Restart with Cleanup of a VPC does not update the public-key metadata, it is explicitly set to null in
Rebooting instances relying on metadata (e.g. coreos) will no longer have the correct public key configured.
The VPC VR maintains metadata (http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/4.8/virtual_machines/user-data.html) as static files in /var/www/html/metadata. When a VR is destroyed and recreated (by e.g. "restart with cleanup") this metadata is rebuilt by createVmDataCommandForVMs(). public-keys is missing from that function so it becomes empty after the rebuild and a request for latest/meta-data/public-keys no longer returns the correct key.