I'm renewing a wildcard SSL cert. The easiest option is to use my existing private key and generate a new CSR using that. Is there any reason (assuming my private key hasn't been compromised) to go the extra mile and generate a new private key as well?
If your keys are strong enough to fulfil the security requirements of the CA you are going to use there is no strong cryptographic reason to regenerate the keys. On the other hand, generating new keys when creating a CSR takes just a minute and it is considered good practice to regularly cycle out old keys should they have been compromised.
The impact of nasty things such as when Debian broke OpenSSL is reduced if you regularly replace keys. In high security environment you generate the keys on a trusted system with access to a high quality random source, but most people don't bother.
If you have to deploy private key to untrusted/partially trusted enviroment, it is good idea to make a new one each time. Multiple private keys instead of wildcard certificates are used to minimalise risks of key compromise, so just one service security is compromised, not everything.