3VPN and not to your FTD device.
I am not sure if that kind of complexity is worth it, but it should work.
As for FMC I would advice putting each FMC in a dedicated DMZ (since HA does not require L2 connectivity and it will be easier to span your HA over another site in case that ever becomes a requirement). My 2nd advice would be to always utilize DNS for device registration. Working with ip addresses is a pita and could cause some challenges in upcoming migrations.
Let me know if you have any questions