Description of problem: CMO shouldn't own ServiceMonitor for kubelet. Additionally kubelet should expose metrics over secure channel instead of plain HTTP. Version-Release number of selected component (if applicable): 4.4 (possibly also earlier versions) How reproducible: Always Steps to Reproduce: 1. Start a cluster 2. Go to prometheus UI 3. Check connection schema for kubelet Actual results: Metrics are exposed over HTTP connection and kubelet is registered as part of openshift-monitoring namespace Expected results: Metrics are exposed over HTTPS connection and kubelet is not governed by cluster-monitoring-operator Additional info: TLS config can be modeled after API server operator ServiceMonitor definition: https://github.com/openshift/cluster-openshift-apiserver-operator/blob/master/manifests/0000_90_openshift-apiserver-operator_03_servicemonitor.yaml